github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5588f025e2
kubernetes/pkg/security/podsecuritypolicy
History
Sascha Grunert 5588f025e2
Fix seccomp PSP docker/default annotation handling 
With the graduation of seccomp to GA we automatically convert the
deprecated seccomp profile annotation `docker/default` to
`runtime/default`. This means that we now have to automatically allow
`runtime/default` if a user specifies `docker/default` and vice versa in
an allowed PSP seccomp profile.

Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-10-29 14:08:14 +01:00
..
apparmor move apparmor annotation constants to k8s.io/api/core/v1 2020-04-06 10:22:04 -04:00
capabilities externalize psp admission controller 2018-10-24 00:22:07 +08:00
group externalize psp admission controller 2018-10-24 00:22:07 +08:00
seccomp Fix seccomp PSP docker/default annotation handling 2020-10-29 14:08:14 +01:00
selinux externalize psp admission controller 2018-10-24 00:22:07 +08:00
sysctl SafeSysctlWhitelist: add net.ipv4.ping_group_range 2019-11-20 07:26:02 +09:00
user externalize psp admission controller 2018-10-24 00:22:07 +08:00
util GenericEphemeralVolume: feature gate, API, documentation 2020-07-09 11:02:59 +02:00
BUILD default to add projected fstype in psp when boundedserviceaccounttoken is enabled 2020-06-24 09:09:27 -07:00
doc.go
factory.go externalize psp admission controller 2018-10-24 00:22:07 +08:00
OWNERS Updated OWNERS files to include link to docs 2019-02-04 22:33:12 +01:00
provider_test.go GenericEphemeralVolume: feature gate, API, documentation 2020-07-09 11:02:59 +02:00
provider.go Add seccomp enforcement and validation based on new GA fields 2020-07-06 09:13:25 +01:00
types.go Refactor PSP provider 2019-03-25 11:46:36 -07:00