From 8de265d8a4b33a363ed0af8987ff955b4be22aa3 Mon Sep 17 00:00:00 2001 From: Shuting Zhao Date: Fri, 10 Jan 2020 19:26:09 -0800 Subject: [PATCH] - update samples/policy - retag 1.1.0 --- samples/best_practices/disallow_bind_mounts.yaml | 1 - samples/best_practices/disallow_helm_tiller.yaml | 3 ++- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/best_practices/disallow_bind_mounts.yaml b/samples/best_practices/disallow_bind_mounts.yaml index e4db421974..264f77c508 100644 --- a/samples/best_practices/disallow_bind_mounts.yaml +++ b/samples/best_practices/disallow_bind_mounts.yaml @@ -10,7 +10,6 @@ metadata: to a specific host and data persisted in the `hostPath` volume is coupled to the life of the node leading to potential pod scheduling failures. It is highly recommended that applications are designed to be decoupled from the underlying infrastructure (in this case, nodes). - spec: rules: - name: validate-hostPath diff --git a/samples/best_practices/disallow_helm_tiller.yaml b/samples/best_practices/disallow_helm_tiller.yaml index 526bf12bfa..b2280b8efe 100644 --- a/samples/best_practices/disallow_helm_tiller.yaml +++ b/samples/best_practices/disallow_helm_tiller.yaml @@ -4,7 +4,8 @@ metadata: name: disallow-helm-tiller annotations: policies.kyverno.io/category: Security - policies.kyverno.io/description: Tiller has known security challenges. It requires adminstrative privileges and acts as a shared resource accessible to any authenticated user. Tiller can lead to privilge escalation as restricted users can impact other users. + policies.kyverno.io/description: Tiller has known security challenges. It requires adminstrative privileges and acts as a shared + resource accessible to any authenticated user. Tiller can lead to privilge escalation as restricted users can impact other users. spec: rules: - name: validate-helm-tiller