You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
[A clear and concise description of what you want to happen.]
I would like the software to run with the minimum number of permissions it needs to run.
One solution would be to put the privileged values in the chart as default.
And the more restrictive values as a comment (to make configuration easier).
Or allow the choice between the two options via the linux.privileged value.
Anything else you would like to add:
Nothing to add other than a big thank you to the maintainers.
Environment:
Secrets Store CSI Driver version: Not relevant
Azure Key Vault provider version: Not relevant
Kubernetes version: 1.25.*
Cluster type: Not relevant
The text was updated successfully, but these errors were encountered:
Describe the solution you'd like
PR #966 (Issue #787) is a workaround to get the software to work on K8s v1.25.
In this way, it doesn't run with the necessary restricted permissions.
All these "permissions" need to be moved into the
securityContexts
at the pod/container level.Ref: https://github.com/Azure/secrets-store-csi-driver-provider-azure/blob/master/charts/csi-secrets-store-provider-azure/templates/podsecuritypolicy.yaml#L8-L23
[A clear and concise description of what you want to happen.]
I would like the software to run with the minimum number of permissions it needs to run.
One solution would be to put the
privileged
values in the chart as default.And the more
restrictive
values as a comment (to make configuration easier).Or allow the choice between the two options via the
linux.privileged
value.Anything else you would like to add:
Nothing to add other than a big thank you to the maintainers.
Environment:
The text was updated successfully, but these errors were encountered: