Skip to content

Commit

Permalink
Fixed sample policies to include more container types
Browse files Browse the repository at this point in the history 
Signed-off-by: michaelkot97 <michael.kot97@gmail.com>
  • Loading branch information
@michaelkotelnikov
michaelkotelnikov committed Mar 22, 2024
1 parent c1e882a commit a31e41a
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 5 deletions.
2 changes: 1 addition & 1 deletion other/add-default-resources/add-default-resources.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ spec:
- UPDATE
mutate:
foreach:
- list: "request.object.spec.containers[]"
- list: "request.object.spec.[ephemeralContainers, initContainers, containers][]"
patchStrategicMerge:
spec:
containers:
Expand Down
2 changes: 1 addition & 1 deletion other/allowed-base-images/allowed-base-images.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ spec:
This container image's base is not in the approved list or is not specified. Only pre-approved
base images may be used. Please contact the platform team for assistance.
foreach:
- list: "request.object.spec.containers"
- list: "request.object.spec.[ephemeralContainers, initContainers, containers][]"
context:
- name: imageData
imageRegistry:
Expand Down
2 changes: 1 addition & 1 deletion psp-migration/add-apparmor/add-apparmor.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ spec:
- UPDATE
mutate:
foreach:
- list: request.object.spec.containers[]
- list: request.object.spec.[ephemeralContainers, initContainers, containers][]
patchStrategicMerge:
metadata:
annotations:
Expand Down
4 changes: 2 additions & 2 deletions psp-migration/add-capabilities/add-capabilities.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ spec:
- UPDATE
mutate:
foreach:
- list: request.object.spec.containers[]
- list: request.object.spec.[ephemeralContainers, initContainers, containers][]
preconditions:
all:
- key: SETFCAP
Expand All @@ -42,7 +42,7 @@ spec:
- path: /spec/containers/{{elementIndex}}/securityContext/capabilities/add/-
op: add
value: SETFCAP
- list: request.object.spec.containers[]
- list: request.object.spec.[ephemeralContainers, initContainers, containers][]
preconditions:
all:
- key: SETUID
Expand Down

0 comments on commit a31e41a

Please sign in to comment.