update security context questions
This commit is contained in:
parent
3c471071cc
commit
893b55dc56
|
@ -101,51 +101,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -115,51 +115,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 104
|
||||
type: int
|
||||
default: 104
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 106
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -79,51 +79,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -60,51 +60,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -79,51 +79,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -79,51 +79,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -58,51 +58,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -81,51 +81,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 1001
|
||||
type: int
|
||||
default: 1001
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -767,29 +767,8 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
description: The UserID of the user running the application
|
||||
|
@ -802,17 +781,21 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{metrics}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -110,53 +110,36 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{metrics}
|
||||
# Include{prometheusRule}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -370,51 +370,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,28 +62,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -97,16 +76,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -195,28 +195,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -230,16 +209,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -149,51 +149,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -149,51 +149,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -143,51 +143,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -16,51 +16,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -78,51 +78,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -61,51 +61,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -92,51 +92,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -131,51 +131,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -158,29 +158,8 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
description: The UserID of the user running the application
|
||||
|
@ -193,16 +172,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 33
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 33
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -97,51 +97,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -53,51 +53,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -292,28 +292,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -327,16 +306,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -239,51 +239,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -279,51 +279,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -75,51 +75,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -209,51 +209,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -16,51 +16,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -70,51 +70,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -215,51 +215,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -91,51 +91,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -86,51 +86,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -70,51 +70,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,51 +62,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -137,51 +137,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -53,28 +53,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -88,16 +67,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -75,28 +75,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -110,16 +89,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -82,51 +82,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -84,51 +84,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -128,51 +128,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -109,51 +109,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -110,51 +110,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -87,51 +87,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -33,51 +33,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -148,28 +148,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -183,16 +162,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -78,51 +78,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -16,51 +16,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,51 +62,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -16,51 +16,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -73,29 +73,8 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
description: The UserID of the user running the application
|
||||
|
@ -108,16 +87,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -140,28 +140,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -175,16 +154,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -101,28 +101,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -136,16 +115,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -177,51 +177,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -61,51 +61,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -102,51 +102,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -93,51 +93,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -61,51 +61,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -129,51 +129,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -143,51 +143,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -100,51 +100,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -103,29 +103,8 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
description: The UserID of the user running the application
|
||||
|
@ -138,16 +117,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,51 +62,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -83,51 +83,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -86,51 +86,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -133,51 +133,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -165,51 +165,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -75,51 +75,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,51 +62,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -70,51 +70,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -88,51 +88,34 @@ questions:
|
|||
attrs:
|
||||
# Include{persistenceBasic}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -81,51 +81,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -53,28 +53,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -88,16 +67,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -61,51 +61,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -135,51 +135,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -84,51 +84,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -124,51 +124,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -149,51 +149,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -149,51 +149,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -155,51 +155,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -155,51 +155,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -76,51 +76,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -75,51 +75,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -78,51 +78,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,51 +62,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -89,28 +89,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -124,16 +103,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -149,51 +149,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -149,51 +149,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -141,51 +141,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -83,51 +83,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -99,51 +99,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -111,51 +111,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -84,51 +84,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -75,51 +75,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -16,51 +16,34 @@ questions:
|
|||
# Include{serviceExpert}
|
||||
# Include{serviceList}
|
||||
# Include{persistenceList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -62,51 +62,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -655,28 +655,7 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: Privileged mode
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: ReadOnly Root Filesystem
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: Allow Privilege Escalation
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: runAsNonRoot
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: runAsUser
|
||||
|
@ -690,16 +669,20 @@ questions:
|
|||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: fsGroup
|
||||
description: The group that should own ALL storage.
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -173,51 +173,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
type: int
|
||||
default: 0
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 0
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
|
@ -93,51 +93,34 @@ questions:
|
|||
# Include{ingressTLS}
|
||||
# Include{ingressTraefik}
|
||||
# Include{ingressList}
|
||||
# Include{security}
|
||||
# Include{securityContextAdvancedRoot}
|
||||
- variable: privileged
|
||||
label: "Privileged mode"
|
||||
# Include{securityContextRoot}
|
||||
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: readOnlyRootFilesystem
|
||||
label: "ReadOnly Root Filesystem"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: allowPrivilegeEscalation
|
||||
label: "Allow Privilege Escalation"
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: runAsNonRoot
|
||||
label: "runAsNonRoot"
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
# Include{podSecurityContextRoot}
|
||||
- variable: runAsUser
|
||||
label: "runAsUser"
|
||||
description: "The UserID of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
type: int
|
||||
default: 568
|
||||
- variable: runAsGroup
|
||||
label: "runAsGroup"
|
||||
description: "The groupID this App of the user running the application"
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
# Include{podSecurityContextAdvanced}
|
||||
# Include{securityContextContainer}
|
||||
# Include{securityContextAdvanced}
|
||||
# Include{securityContextPod}
|
||||
- variable: fsGroup
|
||||
label: "fsGroup"
|
||||
description: "The group that should own ALL storage."
|
||||
schema:
|
||||
type: int
|
||||
default: 568
|
||||
|
||||
# Include{resources}
|
||||
# Include{advanced}
|
||||
# Include{addons}
|
||||
# Include{codeserver}
|
||||
# Include{netshoot}
|
||||
# Include{vpn}
|
||||
# Include{documentation}
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue