Text file src/k8s.io/kubernetes/hack/testdata/pod-restricted-localhost.yaml

Documentation: k8s.io/kubernetes/hack/testdata

     1apiVersion: v1
     2kind: Pod
     3metadata:
     4  labels:
     5    run: target
     6  name: target
     7spec:
     8  securityContext:
     9    seccompProfile: 
    10      type: Localhost
    11      localhostProfile: dummy.json
    12  containers:
    13  - image: busybox
    14    name: target
    15    command: ["/bin/sh", "-c", "sleep 100"]
    16    securityContext:
    17        runAsUser: 1000
    18        runAsGroup: 1000
    19        runAsNonRoot: true
    20        allowPrivilegeEscalation: false
    21        capabilities:
    22          drop: 
    23          - "ALL"

View as plain text