capsule/config/rbac/psp_policy.yaml at b7a2072b0ff8eaec8b3c8b7d9173f1a8464df633 - capsule - Gitea: Git with a nice cup of tea

github/capsule

mirror of https://github.com/projectcapsule/capsule.git synced 2026-02-14 18:09:58 +00:00

Files

Dario Tranchitella ea599ba6e6 Supporting additional Role Bindings per Tenant (#133 )

* Enabling Capsule to run on a cluster with PodSecurityPolicy enabled

* Supporting additional Role Binding per Tenant

* Documenting the additionalRoleBindings specification

2020-11-16 13:51:44 +01:00

19 lines

279 B

YAML

Raw Blame History

 kind: PodSecurityPolicy
 apiVersion: policy/v1beta1
 metadata:
   name: capsule
 spec:
   fsGroup:
     rule: RunAsAny
   hostPorts:
     - max: 0
       min: 0
   runAsUser:
     rule: RunAsAny
   seLinux:
     rule: RunAsAny
   supplementalGroups:
     rule: RunAsAny
   volumes:
     - secret