Attention: Deprecation notice for Bintray, JCenter, GoCenter and ChartCenter. Learn More
gitlab/apparmor
Chart version: 0.2.0
Api version: v1
App version: 0.1.0
AppArmor profile loader for Kubernetes
application
Chart Type
Active
Status
Unknown
License
339
Downloads
https://charts.gitlab.io
Set me up:
helm repo add center https://repo.chartcenter.io
Install Chart:
helm install apparmor center/gitlab/apparmor
Versions (0)
View all
AppArmor Loader
Overview
Helm chart based on the following repository: https://github.com/kubernetes/kubernetes/tree/master/test/images/apparmor-loader.
This chart also supports Pod Security Policies deployment so you could activate loaded profiles across multiple pods.
At the moment, there is a limitation on updating and deleting profiles.
Profiles
Profiles can be added by overwriting profiles as the following:
profiles:
profile-one: |-
profile profile-one {
file,
}
profile-two: |-
profile profile-two {
umount,
}
PodSecurityPolicy
PodSecurityPolicies can be added by setting securityPolicies as the following:
securityPolicies:
example:
defaultProfile: profile-one
allowedProfiles:
- profile-one
- profile-two
spec:
privileged: false
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
runAsUser:
rule: RunAsAny
fsGroup:
rule: RunAsAny
volumes:
- '*'
Further information
More information on the AppArmor profile language can be found in: - Quick guide - Full reference - Policy layout