Merge branch '452_make_sample_policy_rule_names_consistent' of https://github.com/nirmata/kyverno into 452_make_sample_policy_rule_names_consistent

samples/DisallowBindMounts.md

@@ -1,6 +1,6 @@
 # Disallow use of bind mounts (`hostPath` volumes)
 
-The volume of type `hostPath` allows pods to use host bind mounts (i.e. directories and volumes mounted to a host path) in containers. Using host resources can be used to access shared data or escalate priviliges. Also, this couples pods to a specific host and data persisted in the `hostPath` volume is coupled to the life of the node leading to potential pod scheduling failures. It is highly recommeded that applications are designed to be decoupled from the underlying infrstructure (in this case, nodes).
+The volume of type `hostPath` allows pods to use host bind mounts (i.e. directories and volumes mounted to a host path) in containers. Using host resources can be used to access shared data or escalate privileges. Also, this couples pods to a specific host and data persisted in the `hostPath` volume is coupled to the life of the node leading to potential pod scheduling failures. It is highly recommended that applications are designed to be decoupled from the underlying infrastructure (in this case, nodes).
 
 ## Policy YAML 
 

samples/RequirePodProbes.md

@@ -2,7 +2,7 @@
 
 Liveness and readiness probes need to be configured to correctly manage a pods lifecycle during deployments, restarts, and upgrades.
 
-For each pod, a periodic `livenessProbe` is performed by the kubelet to determine if the pod's containers are running or need to be restarted. A `readinessProbe` is used by services and deployments to determine if the pod is ready to recieve network traffic.
+For each pod, a periodic `livenessProbe` is performed by the kubelet to determine if the pod's containers are running or need to be restarted. A `readinessProbe` is used by services and deployments to determine if the pod is ready to receive network traffic.
 
 ## Policy YAML 
 

samples/RequireReadOnlyRootFS.md

@@ -1,4 +1,4 @@
-# Require Read-only root filesystem
+# Require read-only root filesystem
 
 A read-only root file system helps to enforce an immutable infrastructure strategy; the container only needs to write on mounted volumes that can persist state even if the container exits. An immutable root filesystem can also prevent malicious binaries from writing to the host system.
 

samples/best_practices/disallow_bind_mounts.yaml

@@ -6,10 +6,10 @@ metadata:
     policies.kyverno.io/category: Workload Isolation
     policies.kyverno.io/description: The volume of type `hostPath` allows pods to use host bind 
       mounts (i.e. directories and volumes mounted to a host path) in containers. Using host 
-      resources can be used to access shared data or escalate priviliges. Also, this couples pods 
+      resources can be used to access shared data or escalate privileges. Also, this couples pods 
       to a specific host and data persisted in the `hostPath` volume is coupled to the life of the 
-      node leading to potential pod scheduling failures. It is highly recommeded that applications 
-      are designed to be decoupled from the underlying infrstructure (in this case, nodes).
+      node leading to potential pod scheduling failures. It is highly recommended that applications 
+      are designed to be decoupled from the underlying infrastructure (in this case, nodes).
 
 spec: 
   rules: 

samples/best_practices/require_probes.yaml

@@ -8,7 +8,7 @@ metadata:
       correctly manage a pods lifecycle during deployments, restarts, and upgrades. For each 
       pod, a periodic `livenessProbe` is performed by the kubelet to determine if the pod's 
       containers are running or need to be restarted. A `readinessProbe` is used by services 
-      and deployments to determine if the pod is ready to recieve network traffic.
+      and deployments to determine if the pod is ready to receive network traffic.
 spec:
   rules:
   - name: validate-livenessProbe-readinessProbe