Fix issue with read only configuration

2024-01-14 21:17:01 +01:00 · 2024-01-14 21:17:01 +01:00 · 7300def6dc
commit 7300def6dc
parent b8a102bd0b
1 changed files with 18 additions and 10 deletions
--- a/yaml/deployment.yaml
+++ b/yaml/deployment.yaml
@ -13,12 +13,12 @@ metadata:
  name: minio-operator
  namespace: default
 rules:
- apiGroups: ["communiquons.org"]
+  - apiGroups: ["communiquons.org"]
-  resources: ["minioinstances", "miniobuckets"]
+    resources: ["minioinstances", "miniobuckets"]
-  verbs: ["get", "list", "watch"]
+    verbs: ["get", "list", "watch"]
- apiGroups: [""]
+  - apiGroups: [""]
-  resources: ["secrets"]
+    resources: ["secrets"]
-  verbs: ["get", "create"]
+    verbs: ["get", "create"]
 ---
 kind: RoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
@ -26,9 +26,9 @@ metadata:
  name: minio-operator
  namespace: default
 subjects:
- kind: ServiceAccount
+  - kind: ServiceAccount
-  name: minio-operator
+    name: minio-operator
-  namespace: default
+    namespace: default
 roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
@ -63,6 +63,10 @@ spec:
            requests:
              memory: 150Mi
              cpu: "0.01"
          volumeMounts:
            - mountPath: /tmp
              readOnly: false
              name: tempdir
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
@ -70,4 +74,8 @@ spec:
            runAsGroup: 1000
            capabilities:
              drop:
-              - ALL
+                - ALL
      volumes:
        - name: tempdir
          emptyDir:
            sizeLimit: 500Mi