kubernetes

Author	SHA1	Message	Date
marosset	fd94032b21	Kubelet updates for Windows HostProcess Containers	2021-05-19 16:24:14 -07:00
Shihang Zhang	3db7275b54	set proper file permission for projected service account volume	2020-05-04 18:25:23 -07:00
James Sturtevant	a8c78d1359	Windows: Sets the effective SecurityContext's RunAsUserName Co-Authored-By: Claudiu Belu <cbelu@cloudbasesolutions.com>	2019-07-17 15:03:11 +00:00
Jean Rouge	b39d8f4777	Kubelet & implementation changes for Windows GMSA support This patch comprises the kubelet changes outlined in the Windows GMSA KEP (https://github.com/kubernetes/enhancements/blob/master/keps/sig-windows/20181221-windows-group-managed-service-accounts-for-container-identity.md) to add GMSA support to Windows workloads. Updated tests. Signed-off-by: Jean Rouge <rougej+github@gmail.com>	2019-05-16 22:07:03 -04:00
Thomas Gamble	344dd90881	Fix golint failures in pkg/securitycontext	2019-04-20 20:38:40 -04:00
WanLinghao	e9edbf1d52	Clean unused code in pkg/securitycontext/util.go	2019-02-11 10:30:47 +08:00
Jess Frazelle	30dcca6233	ProcMount: add api options and feature gate Signed-off-by: Jess Frazelle <acidburn@microsoft.com>	2018-08-30 11:40:02 -04:00
Mayank Kumar	eecef462c8	remove unused code in securitycontext	2018-03-29 23:32:48 -07:00
Mayank Kumar	b888415ebf	API Changes for RunAsGroup and Implementation and e2e	2018-02-28 22:09:56 -08:00
Slava Semushin	4e74211aaf	pkg/securitycontext/util.go(InternalDetermineEffectiveSecurityContext): remove unused function.	2017-11-15 17:50:03 +01:00
Dr. Stefan Schimanski	012b085ac8	pkg/apis/core: mechanical import fixes in dependencies	2017-11-09 12:14:08 +01:00
Jess Frazelle	0ad51ed763	AllowPrivilegeEscalation: add validations for caps and privileged Signed-off-by: Jess Frazelle <acidburn@microsoft.com>	2017-09-25 13:22:02 -04:00
Jess Frazelle	0f349cc61f	allowPrivilegeEscalation: modify api types & add functionality Signed-off-by: Jess Frazelle <acidburn@google.com>	2017-07-24 12:52:41 -04:00
Chao Xu	60604f8818	run hack/update-all	2017-06-22 11:31:03 -07:00
Chao Xu	f4989a45a5	run root-rewrite-v1-..., compile	2017-06-22 10:25:57 -07:00
mbohlool	c91a12d205	Remove all references to types.UnixUserID and types.UnixGroupID	2017-06-21 04:09:07 -07:00
Jamie Hannaford	9440a68744	Use dedicated Unix User and Group ID types	2017-05-05 14:07:38 +02:00
Yu-Ju Hong	4506f4c2d0	securitycontext: move docker-specific logic into kubelet/dockertools This change moves the code specific to docker to kubelet/dockertools, while leaving the common utility functions at its current package (pkg/securitycontext). When we deprecate dockertools in the future, the code will be moved to pkg/kubelet/dockershim instead.	2017-01-27 12:25:46 -08:00
Chao Xu	4f3d0e3bde	more dependencies packages: pkg/metrics pkg/credentialprovider pkg/security pkg/securitycontext pkg/serviceaccount pkg/storage pkg/fieldpath	2016-11-23 15:53:09 -08:00
David McMahon	ef0c9f0c5b	Remove "All rights reserved" from all the headers.	2016-06-29 17:47:36 -07:00
Eric Tune	4d090bfb09	Rename PodSecurityPolicy fields In podSecurityPolicy: 1. Rename .seLinuxContext to .seLinux 2. Rename .seLinux.type to .seLinux.rule 3. Rename .runAsUser.type to .runAsUser.rule 4. Rename .seLinux.SELinuxOptions 1,2,3 as suggested by thockin in #22159. I added 3 for consistency with 2.	2016-03-03 11:49:48 -08:00
Paul Weil	e490c20c22	add non-root directive to SC and kubelet checking	2015-08-10 13:30:34 -04:00
Mike Danese	8e33cbfa28	rewrite go imports	2015-08-05 17:30:03 -07:00
Paul Morie	5394aa979f	Make emptyDir volumes work for non-root UIDs	2015-07-29 18:36:51 -04:00
Zach Loafman	875e83a741	Revert "Revert "Security context - types, kubelet, admission""	2015-05-05 16:02:13 -07:00
Zach Loafman	f48904fd5e	Revert "Security context - types, kubelet, admission"	2015-05-05 15:20:39 -07:00
Paul Weil	982bf19c20	security context initial implementation - squash	2015-05-05 13:46:13 -04:00

27 Commits