mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00
Code Activity
kyverno/test/conformance/chainsaw/exceptions/exclude-restricted-capabilities/pod-rejected-1.yaml
Mariam Fahmy ace5b59003
feat: add chainsaw tests for pod security in exceptions (#9667) 
Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-02-06 13:07:58 +00:00

38 lines
665 B
YAML
Raw Blame History

apiVersion: v1
kind: Pod
metadata:
name: bad-pod-1
namespace: staging-ns
spec:
containers:
- name: nginx1
image: nginx
args:
- sleep
- 1d
securityContext:
seccompProfile:
type: RuntimeDefault
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
add:
- baz
initContainers:
- name: nginx2
image: nginx
args:
- sleep
- 1d
securityContext:
seccompProfile:
type: RuntimeDefault
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
add:
- foo
View git blame Copy permalink