A Kubernetes operator that bridges Hardware Security Module (HSM) data storage with Kubernetes Secrets, providing true secret portability th
fix again?
+2
-2
+2
-2
internal/controller/hsmpool_agent_controller.go
+2
-2
internal/controller/hsmpool_agent_controller.go
···
664
664
},
665
665
},
666
666
SecurityContext: &corev1.SecurityContext{
667
-
Privileged: falsePtr, // No privileged container needed
668
-
AllowPrivilegeEscalation: falsePtr, // No privilege escalation needed
667
+
Privileged: truePtr,
668
+
AllowPrivilegeEscalation: truePtr,
669
669
ReadOnlyRootFilesystem: falsePtr, // pcscd needs writable /run and /var/lock
670
670
RunAsNonRoot: falsePtr, // Root required for USB device access
671
671
RunAsUser: &rootUserId,