mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-08-07 11:13:48 +00:00
Generated code
This commit is contained in:
Tim Allclair
parent
94927afb50
commit
b7f620c12b
35
api/openapi-spec/swagger.json
generated
35
api/openapi-spec/swagger.json
generated
@ -4933,6 +4933,31 @@
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"io.k8s.api.core.v1.AppArmorProfile": {
|
||||
"description": "AppArmorProfile defines a pod or container's AppArmor settings.",
|
||||
"properties": {
|
||||
"localhostProfile": {
|
||||
"description": "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".",
|
||||
"type": "string"
|
||||
},
|
||||
"type": {
|
||||
"description": "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"type"
|
||||
],
|
||||
"type": "object",
|
||||
"x-kubernetes-unions": [
|
||||
{
|
||||
"discriminator": "type",
|
||||
"fields-to-discriminateBy": {
|
||||
"localhostProfile": "LocalhostProfile"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"io.k8s.api.core.v1.AttachedVolume": {
|
||||
"description": "AttachedVolume describes a volume attached to a node",
|
||||
"properties": {
|
||||
@ -8812,6 +8837,10 @@
|
||||
"io.k8s.api.core.v1.PodSecurityContext": {
|
||||
"description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.",
|
||||
"properties": {
|
||||
"appArmorProfile": {
|
||||
"$ref": "#/definitions/io.k8s.api.core.v1.AppArmorProfile",
|
||||
"description": "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"fsGroup": {
|
||||
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"format": "int64",
|
||||
@ -8994,7 +9023,7 @@
|
||||
},
|
||||
"os": {
|
||||
"$ref": "#/definitions/io.k8s.api.core.v1.PodOS",
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
},
|
||||
"overhead": {
|
||||
"additionalProperties": {
|
||||
@ -10316,6 +10345,10 @@
|
||||
"description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"$ref": "#/definitions/io.k8s.api.core.v1.AppArmorProfile",
|
||||
"description": "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"capabilities": {
|
||||
"$ref": "#/definitions/io.k8s.api.core.v1.Capabilities",
|
||||
"description": "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows."
|
||||
|
||||
@ -263,6 +263,32 @@
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"io.k8s.api.core.v1.AppArmorProfile": {
|
||||
"description": "AppArmorProfile defines a pod or container's AppArmor settings.",
|
||||
"properties": {
|
||||
"localhostProfile": {
|
||||
"description": "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".",
|
||||
"type": "string"
|
||||
},
|
||||
"type": {
|
||||
"default": "",
|
||||
"description": "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"type"
|
||||
],
|
||||
"type": "object",
|
||||
"x-kubernetes-unions": [
|
||||
{
|
||||
"discriminator": "type",
|
||||
"fields-to-discriminateBy": {
|
||||
"localhostProfile": "LocalhostProfile"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"io.k8s.api.core.v1.AttachedVolume": {
|
||||
"description": "AttachedVolume describes a volume attached to a node",
|
||||
"properties": {
|
||||
@ -5161,6 +5187,14 @@
|
||||
"io.k8s.api.core.v1.PodSecurityContext": {
|
||||
"description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.",
|
||||
"properties": {
|
||||
"appArmorProfile": {
|
||||
"allOf": [
|
||||
{
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.AppArmorProfile"
|
||||
}
|
||||
],
|
||||
"description": "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"fsGroup": {
|
||||
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"format": "int64",
|
||||
@ -5399,7 +5433,7 @@
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.PodOS"
|
||||
}
|
||||
],
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
},
|
||||
"overhead": {
|
||||
"additionalProperties": {
|
||||
@ -6999,6 +7033,14 @@
|
||||
"description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"allOf": [
|
||||
{
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.AppArmorProfile"
|
||||
}
|
||||
],
|
||||
"description": "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"capabilities": {
|
||||
"allOf": [
|
||||
{
|
||||
|
||||
@ -1391,6 +1391,32 @@
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"io.k8s.api.core.v1.AppArmorProfile": {
|
||||
"description": "AppArmorProfile defines a pod or container's AppArmor settings.",
|
||||
"properties": {
|
||||
"localhostProfile": {
|
||||
"description": "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".",
|
||||
"type": "string"
|
||||
},
|
||||
"type": {
|
||||
"default": "",
|
||||
"description": "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"type"
|
||||
],
|
||||
"type": "object",
|
||||
"x-kubernetes-unions": [
|
||||
{
|
||||
"discriminator": "type",
|
||||
"fields-to-discriminateBy": {
|
||||
"localhostProfile": "LocalhostProfile"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"io.k8s.api.core.v1.AzureDiskVolumeSource": {
|
||||
"description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.",
|
||||
"properties": {
|
||||
@ -3578,6 +3604,14 @@
|
||||
"io.k8s.api.core.v1.PodSecurityContext": {
|
||||
"description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.",
|
||||
"properties": {
|
||||
"appArmorProfile": {
|
||||
"allOf": [
|
||||
{
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.AppArmorProfile"
|
||||
}
|
||||
],
|
||||
"description": "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"fsGroup": {
|
||||
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"format": "int64",
|
||||
@ -3816,7 +3850,7 @@
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.PodOS"
|
||||
}
|
||||
],
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
},
|
||||
"overhead": {
|
||||
"additionalProperties": {
|
||||
@ -4524,6 +4558,14 @@
|
||||
"description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"allOf": [
|
||||
{
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.AppArmorProfile"
|
||||
}
|
||||
],
|
||||
"description": "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"capabilities": {
|
||||
"allOf": [
|
||||
{
|
||||
|
||||
@ -695,6 +695,32 @@
|
||||
},
|
||||
"type": "object"
|
||||
},
|
||||
"io.k8s.api.core.v1.AppArmorProfile": {
|
||||
"description": "AppArmorProfile defines a pod or container's AppArmor settings.",
|
||||
"properties": {
|
||||
"localhostProfile": {
|
||||
"description": "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".",
|
||||
"type": "string"
|
||||
},
|
||||
"type": {
|
||||
"default": "",
|
||||
"description": "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.",
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"type"
|
||||
],
|
||||
"type": "object",
|
||||
"x-kubernetes-unions": [
|
||||
{
|
||||
"discriminator": "type",
|
||||
"fields-to-discriminateBy": {
|
||||
"localhostProfile": "LocalhostProfile"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"io.k8s.api.core.v1.AzureDiskVolumeSource": {
|
||||
"description": "AzureDisk represents an Azure Data Disk mount on the host and bind mount to the pod.",
|
||||
"properties": {
|
||||
@ -2737,6 +2763,14 @@
|
||||
"io.k8s.api.core.v1.PodSecurityContext": {
|
||||
"description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext. Field values of container.securityContext take precedence over field values of PodSecurityContext.",
|
||||
"properties": {
|
||||
"appArmorProfile": {
|
||||
"allOf": [
|
||||
{
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.AppArmorProfile"
|
||||
}
|
||||
],
|
||||
"description": "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"fsGroup": {
|
||||
"description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw----\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"format": "int64",
|
||||
@ -2975,7 +3009,7 @@
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.PodOS"
|
||||
}
|
||||
],
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
"description": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup"
|
||||
},
|
||||
"overhead": {
|
||||
"additionalProperties": {
|
||||
@ -3683,6 +3717,14 @@
|
||||
"description": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.",
|
||||
"type": "boolean"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"allOf": [
|
||||
{
|
||||
"$ref": "#/components/schemas/io.k8s.api.core.v1.AppArmorProfile"
|
||||
}
|
||||
],
|
||||
"description": "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows."
|
||||
},
|
||||
"capabilities": {
|
||||
"allOf": [
|
||||
{
|
||||
|
||||
36
pkg/apis/core/v1/zz_generated.conversion.go
generated
36
pkg/apis/core/v1/zz_generated.conversion.go
generated
@ -62,6 +62,16 @@ func RegisterConversions(s *runtime.Scheme) error {
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1.AppArmorProfile)(nil), (*core.AppArmorProfile)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1_AppArmorProfile_To_core_AppArmorProfile(a.(*v1.AppArmorProfile), b.(*core.AppArmorProfile), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*core.AppArmorProfile)(nil), (*v1.AppArmorProfile)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_core_AppArmorProfile_To_v1_AppArmorProfile(a.(*core.AppArmorProfile), b.(*v1.AppArmorProfile), scope)
|
||||
}); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := s.AddGeneratedConversionFunc((*v1.AttachedVolume)(nil), (*core.AttachedVolume)(nil), func(a, b interface{}, scope conversion.Scope) error {
|
||||
return Convert_v1_AttachedVolume_To_core_AttachedVolume(a.(*v1.AttachedVolume), b.(*core.AttachedVolume), scope)
|
||||
}); err != nil {
|
||||
@ -2375,6 +2385,28 @@ func Convert_core_Affinity_To_v1_Affinity(in *core.Affinity, out *v1.Affinity, s
|
||||
return autoConvert_core_Affinity_To_v1_Affinity(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1_AppArmorProfile_To_core_AppArmorProfile(in *v1.AppArmorProfile, out *core.AppArmorProfile, s conversion.Scope) error {
|
||||
out.Type = core.AppArmorProfileType(in.Type)
|
||||
out.LocalhostProfile = (*string)(unsafe.Pointer(in.LocalhostProfile))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_v1_AppArmorProfile_To_core_AppArmorProfile is an autogenerated conversion function.
|
||||
func Convert_v1_AppArmorProfile_To_core_AppArmorProfile(in *v1.AppArmorProfile, out *core.AppArmorProfile, s conversion.Scope) error {
|
||||
return autoConvert_v1_AppArmorProfile_To_core_AppArmorProfile(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_core_AppArmorProfile_To_v1_AppArmorProfile(in *core.AppArmorProfile, out *v1.AppArmorProfile, s conversion.Scope) error {
|
||||
out.Type = v1.AppArmorProfileType(in.Type)
|
||||
out.LocalhostProfile = (*string)(unsafe.Pointer(in.LocalhostProfile))
|
||||
return nil
|
||||
}
|
||||
|
||||
// Convert_core_AppArmorProfile_To_v1_AppArmorProfile is an autogenerated conversion function.
|
||||
func Convert_core_AppArmorProfile_To_v1_AppArmorProfile(in *core.AppArmorProfile, out *v1.AppArmorProfile, s conversion.Scope) error {
|
||||
return autoConvert_core_AppArmorProfile_To_v1_AppArmorProfile(in, out, s)
|
||||
}
|
||||
|
||||
func autoConvert_v1_AttachedVolume_To_core_AttachedVolume(in *v1.AttachedVolume, out *core.AttachedVolume, s conversion.Scope) error {
|
||||
out.Name = core.UniqueVolumeName(in.Name)
|
||||
out.DevicePath = in.DevicePath
|
||||
@ -6382,6 +6414,7 @@ func autoConvert_v1_PodSecurityContext_To_core_PodSecurityContext(in *v1.PodSecu
|
||||
out.Sysctls = *(*[]core.Sysctl)(unsafe.Pointer(&in.Sysctls))
|
||||
out.FSGroupChangePolicy = (*core.PodFSGroupChangePolicy)(unsafe.Pointer(in.FSGroupChangePolicy))
|
||||
out.SeccompProfile = (*core.SeccompProfile)(unsafe.Pointer(in.SeccompProfile))
|
||||
out.AppArmorProfile = (*core.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile))
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -6406,6 +6439,7 @@ func autoConvert_core_PodSecurityContext_To_v1_PodSecurityContext(in *core.PodSe
|
||||
out.FSGroupChangePolicy = (*v1.PodFSGroupChangePolicy)(unsafe.Pointer(in.FSGroupChangePolicy))
|
||||
out.Sysctls = *(*[]v1.Sysctl)(unsafe.Pointer(&in.Sysctls))
|
||||
out.SeccompProfile = (*v1.SeccompProfile)(unsafe.Pointer(in.SeccompProfile))
|
||||
out.AppArmorProfile = (*v1.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile))
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -7759,6 +7793,7 @@ func autoConvert_v1_SecurityContext_To_core_SecurityContext(in *v1.SecurityConte
|
||||
out.AllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.AllowPrivilegeEscalation))
|
||||
out.ProcMount = (*core.ProcMountType)(unsafe.Pointer(in.ProcMount))
|
||||
out.SeccompProfile = (*core.SeccompProfile)(unsafe.Pointer(in.SeccompProfile))
|
||||
out.AppArmorProfile = (*core.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile))
|
||||
return nil
|
||||
}
|
||||
|
||||
@ -7779,6 +7814,7 @@ func autoConvert_core_SecurityContext_To_v1_SecurityContext(in *core.SecurityCon
|
||||
out.AllowPrivilegeEscalation = (*bool)(unsafe.Pointer(in.AllowPrivilegeEscalation))
|
||||
out.ProcMount = (*v1.ProcMountType)(unsafe.Pointer(in.ProcMount))
|
||||
out.SeccompProfile = (*v1.SeccompProfile)(unsafe.Pointer(in.SeccompProfile))
|
||||
out.AppArmorProfile = (*v1.AppArmorProfile)(unsafe.Pointer(in.AppArmorProfile))
|
||||
return nil
|
||||
}
|
||||
|
||||
|
||||
31
pkg/apis/core/zz_generated.deepcopy.go
generated
31
pkg/apis/core/zz_generated.deepcopy.go
generated
@ -74,6 +74,27 @@ func (in *Affinity) DeepCopy() *Affinity {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AppArmorProfile) DeepCopyInto(out *AppArmorProfile) {
|
||||
*out = *in
|
||||
if in.LocalhostProfile != nil {
|
||||
in, out := &in.LocalhostProfile, &out.LocalhostProfile
|
||||
*out = new(string)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppArmorProfile.
|
||||
func (in *AppArmorProfile) DeepCopy() *AppArmorProfile {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(AppArmorProfile)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AttachedVolume) DeepCopyInto(out *AttachedVolume) {
|
||||
*out = *in
|
||||
@ -4010,6 +4031,11 @@ func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) {
|
||||
*out = new(SeccompProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.AppArmorProfile != nil {
|
||||
in, out := &in.AppArmorProfile, &out.AppArmorProfile
|
||||
*out = new(AppArmorProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -5378,6 +5404,11 @@ func (in *SecurityContext) DeepCopyInto(out *SecurityContext) {
|
||||
*out = new(SeccompProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.AppArmorProfile != nil {
|
||||
in, out := &in.AppArmorProfile, &out.AppArmorProfile
|
||||
*out = new(AppArmorProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
61
pkg/generated/openapi/zz_generated.openapi.go
generated
61
pkg/generated/openapi/zz_generated.openapi.go
generated
@ -360,6 +360,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
|
||||
"k8s.io/api/coordination/v1beta1.LeaseSpec": schema_k8sio_api_coordination_v1beta1_LeaseSpec(ref),
|
||||
"k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref),
|
||||
"k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref),
|
||||
"k8s.io/api/core/v1.AppArmorProfile": schema_k8sio_api_core_v1_AppArmorProfile(ref),
|
||||
"k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref),
|
||||
"k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref),
|
||||
"k8s.io/api/core/v1.AzureDiskVolumeSource": schema_k8sio_api_core_v1_AzureDiskVolumeSource(ref),
|
||||
@ -17980,6 +17981,48 @@ func schema_k8sio_api_core_v1_Affinity(ref common.ReferenceCallback) common.Open
|
||||
}
|
||||
}
|
||||
|
||||
func schema_k8sio_api_core_v1_AppArmorProfile(ref common.ReferenceCallback) common.OpenAPIDefinition {
|
||||
return common.OpenAPIDefinition{
|
||||
Schema: spec.Schema{
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "AppArmorProfile defines a pod or container's AppArmor settings.",
|
||||
Type: []string{"object"},
|
||||
Properties: map[string]spec.Schema{
|
||||
"type": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.\n\nPossible enum values:\n - `\"Localhost\"` indicates that a profile pre-loaded on the node should be used.\n - `\"RuntimeDefault\"` indicates that the container runtime's default AppArmor profile should be used.\n - `\"Unconfined\"` indicates that no AppArmor profile should be enforced.",
|
||||
Default: "",
|
||||
Type: []string{"string"},
|
||||
Format: "",
|
||||
Enum: []interface{}{"Localhost", "RuntimeDefault", "Unconfined"},
|
||||
},
|
||||
},
|
||||
"localhostProfile": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".",
|
||||
Type: []string{"string"},
|
||||
Format: "",
|
||||
},
|
||||
},
|
||||
},
|
||||
Required: []string{"type"},
|
||||
},
|
||||
VendorExtensible: spec.VendorExtensible{
|
||||
Extensions: spec.Extensions{
|
||||
"x-kubernetes-unions": []interface{}{
|
||||
map[string]interface{}{
|
||||
"discriminator": "type",
|
||||
"fields-to-discriminateBy": map[string]interface{}{
|
||||
"localhostProfile": "LocalhostProfile",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func schema_k8sio_api_core_v1_AttachedVolume(ref common.ReferenceCallback) common.OpenAPIDefinition {
|
||||
return common.OpenAPIDefinition{
|
||||
Schema: spec.Schema{
|
||||
@ -26001,11 +26044,17 @@ func schema_k8sio_api_core_v1_PodSecurityContext(ref common.ReferenceCallback) c
|
||||
Ref: ref("k8s.io/api/core/v1.SeccompProfile"),
|
||||
},
|
||||
},
|
||||
"appArmorProfile": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
|
||||
Ref: ref("k8s.io/api/core/v1.AppArmorProfile"),
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
"k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"},
|
||||
"k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.Sysctl", "k8s.io/api/core/v1.WindowsSecurityContextOptions"},
|
||||
}
|
||||
}
|
||||
|
||||
@ -26449,7 +26498,7 @@ func schema_k8sio_api_core_v1_PodSpec(ref common.ReferenceCallback) common.OpenA
|
||||
},
|
||||
"os": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
|
||||
Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
|
||||
Ref: ref("k8s.io/api/core/v1.PodOS"),
|
||||
},
|
||||
},
|
||||
@ -28878,11 +28927,17 @@ func schema_k8sio_api_core_v1_SecurityContext(ref common.ReferenceCallback) comm
|
||||
Ref: ref("k8s.io/api/core/v1.SeccompProfile"),
|
||||
},
|
||||
},
|
||||
"appArmorProfile": {
|
||||
SchemaProps: spec.SchemaProps{
|
||||
Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
|
||||
Ref: ref("k8s.io/api/core/v1.AppArmorProfile"),
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
Dependencies: []string{
|
||||
"k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"},
|
||||
"k8s.io/api/core/v1.AppArmorProfile", "k8s.io/api/core/v1.Capabilities", "k8s.io/api/core/v1.SELinuxOptions", "k8s.io/api/core/v1.SeccompProfile", "k8s.io/api/core/v1.WindowsSecurityContextOptions"},
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
2688
staging/src/k8s.io/api/core/v1/generated.pb.go
generated
2688
staging/src/k8s.io/api/core/v1/generated.pb.go
generated
File diff suppressed because it is too large
Load Diff
@ -77,6 +77,25 @@ message Affinity {
|
||||
optional PodAntiAffinity podAntiAffinity = 3;
|
||||
}
|
||||
|
||||
// AppArmorProfile defines a pod or container's AppArmor settings.
|
||||
// +union
|
||||
message AppArmorProfile {
|
||||
// type indicates which kind of AppArmor profile will be applied.
|
||||
// Valid options are:
|
||||
// Localhost - a profile pre-loaded on the node.
|
||||
// RuntimeDefault - the container runtime's default profile.
|
||||
// Unconfined - no AppArmor enforcement.
|
||||
// +unionDiscriminator
|
||||
optional string type = 1;
|
||||
|
||||
// localhostProfile indicates a profile loaded on the node that should be used.
|
||||
// The profile must be preconfigured on the node to work.
|
||||
// Must match the loaded name of the profile.
|
||||
// Must be set if and only if type is "Localhost".
|
||||
// +optional
|
||||
optional string localhostProfile = 2;
|
||||
}
|
||||
|
||||
// AttachedVolume describes a volume attached to a node
|
||||
message AttachedVolume {
|
||||
// Name of the attached volume
|
||||
@ -3866,6 +3885,11 @@ message PodSecurityContext {
|
||||
// Note that this field cannot be set when spec.os.name is windows.
|
||||
// +optional
|
||||
optional SeccompProfile seccompProfile = 10;
|
||||
|
||||
// appArmorProfile is the AppArmor options to use by the containers in this pod.
|
||||
// Note that this field cannot be set when spec.os.name is windows.
|
||||
// +optional
|
||||
optional AppArmorProfile appArmorProfile = 11;
|
||||
}
|
||||
|
||||
// Describes the class of pods that should avoid this node.
|
||||
@ -4154,6 +4178,7 @@ message PodSpec {
|
||||
// - spec.hostPID
|
||||
// - spec.hostIPC
|
||||
// - spec.hostUsers
|
||||
// - spec.securityContext.appArmorProfile
|
||||
// - spec.securityContext.seLinuxOptions
|
||||
// - spec.securityContext.seccompProfile
|
||||
// - spec.securityContext.fsGroup
|
||||
@ -4163,6 +4188,7 @@ message PodSpec {
|
||||
// - spec.securityContext.runAsUser
|
||||
// - spec.securityContext.runAsGroup
|
||||
// - spec.securityContext.supplementalGroups
|
||||
// - spec.containers[*].securityContext.appArmorProfile
|
||||
// - spec.containers[*].securityContext.seLinuxOptions
|
||||
// - spec.containers[*].securityContext.seccompProfile
|
||||
// - spec.containers[*].securityContext.capabilities
|
||||
@ -5343,6 +5369,12 @@ message SecurityContext {
|
||||
// Note that this field cannot be set when spec.os.name is windows.
|
||||
// +optional
|
||||
optional SeccompProfile seccompProfile = 11;
|
||||
|
||||
// appArmorProfile is the AppArmor options to use by this container. If set, this profile
|
||||
// overrides the pod's appArmorProfile.
|
||||
// Note that this field cannot be set when spec.os.name is windows.
|
||||
// +optional
|
||||
optional AppArmorProfile appArmorProfile = 12;
|
||||
}
|
||||
|
||||
// SerializedReference is a reference to serialized object.
|
||||
|
||||
@ -4163,7 +4163,7 @@ type PodSecurityContext struct {
|
||||
// appArmorProfile is the AppArmor options to use by the containers in this pod.
|
||||
// Note that this field cannot be set when spec.os.name is windows.
|
||||
// +optional
|
||||
AppArmorProfile *AppArmorProfile `json:"appArmorProfile,omitempty"`
|
||||
AppArmorProfile *AppArmorProfile `json:"appArmorProfile,omitempty" protobuf:"bytes,11,opt,name=appArmorProfile"`
|
||||
}
|
||||
|
||||
// SeccompProfile defines a pod/container's seccomp profile settings.
|
||||
@ -4209,14 +4209,14 @@ type AppArmorProfile struct {
|
||||
// RuntimeDefault - the container runtime's default profile.
|
||||
// Unconfined - no AppArmor enforcement.
|
||||
// +unionDiscriminator
|
||||
Type AppArmorProfileType `json:"type"`
|
||||
Type AppArmorProfileType `json:"type" protobuf:"bytes,1,opt,name=type,casttype=AppArmorProfileType"`
|
||||
|
||||
// localhostProfile indicates a profile loaded on the node that should be used.
|
||||
// The profile must be preconfigured on the node to work.
|
||||
// Must match the loaded name of the profile.
|
||||
// Must be set if and only if type is "Localhost".
|
||||
// +optional
|
||||
LocalhostProfile *string `json:"localhostProfile,omitempty"`
|
||||
LocalhostProfile *string `json:"localhostProfile,omitempty" protobuf:"bytes,2,opt,name=localhostProfile"`
|
||||
}
|
||||
|
||||
// +enum
|
||||
@ -7255,7 +7255,7 @@ type SecurityContext struct {
|
||||
// overrides the pod's appArmorProfile.
|
||||
// Note that this field cannot be set when spec.os.name is windows.
|
||||
// +optional
|
||||
AppArmorProfile *AppArmorProfile `json:"appArmorProfile,omitempty"`
|
||||
AppArmorProfile *AppArmorProfile `json:"appArmorProfile,omitempty" protobuf:"bytes,12,opt,name=appArmorProfile"`
|
||||
}
|
||||
|
||||
// +enum
|
||||
|
||||
@ -50,6 +50,16 @@ func (Affinity) SwaggerDoc() map[string]string {
|
||||
return map_Affinity
|
||||
}
|
||||
|
||||
var map_AppArmorProfile = map[string]string{
|
||||
"": "AppArmorProfile defines a pod or container's AppArmor settings.",
|
||||
"type": "type indicates which kind of AppArmor profile will be applied. Valid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement.",
|
||||
"localhostProfile": "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is \"Localhost\".",
|
||||
}
|
||||
|
||||
func (AppArmorProfile) SwaggerDoc() map[string]string {
|
||||
return map_AppArmorProfile
|
||||
}
|
||||
|
||||
var map_AttachedVolume = map[string]string{
|
||||
"": "AttachedVolume describes a volume attached to a node",
|
||||
"name": "Name of the attached volume",
|
||||
@ -1705,6 +1715,7 @@ var map_PodSecurityContext = map[string]string{
|
||||
"sysctls": "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"fsGroupChangePolicy": "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"seccompProfile": "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"appArmorProfile": "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
|
||||
}
|
||||
|
||||
func (PodSecurityContext) SwaggerDoc() map[string]string {
|
||||
@ -1757,7 +1768,7 @@ var map_PodSpec = map[string]string{
|
||||
"overhead": "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md",
|
||||
"topologySpreadConstraints": "TopologySpreadConstraints describes how a group of pods ought to spread across topology domains. Scheduler will schedule pods in a way which abides by the constraints. All topologySpreadConstraints are ANDed.",
|
||||
"setHostnameAsFQDN": "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. If a pod does not have FQDN, this has no effect. Default to false.",
|
||||
"os": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
|
||||
"os": "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set.\n\nIf the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions\n\nIf the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
|
||||
"hostUsers": "Use the host's user namespace. Optional: Default to true. If set to true or not present, the pod will be run in the host user namespace, useful for when the pod needs a feature only available to the host user namespace, such as loading a kernel module with CAP_SYS_MODULE. When set to false, a new userns is created for the pod. Setting false is useful for mitigating container breakout vulnerabilities even allowing users to run their containers as root without actually having root privileges on the host. This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature.",
|
||||
"schedulingGates": "SchedulingGates is an opaque list of values that if specified will block scheduling the pod. If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the scheduler will not attempt to schedule the pod.\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.",
|
||||
"resourceClaims": "ResourceClaims defines which ResourceClaims must be allocated and reserved before the Pod is allowed to start. The resources will be made available to those containers which consume them by name.\n\nThis is an alpha field and requires enabling the DynamicResourceAllocation feature gate.\n\nThis field is immutable.",
|
||||
@ -2274,6 +2285,7 @@ var map_SecurityContext = map[string]string{
|
||||
"allowPrivilegeEscalation": "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.",
|
||||
"procMount": "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"seccompProfile": "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
|
||||
"appArmorProfile": "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
|
||||
}
|
||||
|
||||
func (SecurityContext) SwaggerDoc() map[string]string {
|
||||
|
||||
@ -74,6 +74,27 @@ func (in *Affinity) DeepCopy() *Affinity {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AppArmorProfile) DeepCopyInto(out *AppArmorProfile) {
|
||||
*out = *in
|
||||
if in.LocalhostProfile != nil {
|
||||
in, out := &in.LocalhostProfile, &out.LocalhostProfile
|
||||
*out = new(string)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AppArmorProfile.
|
||||
func (in *AppArmorProfile) DeepCopy() *AppArmorProfile {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(AppArmorProfile)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AttachedVolume) DeepCopyInto(out *AttachedVolume) {
|
||||
*out = *in
|
||||
@ -3998,6 +4019,11 @@ func (in *PodSecurityContext) DeepCopyInto(out *PodSecurityContext) {
|
||||
*out = new(SeccompProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.AppArmorProfile != nil {
|
||||
in, out := &in.AppArmorProfile, &out.AppArmorProfile
|
||||
*out = new(AppArmorProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -5388,6 +5414,11 @@ func (in *SecurityContext) DeepCopyInto(out *SecurityContext) {
|
||||
*out = new(SeccompProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
if in.AppArmorProfile != nil {
|
||||
in, out := &in.AppArmorProfile, &out.AppArmorProfile
|
||||
*out = new(AppArmorProfile)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
@ -777,6 +777,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1067,6 +1071,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1357,6 +1365,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1410,6 +1422,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -345,6 +345,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -556,6 +559,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -769,6 +775,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -856,6 +865,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -353,6 +353,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -564,6 +567,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -777,6 +783,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -864,6 +873,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -779,6 +779,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1069,6 +1073,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1359,6 +1367,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1412,6 +1424,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -345,6 +345,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -556,6 +559,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -769,6 +775,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -856,6 +865,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -353,6 +353,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -564,6 +567,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -777,6 +783,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -864,6 +873,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -355,6 +355,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -566,6 +569,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -779,6 +785,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -866,6 +875,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -353,6 +353,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -564,6 +567,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -777,6 +783,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -864,6 +873,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -777,6 +777,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1067,6 +1071,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1357,6 +1365,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1410,6 +1422,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -345,6 +345,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -556,6 +559,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -769,6 +775,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -856,6 +865,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -353,6 +353,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -564,6 +567,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -777,6 +783,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -864,6 +873,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -779,6 +779,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1069,6 +1073,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1359,6 +1367,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1412,6 +1424,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -345,6 +345,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -556,6 +559,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -769,6 +775,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -856,6 +865,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -353,6 +353,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -564,6 +567,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -777,6 +783,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -864,6 +873,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -853,6 +853,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1143,6 +1147,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1433,6 +1441,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1486,6 +1498,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -401,6 +401,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -612,6 +615,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -825,6 +831,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -912,6 +921,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -804,6 +804,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1094,6 +1098,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1384,6 +1392,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1437,6 +1449,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
BIN
staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.pb
vendored
BIN
staging/src/k8s.io/api/testdata/HEAD/batch.v1.Job.pb
vendored
Binary file not shown.
@ -365,6 +365,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -576,6 +579,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -789,6 +795,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -876,6 +885,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -853,6 +853,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1143,6 +1147,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1433,6 +1441,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1486,6 +1498,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -401,6 +401,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -612,6 +615,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -825,6 +831,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -912,6 +921,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -719,6 +719,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1009,6 +1013,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1299,6 +1307,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1352,6 +1364,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
BIN
staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.pb
vendored
BIN
staging/src/k8s.io/api/testdata/HEAD/core.v1.Pod.pb
vendored
Binary file not shown.
@ -301,6 +301,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -512,6 +515,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -725,6 +731,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -812,6 +821,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -762,6 +762,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1052,6 +1056,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1342,6 +1350,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1395,6 +1407,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -334,6 +334,9 @@ template:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -545,6 +548,9 @@ template:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -758,6 +764,9 @@ template:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -845,6 +854,9 @@ template:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -768,6 +768,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1058,6 +1062,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1348,6 +1356,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1401,6 +1413,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -339,6 +339,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -550,6 +553,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -763,6 +769,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -850,6 +859,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -777,6 +777,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1067,6 +1071,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1357,6 +1365,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1410,6 +1422,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -345,6 +345,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -556,6 +559,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -769,6 +775,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -856,6 +865,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -778,6 +778,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1068,6 +1072,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1358,6 +1366,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1411,6 +1423,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -355,6 +355,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -566,6 +569,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -779,6 +785,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -866,6 +875,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -779,6 +779,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1069,6 +1073,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1359,6 +1367,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"stdin": true,
|
||||
@ -1412,6 +1424,10 @@
|
||||
"seccompProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
},
|
||||
"appArmorProfile": {
|
||||
"type": "typeValue",
|
||||
"localhostProfile": "localhostProfileValue"
|
||||
}
|
||||
},
|
||||
"imagePullSecrets": [
|
||||
|
||||
Binary file not shown.
@ -345,6 +345,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -556,6 +559,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -769,6 +775,9 @@ spec:
|
||||
restartPolicy: restartPolicyValue
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: true
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
capabilities:
|
||||
add:
|
||||
- addValue
|
||||
@ -856,6 +865,9 @@ spec:
|
||||
schedulingGates:
|
||||
- name: nameValue
|
||||
securityContext:
|
||||
appArmorProfile:
|
||||
localhostProfile: localhostProfileValue
|
||||
type: typeValue
|
||||
fsGroup: 5
|
||||
fsGroupChangePolicy: fsGroupChangePolicyValue
|
||||
runAsGroup: 6
|
||||
|
||||
@ -0,0 +1,52 @@
|
||||
/*
|
||||
Copyright The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
// Code generated by applyconfiguration-gen. DO NOT EDIT.
|
||||
|
||||
package v1
|
||||
|
||||
import (
|
||||
v1 "k8s.io/api/core/v1"
|
||||
)
|
||||
|
||||
// AppArmorProfileApplyConfiguration represents an declarative configuration of the AppArmorProfile type for use
|
||||
// with apply.
|
||||
type AppArmorProfileApplyConfiguration struct {
|
||||
Type *v1.AppArmorProfileType `json:"type,omitempty"`
|
||||
LocalhostProfile *string `json:"localhostProfile,omitempty"`
|
||||
}
|
||||
|
||||
// AppArmorProfileApplyConfiguration constructs an declarative configuration of the AppArmorProfile type for use with
|
||||
// apply.
|
||||
func AppArmorProfile() *AppArmorProfileApplyConfiguration {
|
||||
return &AppArmorProfileApplyConfiguration{}
|
||||
}
|
||||
|
||||
// WithType sets the Type field in the declarative configuration to the given value
|
||||
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
|
||||
// If called multiple times, the Type field is set to the value of the last call.
|
||||
func (b *AppArmorProfileApplyConfiguration) WithType(value v1.AppArmorProfileType) *AppArmorProfileApplyConfiguration {
|
||||
b.Type = &value
|
||||
return b
|
||||
}
|
||||
|
||||
// WithLocalhostProfile sets the LocalhostProfile field in the declarative configuration to the given value
|
||||
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
|
||||
// If called multiple times, the LocalhostProfile field is set to the value of the last call.
|
||||
func (b *AppArmorProfileApplyConfiguration) WithLocalhostProfile(value string) *AppArmorProfileApplyConfiguration {
|
||||
b.LocalhostProfile = &value
|
||||
return b
|
||||
}
|
||||
@ -35,6 +35,7 @@ type PodSecurityContextApplyConfiguration struct {
|
||||
Sysctls []SysctlApplyConfiguration `json:"sysctls,omitempty"`
|
||||
FSGroupChangePolicy *corev1.PodFSGroupChangePolicy `json:"fsGroupChangePolicy,omitempty"`
|
||||
SeccompProfile *SeccompProfileApplyConfiguration `json:"seccompProfile,omitempty"`
|
||||
AppArmorProfile *AppArmorProfileApplyConfiguration `json:"appArmorProfile,omitempty"`
|
||||
}
|
||||
|
||||
// PodSecurityContextApplyConfiguration constructs an declarative configuration of the PodSecurityContext type for use with
|
||||
@ -129,3 +130,11 @@ func (b *PodSecurityContextApplyConfiguration) WithSeccompProfile(value *Seccomp
|
||||
b.SeccompProfile = value
|
||||
return b
|
||||
}
|
||||
|
||||
// WithAppArmorProfile sets the AppArmorProfile field in the declarative configuration to the given value
|
||||
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
|
||||
// If called multiple times, the AppArmorProfile field is set to the value of the last call.
|
||||
func (b *PodSecurityContextApplyConfiguration) WithAppArmorProfile(value *AppArmorProfileApplyConfiguration) *PodSecurityContextApplyConfiguration {
|
||||
b.AppArmorProfile = value
|
||||
return b
|
||||
}
|
||||
|
||||
@ -36,6 +36,7 @@ type SecurityContextApplyConfiguration struct {
|
||||
AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty"`
|
||||
ProcMount *corev1.ProcMountType `json:"procMount,omitempty"`
|
||||
SeccompProfile *SeccompProfileApplyConfiguration `json:"seccompProfile,omitempty"`
|
||||
AppArmorProfile *AppArmorProfileApplyConfiguration `json:"appArmorProfile,omitempty"`
|
||||
}
|
||||
|
||||
// SecurityContextApplyConfiguration constructs an declarative configuration of the SecurityContext type for use with
|
||||
@ -131,3 +132,11 @@ func (b *SecurityContextApplyConfiguration) WithSeccompProfile(value *SeccompPro
|
||||
b.SeccompProfile = value
|
||||
return b
|
||||
}
|
||||
|
||||
// WithAppArmorProfile sets the AppArmorProfile field in the declarative configuration to the given value
|
||||
// and returns the receiver, so that objects can be built by chaining "With" function invocations.
|
||||
// If called multiple times, the AppArmorProfile field is set to the value of the last call.
|
||||
func (b *SecurityContextApplyConfiguration) WithAppArmorProfile(value *AppArmorProfileApplyConfiguration) *SecurityContextApplyConfiguration {
|
||||
b.AppArmorProfile = value
|
||||
return b
|
||||
}
|
||||
|
||||
@ -4141,6 +4141,21 @@ var schemaYAML = typed.YAMLObject(`types:
|
||||
- name: podAntiAffinity
|
||||
type:
|
||||
namedType: io.k8s.api.core.v1.PodAntiAffinity
|
||||
- name: io.k8s.api.core.v1.AppArmorProfile
|
||||
map:
|
||||
fields:
|
||||
- name: localhostProfile
|
||||
type:
|
||||
scalar: string
|
||||
- name: type
|
||||
type:
|
||||
scalar: string
|
||||
default: ""
|
||||
unions:
|
||||
- discriminator: type
|
||||
fields:
|
||||
- fieldName: localhostProfile
|
||||
discriminatorValue: LocalhostProfile
|
||||
- name: io.k8s.api.core.v1.AttachedVolume
|
||||
map:
|
||||
fields:
|
||||
@ -6460,6 +6475,9 @@ var schemaYAML = typed.YAMLObject(`types:
|
||||
- name: io.k8s.api.core.v1.PodSecurityContext
|
||||
map:
|
||||
fields:
|
||||
- name: appArmorProfile
|
||||
type:
|
||||
namedType: io.k8s.api.core.v1.AppArmorProfile
|
||||
- name: fsGroup
|
||||
type:
|
||||
scalar: numeric
|
||||
@ -7354,6 +7372,9 @@ var schemaYAML = typed.YAMLObject(`types:
|
||||
- name: allowPrivilegeEscalation
|
||||
type:
|
||||
scalar: boolean
|
||||
- name: appArmorProfile
|
||||
type:
|
||||
namedType: io.k8s.api.core.v1.AppArmorProfile
|
||||
- name: capabilities
|
||||
type:
|
||||
namedType: io.k8s.api.core.v1.Capabilities
|
||||
|
||||
@ -585,6 +585,8 @@ func ForKind(kind schema.GroupVersionKind) interface{} {
|
||||
// Group=core, Version=v1
|
||||
case corev1.SchemeGroupVersion.WithKind("Affinity"):
|
||||
return &applyconfigurationscorev1.AffinityApplyConfiguration{}
|
||||
case corev1.SchemeGroupVersion.WithKind("AppArmorProfile"):
|
||||
return &applyconfigurationscorev1.AppArmorProfileApplyConfiguration{}
|
||||
case corev1.SchemeGroupVersion.WithKind("AttachedVolume"):
|
||||
return &applyconfigurationscorev1.AttachedVolumeApplyConfiguration{}
|
||||
case corev1.SchemeGroupVersion.WithKind("AWSElasticBlockStoreVolumeSource"):
|
||||
|
||||
Loading…
Reference in New Issue
Block a user