github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-07 19:23:40 +00:00
Code Issues Projects Releases Wiki Activity

PodSecurity: runAsUser: generated fixtures

Browse Source
This commit is contained in:
Jordan Liggitt 2021-10-25 13:30:21 -04:00
parent a476a5e00e
commit 40635ca59e
4 changed files with 106 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.23/fail/runasuser0.yaml vendored Executable file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: Pod
metadata:
name: runasuser0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
securityContext:
runAsNonRoot: true
runAsUser: 0
seccompProfile:
type: RuntimeDefault

26
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.23/fail/runasuser1.yaml vendored Executable file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: Pod
metadata:
name: runasuser1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsUser: 0
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault

26
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.23/fail/runasuser2.yaml vendored Executable file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: Pod
metadata:
name: runasuser2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsUser: 0
securityContext:
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault

28
staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.23/pass/runasuser0.yaml vendored Executable file
View File

@ -0,0 +1,28 @@
apiVersion: v1
kind: Pod
metadata:
name: runasuser0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsUser: 1000
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsUser: 1000
securityContext:
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault