[POLICY] Fix Kyverno Policy violations

- Add "archive" folder for removed policy-gui charts - Update all deployments/jobs to fix policies - Correct KafkaUser definition to avoid deprecated attribute - update xacml-pdp deployment to work with readOnlyFilesystem setting Issue-ID: OOM-3307 Change-Id: I579062c1c49923666c1d836f7324c8bbd7b88695 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
author: Andreas Geissler <andreas-geissler@telekom.de> 2024-07-29 10:18:26 +0200
committer: Andreas Geissler <andreas-geissler@telekom.de> 2024-08-02 13:33:01 +0200
commit: 57681130892505f513df6d0902cbed0335f9dd29 (patch)
tree: 72f9302d032063eacbe344e8a1e8867395374aa3 /kubernetes/policy/components/policy-nexus/values.yaml
parent: bf35e55286a0ac2f4fe05f595cda7109f22a5e6a (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/kubernetes/policy/components/policy-nexus/values.yaml b/kubernetes/policy/components/policy-nexus/values.yaml
index f10d55dcee..b82785f2b8 100755
--- a/kubernetes/policy/components/policy-nexus/values.yaml
+++ b/kubernetes/policy/components/policy-nexus/values.yaml
@@ -1,5 +1,6 @@
 # Copyright © 2017 Amdocs, Bell Canada
 # Modifications Copyright © 2018-2020 AT&T Intellectual Property
+# Modifications Copyright © 2024 Deutsche Telekom
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -97,6 +98,10 @@ resources:
       memory: "1Gi"
   unlimited: {}
 
+securityContext:
+  user_id: 100
+  group_id: 102
+
 #Pods Service Account
 serviceAccount:
   nameOverride: policy-nexus
author	Andreas Geissler <andreas-geissler@telekom.de>	2024-07-29 10:18:26 +0200
committer	Andreas Geissler <andreas-geissler@telekom.de>	2024-08-02 13:33:01 +0200
commit	57681130892505f513df6d0902cbed0335f9dd29 (patch)
tree	72f9302d032063eacbe344e8a1e8867395374aa3 /kubernetes/policy/components/policy-nexus/values.yaml
parent	bf35e55286a0ac2f4fe05f595cda7109f22a5e6a (diff)