PodSecurity: test: generate fixture data

This commit is contained in:
Jordan Liggitt 2021-06-22 14:12:58 -04:00
parent 93c6f8969a
commit 724fbfbb69
2175 changed files with 41069 additions and 0 deletions

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- NET_RAW
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- NET_RAW
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- chown
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- chown
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- bogus
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- bogus
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- CAP_CHOWN
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- CAP_CHOWN
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
user: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
user: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
user: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
role: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
role: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux8
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
role: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- AUDIT_WRITE
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- KILL
- MKNOD
- NET_BIND_SERVICE
- SETFCAP
- SETGID
- SETPCAP
- SETUID
- SYS_CHROOT
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- AUDIT_WRITE
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- KILL
- MKNOD
- NET_BIND_SERVICE
- SETFCAP
- SETGID
- SETPCAP
- SETUID
- SYS_CHROOT
securityContext: {}

View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Pod
metadata:
name: base
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext: {}

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux10
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: container_init_t
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux11
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: container_init_t
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux12
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: container_kvm_t

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux13
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: container_kvm_t
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux14
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: container_kvm_t
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux15
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux16
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux17
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux18
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
level: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux19
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
level: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux20
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
level: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: container_t

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: container_t
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux8
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: container_t
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux9
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: container_init_t

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- NET_RAW
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- NET_RAW
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- chown
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- chown
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- bogus
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- bogus
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- CAP_CHOWN
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- CAP_CHOWN
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
user: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
user: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
user: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
role: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
role: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux8
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
role: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- AUDIT_WRITE
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- KILL
- MKNOD
- NET_BIND_SERVICE
- SETFCAP
- SETGID
- SETPCAP
- SETUID
- SYS_CHROOT
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- AUDIT_WRITE
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- KILL
- MKNOD
- NET_BIND_SERVICE
- SETFCAP
- SETGID
- SETPCAP
- SETUID
- SYS_CHROOT
securityContext: {}

View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Pod
metadata:
name: base
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext: {}

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux10
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: container_init_t
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux11
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: container_init_t
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux12
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: container_kvm_t

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux13
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: container_kvm_t
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux14
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: container_kvm_t
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux15
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux16
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux17
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux18
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
level: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux19
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
level: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,16 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux20
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
level: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: container_t

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: container_t
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux8
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: container_t
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux9
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: container_init_t

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- NET_RAW
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- NET_RAW
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- chown
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- chown
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- bogus
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- bogus
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- CAP_CHOWN
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities:
add:
- CAP_CHOWN
securityContext: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
type: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux1
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
type: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux2
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
type: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux3
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
user: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux4
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
user: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux5
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
user: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux6
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions:
role: somevalue

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux7
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions:
role: somevalue
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions: {}
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Pod
metadata:
name: selinux8
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
seLinuxOptions: {}
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
seLinuxOptions:
role: somevalue
securityContext:
seLinuxOptions: {}

View File

@ -0,0 +1,30 @@
apiVersion: v1
kind: Pod
metadata:
name: addcapabilities0
spec:
containers:
- image: k8s.gcr.io/pause
name: container1
securityContext:
capabilities:
add:
- AUDIT_WRITE
- CHOWN
- DAC_OVERRIDE
- FOWNER
- FSETID
- KILL
- MKNOD
- NET_BIND_SERVICE
- SETFCAP
- SETGID
- SETPCAP
- SETUID
- SYS_CHROOT
initContainers:
- image: k8s.gcr.io/pause
name: initcontainer1
securityContext:
capabilities: {}
securityContext: {}

Some files were not shown because too many files have changed in this diff Show More