github.com/replicatedcom/ship@v0.50.0/integration/init/grafana-with-values/expected/base/podsecuritypolicy.yaml (about) 1 --- 2 # Source: grafana/templates/podsecuritypolicy.yaml 3 4 apiVersion: extensions/v1beta1 5 kind: PodSecurityPolicy 6 metadata: 7 name: grafana 8 labels: 9 app: grafana 10 chart: grafana-1.19.0 11 heritage: Tiller 12 release: grafana 13 annotations: 14 seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' 15 apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' 16 seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' 17 apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' 18 spec: 19 privileged: false 20 allowPrivilegeEscalation: false 21 requiredDropCapabilities: 22 - ALL 23 volumes: 24 - 'configMap' 25 - 'emptyDir' 26 - 'projected' 27 - 'secret' 28 - 'downwardAPI' 29 - 'persistentVolumeClaim' 30 hostNetwork: false 31 hostIPC: false 32 hostPID: false 33 runAsUser: 34 rule: 'RunAsAny' 35 seLinux: 36 rule: 'RunAsAny' 37 supplementalGroups: 38 rule: 'RunAsAny' 39 fsGroup: 40 rule: 'RunAsAny' 41 readOnlyRootFilesystem: false