kyverno/test/conformance/chainsaw/exceptions/exclude-privilege-escalation/pod-rejected-2.yaml

apiVersion: v1
kind: Pod
metadata:
  name: bad-pod-2
  namespace: default
spec:
  containers:
  - name: nginx1
    image: nginx
    args:
    - sleep
    - 1d
    securityContext:
      seccompProfile:
        type: RuntimeDefault
      runAsNonRoot: true
      allowPrivilegeEscalation: true
      capabilities:
        drop:
        - ALL
  initContainers:
  - name: nginx2
    image: nginx
    args:
    - sleep
    - 1d
    securityContext:
      seccompProfile:
        type: RuntimeDefault
      runAsNonRoot: true
      allowPrivilegeEscalation: true
      capabilities:
        drop:
        - ALL
feat: add chainsaw tests for pod security in exceptions (#9667) Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com> 2024-02-06 15:07:58 +02:00			`apiVersion: v1`
			`kind: Pod`
			`metadata:`
			`name: bad-pod-2`
			`namespace: default`
			`spec:`
			`containers:`
			`- name: nginx1`
			`image: nginx`
			`args:`
			`- sleep`
			`- 1d`
			`securityContext:`
			`seccompProfile:`
			`type: RuntimeDefault`
			`runAsNonRoot: true`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`drop:`
			`- ALL`
			`initContainers:`
			`- name: nginx2`
			`image: nginx`
			`args:`
			`- sleep`
			`- 1d`
			`securityContext:`
			`seccompProfile:`
			`type: RuntimeDefault`
			`runAsNonRoot: true`
			`allowPrivilegeEscalation: true`
			`capabilities:`
			`drop:`
			`- ALL`