Fix issue with read only configuration
Some checks reported errors
continuous-integration/drone Build is passing
continuous-integration/drone/push Build was killed

This commit is contained in:
Pierre HUBERT 2024-01-14 21:17:01 +01:00
parent b8a102bd0b
commit 7300def6dc

View File

@ -13,10 +13,10 @@ metadata:
name: minio-operator name: minio-operator
namespace: default namespace: default
rules: rules:
- apiGroups: ["communiquons.org"] - apiGroups: ["communiquons.org"]
resources: ["minioinstances", "miniobuckets"] resources: ["minioinstances", "miniobuckets"]
verbs: ["get", "list", "watch"] verbs: ["get", "list", "watch"]
- apiGroups: [""] - apiGroups: [""]
resources: ["secrets"] resources: ["secrets"]
verbs: ["get", "create"] verbs: ["get", "create"]
--- ---
@ -26,7 +26,7 @@ metadata:
name: minio-operator name: minio-operator
namespace: default namespace: default
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: minio-operator name: minio-operator
namespace: default namespace: default
roleRef: roleRef:
@ -63,6 +63,10 @@ spec:
requests: requests:
memory: 150Mi memory: 150Mi
cpu: "0.01" cpu: "0.01"
volumeMounts:
- mountPath: /tmp
readOnly: false
name: tempdir
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
readOnlyRootFilesystem: true readOnlyRootFilesystem: true
@ -71,3 +75,7 @@ spec:
capabilities: capabilities:
drop: drop:
- ALL - ALL
volumes:
- name: tempdir
emptyDir:
sizeLimit: 500Mi