mirror of
https://github.com/kubernetes-sigs/node-feature-discovery.git
synced 2024-12-14 11:57:51 +00:00
8117c099a3
Implement functionality virtually replicating deployment templates for nfd-master and nfd-worker daemonset (nfd-master.yaml.template and nfd-worker-daemonset.yaml.template) by adding a kustomize overlay named "default". We split the resources into multiple bases (rbac, master and worker-daemonset) so that relevant parts are re-usable in other deployment scenarios added later (e.g. "one-shot job", and "combined daemonset"). This patch adds one component (components/common) doing the required kustomization for the example deployment.
8 lines
208 B
YAML
8 lines
208 B
YAML
- op: add
|
|
path: "/spec/template/spec/containers/0/securityContext"
|
|
value:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop: ["ALL"]
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|