pierre
/
MinioK8sBuckets
1
0
Fork 0
Code Issues Pull Requests 8 Packages Projects Releases Wiki Activity

Fix issue with read only configuration
continuous-integration/drone Build is passing Details
continuous-integration/drone/push Build was killed Details

This commit is contained in:
Pierre Hubert 2024-01-14 21:17:01 +01:00
parent b8a102bd0b
commit 7300def6dc
1 changed files with 18 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
yaml/deployment.yaml
View File

@ -13,12 +13,12 @@ metadata:
name: minio-operator
namespace: default
rules:
- apiGroups: ["communiquons.org"]
resources: ["minioinstances", "miniobuckets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "create"]
- apiGroups: ["communiquons.org"]
resources: ["minioinstances", "miniobuckets"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "create"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
@ -26,9 +26,9 @@ metadata:
name: minio-operator
namespace: default
subjects:
- kind: ServiceAccount
name: minio-operator
namespace: default
- kind: ServiceAccount
name: minio-operator
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
@ -63,6 +63,10 @@ spec:
requests:
memory: 150Mi
cpu: "0.01"
volumeMounts:
- mountPath: /tmp
readOnly: false
name: tempdir
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
@ -70,4 +74,8 @@ spec:
runAsGroup: 1000
capabilities:
drop:
- ALL
- ALL
volumes:
- name: tempdir
emptyDir:
sizeLimit: 500Mi