github/container.training
1
0
Fork 0
mirror of https://github.com/jpetazzo/container.training.git synced 2026-05-06 17:06:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
container.training/prepare-labs/lib/AdmissionConfiguration.yaml
Jérôme Petazzoni f123c8b86d ️ Add AdmissionConfiguration file 
For now we set to warn+audit on baseline pods,
but don't enforce any restriction yet. This way,
it shouldn't break anything, but will still issue
visible warnings for problematic pods.
2026-05-05 11:23:28 +02:00

22 lines
619 B
YAML
Raw Permalink Blame History

apiVersion: apiserver.config.k8s.io/v1
kind: AdmissionConfiguration
plugins:
- name: PodSecurity
configuration:
apiVersion: pod-security.admission.config.k8s.io/v1
kind: PodSecurityConfiguration
defaults:
enforce: "privileged"
enforce-version: "latest"
audit: "baseline"
audit-version: "latest"
warn: "baseline"
warn-version: "latest"
exemptions:
# Array of authenticated usernames to exempt.
usernames: []
# Array of runtime class names to exempt.
runtimeClasses: []
# Array of namespaces to exempt.
namespaces: [ kube-system ]
Reference in New Issue View Git Blame Copy Permalink