mirror of
https://github.com/FairwindsOps/polaris.git
synced 2026-05-14 13:16:54 +00:00
cbc15ad069
* update runAsPrivileged to test at pod level * update runAsPrivileged to test at pod level * add pod level success/failure tests * add insuecure capabilities pod level testing * update checks to include good/bad security * update checks for good/bad security * remove good security from runAsPrivileged
24 lines
596 B
YAML
24 lines
596 B
YAML
successMessage: Not running as privileged
|
|
failureMessage: Should not be running as privileged
|
|
category: Security
|
|
target: Container
|
|
schemaTarget: Pod
|
|
schema:
|
|
'$schema': http://json-schema.org/draft-07/schema
|
|
definitions:
|
|
notBadSecurityContext:
|
|
type: object
|
|
properties:
|
|
privileged:
|
|
not:
|
|
const: true
|
|
type: object
|
|
properties:
|
|
securityContext:
|
|
$ref: "#/definitions/notBadSecurityContext"
|
|
containers:
|
|
type: array
|
|
items:
|
|
properties:
|
|
securityContext:
|
|
$ref: "#/definitions/notBadSecurityContext" |