-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix generate tls cert insecure algorithm SHA1-RSA #2
base: main
Are you sure you want to change the base?
Conversation
Signed-off-by: yanhu.cheng <[email protected]>
…ities, add securityContext in values.yaml Signed-off-by: yanhu.cheng <[email protected]>
@@ -34,6 +34,9 @@ spec: | |||
mountPath: /tmp/gatekeeper | |||
readOnly: true | |||
{{- end }} | |||
securityContext: | |||
{{- toYaml .Values.securityContext | nindent 12 }} | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: remove new line
- ALL | ||
runAsNonRoot: true | ||
seccompProfile: | ||
type: RuntimeDefault |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: add newline
@@ -7,3 +7,12 @@ provider: | |||
enabled: true | |||
caBundle: "" | |||
skipVerify: false | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: remove new line
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@redwarn thanks for the PR! couple nits in the comments
Signed-off-by: yanhu.cheng <[email protected]>
What this PR does / why we need it:
fix generate tls cert script add -sha256 support
fix would violate PodSecurity "restricted:latest": unrestricted capabilities, add securityContext
Which issue(s) this PR fixes (optional, using
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when the PR gets merged):Fixes #
Special notes for your reviewer: