Allow orbital to be deployed with readonly filesystem

Its best practise to deploy pods with readonly filesystem using the following security context

```
securityContext:
    capabilities:
      drop:
        - all
    readOnlyRootFilesystem: true
    runAsNonRoot: true
    runAsUser: 1000
    runAsGroup: 1000
```

Currently Orbital clones taxi projects in its workspace to `.orbital/gitProjects` which wont work with readonly filesystem

This helm chart is mounting a `/tmp` volume to allow for data that is not part of the readonly filesystem, once orbtial allows for configuring the location of these repos, the chart should set the above readonly context by default and configure the location to `/tmp`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Allow orbital to be deployed with readonly filesystem #1

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Allow orbital to be deployed with readonly filesystem #1

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions