From 27f8af2540d38d74c31bd98d51f63e2f155b60d1 Mon Sep 17 00:00:00 2001 From: Marco Ebert Date: Tue, 10 Oct 2023 11:32:03 +0200 Subject: [PATCH] Admission Webhooks/PSP: Reorder fields. --- .../admission-webhooks/job-patch/psp.yaml | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/charts/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml b/charts/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml index a78fb669f..6a699a7f6 100644 --- a/charts/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml +++ b/charts/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml @@ -14,28 +14,28 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: - allowPrivilegeEscalation: false - fsGroup: - ranges: - - max: 65535 - min: 1 - rule: MustRunAs - requiredDropCapabilities: - - ALL - runAsUser: - rule: MustRunAsNonRoot - seLinux: - rule: RunAsAny - supplementalGroups: - ranges: - - max: 65535 - min: 1 - rule: MustRunAs volumes: - configMap - - emptyDir - - projected - - secret - downwardAPI + - emptyDir + - secret + - projected + fsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + runAsUser: + rule: MustRunAsNonRoot + supplementalGroups: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + allowPrivilegeEscalation: false + requiredDropCapabilities: + - ALL + seLinux: + rule: RunAsAny {{- end }} {{- end }}