github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 14:37:00 +00:00
Code Issues Projects Releases Wiki Activity

local-up-cluster.sh should be conformant out-of-the-box

Browse Source 
rename ALLOW_SECURITY_CONTEXT to DENY_SECURITY_CONTEXT_ADMISSION to be
in line with the other admission plugins (like PSP_ADMISSION). Make
sure by default, this plugin is not  enabled as well.
This commit is contained in:
Davanum Srinivas 2018-02-09 17:59:02 -05:00
parent 9de5839944
commit 9238f38400
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
hack/local-up-cluster.sh
View File

@ -23,7 +23,7 @@ DOCKER_OPTS=${DOCKER_OPTS:-""}
DOCKER=(docker ${DOCKER_OPTS}) DOCKER=(docker ${DOCKER_OPTS})
DOCKERIZE_KUBELET=${DOCKERIZE_KUBELET:-""} DOCKERIZE_KUBELET=${DOCKERIZE_KUBELET:-""}
ALLOW_PRIVILEGED=${ALLOW_PRIVILEGED:-""} ALLOW_PRIVILEGED=${ALLOW_PRIVILEGED:-""}
ALLOW_SECURITY_CONTEXT=${ALLOW_SECURITY_CONTEXT:-""} DENY_SECURITY_CONTEXT_ADMISSION=${DENY_SECURITY_CONTEXT_ADMISSION:-""}
PSP_ADMISSION=${PSP_ADMISSION:-""} PSP_ADMISSION=${PSP_ADMISSION:-""}
NODE_ADMISSION=${NODE_ADMISSION:-""} NODE_ADMISSION=${NODE_ADMISSION:-""}
RUNTIME_CONFIG=${RUNTIME_CONFIG:-""} RUNTIME_CONFIG=${RUNTIME_CONFIG:-""}
@ -418,7 +418,7 @@ function set_service_accounts {
function start_apiserver { function start_apiserver {
security_admission="" security_admission=""
if [[ -z "${ALLOW_SECURITY_CONTEXT}" ]]; then if [[ -n "${DENY_SECURITY_CONTEXT_ADMISSION}" ]]; then
security_admission=",SecurityContextDeny" security_admission=",SecurityContextDeny"
fi fi
if [[ -n "${PSP_ADMISSION}" ]]; then if [[ -n "${PSP_ADMISSION}" ]]; then