mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 11:29:26 +00:00
89121527da
Add ~74 new automated tests that verify K8s PSP Support. For each PSP attribute, add both positive and negative test cases. For some of the more complicated attributes like runAsUser/Group/etc, include cases where the uids are specicified both at the container security context level and pod security context level and then combined with mayRunAs/mustRunAs, etc. Also, some existing tests are updated to handle proper use of "in" and "intersects" in expressions. Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
11 lines
173 B
YAML
11 lines
173 B
YAML
apiVersion: policy/v1beta1
|
|
kind: PodSecurityPolicy
|
|
metadata:
|
|
annotations:
|
|
falco-rules-psp-images: "[nginx]"
|
|
name: only_secret_volumes
|
|
spec:
|
|
volumes:
|
|
- secret
|
|
|