Merge pull request 'fix: remove PUID/PGID env vars from ZNC container' (#2) from fix/znc-container-crash into main
Reviewed-on: #2 Reviewed-by: polaris <no-reply.polaris@farh.net> Reviewed-by: checkov <no-reply.checkov@farh.net>
This commit is contained in:
@@ -9,3 +9,5 @@ skip-check:
|
|||||||
- CKV_K8S_14 # Image tag should be fixed (same as above)
|
- CKV_K8S_14 # Image tag should be fixed (same as above)
|
||||||
- CKV_K8S_22 # Read-only filesystem (IRC apps need to write to volumes)
|
- CKV_K8S_22 # Read-only filesystem (IRC apps need to write to volumes)
|
||||||
- CKV_K8S_40 # Containers should run as high UID (ZNC LinuxServer container needs flexibility)
|
- CKV_K8S_40 # Containers should run as high UID (ZNC LinuxServer container needs flexibility)
|
||||||
|
- CKV_K8S_23 # Minimize admission of root containers (ZNC requires root for s6-overlay init)
|
||||||
|
- CKV_K8S_20 # Containers should not run with allowPrivilegeEscalation (ZNC needs init flexibility)
|
||||||
|
|||||||
@@ -27,11 +27,6 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: znc
|
- name: znc
|
||||||
image: lscr.io/linuxserver/znc:latest
|
image: lscr.io/linuxserver/znc:latest
|
||||||
env:
|
|
||||||
- name: PUID
|
|
||||||
value: "1000"
|
|
||||||
- name: PGID
|
|
||||||
value: "1000"
|
|
||||||
|
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 6501
|
- containerPort: 6501
|
||||||
|
|||||||
Reference in New Issue
Block a user