mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-06 16:06:56 +00:00
38 lines
666 B
YAML
38 lines
666 B
YAML
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: good-pod-2
|
|
namespace: staging-ns
|
|
spec:
|
|
containers:
|
|
- name: nginx1
|
|
image: nginx
|
|
args:
|
|
- sleep
|
|
- 1d
|
|
securityContext:
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
runAsNonRoot: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
add:
|
|
- foo
|
|
initContainers:
|
|
- name: nginx2
|
|
image: nginx
|
|
args:
|
|
- sleep
|
|
- 1d
|
|
securityContext:
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
runAsNonRoot: true
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
add:
|
|
- baz
|