mirrors/node-feature-discovery
mirrors/node-feature-discovery
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2025-03-28 02:37:11 +00:00
Code Activity

Merge pull request #995 from fmuyassarov/seccomp-profile-nfd-worker

Browse source 
E2E: default seccompProfile to runtimeDefault for nfd worker
This commit is contained in:
Kubernetes Prow Robot 2022-12-14 12:45:34 -08:00 committed by GitHub
commit 323fd5c6ec
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
test/e2e/utils/pod/pod.go
View file

@ -271,6 +271,9 @@ func nfdWorkerSpec(opts ...SpecOption) *corev1.PodSpec {
RunAsNonRoot: &yes,
ReadOnlyRootFilesystem: &yes,
AllowPrivilegeEscalation: &no,
SeccompProfile: &corev1.SeccompProfile{
Type: corev1.SeccompProfileTypeRuntimeDefault,
},
},
VolumeMounts: []corev1.VolumeMount{
{
@ -387,6 +390,9 @@ func NFDTopologyUpdaterSpec(kc utils.KubeletConfig, opts ...SpecOption) *corev1.
RunAsUser: pointer.Int64(0),
ReadOnlyRootFilesystem: pointer.Bool(true),
AllowPrivilegeEscalation: pointer.Bool(false),
SeccompProfile: &corev1.SeccompProfile{
Type: corev1.SeccompProfileTypeRuntimeDefault,
},
},
VolumeMounts: []corev1.VolumeMount{
{