Text file src/k8s.io/kubernetes/hack/testdata/pod-restricted-runtime-default.yaml

Documentation: k8s.io/kubernetes/hack/testdata

     1apiVersion: v1
     2kind: Pod
     3metadata:
     4  labels:
     5    run: target
     6  name: target
     7spec:
     8  securityContext:
     9    seccompProfile: 
    10      type: RuntimeDefault
    11  containers:
    12  - image: busybox
    13    name: target
    14    command: ["/bin/sh", "-c", "sleep 100"]
    15    securityContext:
    16        runAsUser: 1000
    17        runAsGroup: 1000
    18        runAsNonRoot: true
    19        allowPrivilegeEscalation: false
    20        capabilities:
    21          drop: 
    22          - "ALL"

View as plain text