github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2026-02-21 06:12:26 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #12008 from microsoft/saulparedes/allow_priv

Browse Source 
webhook: allow privileged containers
This commit is contained in:
Greg Kurz
2025-11-10 11:13:41 +01:00
committed by GitHub
parent df58972d41 26396881cf
commit 5810279edf
1 changed files with 0 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tools/testing/kata-webhook/main.go
View File

@@ -57,15 +57,6 @@ func annotatePodMutator(_ context.Context, ar *kwhmodel.AdmissionReview, obj met
return &kwhmutating.MutatorResult{}, nil
}
for i := range pod.Spec.Containers {
if pod.Spec.Containers[i].SecurityContext != nil && pod.Spec.Containers[i].SecurityContext.Privileged != nil {
if *pod.Spec.Containers[i].SecurityContext.Privileged {
fmt.Println("privileged container: ", pod.GetNamespace(), pod.GetName())
return &kwhmutating.MutatorResult{}, nil
}
}
}
if pod.Spec.RuntimeClassName != nil {
fmt.Println("explicit runtime: ", pod.GetNamespace(), pod.GetName(), pod.Spec.RuntimeClassName)
return &kwhmutating.MutatorResult{}, nil