Removing PSC and CSC to improve security
All checks were successful
continuous-integration/publish-helm Helm publish succeeded
All checks were successful
continuous-integration/publish-helm Helm publish succeeded
This commit is contained in:
18
values.yaml
18
values.yaml
@@ -64,7 +64,7 @@ imagePullSecrets: []
|
|||||||
# Security context is only usable with rootless image due to image design
|
# Security context is only usable with rootless image due to image design
|
||||||
## @param podSecurityContext.fsGroup Set the shared file system group for all containers in the pod.
|
## @param podSecurityContext.fsGroup Set the shared file system group for all containers in the pod.
|
||||||
podSecurityContext:
|
podSecurityContext:
|
||||||
fsGroup: 1000
|
# fsGroup: 1000
|
||||||
|
|
||||||
## @param containerSecurityContext Security context
|
## @param containerSecurityContext Security context
|
||||||
containerSecurityContext:
|
containerSecurityContext:
|
||||||
@@ -83,9 +83,9 @@ containerSecurityContext:
|
|||||||
# type: RuntimeDefault
|
# type: RuntimeDefault
|
||||||
privileged: false
|
privileged: false
|
||||||
readOnlyRootFilesystem: true
|
readOnlyRootFilesystem: true
|
||||||
runAsGroup: 1000
|
# runAsGroup: 1000
|
||||||
runAsNonRoot: true
|
runAsNonRoot: true
|
||||||
runAsUser: 1000
|
# runAsUser: 1000
|
||||||
|
|
||||||
## @deprecated The securityContext variable has been split two:
|
## @deprecated The securityContext variable has been split two:
|
||||||
## - containerSecurityContext
|
## - containerSecurityContext
|
||||||
@@ -185,8 +185,7 @@ ingress:
|
|||||||
## @section deployment
|
## @section deployment
|
||||||
#
|
#
|
||||||
## @param resources Kubernetes resources
|
## @param resources Kubernetes resources
|
||||||
resources:
|
resources: {}
|
||||||
{}
|
|
||||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||||
# choice for the user. This also increases chances charts run on environments with little
|
# choice for the user. This also increases chances charts run on environments with little
|
||||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||||
@@ -227,8 +226,7 @@ priorityClassName: ""
|
|||||||
## @param deployment.labels Labels for the deployment
|
## @param deployment.labels Labels for the deployment
|
||||||
## @param deployment.annotations Annotations for the Gitea deployment to be created
|
## @param deployment.annotations Annotations for the Gitea deployment to be created
|
||||||
deployment:
|
deployment:
|
||||||
env:
|
env: []
|
||||||
[]
|
|
||||||
# - name: VARIABLE
|
# - name: VARIABLE
|
||||||
# value: my-value
|
# value: my-value
|
||||||
terminationGracePeriodSeconds: 60
|
terminationGracePeriodSeconds: 60
|
||||||
@@ -397,8 +395,7 @@ gitea:
|
|||||||
tlsConfig: {}
|
tlsConfig: {}
|
||||||
|
|
||||||
## @param gitea.ldap LDAP configuration
|
## @param gitea.ldap LDAP configuration
|
||||||
ldap:
|
ldap: []
|
||||||
[]
|
|
||||||
# - name: "LDAP 1"
|
# - name: "LDAP 1"
|
||||||
# existingSecret:
|
# existingSecret:
|
||||||
# securityProtocol:
|
# securityProtocol:
|
||||||
@@ -415,8 +412,7 @@ gitea:
|
|||||||
|
|
||||||
# Either specify inline `key` and `secret` or refer to them via `existingSecret`
|
# Either specify inline `key` and `secret` or refer to them via `existingSecret`
|
||||||
## @param gitea.oauth OAuth configuration
|
## @param gitea.oauth OAuth configuration
|
||||||
oauth:
|
oauth: []
|
||||||
[]
|
|
||||||
# - name: 'OAuth 1'
|
# - name: 'OAuth 1'
|
||||||
# provider:
|
# provider:
|
||||||
# key:
|
# key:
|
||||||
|
|||||||
Reference in New Issue
Block a user