diff options
author | Tim Bielawa <tbielawa@redhat.com> | 2017-10-05 15:42:18 -0400 |
---|---|---|
committer | Tim Bielawa <tbielawa@redhat.com> | 2017-10-06 11:45:17 -0400 |
commit | c0f63fb902b53bc592e6862d5876af9b244ee82b (patch) | |
tree | 85ab3b45eab2ebcf3c56c8236ebb829b0a562065 /roles/openshift_cfme/files/templates/cloudforms/cfme-scc-sysadmin.yaml | |
parent | e7e82bede0f7ebac08a4290a3f088cca0ea3ab78 (diff) | |
download | openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.tar.gz openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.tar.bz2 openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.tar.xz openshift-c0f63fb902b53bc592e6862d5876af9b244ee82b.zip |
Rename openshift_cfme role to openshift_management
Diffstat (limited to 'roles/openshift_cfme/files/templates/cloudforms/cfme-scc-sysadmin.yaml')
-rw-r--r-- | roles/openshift_cfme/files/templates/cloudforms/cfme-scc-sysadmin.yaml | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/roles/openshift_cfme/files/templates/cloudforms/cfme-scc-sysadmin.yaml b/roles/openshift_cfme/files/templates/cloudforms/cfme-scc-sysadmin.yaml deleted file mode 100644 index d2ece9298..000000000 --- a/roles/openshift_cfme/files/templates/cloudforms/cfme-scc-sysadmin.yaml +++ /dev/null @@ -1,38 +0,0 @@ -allowHostDirVolumePlugin: false -allowHostIPC: false -allowHostNetwork: false -allowHostPID: false -allowHostPorts: false -allowPrivilegedContainer: false -allowedCapabilities: -apiVersion: v1 -defaultAddCapabilities: -- SYS_ADMIN -fsGroup: - type: RunAsAny -groups: -- system:cluster-admins -kind: SecurityContextConstraints -metadata: - annotations: - kubernetes.io/description: cfme-sysadmin provides all features of the anyuid SCC but allows users to have SYS_ADMIN capabilities. This is the required scc for Pods requiring to run with systemd and the message bus. - creationTimestamp: - name: cfme-sysadmin -priority: 10 -readOnlyRootFilesystem: false -requiredDropCapabilities: -- MKNOD -- SYS_CHROOT -runAsUser: - type: RunAsAny -seLinuxContext: - type: MustRunAs -supplementalGroups: - type: RunAsAny -users: -volumes: -- configMap -- downwardAPI -- emptyDir -- persistentVolumeClaim -- secret |