Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Solutions related to Kyverno policies #877

Open
tmachnicki opened this issue Feb 14, 2025 · 0 comments
Open

Solutions related to Kyverno policies #877

tmachnicki opened this issue Feb 14, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@tmachnicki
Copy link

Client who is using Pega helm charts has been asking about some Kyverno policies. They want to know if they can make root filesystem read-only. Additionally - they have some environment variables which have values from some Kubernetes secrets. They need to mount these secrets as volumes. They would like to use "pegaVolumeCredentials" from _helpers.tpl inside the helm chart but they are not sure if there is a way to make them variables or use them inside context.xml.

I've checked the documentation and discussed internally and my understanding is that when it comes to the first question on making root filesystem read-only - this is a custom solution and it may work if they set up the temp and log directories with volume mounts but such a customized configuration is not officially supported at this point. Regarding the second question this is again a customization.

Client is suggesting to implement this as an enhancement request.
@tmachnicki tmachnicki added the enhancement New feature or request label Feb 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tmachnicki