mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-06 07:57:07 +00:00
Code Activity
kyverno/test/conformance/chainsaw/exceptions/psa-run-as-non-root/good-pod.yaml
Mariam Fahmy 35494bd8bb
feat add chainsaw tests for pod security and exceptions (#10664) 
* feat add chainsaw tests for pod security and exceptions

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

* fix: enable ProcMountType in the kind config

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>

---------

Signed-off-by: Mariam Fahmy <mariam.fahmy@nirmata.com>
2024-07-16 12:14:47 +00:00

40 lines
787 B
YAML
Raw Blame History

apiVersion: v1
kind: Pod
metadata:
labels:
run: test-pod
name: test-pod
spec:
securityContext:
runAsNonRoot: true
containers:
- image: nginx
name: test-pod
resources:
limits:
cpu: "2"
memory: 4Gi
requests:
cpu: 50m
memory: 256Mi
securityContext:
allowPrivilegeEscalation: false
initContainers:
- args:
- istio-iptables
env:
- name: TERMINATION_DRAIN_DURATION_SECONDS
value: "30"
image: some.registry/istio/proxyv2:1.18.7
imagePullPolicy: IfNotPresent
name: istio-init
resources:
limits:
cpu: "2"
memory: 1Gi
requests:
cpu: 10m
memory: 40Mi
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: false
View git blame Copy permalink