github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-22 18:16:52 +00:00
Code Issues Projects Releases Wiki Activity

PodSecurity: seccompProfile_restricted: regenerate files

Browse Source
This commit is contained in:
Jordan Liggitt 2021-07-07 23:50:23 -04:00
parent 88a1241299
commit 2af08d1a5a
42 changed files with 76 additions and 260 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccomp_restricted2.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted2 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccompprofile_restricted3.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted3
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccomp_restricted4.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccompprofile_restricted4.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted4 name: seccompprofile_restricted4
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

21
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccomp_restricted2.yaml vendored
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

5
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
@ -9,8 +9,7 @@ spec:
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
localhostProfile: testing type: RuntimeDefault
type: Localhost
initContainers: initContainers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
name: initcontainer1 name: initcontainer1

21
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccomp_restricted4.yaml vendored
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: Unconfined
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccomp_restricted2.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted2 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccompprofile_restricted3.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted3
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

6
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/seccomp_restricted5.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccompprofile_restricted4.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted5 name: seccompprofile_restricted4
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
@ -9,13 +9,13 @@ spec:
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
type: Unconfined type: RuntimeDefault
initContainers: initContainers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
name: initcontainer1 name: initcontainer1
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
type: RuntimeDefault type: Unconfined
securityContext: securityContext:
runAsNonRoot: true runAsNonRoot: true

21
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccomp_restricted2.yaml vendored
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

5
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
@ -9,8 +9,7 @@ spec:
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
localhostProfile: testing type: RuntimeDefault
type: Localhost
initContainers: initContainers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
name: initcontainer1 name: initcontainer1

19
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccomp_restricted2.yaml vendored
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
securityContext:
runAsNonRoot: true

19
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccomp_restricted3.yaml vendored
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

21
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccomp_restricted4.yaml vendored
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: Unconfined
securityContext:
runAsNonRoot: true

21
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccomp_restricted5.yaml vendored
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: Unconfined
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

19
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccompprofile_restricted2.yaml vendored Executable file
View File

@ -0,0 +1,19 @@
apiVersion: v1
kind: Pod
metadata:
name: seccompprofile_restricted2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
securityContext:
runAsNonRoot: true

19
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccompprofile_restricted3.yaml vendored Executable file
View File

@ -0,0 +1,19 @@
apiVersion: v1
kind: Pod
metadata:
name: seccompprofile_restricted3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

6
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/seccomp_restricted5.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/seccompprofile_restricted4.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted5 name: seccompprofile_restricted4
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
@ -9,13 +9,13 @@ spec:
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
type: Unconfined type: RuntimeDefault
initContainers: initContainers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
name: initcontainer1 name: initcontainer1
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
type: RuntimeDefault type: Unconfined
securityContext: securityContext:
runAsNonRoot: true runAsNonRoot: true

21
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccomp_restricted2.yaml vendored
View File

@ -1,21 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/pass/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

5
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/pass/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/pass/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
@ -9,8 +9,7 @@ spec:
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
seccompProfile: seccompProfile:
localhostProfile: testing type: RuntimeDefault
type: Localhost
initContainers: initContainers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
name: initcontainer1 name: initcontainer1

27
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccomp_restricted5.yaml vendored
View File

@ -1,27 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: Unconfined
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccomp_restricted2.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted2 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccompprofile_restricted3.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted3
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccomp_restricted4.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/seccompprofile_restricted4.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted4 name: seccompprofile_restricted4
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

27
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccomp_restricted2.yaml vendored
View File

@ -1,27 +0,0 @@
apiVersion: v1
kind: Pod
metadata:
name: seccomp_restricted2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
securityContext:
runAsNonRoot: true

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccomp_restricted0.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccompprofile_restricted0.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted0 name: seccompprofile_restricted0
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

2
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccomp_restricted1.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccompprofile_restricted1.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted1 name: seccompprofile_restricted1
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause

5
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccomp_restricted3.yaml → staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/pass/seccompprofile_restricted2.yaml vendored
View File

@ -1,7 +1,7 @@
apiVersion: v1 apiVersion: v1
kind: Pod kind: Pod
metadata: metadata:
name: seccomp_restricted3 name: seccompprofile_restricted2
spec: spec:
containers: containers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
@ -12,8 +12,7 @@ spec:
drop: drop:
- ALL - ALL
seccompProfile: seccompProfile:
localhostProfile: testing type: RuntimeDefault
type: Localhost
initContainers: initContainers:
- image: k8s.gcr.io/pause - image: k8s.gcr.io/pause
name: initcontainer1 name: initcontainer1