netflux-kubernetes/deploy/base/inflated/grafana/templates/podsecuritypolicy.yaml

---
# Source: grafana/templates/podsecuritypolicy.yaml
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
  name: grafana
  labels:
    helm.sh/chart: grafana-6.29.2
    app.kubernetes.io/name: grafana
    app.kubernetes.io/instance: grafana
    app.kubernetes.io/version: "8.5.0"
    app.kubernetes.io/managed-by: Helm
  annotations:
    seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
    seccomp.security.alpha.kubernetes.io/defaultProfileName:  'docker/default'
    apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
    apparmor.security.beta.kubernetes.io/defaultProfileName:  'runtime/default'
spec:
  privileged: false
  allowPrivilegeEscalation: false
  requiredDropCapabilities:
    # Default set from Docker, with DAC_OVERRIDE and CHOWN
      - ALL
  volumes:
    - 'configMap'
    - 'emptyDir'
    - 'projected'
    - 'csi'
    - 'secret'
    - 'downwardAPI'
    - 'persistentVolumeClaim'
  hostNetwork: false
  hostIPC: false
  hostPID: false
  runAsUser:
    rule: 'RunAsAny'
  seLinux:
    rule: 'RunAsAny'
  supplementalGroups:
    rule: 'MustRunAs'
    ranges:
      # Forbid adding the root group.
      - min: 1
        max: 65535
  fsGroup:
    rule: 'MustRunAs'
    ranges:
      # Forbid adding the root group.
      - min: 1
        max: 65535
  readOnlyRootFilesystem: false
Inflate Grafana chart manually 2022-05-11 01:10:37 +00:00			`---`
			`# Source: grafana/templates/podsecuritypolicy.yaml`
Inflate Grafana helm chart 2022-05-09 03:35:45 +00:00			`apiVersion: policy/v1beta1`
			`kind: PodSecurityPolicy`
			`metadata:`
Inflate Grafana chart manually 2022-05-11 01:10:37 +00:00			`name: grafana`
Inflate Grafana helm chart 2022-05-09 03:35:45 +00:00			`labels:`
Inflate Grafana chart manually 2022-05-11 01:10:37 +00:00			`helm.sh/chart: grafana-6.29.2`
			`app.kubernetes.io/name: grafana`
			`app.kubernetes.io/instance: grafana`
			`app.kubernetes.io/version: "8.5.0"`
			`app.kubernetes.io/managed-by: Helm`
Inflate Grafana helm chart 2022-05-09 03:35:45 +00:00			`annotations:`
			`seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'`
			`seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default'`
			`apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'`
			`apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default'`
			`spec:`
			`privileged: false`
			`allowPrivilegeEscalation: false`
			`requiredDropCapabilities:`
			`# Default set from Docker, with DAC_OVERRIDE and CHOWN`
			`- ALL`
			`volumes:`
			`- 'configMap'`
			`- 'emptyDir'`
			`- 'projected'`
			`- 'csi'`
			`- 'secret'`
			`- 'downwardAPI'`
			`- 'persistentVolumeClaim'`
			`hostNetwork: false`
			`hostIPC: false`
			`hostPID: false`
			`runAsUser:`
			`rule: 'RunAsAny'`
			`seLinux:`
			`rule: 'RunAsAny'`
			`supplementalGroups:`
			`rule: 'MustRunAs'`
			`ranges:`
			`# Forbid adding the root group.`
			`- min: 1`
			`max: 65535`
			`fsGroup:`
			`rule: 'MustRunAs'`
			`ranges:`
			`# Forbid adding the root group.`
			`- min: 1`
			`max: 65535`
			`readOnlyRootFilesystem: false`