github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/external-dns/templates/psp.yaml

github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/external-dns/templates/psp.yaml (about)

     1  {{- if .Values.rbac.pspEnabled }}
     2  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
     3  apiVersion: {{ template "podSecurityPolicy.apiVersion" . }}
     4  kind: PodSecurityPolicy
     5  metadata:
     6    name: {{ template "external-dns.fullname" . }}
     7    labels: {{ include "external-dns.labels" . | nindent 4 }}
     8  spec:
     9    privileged: false
    10    allowPrivilegeEscalation: false
    11    requiredDropCapabilities:
    12    - ALL
    13    volumes:
    14    - 'configMap'
    15    - 'emptyDir'
    16    - 'projected'
    17    - 'secret'
    18    - 'downwardAPI'
    19    hostNetwork: false
    20    hostIPC: false
    21    hostPID: false
    22    runAsUser:
    23      rule: 'MustRunAs'
    24      ranges:
    25      - min: 1001
    26        max: 1001
    27    seLinux:
    28      rule: 'RunAsAny'
    29    supplementalGroups:
    30      rule: 'MustRunAs'
    31      ranges:
    32      - min: 1001
    33        max: 1001
    34    fsGroup:
    35      rule: 'MustRunAs'
    36      ranges:
    37      - min: 1001
    38        max: 1001
    39  {{- end }}
    40  {{- end }}