nonroot

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 4, 2021 License: MIT Imports: 5 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// RunAsUserCSCRoot occurs when runAsUser is set to 0 in the container SecurityContext
	RunAsUserCSCRoot = "RunAsUserCSCRoot"
	// RunAsUserPSCRoot occurs when runAsUser is set to 0 in the pod SecurityContext
	RunAsUserPSCRoot = "RunAsUserPSCRoot"
	// RunAsNonRootCSCFalse occurs when runAsNonRoot is set to false in the container SecurityContext
	RunAsNonRootCSCFalse = "RunAsNonRootCSCFalse"
	// RunAsNonRootPSCNilCSCNil occurs when runAsNonRoot is not set in the container SecurityContext nor the pod
	// security context. runAsNonRoot defaults to false so this is bad
	RunAsNonRootPSCNilCSCNil = "RunAsNonRootPSCNilCSCNil"
	// RunAsNonRootPSCFalseCSCNil occurs when runAsNonRoot is not set in the container SecurityContext and is set to
	// false in the PodSecurityContext
	RunAsNonRootPSCFalseCSCNil = "RunAsNonRootPSCFalseCSCNil"
)
View Source
const Name = "nonroot"
View Source
const OverrideLabel = "allow-run-as-root"

Variables

This section is empty.

Functions

This section is empty.

Types

type RunAsNonRoot

type RunAsNonRoot struct{}

RunAsNonRoot implements Auditable

func New

func New() *RunAsNonRoot

func (*RunAsNonRoot) Audit

func (a *RunAsNonRoot) Audit(resource k8stypes.Resource, _ []k8stypes.Resource) ([]*kubeaudit.AuditResult, error)

Audit checks that runAsNonRoot is set to true in every container's security context

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL