add kyverno policies

Signed-off-by: gwg313 <gwg313@pm.me>
This commit is contained in:
gwg313 2026-05-27 19:23:54 -04:00
parent 4be877e419
commit baa0216960
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
35 changed files with 843 additions and 39 deletions

View file

@ -14,9 +14,15 @@ spec:
app: stirling-pdf
spec:
securityContext:
fsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
containers:
- name: stirling-pdf
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 1000
image: docker.stirlingpdf.com/stirlingtools/stirling-pdf:2.11.0-fat
resources:
requests:
@ -43,7 +49,25 @@ spec:
- name: stirling-data
mountPath: /pipeline
subPath: pipeline
- name: stirling-user
mountPath: /home
- name: tmp
mountPath: /tmp
- name: stirling
mountPath: /tmp/stirling-pdf
- name: app-data
mountPath: /usr/local/bin
volumes:
- name: stirling-data
persistentVolumeClaim:
claimName: stirling-data
- name: tmp
emptyDir: {}
- name: stirling
emptyDir: {}
- name: app-data
emptyDir: {}
- name: stirling-user
emptyDir: {}