kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8497 from johngmyers/runasnonroot 

Mark dns-controller and kops-controller as non-root
This commit is contained in:
Kubernetes Prow Robot 2020-02-10 18:48:00 -08:00 committed by GitHub
parent 3166d31da4 7fa990c86a
commit 0440876f31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 20 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
upup/models/cloudup/resources/addons/dns-controller.addons.k8s.io/k8s-1.12.yaml.template
View File

@ -56,6 +56,8 @@ spec:
requests:
cpu: 50m
memory: 50Mi
securityContext:
runAsNonRoot: true
---

2
upup/models/cloudup/resources/addons/kops-controller.addons.k8s.io/k8s-1.16.yaml.template
View File

@ -70,6 +70,8 @@ spec:
requests:
cpu: 50m
memory: 50Mi
securityContext:
runAsNonRoot: true
volumes:
{{ if .UseHostCertificates }}
- hostPath:

4
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/amazonvpc/manifest.yaml
View File

@ -7,7 +7,7 @@ spec:
- id: k8s-1.16
kubernetesVersion: '>=1.16.0-alpha.0'
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
manifestHash: d6382e3993be988ab257bf6a9b0ef4c1dafc826e
manifestHash: 827a984420c7b24204f7713717b8ebc2a6f63db3
name: kops-controller.addons.k8s.io
selector:
k8s-addon: kops-controller.addons.k8s.io
@ -65,7 +65,7 @@ spec:
- id: k8s-1.12
kubernetesVersion: '>=1.12.0'
manifest: dns-controller.addons.k8s.io/k8s-1.12.yaml
manifestHash: 65b8a69f2c6c39f564d56707e49434b21c734470
manifestHash: fb4ca0b799e7abed37996848a889513f586a1539
name: dns-controller.addons.k8s.io
selector:
k8s-addon: dns-controller.addons.k8s.io

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/dns-controller.addons.k8s.io-k8s-1.12.yaml
View File

@ -38,6 +38,8 @@ spec:
requests:
cpu: 50m
memory: 50Mi
securityContext:
runAsNonRoot: true
dnsPolicy: Default
hostNetwork: true
nodeSelector:

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/kops-controller.addons.k8s.io-k8s-1.16.yaml
View File

@ -42,6 +42,8 @@ spec:
requests:
cpu: 50m
memory: 50Mi
securityContext:
runAsNonRoot: true
volumeMounts:
- mountPath: /etc/kubernetes/kops-controller/
name: kops-controller-config

4
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/cilium/manifest.yaml
View File

@ -7,7 +7,7 @@ spec:
- id: k8s-1.16
kubernetesVersion: '>=1.16.0-alpha.0'
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
manifestHash: d6382e3993be988ab257bf6a9b0ef4c1dafc826e
manifestHash: 827a984420c7b24204f7713717b8ebc2a6f63db3
name: kops-controller.addons.k8s.io
selector:
k8s-addon: kops-controller.addons.k8s.io
@ -65,7 +65,7 @@ spec:
- id: k8s-1.12
kubernetesVersion: '>=1.12.0'
manifest: dns-controller.addons.k8s.io/k8s-1.12.yaml
manifestHash: 65b8a69f2c6c39f564d56707e49434b21c734470
manifestHash: fb4ca0b799e7abed37996848a889513f586a1539
name: dns-controller.addons.k8s.io
selector:
k8s-addon: dns-controller.addons.k8s.io

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/dns-controller.addons.k8s.io-k8s-1.12.yaml
View File

@ -38,6 +38,8 @@ spec:
requests:
cpu: 50m
memory: 50Mi
securityContext:
runAsNonRoot: true
dnsPolicy: Default
hostNetwork: true
nodeSelector:

2
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/kops-controller.addons.k8s.io-k8s-1.16.yaml
View File

@ -42,6 +42,8 @@ spec:
requests:
cpu: 50m
memory: 50Mi
securityContext:
runAsNonRoot: true
volumeMounts:
- mountPath: /etc/kubernetes/kops-controller/
name: kops-controller-config

4
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/simple/manifest.yaml
View File

@ -7,7 +7,7 @@ spec:
- id: k8s-1.16
kubernetesVersion: '>=1.16.0-alpha.0'
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
manifestHash: d6382e3993be988ab257bf6a9b0ef4c1dafc826e
manifestHash: 827a984420c7b24204f7713717b8ebc2a6f63db3
name: kops-controller.addons.k8s.io
selector:
k8s-addon: kops-controller.addons.k8s.io
@ -65,7 +65,7 @@ spec:
- id: k8s-1.12
kubernetesVersion: '>=1.12.0'
manifest: dns-controller.addons.k8s.io/k8s-1.12.yaml
manifestHash: 65b8a69f2c6c39f564d56707e49434b21c734470
manifestHash: fb4ca0b799e7abed37996848a889513f586a1539
name: dns-controller.addons.k8s.io
selector:
k8s-addon: dns-controller.addons.k8s.io

4
upup/pkg/fi/cloudup/tests/bootstrapchannelbuilder/weave/manifest.yaml
View File

@ -7,7 +7,7 @@ spec:
- id: k8s-1.16
kubernetesVersion: '>=1.16.0-alpha.0'
manifest: kops-controller.addons.k8s.io/k8s-1.16.yaml
manifestHash: d6382e3993be988ab257bf6a9b0ef4c1dafc826e
manifestHash: 827a984420c7b24204f7713717b8ebc2a6f63db3
name: kops-controller.addons.k8s.io
selector:
k8s-addon: kops-controller.addons.k8s.io
@ -65,7 +65,7 @@ spec:
- id: k8s-1.12
kubernetesVersion: '>=1.12.0'
manifest: dns-controller.addons.k8s.io/k8s-1.12.yaml
manifestHash: 65b8a69f2c6c39f564d56707e49434b21c734470
manifestHash: fb4ca0b799e7abed37996848a889513f586a1539
name: dns-controller.addons.k8s.io
selector:
k8s-addon: dns-controller.addons.k8s.io