mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-31 03:45:17 +00:00
update policy markdowns
This commit is contained in:
parent
23fd317eee
commit
550f9d89b4
2 changed files with 9 additions and 0 deletions
|
@ -15,6 +15,8 @@ apiVersion: kyverno.io/v1
|
|||
kind: ClusterPolicy
|
||||
metadata:
|
||||
name: disallow-new-capabilities
|
||||
annotations:
|
||||
pod-policies.kyverno.io/autogen-controllers: none
|
||||
spec:
|
||||
rules:
|
||||
- name: validate-add-capabilities
|
||||
|
|
|
@ -28,8 +28,15 @@ spec:
|
|||
- spec:
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
- spec:
|
||||
securityContext:
|
||||
runAsUser: ">0"
|
||||
- spec:
|
||||
containers:
|
||||
- securityContext:
|
||||
runAsNonRoot: true
|
||||
- spec:
|
||||
containers:
|
||||
- securityContext:
|
||||
runAsUser: ">0"
|
||||
````
|
||||
|
|
Loading…
Add table
Reference in a new issue