wrenix/flux-charts
1
0
Fork 0
Code Issues 14 Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix(mycloud-collabora): with less privilegs

Browse source
This commit is contained in:
WrenIX 2024-12-04 00:46:15 +01:00
parent 9281c1e9be
commit dbb1b531a5
Signed by: wrenix
GPG key ID: 7AFDB012974B1BB5
3 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
mycloud-collabora/Chart.yaml
View file

@ -6,4 +6,4 @@ maintainers:
- name: WrenIX - name: WrenIX
url: https://wrenix.eu url: https://wrenix.eu
version: 0.1.1 version: 0.1.2

2
mycloud-collabora/README.md
View file

@ -7,7 +7,7 @@ description: "myCloud component to setup collabora"
# mycloud-collabora # mycloud-collabora
![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
myCloud component to setup collabora myCloud component to setup collabora

23
mycloud-collabora/templates/release.yaml
View file

@ -94,3 +94,26 @@ spec:
{{- toYaml .Values.commons.grafana.dashboards.labels | nindent 10 }} {{- toYaml .Values.commons.grafana.dashboards.labels | nindent 10 }}
annotations: annotations:
{{- toYaml .Values.commons.grafana.dashboards.annotations | nindent 10 }} {{- toYaml .Values.commons.grafana.dashboards.annotations | nindent 10 }}
serviceAccount:
create: true
podSecurityContext:
fsGroup: 100
securityContext:
allowPrivilegeEscalation: true
privileged: false
readOnlyRootFilesystem: false
runAsNonRoot: true
runAsUser: 100
runAsGroup: 101
seccompProfile:
type: "RuntimeDefault"
capabilities:
drop:
- "ALL"
add:
- "CHOWN"
- "FOWNER"
- "SYS_CHROOT"