diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpathvolumes0.yaml similarity index 51% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpathvolumes0.yaml index ef46248333d..36ef015553d 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -10,18 +10,8 @@ spec: - image: k8s.gcr.io/pause name: initcontainer1 volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpathvolumes1.yaml similarity index 52% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpathvolumes1.yaml index f5296a0af8b..a47c2a04ac1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -11,11 +11,8 @@ spec: name: initcontainer1 volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpathvolumes0.yaml similarity index 51% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpathvolumes0.yaml index ef46248333d..36ef015553d 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -10,18 +10,8 @@ spec: - image: k8s.gcr.io/pause name: initcontainer1 volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpathvolumes1.yaml similarity index 52% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpathvolumes1.yaml index f5296a0af8b..a47c2a04ac1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.0/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -11,11 +11,8 @@ spec: name: initcontainer1 volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpathvolumes0.yaml similarity index 51% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpathvolumes0.yaml index ef46248333d..36ef015553d 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -10,18 +10,8 @@ spec: - image: k8s.gcr.io/pause name: initcontainer1 volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpathvolumes1.yaml similarity index 52% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpathvolumes1.yaml index f5296a0af8b..a47c2a04ac1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.10/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -11,11 +11,8 @@ spec: name: initcontainer1 volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpathvolumes0.yaml similarity index 51% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpathvolumes0.yaml index ef46248333d..36ef015553d 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -10,18 +10,8 @@ spec: - image: k8s.gcr.io/pause name: initcontainer1 volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpathvolumes1.yaml similarity index 52% rename from staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpathvolumes1.yaml index f5296a0af8b..a47c2a04ac1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.1/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.11/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -11,11 +11,8 @@ spec: name: initcontainer1 volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.12/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.13/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.14/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.15/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.16/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.17/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.18/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.19/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.2/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.20/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.21/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.22/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.3/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.4/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.5/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.6/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.7/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.8/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpath0.yaml deleted file mode 100755 index ef46248333d..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpath0.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpath1.yaml deleted file mode 100755 index f5296a0af8b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpath1.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..36ef015553d --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpathvolumes0.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..a47c2a04ac1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/baseline/v1.9/fail/hostpathvolumes1.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpathvolumes0.yaml similarity index 54% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpathvolumes0.yaml index 73a32fef2a4..dfdc779b7fc 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -12,18 +12,8 @@ spec: securityContext: runAsNonRoot: true volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpathvolumes1.yaml similarity index 57% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpathvolumes1.yaml index e89b04a7020..3163dfa63a1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.0/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -13,11 +13,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpathvolumes0.yaml similarity index 54% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpathvolumes0.yaml index 73a32fef2a4..dfdc779b7fc 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -12,18 +12,8 @@ spec: securityContext: runAsNonRoot: true volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpathvolumes1.yaml similarity index 57% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpathvolumes1.yaml index e89b04a7020..3163dfa63a1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -13,11 +13,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpathvolumes1.yaml similarity index 65% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpathvolumes1.yaml index ebdc4d0e129..41e1054bafe 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -17,11 +17,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpathvolumes1.yaml similarity index 65% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpathvolumes1.yaml index ebdc4d0e129..41e1054bafe 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -17,11 +17,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpathvolumes1.yaml similarity index 65% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpathvolumes1.yaml index ebdc4d0e129..41e1054bafe 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.11/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.12/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -17,11 +17,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpathvolumes1.yaml similarity index 65% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpathvolumes1.yaml index ebdc4d0e129..41e1054bafe 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.10/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.13/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -17,11 +17,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.14/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.15/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.16/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.17/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.18/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpath0.yaml deleted file mode 100755 index f51dbff440b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpath0.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpathvolumes0.yaml similarity index 65% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpathvolumes0.yaml index f51dbff440b..c0c24b737f8 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -18,18 +18,8 @@ spec: seccompProfile: type: RuntimeDefault volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpathvolumes1.yaml similarity index 68% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpathvolumes1.yaml index d2ee473b464..f1d2392e95c 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.19/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -19,11 +19,8 @@ spec: type: RuntimeDefault volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpathvolumes0.yaml similarity index 54% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpathvolumes0.yaml index 73a32fef2a4..dfdc779b7fc 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.1/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -12,18 +12,8 @@ spec: securityContext: runAsNonRoot: true volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpathvolumes1.yaml similarity index 57% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpathvolumes1.yaml index e89b04a7020..3163dfa63a1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.2/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -13,11 +13,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..c0c24b737f8 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpathvolumes0.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpathvolumes1.yaml similarity index 68% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpathvolumes1.yaml index d2ee473b464..f1d2392e95c 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.20/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -19,11 +19,8 @@ spec: type: RuntimeDefault volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpath0.yaml deleted file mode 100755 index f51dbff440b..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpath0.yaml +++ /dev/null @@ -1,35 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - seccompProfile: - type: RuntimeDefault - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..c0c24b737f8 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpathvolumes0.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpathvolumes1.yaml similarity index 68% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpathvolumes1.yaml index d2ee473b464..f1d2392e95c 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.21/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -19,11 +19,8 @@ spec: type: RuntimeDefault volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpathvolumes0.yaml similarity index 69% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpathvolumes0.yaml index c66ee8c6d57..a294eb9f66e 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -24,18 +24,8 @@ spec: seccompProfile: type: RuntimeDefault volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpathvolumes1.yaml similarity index 72% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpathvolumes1.yaml index 203cbd0c89f..cea3d964f56 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.22/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -25,11 +25,8 @@ spec: type: RuntimeDefault volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpathvolumes0.yaml similarity index 54% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpath0.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpathvolumes0.yaml index 73a32fef2a4..dfdc779b7fc 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpath0.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpathvolumes0.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath0 + name: hostpathvolumes0 spec: containers: - image: k8s.gcr.io/pause @@ -12,18 +12,8 @@ spec: securityContext: runAsNonRoot: true volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - emptyDir: {} name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpathvolumes1.yaml similarity index 57% rename from staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpath1.yaml rename to staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpathvolumes1.yaml index e89b04a7020..3163dfa63a1 100755 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpath1.yaml +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.3/fail/hostpathvolumes1.yaml @@ -1,7 +1,7 @@ apiVersion: v1 kind: Pod metadata: - name: hostpath1 + name: hostpathvolumes1 spec: containers: - image: k8s.gcr.io/pause @@ -13,11 +13,8 @@ spec: runAsNonRoot: true volumes: - hostPath: - path: /dev/null - name: volume-hostpath-null + path: /a + name: volume-hostpath-a - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpath0.yaml deleted file mode 100755 index 73a32fef2a4..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpath0.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpath1.yaml deleted file mode 100755 index e89b04a7020..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpath1.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..dfdc779b7fc --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpathvolumes0.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..3163dfa63a1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.4/fail/hostpathvolumes1.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpath0.yaml deleted file mode 100755 index 73a32fef2a4..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpath0.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpath1.yaml deleted file mode 100755 index e89b04a7020..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpath1.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..dfdc779b7fc --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpathvolumes0.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..3163dfa63a1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.5/fail/hostpathvolumes1.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpath0.yaml deleted file mode 100755 index 73a32fef2a4..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpath0.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpath1.yaml deleted file mode 100755 index e89b04a7020..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpath1.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..dfdc779b7fc --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpathvolumes0.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..3163dfa63a1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.6/fail/hostpathvolumes1.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpath0.yaml deleted file mode 100755 index 73a32fef2a4..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpath0.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpath1.yaml deleted file mode 100755 index e89b04a7020..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpath1.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..dfdc779b7fc --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpathvolumes0.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..3163dfa63a1 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.7/fail/hostpathvolumes1.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.8/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpath0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpath0.yaml deleted file mode 100755 index ef7e51009bf..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpath0.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath0 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath - - emptyDir: {} - name: volume-emptydir - - configMap: - items: - - key: log_level - path: log_level - name: configmap - name: volume-configmap - - name: configmap - persistentVolumeClaim: - claimName: hello - readOnly: true diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpath1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpath1.yaml deleted file mode 100755 index ebdc4d0e129..00000000000 --- a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpath1.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: hostpath1 -spec: - containers: - - image: k8s.gcr.io/pause - name: container1 - securityContext: - allowPrivilegeEscalation: false - initContainers: - - image: k8s.gcr.io/pause - name: initcontainer1 - securityContext: - allowPrivilegeEscalation: false - securityContext: - runAsNonRoot: true - volumes: - - hostPath: - path: /dev/null - name: volume-hostpath-null - - hostPath: - path: /var/lib/docker - name: volume-hostpath-docker - - hostPath: - path: /sys - name: volume-hostpath-sys diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpathvolumes0.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpathvolumes0.yaml new file mode 100755 index 00000000000..0e15e2a9ac9 --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpathvolumes0.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes0 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - emptyDir: {} + name: volume-emptydir + - hostPath: + path: /a + name: volume-hostpath diff --git a/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpathvolumes1.yaml b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpathvolumes1.yaml new file mode 100755 index 00000000000..41e1054bafe --- /dev/null +++ b/staging/src/k8s.io/pod-security-admission/test/testdata/restricted/v1.9/fail/hostpathvolumes1.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: Pod +metadata: + name: hostpathvolumes1 +spec: + containers: + - image: k8s.gcr.io/pause + name: container1 + securityContext: + allowPrivilegeEscalation: false + initContainers: + - image: k8s.gcr.io/pause + name: initcontainer1 + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + volumes: + - hostPath: + path: /a + name: volume-hostpath-a + - hostPath: + path: /b + name: volume-hostpath-b