Skip to content

Commit

Permalink
fix(helm): Capitalize capabilities.drop[] due to PSS (#544)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bauerjs1
bauerjs1 committed Oct 28, 2023
1 parent 034a6f2 commit 952f544
Show file tree
Hide file tree
Showing 6 changed files with 15 additions and 15 deletions.
8 changes: 4 additions & 4 deletions charts/kubeclarity/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsUser: 1001
Expand All @@ -78,7 +78,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsUser: 1001
Expand All @@ -102,7 +102,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsUser: 1001
Expand Down Expand Up @@ -189,7 +189,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsGroup: 1000
Expand Down
2 changes: 1 addition & 1 deletion charts/kubeclarity/templates/grype_server/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsGroup: 1000
Expand Down
2 changes: 1 addition & 1 deletion charts/kubeclarity/templates/sbom_db/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsGroup: 1000
Expand Down
4 changes: 2 additions & 2 deletions charts/kubeclarity/templates/scanner-template-configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,7 @@ data:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsGroup: 1001
Expand Down Expand Up @@ -182,7 +182,7 @@ data:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
{{- if not .Values.global.openShiftRestricted }}
runAsGroup: 1001
Expand Down
2 changes: 1 addition & 1 deletion runtime_scan/pkg/config/scanner_template.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down
12 changes: 6 additions & 6 deletions runtime_scan/pkg/scanner/job_managment_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -718,7 +718,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down Expand Up @@ -766,7 +766,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down Expand Up @@ -822,7 +822,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down Expand Up @@ -878,7 +878,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down Expand Up @@ -945,7 +945,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down Expand Up @@ -1003,7 +1003,7 @@ spec:
securityContext:
capabilities:
drop:
- all
- ALL
runAsNonRoot: true
runAsGroup: 1001
runAsUser: 1001
Expand Down

0 comments on commit 952f544

Please sign in to comment.