mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-28 22:17:14 +00:00
rename CapabilityType Capability
This commit is contained in:
Tim Hockin
parent
fd22f48f5b
commit
65833e42c4
@ -8236,21 +8236,21 @@
|
||||
"add": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"$ref": "v1beta1.CapabilityType"
|
||||
"$ref": "v1beta1.Capability"
|
||||
},
|
||||
"description": "added capabilities"
|
||||
},
|
||||
"drop": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"$ref": "v1beta1.CapabilityType"
|
||||
"$ref": "v1beta1.Capability"
|
||||
},
|
||||
"description": "droped capabilities"
|
||||
}
|
||||
}
|
||||
},
|
||||
"v1beta1.CapabilityType": {
|
||||
"id": "v1beta1.CapabilityType",
|
||||
"v1beta1.Capability": {
|
||||
"id": "v1beta1.Capability",
|
||||
"properties": {}
|
||||
},
|
||||
"v1beta1.ComponentCondition": {
|
||||
|
||||
@ -8236,21 +8236,21 @@
|
||||
"add": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"$ref": "v1beta2.CapabilityType"
|
||||
"$ref": "v1beta2.Capability"
|
||||
},
|
||||
"description": "added capabilities"
|
||||
},
|
||||
"drop": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"$ref": "v1beta2.CapabilityType"
|
||||
"$ref": "v1beta2.Capability"
|
||||
},
|
||||
"description": "droped capabilities"
|
||||
}
|
||||
}
|
||||
},
|
||||
"v1beta2.CapabilityType": {
|
||||
"id": "v1beta2.CapabilityType",
|
||||
"v1beta2.Capability": {
|
||||
"id": "v1beta2.Capability",
|
||||
"properties": {}
|
||||
},
|
||||
"v1beta2.ComponentCondition": {
|
||||
|
||||
@ -9609,21 +9609,21 @@
|
||||
"add": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"$ref": "v1beta3.CapabilityType"
|
||||
"$ref": "v1beta3.Capability"
|
||||
},
|
||||
"description": "added capabilities"
|
||||
},
|
||||
"drop": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"$ref": "v1beta3.CapabilityType"
|
||||
"$ref": "v1beta3.Capability"
|
||||
},
|
||||
"description": "droped capabilities"
|
||||
}
|
||||
}
|
||||
},
|
||||
"v1beta3.CapabilityType": {
|
||||
"id": "v1beta3.CapabilityType",
|
||||
"v1beta3.Capability": {
|
||||
"id": "v1beta3.Capability",
|
||||
"properties": {}
|
||||
},
|
||||
"v1beta3.ComponentCondition": {
|
||||
|
||||
@ -209,8 +209,8 @@ func FuzzerFor(t *testing.T, version string, src rand.Source) *fuzz.Fuzzer {
|
||||
priv := c.RandBool()
|
||||
sc.Privileged = &priv
|
||||
sc.Capabilities = &api.Capabilities{
|
||||
Add: make([]api.CapabilityType, 0),
|
||||
Drop: make([]api.CapabilityType, 0),
|
||||
Add: make([]api.Capability, 0),
|
||||
Drop: make([]api.Capability, 0),
|
||||
}
|
||||
c.Fuzz(&sc.Capabilities.Add)
|
||||
c.Fuzz(&sc.Capabilities.Drop)
|
||||
|
||||
@ -582,15 +582,15 @@ const (
|
||||
PullIfNotPresent PullPolicy = "IfNotPresent"
|
||||
)
|
||||
|
||||
// CapabilityType represent POSIX capabilities type
|
||||
type CapabilityType string
|
||||
// Capability represent POSIX capabilities type
|
||||
type Capability string
|
||||
|
||||
// Capabilities represent POSIX capabilities that can be added or removed to a running container.
|
||||
type Capabilities struct {
|
||||
// Added capabilities
|
||||
Add []CapabilityType `json:"add,omitempty"`
|
||||
Add []Capability `json:"add,omitempty"`
|
||||
// Removed capabilities
|
||||
Drop []CapabilityType `json:"drop,omitempty"`
|
||||
Drop []Capability `json:"drop,omitempty"`
|
||||
}
|
||||
|
||||
// ResourceRequirements describes the compute resource requirements.
|
||||
|
||||
@ -84,17 +84,17 @@ func convert_v1_Capabilities_To_api_Capabilities(in *Capabilities, out *newer.Ca
|
||||
defaulting.(func(*Capabilities))(in)
|
||||
}
|
||||
if in.Add != nil {
|
||||
out.Add = make([]newer.CapabilityType, len(in.Add))
|
||||
out.Add = make([]newer.Capability, len(in.Add))
|
||||
for i := range in.Add {
|
||||
out.Add[i] = newer.CapabilityType(in.Add[i])
|
||||
out.Add[i] = newer.Capability(in.Add[i])
|
||||
}
|
||||
} else {
|
||||
out.Add = nil
|
||||
}
|
||||
if in.Drop != nil {
|
||||
out.Drop = make([]newer.CapabilityType, len(in.Drop))
|
||||
out.Drop = make([]newer.Capability, len(in.Drop))
|
||||
for i := range in.Drop {
|
||||
out.Drop[i] = newer.CapabilityType(in.Drop[i])
|
||||
out.Drop[i] = newer.Capability(in.Drop[i])
|
||||
}
|
||||
} else {
|
||||
out.Drop = nil
|
||||
@ -107,17 +107,17 @@ func convert_api_Capabilities_To_v1_Capabilities(in *newer.Capabilities, out *Ca
|
||||
defaulting.(func(*newer.Capabilities))(in)
|
||||
}
|
||||
if in.Add != nil {
|
||||
out.Add = make([]CapabilityType, len(in.Add))
|
||||
out.Add = make([]Capability, len(in.Add))
|
||||
for i := range in.Add {
|
||||
out.Add[i] = CapabilityType(in.Add[i])
|
||||
out.Add[i] = Capability(in.Add[i])
|
||||
}
|
||||
} else {
|
||||
out.Add = nil
|
||||
}
|
||||
if in.Drop != nil {
|
||||
out.Drop = make([]CapabilityType, len(in.Drop))
|
||||
out.Drop = make([]Capability, len(in.Drop))
|
||||
for i := range in.Drop {
|
||||
out.Drop[i] = CapabilityType(in.Drop[i])
|
||||
out.Drop[i] = Capability(in.Drop[i])
|
||||
}
|
||||
} else {
|
||||
out.Drop = nil
|
||||
|
||||
@ -590,15 +590,15 @@ const (
|
||||
PullIfNotPresent PullPolicy = "IfNotPresent"
|
||||
)
|
||||
|
||||
// CapabilityType represent POSIX capabilities type
|
||||
type CapabilityType string
|
||||
// Capability represent POSIX capabilities type
|
||||
type Capability string
|
||||
|
||||
// Capabilities represent POSIX capabilities that can be added or removed to a running container.
|
||||
type Capabilities struct {
|
||||
// Added capabilities
|
||||
Add []CapabilityType `json:"add,omitempty" description:"added capabilities"`
|
||||
Add []Capability `json:"add,omitempty" description:"added capabilities"`
|
||||
// Removed capabilities
|
||||
Drop []CapabilityType `json:"drop,omitempty" description:"droped capabilities"`
|
||||
Drop []Capability `json:"drop,omitempty" description:"droped capabilities"`
|
||||
}
|
||||
|
||||
// ResourceRequirements describes the compute resource requirements.
|
||||
|
||||
@ -771,11 +771,11 @@ func TestBadSecurityContextConversion(t *testing.T) {
|
||||
"mismatched caps add": {
|
||||
c: ¤t.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Add: []current.Capability{"foo"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -784,11 +784,11 @@ func TestBadSecurityContextConversion(t *testing.T) {
|
||||
"mismatched caps drop": {
|
||||
c: ¤t.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Drop: []current.CapabilityType{"foo"},
|
||||
Drop: []current.Capability{"foo"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -351,8 +351,8 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
c: current.Container{
|
||||
Privileged: false,
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &priv,
|
||||
@ -363,13 +363,13 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
c: current.Container{
|
||||
Privileged: false,
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -380,8 +380,8 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &priv,
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"biz"},
|
||||
Drop: []current.CapabilityType{"baz"},
|
||||
Add: []current.Capability{"biz"},
|
||||
Drop: []current.Capability{"baz"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -389,14 +389,14 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
"upward defaulting priv": {
|
||||
c: current.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &privTrue,
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -481,15 +481,15 @@ const (
|
||||
PullIfNotPresent PullPolicy = "PullIfNotPresent"
|
||||
)
|
||||
|
||||
// CapabilityType represent POSIX capabilities type
|
||||
type CapabilityType string
|
||||
// Capability represent POSIX capabilities type
|
||||
type Capability string
|
||||
|
||||
// Capabilities represent POSIX capabilities that can be added or removed to a running container.
|
||||
type Capabilities struct {
|
||||
// Added capabilities
|
||||
Add []CapabilityType `json:"add,omitempty" description:"added capabilities"`
|
||||
Add []Capability `json:"add,omitempty" description:"added capabilities"`
|
||||
// Removed capabilities
|
||||
Drop []CapabilityType `json:"drop,omitempty" description:"droped capabilities"`
|
||||
Drop []Capability `json:"drop,omitempty" description:"droped capabilities"`
|
||||
}
|
||||
|
||||
type ResourceRequirements struct {
|
||||
|
||||
@ -586,11 +586,11 @@ func TestBadSecurityContextConversion(t *testing.T) {
|
||||
"mismatched caps add": {
|
||||
c: ¤t.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Add: []current.Capability{"foo"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -599,11 +599,11 @@ func TestBadSecurityContextConversion(t *testing.T) {
|
||||
"mismatched caps drop": {
|
||||
c: ¤t.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Drop: []current.CapabilityType{"foo"},
|
||||
Drop: []current.Capability{"foo"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -350,8 +350,8 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
c: current.Container{
|
||||
Privileged: false,
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &priv,
|
||||
@ -362,13 +362,13 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
c: current.Container{
|
||||
Privileged: false,
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -379,8 +379,8 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &priv,
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"biz"},
|
||||
Drop: []current.CapabilityType{"baz"},
|
||||
Add: []current.Capability{"biz"},
|
||||
Drop: []current.Capability{"baz"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -388,14 +388,14 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
"upward defaulting priv": {
|
||||
c: current.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &privTrue,
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -466,17 +466,17 @@ const (
|
||||
PullIfNotPresent PullPolicy = "PullIfNotPresent"
|
||||
)
|
||||
|
||||
// CapabilityType represent POSIX capabilities type
|
||||
type CapabilityType string
|
||||
// Capability represent POSIX capabilities type
|
||||
type Capability string
|
||||
|
||||
// Capabilities represent POSIX capabilities that can be added or removed to a running container.
|
||||
//
|
||||
// http://docs.k8s.io/containers.md#capabilities
|
||||
type Capabilities struct {
|
||||
// Added capabilities
|
||||
Add []CapabilityType `json:"add,omitempty" description:"added capabilities"`
|
||||
Add []Capability `json:"add,omitempty" description:"added capabilities"`
|
||||
// Removed capabilities
|
||||
Drop []CapabilityType `json:"drop,omitempty" description:"droped capabilities"`
|
||||
Drop []Capability `json:"drop,omitempty" description:"droped capabilities"`
|
||||
}
|
||||
|
||||
type ResourceRequirements struct {
|
||||
|
||||
@ -84,17 +84,17 @@ func convert_api_Capabilities_To_v1beta3_Capabilities(in *newer.Capabilities, ou
|
||||
defaulting.(func(*newer.Capabilities))(in)
|
||||
}
|
||||
if in.Add != nil {
|
||||
out.Add = make([]CapabilityType, len(in.Add))
|
||||
out.Add = make([]Capability, len(in.Add))
|
||||
for i := range in.Add {
|
||||
out.Add[i] = CapabilityType(in.Add[i])
|
||||
out.Add[i] = Capability(in.Add[i])
|
||||
}
|
||||
} else {
|
||||
out.Add = nil
|
||||
}
|
||||
if in.Drop != nil {
|
||||
out.Drop = make([]CapabilityType, len(in.Drop))
|
||||
out.Drop = make([]Capability, len(in.Drop))
|
||||
for i := range in.Drop {
|
||||
out.Drop[i] = CapabilityType(in.Drop[i])
|
||||
out.Drop[i] = Capability(in.Drop[i])
|
||||
}
|
||||
} else {
|
||||
out.Drop = nil
|
||||
@ -107,17 +107,17 @@ func convert_v1beta3_Capabilities_To_api_Capabilities(in *Capabilities, out *new
|
||||
defaulting.(func(*Capabilities))(in)
|
||||
}
|
||||
if in.Add != nil {
|
||||
out.Add = make([]newer.CapabilityType, len(in.Add))
|
||||
out.Add = make([]newer.Capability, len(in.Add))
|
||||
for i := range in.Add {
|
||||
out.Add[i] = newer.CapabilityType(in.Add[i])
|
||||
out.Add[i] = newer.Capability(in.Add[i])
|
||||
}
|
||||
} else {
|
||||
out.Add = nil
|
||||
}
|
||||
if in.Drop != nil {
|
||||
out.Drop = make([]newer.CapabilityType, len(in.Drop))
|
||||
out.Drop = make([]newer.Capability, len(in.Drop))
|
||||
for i := range in.Drop {
|
||||
out.Drop[i] = newer.CapabilityType(in.Drop[i])
|
||||
out.Drop[i] = newer.Capability(in.Drop[i])
|
||||
}
|
||||
} else {
|
||||
out.Drop = nil
|
||||
|
||||
@ -67,11 +67,11 @@ func TestBadSecurityContextConversion(t *testing.T) {
|
||||
"mismatched caps add": {
|
||||
c: ¤t.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Add: []current.Capability{"foo"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -80,11 +80,11 @@ func TestBadSecurityContextConversion(t *testing.T) {
|
||||
"mismatched caps drop": {
|
||||
c: ¤t.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Drop: []current.CapabilityType{"foo"},
|
||||
Drop: []current.Capability{"foo"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -360,8 +360,8 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
c: current.Container{
|
||||
Privileged: false,
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &priv,
|
||||
@ -372,13 +372,13 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
c: current.Container{
|
||||
Privileged: false,
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -389,8 +389,8 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &priv,
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"biz"},
|
||||
Drop: []current.CapabilityType{"baz"},
|
||||
Add: []current.Capability{"biz"},
|
||||
Drop: []current.Capability{"baz"},
|
||||
},
|
||||
},
|
||||
},
|
||||
@ -398,14 +398,14 @@ func TestSetDefaultSecurityContext(t *testing.T) {
|
||||
"upward defaulting priv": {
|
||||
c: current.Container{
|
||||
Capabilities: current.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
SecurityContext: ¤t.SecurityContext{
|
||||
Privileged: &privTrue,
|
||||
Capabilities: ¤t.Capabilities{
|
||||
Add: []current.CapabilityType{"foo"},
|
||||
Drop: []current.CapabilityType{"bar"},
|
||||
Add: []current.Capability{"foo"},
|
||||
Drop: []current.Capability{"bar"},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@ -590,15 +590,15 @@ const (
|
||||
PullIfNotPresent PullPolicy = "IfNotPresent"
|
||||
)
|
||||
|
||||
// CapabilityType represent POSIX capabilities type
|
||||
type CapabilityType string
|
||||
// Capability represent POSIX capabilities type
|
||||
type Capability string
|
||||
|
||||
// Capabilities represent POSIX capabilities that can be added or removed to a running container.
|
||||
type Capabilities struct {
|
||||
// Added capabilities
|
||||
Add []CapabilityType `json:"add,omitempty" description:"added capabilities"`
|
||||
Add []Capability `json:"add,omitempty" description:"added capabilities"`
|
||||
// Removed capabilities
|
||||
Drop []CapabilityType `json:"drop,omitempty" description:"droped capabilities"`
|
||||
Drop []Capability `json:"drop,omitempty" description:"droped capabilities"`
|
||||
}
|
||||
|
||||
// ResourceRequirements describes the compute resource requirements.
|
||||
|
||||
@ -3175,8 +3175,8 @@ func TestValidateSecurityContext(t *testing.T) {
|
||||
return &api.SecurityContext{
|
||||
Privileged: &priv,
|
||||
Capabilities: &api.Capabilities{
|
||||
Add: []api.CapabilityType{"foo"},
|
||||
Drop: []api.CapabilityType{"bar"},
|
||||
Add: []api.Capability{"foo"},
|
||||
Drop: []api.Capability{"bar"},
|
||||
},
|
||||
SELinuxOptions: &api.SELinuxOptions{
|
||||
User: "user",
|
||||
|
||||
@ -116,10 +116,10 @@ func getAllCapabilities() string {
|
||||
return strings.Join(capabilities, ",")
|
||||
}
|
||||
|
||||
// TODO(yifan): This assumes that api.CapabilityType has the form of
|
||||
// TODO(yifan): This assumes that api.Capability has the form of
|
||||
// "CAP_SYS_ADMIN". We need to have a formal definition for
|
||||
// capabilities.
|
||||
func getCapabilities(caps []api.CapabilityType) string {
|
||||
func getCapabilities(caps []api.Capability) string {
|
||||
var capList []string
|
||||
for _, cap := range caps {
|
||||
capList = append(capList, fmt.Sprintf("%q", cap))
|
||||
|
||||
@ -81,8 +81,8 @@ func modifySecurityOption(config []string, name, value string) []string {
|
||||
return config
|
||||
}
|
||||
|
||||
// makeCapabilites creates string slices from CapabilityType slices
|
||||
func makeCapabilites(capAdd []api.CapabilityType, capDrop []api.CapabilityType) ([]string, []string) {
|
||||
// makeCapabilites creates string slices from Capability slices
|
||||
func makeCapabilites(capAdd []api.Capability, capDrop []api.Capability) ([]string, []string) {
|
||||
var (
|
||||
addCaps []string
|
||||
dropCaps []string
|
||||
|
||||
@ -154,8 +154,8 @@ func fullValidSecurityContext() *api.SecurityContext {
|
||||
return &api.SecurityContext{
|
||||
Privileged: &priv,
|
||||
Capabilities: &api.Capabilities{
|
||||
Add: []api.CapabilityType{"addCapA", "addCapB"},
|
||||
Drop: []api.CapabilityType{"dropCapA", "dropCapB"},
|
||||
Add: []api.Capability{"addCapA", "addCapB"},
|
||||
Drop: []api.Capability{"dropCapA", "dropCapB"},
|
||||
},
|
||||
SELinuxOptions: &api.SELinuxOptions{
|
||||
User: "user",
|
||||
|
||||
Loading…
Reference in New Issue
Block a user