From 1f3e2a9f59e83dc3f0fcbecf096a7e7b40d36ed7 Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Wed, 28 Feb 2018 23:46:55 +0100
Subject: First running prototype

---
 .../templates/00-katrin-restricted.yml.j2.excl     | 43 ----------------------
 1 file changed, 43 deletions(-)
 delete mode 100644 setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl

(limited to 'setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl')

diff --git a/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl b/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
deleted file mode 100644
index d155267..0000000
--- a/setup/projects/katrin/templates/00-katrin-restricted.yml.j2.excl
+++ /dev/null
@@ -1,43 +0,0 @@
----
-allowHostDirVolumePlugin: false
-allowHostIPC: false
-allowHostNetwork: false
-allowHostPID: false
-allowHostPorts: false
-allowPrivilegedContainer: false
-allowedCapabilities: null
-apiVersion: v1
-defaultAddCapabilities: null
-fsGroup:
-  type: MustRunAs
-groups:
-- system:authenticated
-kind: SecurityContextConstraints
-metadata:
-  annotations:
-    kubernetes.io/description: restricted denies access to all host features and requires
-      pods to be run with a UID, and SELinux context that are allocated to the namespace.  This
-      is the most restrictive SCC.
-  creationTimestamp: null
-  name: katrin-restricted
-priority: null
-readOnlyRootFilesystem: false
-requiredDropCapabilities:
-- KILL
-- MKNOD
-- SYS_CHROOT
-- SETUID
-- SETGID
-runAsUser:
-  type: MustRunAsRange
-seLinuxContext:
-  type: MustRunAs
-supplementalGroups:
-  type: RunAsAny
-volumes:
-- glusterfs
-- configMap
-- downwardAPI
-- emptyDir
-- persistentVolumeClaim
-- secret
-- 
cgit v1.2.3