deploy: setting RequiredDropCapabilities to ALL for ceph-csi scc

This commit sets the RequiredDropCapabilities of ceph-csi to "ALL".

Signed-off-by: ShravaniVangur <shravanivangur@gmail.com>
This commit is contained in:
ShravaniVangur 2024-08-14 17:22:59 +05:30 committed by mergify[bot]
parent b0751cb06e
commit 0eabe32b76
3 changed files with 6 additions and 0 deletions

View File

@ -20,6 +20,8 @@ allowHostPID: true
allowHostIPC: true allowHostIPC: true
# Set to false as we write to RootFilesystem inside csi containers # Set to false as we write to RootFilesystem inside csi containers
readOnlyRootFilesystem: false readOnlyRootFilesystem: false
requiredDropCapabilities:
- ALL
runAsUser: runAsUser:
type: RunAsAny type: RunAsAny
seLinuxContext: seLinuxContext:

View File

@ -27,6 +27,8 @@ allowHostPID: true
allowHostIPC: true allowHostIPC: true
# Set to false as we write to RootFilesystem inside csi containers # Set to false as we write to RootFilesystem inside csi containers
readOnlyRootFilesystem: false readOnlyRootFilesystem: false
requiredDropCapabilities:
- ALL
runAsUser: runAsUser:
type: RunAsAny type: RunAsAny
seLinuxContext: seLinuxContext:

View File

@ -20,6 +20,8 @@ allowHostPID: true
allowHostIPC: true allowHostIPC: true
# Set to false as we write to RootFilesystem inside csi containers # Set to false as we write to RootFilesystem inside csi containers
readOnlyRootFilesystem: false readOnlyRootFilesystem: false
requiredDropCapabilities:
- ALL
runAsUser: runAsUser:
type: RunAsAny type: RunAsAny
seLinuxContext: seLinuxContext: