Add Application Armor to cinder-Job
Change-Id: Icab982b9168381a7795719a6348a5d1c85b71453 Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
This commit is contained in:
parent
b6365afc93
commit
a892707f41
@ -44,6 +44,8 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
{{ tuple $envAll "cinder" "volume-usage-audit" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
|
{{ tuple $envAll "cinder" "volume-usage-audit" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
|
||||||
|
annotations:
|
||||||
|
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
|
{{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
@ -33,6 +33,8 @@ spec:
|
|||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
{{ tuple $envAll $serviceName "create-internal-tenant" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
{{ tuple $envAll $serviceName "create-internal-tenant" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
annotations:
|
||||||
|
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "create-internal-tenant" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
|
||||||
spec:
|
spec:
|
||||||
{{ dict "envAll" $envAll "application" "create_internal_tenant" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
{{ dict "envAll" $envAll "application" "create_internal_tenant" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||||
serviceAccountName: {{ $serviceAccountName | quote }}
|
serviceAccountName: {{ $serviceAccountName | quote }}
|
||||||
|
@ -26,4 +26,10 @@ pod:
|
|||||||
init: runtime/default
|
init: runtime/default
|
||||||
cinder-test: runtime/default
|
cinder-test: runtime/default
|
||||||
cinder-test-ks-user: runtime/default
|
cinder-test-ks-user: runtime/default
|
||||||
|
cinder-create-internal-tenant:
|
||||||
|
init: runtime/default
|
||||||
|
create-internal-tenant: runtime/default
|
||||||
|
cinder-volume-usage-audit:
|
||||||
|
cinder-volume-usage-audit: runtime/default
|
||||||
|
init: runtime/default
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user