security

package
v0.0.0-...-74c4be5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 12, 2023 License: Apache-2.0 Imports: 5 Imported by: 3

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DefaultContainerSecurityContext = corev1.SecurityContext{
	AllowPrivilegeEscalation: ptr.Bool(false),
	Capabilities: &corev1.Capabilities{
		Drop: []corev1.Capability{"ALL"},
	},
}
View Source 
var DefaultPodSecurityContext = corev1.PodSecurityContext{
	RunAsNonRoot: ptr.Bool(true),
	SeccompProfile: &corev1.SeccompProfile{
		Type: corev1.SeccompProfileTypeRuntimeDefault,
	},
}

Functions

func AllowRestrictedPodSecurityStandard 

func AllowRestrictedPodSecurityStandard(ctx context.Context, kubeClient kubernetes.Interface, pod *corev1.Pod) error

AllowRestrictedPodSecurityStandard adds SecurityContext to Pod and its containers so that it can run in a namespace with enforced "restricted" security standard.

func IsRestrictedPodSecurityEnforced 

func IsRestrictedPodSecurityEnforced(ctx context.Context, kubeClient kubernetes.Interface, namespace string) (bool, error)

IsRestrictedPodSecurityEnforced checks if the given namespace has enforced restricted security standard.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.