kubernetes/docs
Kubernetes Submit Queue f73101066a
Merge pull request #58647 from oracle/for/upstream/master/hostpath-psp-readonly
Automatic merge from submit-queue (batch tested with PRs 64344, 64709, 64717, 63631, 58647). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

Add support for enforcing read only host paths in PSPs. 

**What this PR does / why we need it**:

This PR adds support for the PSP to enforce that host paths are readonly. 

**Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*:
Fixes #57371
xref https://github.com/kubernetes/features/issues/5

**Special notes for your reviewer**:

**Release note**:

```release-note
PodSecurityPolicy now supports restricting hostPath volume mounts to be readOnly and under specific path prefixes
```

/cc @ericchiang @liggitt
2018-06-05 02:16:21 -07:00
..
admin autogenerated 2018-05-30 09:29:03 +03:00
api-reference Merge pull request #58647 from oracle/for/upstream/master/hostpath-psp-readonly 2018-06-05 02:16:21 -07:00
man/man1 autogenerated 2018-05-30 09:29:03 +03:00
user-guide/kubectl generated 2018-05-22 08:47:42 -04:00
yaml/kubectl generated 2018-05-22 08:47:42 -04:00
.generated_docs autogenerated 2018-05-30 09:29:03 +03:00
BUILD Use buildozer to delete licenses() rules except under third_party/ 2017-08-11 09:32:39 -07:00
OWNERS Move .generated_docs to docs/ so docs OWNERS can review / approve 2017-02-16 10:11:57 -08:00