github/kata-containers
1
0
Fork 2
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-09-16 22:39:01 +00:00
Code Issues Projects Releases Wiki Activity

genpolicy: validate create sandbox storages

Browse Source 
Reject any unexpected values from the CreateSandboxRequest storages
field.

Signed-off-by: Dan Mihai <dmihai@microsoft.com>
This commit is contained in:
Dan Mihai
2024-01-04 22:28:24 +00:00
committed by Saul Paredes
parent dfd0ca9bfe
commit 7fe44d3a3d
5 changed files with 56 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/integration/kubernetes/tests_common.sh
View File

@@ -103,6 +103,8 @@ adapt_common_policy_settings_for_cbl_mariner() {
info "Adapting common policy settings for CBL-Mariner"
jq '.request_defaults.UpdateEphemeralMountsRequest = true' "${settings_dir}/genpolicy-settings.json" > temp.json && sudo mv temp.json "${settings_dir}/genpolicy-settings.json"
jq '.kata_config.oci_version = "1.1.0-rc.1"' "${settings_dir}/genpolicy-settings.json" > temp.json && sudo mv temp.json "${settings_dir}/genpolicy-settings.json"
jq '.sandbox.storages += [{"driver":"virtio-fs","driver_options":[],"fs_group":null,"fstype":"virtiofs","mount_point":"/run/kata-containers/shared/containers/","options":[],"source":"kataShared"}]' \
"${settings_dir}/genpolicy-settings.json" > temp.json && sudo mv temp.json "${settings_dir}/genpolicy-settings.json"
}
# adapt common policy settings for various platforms