Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 590 for SecurityContext (0.32 sec)

  2. github.com/istio/istio

    releasenotes/notes/securitycontext-condition.yaml 

    apiVersion: release-notes/v2
kind: bug-fix
area: installation
issue:
  - 49549
releaseNotes:
  - |
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 01:55:05 UTC 2024
    - 197 bytes
    - Viewed (0)
  3. github.com/istio/istio

    releasenotes/notes/add-pod-securitycontext.yaml 

    apiVersion: release-notes/v2
kind: feature
area: installation
issue:
- 26275 
releaseNotes:
- |
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu Sep 24 19:08:01 UTC 2020
    - 178 bytes
    - Viewed (0)
  4. github.com/minio/minio

    helm/minio/templates/post-job.yaml 

          tolerations: {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- if .Values.postJob.securityContext.enabled }}
      securityContext:
        runAsUser: {{ .Values.postJob.securityContext.runAsUser }}
        runAsGroup: {{ .Values.postJob.securityContext.runAsGroup }}
        fsGroup: {{ .Values.postJob.securityContext.fsGroup }}
      {{- end }}
      volumes:
        - name: etc-path
          emptyDir: {}
    Registered: Sun Jun 16 00:44:34 UTC 2024
    - Last Modified: Sat Jul 08 19:18:31 UTC 2023
    - 10.4K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/security_context_others_test.go 

    	for _, test := range []struct {
		desc     string
		sc       *v1.SecurityContext
		uid      *int64
		username string
		fail     bool
	}{
		{
			desc: "Pass if SecurityContext is not set",
			sc:   nil,
			uid:  &rootUser,
			fail: false,
		},
		{
			desc: "Pass if RunAsUser is non-root and RunAsNonRoot is true",
			sc: &v1.SecurityContext{
				RunAsNonRoot: &runAsNonRootTrue,
				RunAsUser:    &anyUser,
			},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Mar 10 10:06:54 UTC 2023
    - 3.4K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/security_context.go 

    	if securityContext == nil {
		return nil
	}

	sc := &runtimeapi.LinuxContainerSecurityContext{
		Capabilities:   convertToRuntimeCapabilities(securityContext.Capabilities),
		SelinuxOptions: convertToRuntimeSELinuxOption(securityContext.SELinuxOptions),
	}
	if securityContext.RunAsUser != nil {
		sc.RunAsUser = &runtimeapi.Int64Value{Value: int64(*securityContext.RunAsUser)}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 5.2K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/security_context_windows_test.go 

    	for _, test := range []struct {
		desc     string
		sc       *v1.SecurityContext
		uid      *int64
		username string
		fail     bool
	}{
		{
			desc:     "Pass if SecurityContext is not set",
			sc:       nil,
			username: rootUser,
			fail:     false,
		},
		{
			desc: "Pass if RunAsNonRoot is not set",
			sc: &v1.SecurityContext{
				RunAsNonRoot: nil,
			},
			username: rootUser,
			fail:     false,
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Sat Jul 30 02:29:11 UTC 2022
    - 4.6K bytes
    - Viewed (0)
  8. github.com/kubernetes/kubernetes

    pkg/securitycontext/util_test.go 

    				SecurityContext: &v1.SecurityContext{},
			},
			wantRunAsUser: nil,
		},
		{
			desc: "runAsUser in pod, no runAsUser in container",
			pod: &v1.Pod{
				Spec: v1.PodSpec{
					SecurityContext: &v1.PodSecurityContext{
						RunAsUser: new(int64),
					},
				},
			},
			container: &v1.Container{
				SecurityContext: &v1.SecurityContext{},
			},
			wantRunAsUser: new(int64),
		},
		{
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue May 05 01:25:23 UTC 2020
    - 5K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    pkg/security/apparmor/helpers.go 

    func isRequired(pod *v1.Pod) bool {
	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.AppArmorProfile != nil &&
		pod.Spec.SecurityContext.AppArmorProfile.Type != v1.AppArmorProfileTypeUnconfined {
		return true
	}

	inUse := !podutil.VisitContainers(&pod.Spec, podutil.AllContainers, func(c *v1.Container, _ podutil.ContainerType) bool {
		if c.SecurityContext != nil && c.SecurityContext.AppArmorProfile != nil &&
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Mar 06 18:46:32 UTC 2024
    - 3.5K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    pkg/kubelet/kuberuntime/kuberuntime_sandbox_linux_test.go 

    	assert.NoError(t, err)
	assert.Equal(t, expectedLinuxPodSandboxConfig.SecurityContext.SelinuxOptions, podSandboxConfig.Linux.SecurityContext.SelinuxOptions)
	assert.Equal(t, expectedLinuxPodSandboxConfig.SecurityContext.RunAsUser, podSandboxConfig.Linux.SecurityContext.RunAsUser)
	assert.Equal(t, expectedLinuxPodSandboxConfig.SecurityContext.RunAsGroup, podSandboxConfig.Linux.SecurityContext.RunAsGroup)
}

func newTestPodWithLinuxSecurityContext() *v1.Pod {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 29 22:40:29 UTC 2024
    - 8K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    pkg/securitycontext/util.go 

    	var runAsUser *int64
	if pod.Spec.SecurityContext != nil && pod.Spec.SecurityContext.RunAsUser != nil {
		runAsUser = new(int64)
		*runAsUser = *pod.Spec.SecurityContext.RunAsUser
	}
	if container.SecurityContext != nil && container.SecurityContext.RunAsUser != nil {
		runAsUser = new(int64)
		*runAsUser = *container.SecurityContext.RunAsUser
	}
	if runAsUser == nil {
		return nil, false
	}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 15 07:28:24 UTC 2023
    - 7.5K bytes
    - Viewed (0)
Back to top