File tree 9 files changed +60
-0
lines changed
9 files changed +60
-0
lines changed Original file line number Diff line number Diff line change 7474 resources : {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
7575 securityContext :
7676 readOnlyRootFilesystem : true
77+ capabilities :
78+ drop :
79+ - ALL
7780 - name : liveness-probe
7881{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
7982 image : " {{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
9295 resources : {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
9396 securityContext :
9497 readOnlyRootFilesystem : true
98+ capabilities :
99+ drop :
100+ - ALL
95101 - name : smb
96102{{- if hasPrefix "/" .Values.image.smb.repository }}
97103 image : " {{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
@@ -124,6 +130,9 @@ spec:
124130 securityContext :
125131 privileged : true
126132 readOnlyRootFilesystem : true
133+ capabilities :
134+ drop :
135+ - ALL
127136 volumeMounts :
128137 - mountPath : /csi
129138 name : socket-dir
Original file line number Diff line number Diff line change 7474 resources : {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
7575 securityContext :
7676 readOnlyRootFilesystem : true
77+ capabilities :
78+ drop :
79+ - ALL
7780 - name : liveness-probe
7881{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
7982 image : " {{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
9295 resources : {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
9396 securityContext :
9497 readOnlyRootFilesystem : true
98+ capabilities :
99+ drop :
100+ - ALL
95101 - name : smb
96102{{- if hasPrefix "/" .Values.image.smb.repository }}
97103 image : " {{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
@@ -126,6 +132,9 @@ spec:
126132 securityContext :
127133 privileged : true
128134 readOnlyRootFilesystem : true
135+ capabilities :
136+ drop :
137+ - ALL
129138 volumeMounts :
130139 - mountPath : /csi
131140 name : socket-dir
Original file line number Diff line number Diff line change 7474 resources : {{- toYaml .Values.controller.resources.csiProvisioner | nindent 12 }}
7575 securityContext :
7676 readOnlyRootFilesystem : true
77+ capabilities :
78+ drop :
79+ - ALL
7780 - name : liveness-probe
7881{{- if hasPrefix "/" .Values.image.livenessProbe.repository }}
7982 image : " {{ .Values.image.baseRepo }}{{ .Values.image.livenessProbe.repository }}:{{ .Values.image.livenessProbe.tag }}"
9295 resources : {{- toYaml .Values.controller.resources.livenessProbe | nindent 12 }}
9396 securityContext :
9497 readOnlyRootFilesystem : true
98+ capabilities :
99+ drop :
100+ - ALL
95101 - name : smb
96102{{- if hasPrefix "/" .Values.image.smb.repository }}
97103 image : " {{ .Values.image.baseRepo }}{{ .Values.image.smb.repository }}:{{ .Values.image.smb.tag }}"
@@ -124,6 +130,9 @@ spec:
124130 securityContext :
125131 privileged : true
126132 readOnlyRootFilesystem : true
133+ capabilities :
134+ drop :
135+ - ALL
127136 volumeMounts :
128137 - mountPath : /csi
129138 name : socket-dir
Original file line number Diff line number Diff line change 5555 requests :
5656 cpu : 10m
5757 memory : 20Mi
58+ securityContext :
59+ capabilities :
60+ drop :
61+ - ALL
5862 - name : liveness-probe
5963 image : registry.k8s.io/sig-storage/livenessprobe:v2.12.0
6064 args :
7276 requests :
7377 cpu : 10m
7478 memory : 20Mi
79+ securityContext :
80+ capabilities :
81+ drop :
82+ - ALL
7583 - name : smb
7684 image : gcr.io/k8s-staging-sig-storage/smbplugin:canary
7785 imagePullPolicy : IfNotPresent
97105 value : unix:///csi/csi.sock
98106 securityContext :
99107 privileged : true
108+ capabilities :
109+ drop :
110+ - ALL
100111 volumeMounts :
101112 - mountPath : /csi
102113 name : socket-dir
Original file line number Diff line number Diff line change 5555 requests :
5656 cpu : 10m
5757 memory : 20Mi
58+ securityContext :
59+ capabilities :
60+ drop :
61+ - ALL
5862 - name : liveness-probe
5963 image : registry.k8s.io/sig-storage/livenessprobe:v2.11.0
6064 args :
7276 requests :
7377 cpu : 10m
7478 memory : 20Mi
79+ securityContext :
80+ capabilities :
81+ drop :
82+ - ALL
7583 - name : smb
7684 image : registry.k8s.io/sig-storage/smbplugin:v1.13.0
7785 imagePullPolicy : IfNotPresent
99107 value : unix:///csi/csi.sock
100108 securityContext :
101109 privileged : true
110+ capabilities :
111+ drop :
112+ - ALL
102113 volumeMounts :
103114 - mountPath : /csi
104115 name : socket-dir
Original file line number Diff line number Diff line change 5555 requests :
5656 cpu : 10m
5757 memory : 20Mi
58+ securityContext :
59+ capabilities :
60+ drop :
61+ - ALL
5862 - name : liveness-probe
5963 image : registry.k8s.io/sig-storage/livenessprobe:v2.12.0
6064 args :
7276 requests :
7377 cpu : 10m
7478 memory : 20Mi
79+ securityContext :
80+ capabilities :
81+ drop :
82+ - ALL
7583 - name : smb
7684 image : registry.k8s.io/sig-storage/smbplugin:v1.14.0
7785 imagePullPolicy : IfNotPresent
97105 value : unix:///csi/csi.sock
98106 securityContext :
99107 privileged : true
108+ capabilities :
109+ drop :
110+ - ALL
100111 volumeMounts :
101112 - mountPath : /csi
102113 name : socket-dir
You can’t perform that action at this time.
0 commit comments