mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
36 lines
649 B
YAML
36 lines
649 B
YAML
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: good-pod-1
|
|
namespace: default
|
|
spec:
|
|
containers:
|
|
- name: nginx1
|
|
image: nginx
|
|
args:
|
|
- sleep
|
|
- 1d
|
|
securityContext:
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
runAsNonRoot: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
add:
|
|
- NET_BIND_SERVICE
|
|
initContainers:
|
|
- name: nginx2
|
|
image: nginx
|
|
args:
|
|
- sleep
|
|
- 1d
|
|
securityContext:
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
runAsNonRoot: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|