[POLICY] Fix Kyverno Policy violations - Add "archive" folder for removed policy-gui charts - Update all deployments/jobs to fix policies - Correct KafkaUser definition to avoid deprecated attribute - update xacml-pdp deployment to work with readOnlyFilesystem setting Issue-ID: OOM-3307 Change-Id: I579062c1c49923666c1d836f7324c8bbd7b88695 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>

commit: 57681130892505f513df6d0902cbed0335f9dd29 [log] [tgz]
author: Andreas Geissler <andreas-geissler@telekom.de> Mon Jul 29 10:18:26 2024 +0200
committer: Andreas Geissler <andreas-geissler@telekom.de> Fri Aug 02 13:33:01 2024 +0200
tree: 72f9302d032063eacbe344e8a1e8867395374aa3
parent: bf35e55286a0ac2f4fe05f595cda7109f22a5e6a [diff] [blame]
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 68ce42d..ccd8223 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml

@@ -1,6 +1,7 @@
 # Copyright © 2017 Amdocs, Bell Canada
 # Modifications Copyright © 2018-2020 AT&T Intellectual Property
 # Modifications Copyright (C) 2021-2024 Nordix Foundation.
+# Modifications Copyright © 2024 Deutsche Telekom
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -296,6 +297,10 @@
       memory: "2Gi"
   unlimited: {}
 
+securityContext:
+  user_id: 100
+  group_id: 65533
+
 #Pods Service Account
 serviceAccount:
   nameOverride: policy
commit	57681130892505f513df6d0902cbed0335f9dd29	[log] [tgz]
author	Andreas Geissler <andreas-geissler@telekom.de>	Mon Jul 29 10:18:26 2024 +0200
committer	Andreas Geissler <andreas-geissler@telekom.de>	Fri Aug 02 13:33:01 2024 +0200
tree	72f9302d032063eacbe344e8a1e8867395374aa3
parent	bf35e55286a0ac2f4fe05f595cda7109f22a5e6a [diff] [blame]