f73101066a
Automatic merge from submit-queue (batch tested with PRs 64344, 64709, 64717, 63631, 58647). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Add support for enforcing read only host paths in PSPs. **What this PR does / why we need it**: This PR adds support for the PSP to enforce that host paths are readonly. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes #57371 xref https://github.com/kubernetes/features/issues/5 **Special notes for your reviewer**: **Release note**: ```release-note PodSecurityPolicy now supports restricting hostPath volume mounts to be readOnly and under specific path prefixes ``` /cc @ericchiang @liggitt |
||
|---|---|---|
| .. | ||
| admin | ||
| api-reference | ||
| man/man1 | ||
| user-guide/kubectl | ||
| yaml/kubectl | ||
| .generated_docs | ||
| BUILD | ||
| OWNERS | ||