mirror of
https://github.com/FairwindsOps/polaris.git
synced 2026-05-12 12:16:47 +00:00
44 lines
910 B
YAML
44 lines
910 B
YAML
resources:
|
|
cpuRequestsMissing: warning
|
|
cpuLimitsMissing: warning
|
|
memoryRequestsMissing: warning
|
|
memoryLimitsMissing: warning
|
|
images:
|
|
tagNotSpecified: error
|
|
pullPolicyNotAlways: ignore
|
|
healthChecks:
|
|
readinessProbeMissing: warning
|
|
livenessProbeMissing: warning
|
|
networking:
|
|
hostNetworkSet: warning
|
|
hostPortSet: warning
|
|
security:
|
|
hostIPCSet: error
|
|
hostPIDSet: error
|
|
notReadOnlyRootFileSystem: warning
|
|
privilegeEscalationAllowed: error
|
|
runAsRootAllowed: warning
|
|
runAsPrivileged: error
|
|
capabilities:
|
|
error:
|
|
ifAnyAdded:
|
|
- SYS_ADMIN
|
|
- NET_ADMIN
|
|
- ALL
|
|
warning:
|
|
ifAnyAddedBeyond:
|
|
- CHOWN
|
|
- DAC_OVERRIDE
|
|
- FSETID
|
|
- FOWNER
|
|
- MKNOD
|
|
- NET_RAW
|
|
- SETGID
|
|
- SETUID
|
|
- SETFCAP
|
|
- SETPCAP
|
|
- NET_BIND_SERVICE
|
|
- SYS_CHROOT
|
|
- KILL
|
|
- AUDIT_WRITE
|