remove unnecessary volumes from pluginConfig

vardhaman22 · vardhaman22 · commit f8c8f2280db5 · 2025-04-01T14:41:37.000+05:30
also set privileged false for the pod
diff --git a/pkg/securityscan/core/templates/pluginConfig.template b/pkg/securityscan/core/templates/pluginConfig.template
@@ -29,15 +29,6 @@ data:
         key: CriticalAddonsOnly
         operator: Exists
       volumes:
-      - hostPath:
-          path: /
-        name: root
-      - hostPath:
-          path: /etc/passwd
-        name: etc-passwd
-      - hostPath:
-          path: /etc/group
-        name: etc-group
       - hostPath:
           path: /var/lib/rancher
         name: var-rancher
@@ -106,20 +97,11 @@ data:
       {{- end }}
       imagePullPolicy: IfNotPresent
       securityContext:
-        privileged: true
+        privileged: false
       volumeMounts:
       - mountPath: /tmp/results
         name: results
         readOnly: false
-      - mountPath: /node
-        name: root
-        readOnly: true
-      - mountPath: /etc/passwd
-        name: etc-passwd
-        readOnly: true
-      - mountPath: /etc/group
-        name: etc-group
-        readOnly: true
       - mountPath: /var/lib/rancher
         name: var-rancher
         readOnly: true
