mirror of
https://github.com/FairwindsOps/polaris.git
synced 2026-05-14 13:16:54 +00:00
f71ca999c9
* change target pod to target pod spec * add checks * update docs * fix tests Co-authored-by: MAKOSCAFEE <barnabasmakonda@gmail.com>
28 lines
678 B
YAML
28 lines
678 B
YAML
successMessage: Not running as privileged
|
|
failureMessage: Should not be running as privileged
|
|
category: Security
|
|
target: Container
|
|
schemaTarget: PodSpec
|
|
schema:
|
|
'$schema': http://json-schema.org/draft-07/schema
|
|
definitions:
|
|
notBadSecurityContext:
|
|
type: object
|
|
properties:
|
|
privileged:
|
|
not:
|
|
const: true
|
|
type: object
|
|
properties:
|
|
securityContext:
|
|
$ref: "#/definitions/notBadSecurityContext"
|
|
containers:
|
|
type: array
|
|
items:
|
|
properties:
|
|
securityContext:
|
|
$ref: "#/definitions/notBadSecurityContext"
|
|
mutations:
|
|
- op: add
|
|
path: /securityContext/privileged
|
|
value: false |