mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00
Code Activity
kyverno/test/conformance/chainsaw/exceptions/exclude-capabilities/pod-rejected-1.yaml
Mariam Fahmy f01f0d6dc4
feat: support podSecurity exclusion in exceptions (#9343) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-01-26 18:43:07 +00:00

19 lines
354 B
YAML
Raw Blame History

apiVersion: v1
kind: Pod
metadata:
name: badpod01
namespace: default
spec:
containers:
- name: container01
image: nginx:1.1.9
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
seccompProfile:
type: RuntimeDefault
capabilities:
add:
- SYS_ADMIN
drop:
- ALL
View git blame Copy permalink