mirrors/object-browser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added FSGroupChangePolicy support to create tenant screen (#2233)

Browse Source 
Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>

Signed-off-by: Benjamin Perez <benjamin@bexsoft.net>
Co-authored-by: Benjamin Perez <benjamin@bexsoft.net>
This commit is contained in:
Alex
2022-08-10 13:28:15 -05:00
committed by GitHub
parent 25c1c854b1
commit 1e1c11b13c
11 changed files with 197 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
operatorapi/tenants_helper.go
View File

@@ -58,11 +58,14 @@ func convertModelSCToK8sSC(sc *models.SecurityContext) (*corev1.PodSecurityConte
if err != nil {
return nil, err
}
FSGroupChangePolicy := corev1.PodFSGroupChangePolicy(sc.FsGroupChangePolicy)
return &corev1.PodSecurityContext{
RunAsUser: &runAsUser,
RunAsGroup: &runAsGroup,
RunAsNonRoot: sc.RunAsNonRoot,
FSGroup: &fsGroup,
RunAsUser: &runAsUser,
RunAsGroup: &runAsGroup,
RunAsNonRoot: sc.RunAsNonRoot,
FSGroup: &fsGroup,
FSGroupChangePolicy: &FSGroupChangePolicy,
}, nil
}
@@ -71,11 +74,18 @@ func convertK8sSCToModelSC(sc *corev1.PodSecurityContext) *models.SecurityContex
runAsUser := strconv.FormatInt(*sc.RunAsUser, 10)
runAsGroup := strconv.FormatInt(*sc.RunAsGroup, 10)
fsGroup := strconv.FormatInt(*sc.FSGroup, 10)
fsGroupPolicy := ""
if sc.FSGroupChangePolicy != nil {
fsGroupPolicy = string(*sc.FSGroupChangePolicy)
}
return &models.SecurityContext{
RunAsUser: &runAsUser,
RunAsGroup: &runAsGroup,
RunAsNonRoot: sc.RunAsNonRoot,
FsGroup: fsGroup,
RunAsUser: &runAsUser,
RunAsGroup: &runAsGroup,
RunAsNonRoot: sc.RunAsNonRoot,
FsGroup: fsGroup,
FsGroupChangePolicy: fsGroupPolicy,
}
}