From 8291f8490b997ed7250b39dc89f7ff69ab69c33d Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Wed, 7 Jul 2021 13:54:22 -0400 Subject: [PATCH] PodSecurity: allowPrivilegeEscalation: regenerate files --- .../v1.10/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.10/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.10/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.11/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.11/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.11/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.12/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.12/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.12/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.13/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.13/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.13/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.14/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.14/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.14/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.15/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.15/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.15/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.16/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.16/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.16/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.17/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.17/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.17/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.18/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.18/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.18/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.19/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.19/fail/allowprivilegeescalation4.yaml | 17 ---------------- .../v1.19/fail/allowprivilegeescalation5.yaml | 17 ---------------- .../v1.20/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.20/fail/allowprivilegeescalation4.yaml | 17 ---------------- .../v1.20/fail/allowprivilegeescalation5.yaml | 17 ---------------- .../v1.21/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.21/fail/allowprivilegeescalation4.yaml | 17 ---------------- .../v1.21/fail/allowprivilegeescalation5.yaml | 17 ---------------- .../v1.22/fail/allowprivilegeescalation3.yaml | 6 +----- .../v1.22/fail/allowprivilegeescalation4.yaml | 20 ------------------- .../v1.22/fail/allowprivilegeescalation5.yaml | 20 ------------------- .../v1.8/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.8/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.8/fail/allowprivilegeescalation5.yaml | 15 -------------- .../v1.9/fail/allowprivilegeescalation3.yaml | 5 ++--- .../v1.9/fail/allowprivilegeescalation4.yaml | 15 -------------- .../v1.9/fail/allowprivilegeescalation5.yaml | 15 -------------- 45 files changed, 29 insertions(+), 519 deletions(-) delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation5.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation4.yaml delete mode 100755 staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation5.yaml diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation3.yaml index 8b9881e7afc..1626227484f 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation3.yaml @@ -6,12 +6,11 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true seccompProfile: diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 42457598c95..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 72af5337a51..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation3.yaml index 8b9881e7afc..1626227484f 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation3.yaml @@ -6,12 +6,11 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true seccompProfile: diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 42457598c95..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 72af5337a51..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation3.yaml index 8b9881e7afc..1626227484f 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation3.yaml @@ -6,12 +6,11 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true seccompProfile: diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 42457598c95..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 72af5337a51..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,17 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation3.yaml index c3a07d39fe7..da7f59c2414 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation3.yaml @@ -6,15 +6,11 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL initContainers: - image: k8s.gcr.io/pause name: initcontainer1 securityContext: + allowPrivilegeEscalation: false capabilities: drop: - ALL diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 3c5ac470fa3..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index a74f096bd20..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation3.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation3.yaml index 981f2c97513..a80ac92ce12 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation3.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation3.yaml @@ -6,11 +6,10 @@ spec: containers: - image: k8s.gcr.io/pause name: container1 - securityContext: - allowPrivilegeEscalation: false initContainers: - image: k8s.gcr.io/pause name: initcontainer1 - securityContext: {} + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation4.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation4.yaml deleted file mode 100755 index 6c21220c390..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation4.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation4 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation5.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation5.yaml deleted file mode 100755 index 6c9c205114e..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/allowprivilegeescalation5.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: allowprivilegeescalation5 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true