kyverno/test/conformance/chainsaw/exceptions/exclude-privilege-escalation/pod-rejected-2.yaml

apiVersion: v1
kind: Pod
metadata:
  name: bad-pod-2
  namespace: default
spec:
  containers:
  - name: nginx1
    image: nginx
    args:
    - sleep
    - 1d
    securityContext:
      seccompProfile:
        type: RuntimeDefault
      runAsNonRoot: true
      allowPrivilegeEscalation: true
      capabilities:
        drop:
        - ALL
  initContainers:
  - name: nginx2
    image: nginx
    args:
    - sleep
    - 1d
    securityContext:
      seccompProfile:
        type: RuntimeDefault
      runAsNonRoot: true
      allowPrivilegeEscalation: true
      capabilities:
        drop:
        - ALL