mirrors/node-feature-discovery
mirrors/node-feature-discovery
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2025-03-30 19:54:46 +00:00
Code Activity

Merge pull request #395 from marquiz/devel/read-only-mounts

Browse source 
Make all mounts in deployment templates read-only
This commit is contained in:
Kubernetes Prow Robot 2020-11-20 02:20:52 -08:00 committed by GitHub
commit 8ca1bdc54d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
nfd-daemonset-combined.yaml.template
View file

@ -98,10 +98,13 @@ spec:
readOnly: true readOnly: true
- name: host-sys - name: host-sys
mountPath: "/host-sys" mountPath: "/host-sys"
readOnly: true
- name: source-d - name: source-d
mountPath: "/etc/kubernetes/node-feature-discovery/source.d/" mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
readOnly: true
- name: features-d - name: features-d
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/" mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
readOnly: true
volumes: volumes:
- name: host-boot - name: host-boot
hostPath: hostPath:

3
nfd-worker-daemonset.yaml.template
View file

@ -50,10 +50,13 @@ spec:
readOnly: true readOnly: true
- name: host-sys - name: host-sys
mountPath: "/host-sys" mountPath: "/host-sys"
readOnly: true
- name: source-d - name: source-d
mountPath: "/etc/kubernetes/node-feature-discovery/source.d/" mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
readOnly: true
- name: features-d - name: features-d
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/" mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
readOnly: true
## Enable TLS authentication (2/3) ## Enable TLS authentication (2/3)
# - name: nfd-ca-cert # - name: nfd-ca-cert
# mountPath: "/etc/kubernetes/node-feature-discovery/trust" # mountPath: "/etc/kubernetes/node-feature-discovery/trust"

3
nfd-worker-job.yaml.template
View file

@ -52,10 +52,13 @@ spec:
readOnly: true readOnly: true
- name: host-sys - name: host-sys
mountPath: "/host-sys" mountPath: "/host-sys"
readOnly: true
- name: source-d - name: source-d
mountPath: "/etc/kubernetes/node-feature-discovery/source.d/" mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
readOnly: true
- name: features-d - name: features-d
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/" mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
readOnly: true
restartPolicy: Never restartPolicy: Never
volumes: volumes:
- name: host-boot - name: host-boot