673d0346f4
- Bind calibre-sa to anyuid SecurityContextConstraints - Enables secure non-root execution for LinuxServer containers - Maintains production security while ensuring container compatibility - Fixes supplementary group issues with s6-overlay
18 lines
377 B
YAML
18 lines
377 B
YAML
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: calibre-anyuid-working
|
|
namespace: calibre
|
|
labels:
|
|
app: calibre
|
|
app.kubernetes.io/instance: calibre
|
|
type: third-party
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: calibre-sa
|
|
namespace: calibre
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: anyuid-scc-user
|
|
apiGroup: rbac.authorization.k8s.io |