Make it clear that PSA example Pods do start OK

The reader sees a warning, but the Pods do run. That detail might not be obvious otherwise.
2022-10-29 15:59:09 +01:00 · 2022-10-29 15:59:09 +01:00 · c9640ebc32
parent a39ee496fe
commit c9640ebc32
2 changed files with 2 additions and 2 deletions
--- a/content/en/docs/tutorials/security/cluster-level-pss.md
+++ b/content/en/docs/tutorials/security/cluster-level-pss.md
@ -295,7 +295,7 @@ following:
   kubectl apply -f https://k8s.io/examples/security/example-baseline-pod.yaml
   ```

-   The output is similar to this:
+   The pod is started normally, but the output includes a warning:
   ```
   Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "nginx" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "nginx" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "nginx" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "nginx" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")
   pod/nginx created
--- a/content/en/docs/tutorials/security/ns-level-pss.md
+++ b/content/en/docs/tutorials/security/ns-level-pss.md
@ -115,7 +115,7 @@ namespace/example created
   ```shell
   kubectl apply -n example -f https://k8s.io/examples/security/example-baseline-pod.yaml
   ```
-   The output is similar to this:
+   The Pod does start OK; the output includes a warning. For example:

   ```
   Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "nginx" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "nginx" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "nginx" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "nginx" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")