Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 239 for SecurityContext (0.16 sec)

  2. github.com/istio/istio

    releasenotes/notes/securitycontext-condition.yaml 

    apiVersion: release-notes/v2
kind: bug-fix
area: installation
issue:
  - 49549
releaseNotes:
  - |
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 197 bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/security_context.go 

    	if securityContext == nil {
		return nil
	}

	sc := &runtimeapi.LinuxContainerSecurityContext{
		Capabilities:   convertToRuntimeCapabilities(securityContext.Capabilities),
		SelinuxOptions: convertToRuntimeSELinuxOption(securityContext.SELinuxOptions),
	}
	if securityContext.RunAsUser != nil {
		sc.RunAsUser = &runtimeapi.Int64Value{Value: int64(*securityContext.RunAsUser)}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    pkg/security/apparmor/helpers.go 

    func isRequired(pod *v1.Pod) bool {
	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.AppArmorProfile != nil &&
		pod.Spec.SecurityContext.AppArmorProfile.Type != v1.AppArmorProfileTypeUnconfined {
		return true
	}

	inUse := !podutil.VisitContainers(&pod.Spec, podutil.AllContainers, func(c *v1.Container, _ podutil.ContainerType) bool {
		if c.SecurityContext != nil && c.SecurityContext.AppArmorProfile != nil &&
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Mar 06 18:46:32 UTC 2024
    - 3.5K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/kuberuntime_sandbox_linux_test.go 

    	assert.NoError(t, err)
	assert.Equal(t, expectedLinuxPodSandboxConfig.SecurityContext.SelinuxOptions, podSandboxConfig.Linux.SecurityContext.SelinuxOptions)
	assert.Equal(t, expectedLinuxPodSandboxConfig.SecurityContext.RunAsUser, podSandboxConfig.Linux.SecurityContext.RunAsUser)
	assert.Equal(t, expectedLinuxPodSandboxConfig.SecurityContext.RunAsGroup, podSandboxConfig.Linux.SecurityContext.RunAsGroup)
}

func newTestPodWithLinuxSecurityContext() *v1.Pod {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 8K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/volume/util/util_test.go 

    			pod: &v1.Pod{
				Spec: v1.PodSpec{
					SecurityContext: &v1.PodSecurityContext{},
					InitContainers: []v1.Container{
						{
							SecurityContext: &v1.SecurityContext{
								RunAsUser: ptr.To[int64](1000),
							},
						},
					},
					Containers: []v1.Container{
						{
							SecurityContext: &v1.SecurityContext{
								RunAsUser: ptr.To[int64](1000),
							},
						},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri May 31 12:32:15 UTC 2024
    - 28.7K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/kuberuntime_sandbox_test.go 

    	pod := newTestPod()
	if podFieldProfile != nil {
		pod.Spec.SecurityContext = &v1.PodSecurityContext{
			SeccompProfile: podFieldProfile,
		}
	}
	if containerFieldProfile != nil {
		pod.Spec.Containers[0].SecurityContext = &v1.SecurityContext{
			SeccompProfile: containerFieldProfile,
		}
	}
	return pod
}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Apr 24 18:25:29 UTC 2024
    - 14.3K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    pkg/kubelet/container/helpers_test.go 

    		return &b
	}
	tests := map[string]struct {
		securityContext *v1.SecurityContext
		expected        bool
	}{
		"nil security context": {
			securityContext: nil,
			expected:        false,
		},
		"nil privileged": {
			securityContext: &v1.SecurityContext{},
			expected:        false,
		},
		"false privileged": {
			securityContext: &v1.SecurityContext{Privileged: newBoolPtr(false)},
			expected:        false,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 22 01:55:46 UTC 2024
    - 24.5K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/kuberuntime_sandbox.go 

    		},
	}

	sysctls := make(map[string]string)
	if pod.Spec.SecurityContext != nil {
		for _, c := range pod.Spec.SecurityContext.Sysctls {
			sysctls[c.Name] = c.Value
		}
	}

	lc.Sysctls = sysctls

	if pod.Spec.SecurityContext != nil {
		sc := pod.Spec.SecurityContext
		if sc.RunAsUser != nil && runtime.GOOS != "windows" {
			lc.SecurityContext.RunAsUser = &runtimeapi.Int64Value{Value: int64(*sc.RunAsUser)}
		}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 13.6K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    pkg/registry/core/pod/strategy_test.go 

    			assert.Equal(t, api.AppArmorProfileTypeLocalhost, pod.Spec.Containers[0].SecurityContext.AppArmorProfile.Type)
			assert.Equal(t, testProfile, *pod.Spec.Containers[0].SecurityContext.AppArmorProfile.LocalhostProfile)
			assert.Nil(t, pod.Spec.Containers[1].SecurityContext)
			assert.Nil(t, pod.Spec.Containers[2].SecurityContext)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Apr 24 18:25:29 UTC 2024
    - 76.2K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/helpers_linux_test.go 

    			containerSc:   &v1.SecurityContext{SeccompProfile: &v1.SeccompProfile{Type: v1.SeccompProfileTypeLocalhost}},
			expectedError: "localhostProfile must be set if seccompProfile type is Localhost.",
		},
		{
			description: "container seccomp profile set to SeccompProfileTypeLocalhost returns 'localhost/' + LocalhostProfile",
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Apr 24 18:25:29 UTC 2024
    - 16.6K bytes
    - Viewed (0)
Back to top