apiVersion: apps/v1
kind: Deployment
metadata:
  name: code-server
spec:
  template:
    spec:
      securityContext:
        fsGroup: 0
        runAsUser: 0
      containers:
      - name: code-server
        securityContext:
          privileged: true
          runAsUser: 0
        env:
        - name: KUBECONFIG
          value: "/etc/rancher/k3s/k3s.yaml"
        - name: PATH
          value: "/usr/local/bin:/usr/bin:/bin:/sbin"
        volumeMounts:
        - name: host-k3s-config
          mountPath: /etc/rancher/k3s
          readOnly: true
        - name: host-usr-local-bin
          mountPath: /usr/local/bin
          readOnly: true
      volumes:
      - name: host-k3s-config
        hostPath:
          path: /etc/rancher/k3s
          type: Directory
      - name: host-usr-local-bin
        hostPath:
          path: /usr/local/bin
          type: Directory