Loading deploy/kubernetes/chart/values.yaml +20 −20 Original line number Diff line number Diff line Loading @@ -117,14 +117,14 @@ auth: scope: openid profile email # Security context for auth container. securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL ### # OPA server configuration Loading Loading @@ -165,14 +165,14 @@ opa: restrictedPaths: [] # Security context for OPA container. securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL ### # Data node configuration Loading Loading @@ -225,14 +225,14 @@ data: runAsGroup: 1000 fsGroup: 1000 securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL # Configuration for the access log sidecar accessLogSidecar: Loading Loading @@ -404,14 +404,14 @@ index: fsGroup: 1000 # The container security context for all Solr containers securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL # The default resource allocations for all Solr containers # Can be overridden on a per-shard basis # See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ Loading Loading @@ -509,11 +509,11 @@ index: # Security context for search container. securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL Loading
deploy/kubernetes/chart/values.yaml +20 −20 Original line number Diff line number Diff line Loading @@ -117,14 +117,14 @@ auth: scope: openid profile email # Security context for auth container. securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL ### # OPA server configuration Loading Loading @@ -165,14 +165,14 @@ opa: restrictedPaths: [] # Security context for OPA container. securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL ### # Data node configuration Loading Loading @@ -225,14 +225,14 @@ data: runAsGroup: 1000 fsGroup: 1000 securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL # Configuration for the access log sidecar accessLogSidecar: Loading Loading @@ -404,14 +404,14 @@ index: fsGroup: 1000 # The container security context for all Solr containers securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL # The default resource allocations for all Solr containers # Can be overridden on a per-shard basis # See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ Loading Loading @@ -509,11 +509,11 @@ index: # Security context for search container. securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL # Run with a read-only root filesystem by default readOnlyRootFilesystem: true # The containers will run as the ESGF user by default runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL
