github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-04 15:05:20 +00:00
Code Issues Projects Releases Wiki Activity

Validation on RunAsGroup - Update DropDisabled[Alpha]Fields behaviour

Browse Source
This commit is contained in:
Zheng Dayu
2018-12-27 14:38:08 +08:00
parent 13e59ab9ad
commit d4c85e977f
2 changed files with 24 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
pkg/api/podsecuritypolicy/util.go
View File

@@ -28,11 +28,8 @@ func DropDisabledFields(pspSpec, oldPSPSpec *policy.PodSecurityPolicySpec) {
if !utilfeature.DefaultFeatureGate.Enabled(features.ProcMountType) && !allowedProcMountTypesInUse(oldPSPSpec) {
pspSpec.AllowedProcMountTypes = nil
}
if !utilfeature.DefaultFeatureGate.Enabled(features.RunAsGroup) {
if !utilfeature.DefaultFeatureGate.Enabled(features.RunAsGroup) && (oldPSPSpec == nil || oldPSPSpec.RunAsGroup == nil) {
pspSpec.RunAsGroup = nil
if oldPSPSpec != nil {
oldPSPSpec.RunAsGroup = nil
}
}
}