github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/jaegertracing/jaeger-operator/templates/psp.yaml

github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/jaegertracing/jaeger-operator/templates/psp.yaml (about)

     1  {{- if and .Values.rbac.create .Values.rbac.pspEnabled }}
     2  {{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }}
     3  apiVersion: policy/v1beta1
     4  kind: PodSecurityPolicy
     5  metadata:
     6    name: {{ include "jaeger-operator.fullname" . }}-operator-psp
     7    labels:
     8  {{ include "jaeger-operator.labels" . | indent 4 }}
     9  spec:
    10    privileged: false
    11    allowPrivilegeEscalation: false
    12    volumes:
    13      - 'configMap'
    14      - 'emptyDir'
    15      - 'projected'
    16      - 'secret'
    17      - 'downwardAPI'
    18      - 'persistentVolumeClaim'
    19    hostNetwork: false
    20    hostIPC: false
    21    hostPID: false
    22    runAsUser:
    23      rule: 'MustRunAsNonRoot'
    24    seLinux:
    25      rule: 'RunAsAny'
    26    supplementalGroups:
    27      rule: 'MustRunAs'
    28      ranges:
    29        - min: 1
    30          max: 65535
    31    fsGroup:
    32      rule: 'MustRunAs'
    33      ranges:
    34        - min: 1
    35          max: 65535
    36    readOnlyRootFilesystem: false
    37  {{- end }}
    38  {{- end }}