chore(kyverno): Adding kyverno pod security policies for litmus pods (#504)
* chore(kyverno): Adding security policies Signed-off-by: shubham chaudhary <shubham@chaosnative.com> * chore(kyverno): updating policies Signed-off-by: shubham chaudhary <shubham@chaosnative.com> * chore(kyverno): updating policies Signed-off-by: shubham chaudhary <shubham@chaosnative.com> * chore(kyverno): changed the file names Signed-off-by: shubham chaudhary <shubham@chaosnative.com>
This commit is contained in:
Shubham Chaudhary
committed by
GitHub
GitHub
parent
aff27bc0ee
commit
14c472265f
14
security/kyverno-policies/kustomization.yaml
Normal file
14
security/kyverno-policies/kustomization.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
resources:
|
||||
- allow-capabilities-for-litmus-experiments-which-uses-runtime-api.yaml
|
||||
- allow-host-namespaces-for-litmus-experiments-which-uses-runtime-api.yaml
|
||||
- allow-privileged-containers-for-litmus-experiments-which-uses-runtime-api.yaml
|
||||
- allow-privilege-escalation-for-litmus-experiments-which-uses-runtime-api.yaml
|
||||
- allow-host-paths-for-litmus-experiments-which-uses-hostPaths.yaml
|
||||
- allow-user-groups-for-litmus-experiments.yaml
|
||||
patches:
|
||||
- patch: |-
|
||||
- op: replace
|
||||
path: /spec/validationFailureAction
|
||||
value: enforce
|
||||
target:
|
||||
kind: Policy
|
||||
Reference in New Issue
Block a user