cscott/peanutflix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed redundant security directives
All checks were successful
continuous-integration/publish-helm Helm publish succeeded

Browse Source 
removed scc anyuid (out of band)
This commit is contained in:
Conan Scott
2026-01-12 19:08:12 +11:00
parent aa64c846be
commit 7979b35e7e
2 changed files with 9 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scc-updates.sh
View File

@@ -1,2 +0,0 @@
oc create sa peanutflix-sa -n peanutflix
oc adm policy add-scc-to-user anyuid -z peanutflix-sa -n peanutflix

17
values.yaml
View File

@@ -88,14 +88,15 @@ pms:
# -- Security context for PMS pods # -- Security context for PMS pods
securityContext: {} securityContext: {}
containerSecurityContext: # Redundant for openshift
runAsNonRoot: true # containerSecurityContext:
allowPrivilegeEscalation: false # runAsNonRoot: true
seccompProfile: # allowPrivilegeEscalation: false
type: RuntimeDefault # seccompProfile:
capabilities: # type: RuntimeDefault
drop: # capabilities:
- ALL # drop:
# - ALL
# -- Enable process namespace sharing within the pod. # -- Enable process namespace sharing within the pod.
shareProcessNamespace: false shareProcessNamespace: false