mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 11:50:44 +00:00
PodSecurity: test: generate fixture data
This commit is contained in:
parent
93c6f8969a
commit
724fbfbb69
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities0.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities0.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_RAW
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities1.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities1.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_RAW
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities2.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities2.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- chown
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities3.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities3.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- chown
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities4.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities4.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- bogus
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities5.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities5.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- bogus
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- CAP_CHOWN
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/addcapabilities7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- CAP_CHOWN
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux0.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux0.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux1.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux1.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux2.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux2.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux3.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux3.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux4.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux4.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux5.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux5.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux8.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/selinux8.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux8
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/addcapabilities0.yaml
vendored
Executable file
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/addcapabilities0.yaml
vendored
Executable file
@ -0,0 +1,30 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- AUDIT_WRITE
|
||||
- CHOWN
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- FSETID
|
||||
- KILL
|
||||
- MKNOD
|
||||
- NET_BIND_SERVICE
|
||||
- SETFCAP
|
||||
- SETGID
|
||||
- SETPCAP
|
||||
- SETUID
|
||||
- SYS_CHROOT
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/addcapabilities1.yaml
vendored
Executable file
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/addcapabilities1.yaml
vendored
Executable file
@ -0,0 +1,30 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- AUDIT_WRITE
|
||||
- CHOWN
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- FSETID
|
||||
- KILL
|
||||
- MKNOD
|
||||
- NET_BIND_SERVICE
|
||||
- SETFCAP
|
||||
- SETGID
|
||||
- SETPCAP
|
||||
- SETUID
|
||||
- SYS_CHROOT
|
||||
securityContext: {}
|
11
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/base.yaml
vendored
Executable file
11
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/base.yaml
vendored
Executable file
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: base
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux0.yaml
vendored
Executable file
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux0.yaml
vendored
Executable file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext: {}
|
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux1.yaml
vendored
Executable file
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux1.yaml
vendored
Executable file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux10.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux10.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux10
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_init_t
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux11.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux11.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux11
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_init_t
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux12.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux12.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux12
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_kvm_t
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux13.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux13.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux13
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_kvm_t
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux14.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux14.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux14
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_kvm_t
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux15.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux15.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux15
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux16.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux16.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux16
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux17.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux17.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux17
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux18.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux18.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux18
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
level: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux19.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux19.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux19
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
level: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux2.yaml
vendored
Executable file
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux2.yaml
vendored
Executable file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux20.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux20.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux20
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
level: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux3.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux3.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux4.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux4.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux5.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux5.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_t
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_t
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux8.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux8.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux8
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_t
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux9.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/pass/selinux9.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux9
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_init_t
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities0.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities0.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_RAW
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities1.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities1.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_RAW
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities2.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities2.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- chown
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities3.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities3.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- chown
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities4.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities4.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- bogus
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities5.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities5.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- bogus
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- CAP_CHOWN
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/addcapabilities7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- CAP_CHOWN
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux0.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux0.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux1.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux1.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux2.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux2.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux3.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux3.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux4.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux4.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux5.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux5.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux8.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/selinux8.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux8
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/addcapabilities0.yaml
vendored
Executable file
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/addcapabilities0.yaml
vendored
Executable file
@ -0,0 +1,30 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- AUDIT_WRITE
|
||||
- CHOWN
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- FSETID
|
||||
- KILL
|
||||
- MKNOD
|
||||
- NET_BIND_SERVICE
|
||||
- SETFCAP
|
||||
- SETGID
|
||||
- SETPCAP
|
||||
- SETUID
|
||||
- SYS_CHROOT
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/addcapabilities1.yaml
vendored
Executable file
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/addcapabilities1.yaml
vendored
Executable file
@ -0,0 +1,30 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- AUDIT_WRITE
|
||||
- CHOWN
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- FSETID
|
||||
- KILL
|
||||
- MKNOD
|
||||
- NET_BIND_SERVICE
|
||||
- SETFCAP
|
||||
- SETGID
|
||||
- SETPCAP
|
||||
- SETUID
|
||||
- SYS_CHROOT
|
||||
securityContext: {}
|
11
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/base.yaml
vendored
Executable file
11
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/base.yaml
vendored
Executable file
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: base
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux0.yaml
vendored
Executable file
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux0.yaml
vendored
Executable file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext: {}
|
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux1.yaml
vendored
Executable file
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux1.yaml
vendored
Executable file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux10.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux10.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux10
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_init_t
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux11.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux11.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux11
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_init_t
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux12.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux12.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux12
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_kvm_t
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux13.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux13.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux13
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_kvm_t
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux14.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux14.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux14
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_kvm_t
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux15.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux15.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux15
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux16.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux16.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux16
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux17.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux17.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux17
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux18.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux18.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux18
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
level: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux19.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux19.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux19
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
level: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux2.yaml
vendored
Executable file
16
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux2.yaml
vendored
Executable file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux20.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux20.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux20
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
level: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux3.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux3.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux4.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux4.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux5.yaml
vendored
Executable file
17
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux5.yaml
vendored
Executable file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_t
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_t
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux8.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux8.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux8
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_t
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux9.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/pass/selinux9.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux9
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: container_init_t
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities0.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities0.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_RAW
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities1.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities1.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- NET_RAW
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities2.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities2.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- chown
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities3.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities3.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- chown
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities4.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities4.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- bogus
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities5.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities5.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- bogus
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- CAP_CHOWN
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/addcapabilities7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- CAP_CHOWN
|
||||
securityContext: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux0.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux0.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux1.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux1.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux1
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux2.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux2.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux2
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
type: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux3.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux3.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux3
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux4.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux4.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux4
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux5.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux5.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux5
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
user: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux6.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux6.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux6
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux7.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux7.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux7
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux8.yaml
vendored
Executable file
18
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/selinux8.yaml
vendored
Executable file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: selinux8
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
seLinuxOptions:
|
||||
role: somevalue
|
||||
securityContext:
|
||||
seLinuxOptions: {}
|
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/pass/addcapabilities0.yaml
vendored
Executable file
30
staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/pass/addcapabilities0.yaml
vendored
Executable file
@ -0,0 +1,30 @@
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: addcapabilities0
|
||||
spec:
|
||||
containers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: container1
|
||||
securityContext:
|
||||
capabilities:
|
||||
add:
|
||||
- AUDIT_WRITE
|
||||
- CHOWN
|
||||
- DAC_OVERRIDE
|
||||
- FOWNER
|
||||
- FSETID
|
||||
- KILL
|
||||
- MKNOD
|
||||
- NET_BIND_SERVICE
|
||||
- SETFCAP
|
||||
- SETGID
|
||||
- SETPCAP
|
||||
- SETUID
|
||||
- SYS_CHROOT
|
||||
initContainers:
|
||||
- image: k8s.gcr.io/pause
|
||||
name: initcontainer1
|
||||
securityContext:
|
||||
capabilities: {}
|
||||
securityContext: {}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user