github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-21 19:01:49 +00:00
Code Issues Projects Releases Wiki Activity

Windows: Sets the effective SecurityContext's RunAsUserName

Browse Source 
Co-Authored-By: Claudiu Belu <cbelu@cloudbasesolutions.com>
This commit is contained in:
James Sturtevant 2019-01-30 16:09:04 -08:00 committed by Claudiu Belu
parent 1c4edfba57
commit a8c78d1359
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/kubelet/kuberuntime/kuberuntime_container_windows.go
View File

@ -102,5 +102,10 @@ func (m *kubeGenericRuntimeManager) generateWindowsContainerConfig(container *v1
wc.SecurityContext.CredentialSpec = *effectiveSc.WindowsOptions.GMSACredentialSpec
}
// override with Windows options if present
if effectiveSc.WindowsOptions != nil && effectiveSc.WindowsOptions.RunAsUserName != nil {
wc.SecurityContext.RunAsUsername = *effectiveSc.WindowsOptions.RunAsUserName
}
return wc, nil
}

3
pkg/securitycontext/util.go
View File

@ -76,6 +76,9 @@ func DetermineEffectiveSecurityContext(pod *v1.Pod, container *v1.Container) *v1
effectiveSc.WindowsOptions.GMSACredentialSpecName = containerSc.WindowsOptions.GMSACredentialSpecName
effectiveSc.WindowsOptions.GMSACredentialSpec = containerSc.WindowsOptions.GMSACredentialSpec
}
if containerSc.WindowsOptions.RunAsUserName != nil {
effectiveSc.WindowsOptions.RunAsUserName = containerSc.WindowsOptions.RunAsUserName
}
}
if containerSc.Capabilities != nil {