Home Verkennen Help
Inloggen
cecf
/
deploy
5
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: e4538f3d9b
Aftakkingen Labels
deploy
/
data
/
postgresql
/
templates
/
psp.yaml

psp.yaml 1.0 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142 
  1. {{- /*
    2. 

  2. Copyright VMware, Inc.
    3. 

  3. SPDX-License-Identifier: APACHE-2.0
    4. 

  4. */}}
    5. 

  5. 

  6. {{- if and (include "common.capabilities.psp.supported" .) .Values.psp.create }}
    7. 

  7. apiVersion: policy/v1beta1
    8. 

  8. kind: PodSecurityPolicy
    9. 

  9. metadata:
    10. 

  10.   name: {{ include "common.names.fullname" . }}
    11. 

  11.   namespace: {{ .Release.Namespace | quote }}
    12. 

  12.   labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }}
    13. 

  13.   {{- if .Values.commonAnnotations }}
    14. 

  14.   annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
    15. 

  15.   {{- end }}
    16. 

  16. spec:
    17. 

  17.   privileged: false
    18. 

  18.   volumes:
    19. 

  19.     - 'configMap'
    20. 

  20.     - 'secret'
    21. 

  21.     - 'persistentVolumeClaim'
    22. 

  22.     - 'emptyDir'
    23. 

  23.     - 'projected'
    24. 

  24.   hostNetwork: false
    25. 

  25.   hostIPC: false
    26. 

  26.   hostPID: false
    27. 

  27.   runAsUser:
    28. 

  28.     rule: 'RunAsAny'
    29. 

  29.   seLinux:
    30. 

  30.     rule: 'RunAsAny'
    31. 

  31.   supplementalGroups:
    32. 

  32.     rule: 'MustRunAs'
    33. 

  33.     ranges:
    34. 

  34.       - min: 1
    35. 

  35.         max: 65535
    36. 

  36.   fsGroup:
    37. 

  37.     rule: 'MustRunAs'
    38. 

  38.     ranges:
    39. 

  39.       - min: 1
    40. 

  40.         max: 65535
    41. 

  41.   readOnlyRootFilesystem: false
    42. 

  42. {{- end }}
    43.