mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 11:21:47 +00:00
Merge pull request #100234 from vinayakankugoyal/seccomp
runtime/default Seccomp Profile in kubeadm control-plane components.
This commit is contained in:
commit
365ed5c4ad
@ -67,6 +67,11 @@ func ComponentPod(container v1.Container, volumes map[string]v1.Volume, annotati
|
||||
PriorityClassName: "system-node-critical",
|
||||
HostNetwork: true,
|
||||
Volumes: VolumeMapToSlice(volumes),
|
||||
SecurityContext: &v1.PodSecurityContext{
|
||||
SeccompProfile: &v1.SeccompProfile{
|
||||
Type: v1.SeccompProfileTypeRuntimeDefault,
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
@ -408,6 +408,11 @@ func TestComponentPod(t *testing.T) {
|
||||
Labels: map[string]string{"component": "foo", "tier": "control-plane"},
|
||||
},
|
||||
Spec: v1.PodSpec{
|
||||
SecurityContext: &v1.PodSecurityContext{
|
||||
SeccompProfile: &v1.SeccompProfile{
|
||||
Type: v1.SeccompProfileTypeRuntimeDefault,
|
||||
},
|
||||
},
|
||||
Containers: []v1.Container{
|
||||
{
|
||||
Name: "foo",
|
||||
|
Loading…
Reference in New Issue
Block a user