summaryrefslogtreecommitdiffstats
path: root/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
diff options
context:
space:
mode:
Diffstat (limited to 'setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl')
-rw-r--r--setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl43
1 files changed, 0 insertions, 43 deletions
diff --git a/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl b/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
deleted file mode 100644
index d155267..0000000
--- a/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
+++ /dev/null
@@ -1,43 +0,0 @@
----
-allowHostDirVolumePlugin: false
-allowHostIPC: false
-allowHostNetwork: false
-allowHostPID: false
-allowHostPorts: false
-allowPrivilegedContainer: false
-allowedCapabilities: null
-apiVersion: v1
-defaultAddCapabilities: null
-fsGroup:
- type: MustRunAs
-groups:
-- system:authenticated
-kind: SecurityContextConstraints
-metadata:
- annotations:
- kubernetes.io/description: restricted denies access to all host features and requires
- pods to be run with a UID, and SELinux context that are allocated to the namespace. This
- is the most restrictive SCC.
- creationTimestamp: null
- name: katrin-restricted
-priority: null
-readOnlyRootFilesystem: false
-requiredDropCapabilities:
-- KILL
-- MKNOD
-- SYS_CHROOT
-- SETUID
-- SETGID
-runAsUser:
- type: MustRunAsRange
-seLinuxContext:
- type: MustRunAs
-supplementalGroups:
- type: RunAsAny
-volumes:
-- glusterfs
-- configMap
-- downwardAPI
-- emptyDir
-- persistentVolumeClaim
-- secret
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-16 04:33:53 +0000