github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
104,144 Commits 1 Branch 31 Tags 1,019 MiB
876dd9b078
Commit Graph

17 Commits

Author SHA1 Message Date
Wesley Williams
ff165c8823
Replace usage of Whitelist with Allowlist within Kubelet's sysctl package (#102298) 
* Change uses of whitelist to allowlist in kubelet sysctl

* Rename whitelist files to allowlist in Kubelet sysctl

* Further renames of whitelist to allowlist in Kubelet

* Rename podsecuritypolicy uses of whitelist to allowlist

* Update pkg/kubelet/kubelet.go

Co-authored-by: Danielle <dani@builds.terrible.systems>

Co-authored-by: Danielle <dani@builds.terrible.systems>
 2021-08-04 18:59:35 -07:00
Mayank Kumar
9a6f1e807e Promote RunAsGroup to GA 2021-02-18 13:32:54 -08:00
yue9944882
e2c61169b1 externalize psp admission controller 2018-10-24 00:22:07 +08:00
Mayank Kumar
bc3e3afc46 api changes for psp runasgroup policy 2018-10-09 17:32:09 -07:00
Stanislav Laznicka
a577b50012
Add "MayRunAs" value among other GroupStrategies 
Adds "MayRunAs" value among other group strategies. This strategy
allows to define a certain range of GIDs for FSGroupStrategy and
SupplementalGroupStrategy in a PSP.

This new strategy works similarly to the "MustRunAs" one, except that
when no GID is specified in a pod/container security context then no
GID is generated for the respective containers.

Resolves #56173
 2018-09-27 12:47:21 +02:00
Tim Allclair
5ace0f03d8
Cleanup & fix PodSecurityPolicy field path usage 2018-07-18 17:47:32 -07:00
Jan Chaloupka
ab616a88b9 Promote sysctl annotations to API fields 2018-06-05 23:17:00 +02:00
Slava Semushin
8a7d5707d5 PSP: move internal types from extensions to policy. 2018-04-11 18:35:09 +02:00
Dr. Stefan Schimanski
012b085ac8 pkg/apis/core: mechanical import fixes in dependencies 2017-11-09 12:14:08 +01:00
deads2k
6a4d5cd7cc start the apimachinery repo 2017-01-11 09:09:48 -05:00
pweil-
49e14744db support seccomp in psp 2016-10-17 14:49:02 -04:00
Dr. Stefan Schimanski
a62a64550c Cosmetical fixes for sysctl psp 2016-09-30 17:56:11 +02:00
Dr. Stefan Schimanski
ed36baed20 Add sysctl PodSecurityPolicy support 2016-08-25 13:22:01 +02:00
Tim St. Clair
293770ef31
AppArmor PodSecurityPolicy implementation 2016-08-21 23:10:45 -07:00
Jess Frazelle
c0f4bd38ff
enable golint for pkg/security/podsecuritypolicy/capabilities 
Signed-off-by: Jess Frazelle <me@jessfraz.com>
 2016-08-10 16:46:19 -07:00
David McMahon
ef0c9f0c5b Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
Paul Weil
56193b7140 PSP types 2016-05-11 18:07:35 -04:00