openstack/openstack-helm-infra
Code Issues Proposed changes

Merge "Run as ceph user and disallow privilege escalation"

Browse Source
This commit is contained in:
Zuul 2021-01-12 20:09:50 +00:00 committed by Gerrit Code Review
commit 204c51a669
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ceph-client/Chart.yaml
View File

@ -15,6 +15,6 @@ apiVersion: v1
appVersion: v1.0.0 appVersion: v1.0.0
description: OpenStack-Helm Ceph Client description: OpenStack-Helm Ceph Client
name: ceph-client name: ceph-client
version: 0.1.2 version: 0.1.3
home: https://github.com/ceph/ceph-client home: https://github.com/ceph/ceph-client
... ...

6
ceph-client/values.yaml
View File

@ -71,8 +71,9 @@ pod:
runAsUser: 0 runAsUser: 0
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
mds: mds:
runAsUser: 0 runAsUser: 64045
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
mgr: mgr:
pod: pod:
runAsUser: 65534 runAsUser: 65534
@ -81,8 +82,9 @@ pod:
runAsUser: 0 runAsUser: 0
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
mgr: mgr:
runAsUser: 0 runAsUser: 64045
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
bootstrap: bootstrap:
pod: pod:
runAsUser: 65534 runAsUser: 65534