kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,617 Commits 69 Branches 73 Tags 934 MiB
Commit Graph

31 Commits

Author SHA1 Message Date
Mengjiao Liu 7e0a2162d7 Fix missing links 2022-04-12 16:46:38 +08:00
Tim Bannister 672813f3e7
Move PSP into Security concepts section 
The logical navigation definitely works better if Pod Security admission
and PodSecurityPolicy are pages in the same section. Make It So.

Co-authored-by: Rey Lejano <rlejano@gmail.com>
 2022-03-30 17:30:35 +01:00
Tim Allclair 198ae37902
Rewrite PodSecurityPolicy migration guide (#31782) 2022-02-24 18:07:56 -08:00
Jordan Liggitt 4ca5ff6b3c PodSecurity: remove optional non-root group check 2022-01-24 10:10:12 -05:00
Jordan Liggitt 8917b26250 PodSecurity: switch restricted volume check to positive check 2022-01-24 10:09:00 -05:00
Jesse Butler d330226a95 Merge remote-tracking branch 'upstream/main' into dev-1.23 2021-11-17 12:55:09 -05:00
Jordan Liggitt e50ce5f269 PodSecurity: runAsUser 2021-10-28 11:21:02 -04:00
Guilherme Macedo b1d1fc369e
Minor typo corrections and improvements for 'Overview of Cloud Native Security' page (#30185) 
* Update overview.md

Minor typo corrections and improvements.

* Update overview.md

* Fix broken link
 2021-10-27 05:53:25 -07:00
Jim Bugwadia dad01370f8 add kyverno and fix OPA/GK link 
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
 2021-08-18 11:07:02 -07:00
Rey Lejano 08387d8434 add kubewarden as an alternative to enforce security profiles 
add third-party content shortcode and list
 2021-08-10 07:41:30 -07:00
Brandon Smith af2f72ad59
Windows HostProcess Container Documentation (#28413) 
* Rebasing HostProcess security changes.

* Incorporated initial round of feedback

* Minor wording updates

* Finished up remaining todo items

* Apply suggestions from code review

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Mark Rossetti <marosset@microsoft.com>

* Moved HostProcess security documentation into PSS and create-host-process-pod docs

* Updated with for James' review

* Apply suggestions from code review

Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>

* Minor edits

* Modifications for additional feedback

Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Mark Rossetti <marosset@microsoft.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
 2021-07-27 00:50:45 -07:00
Samuel Roth e0d4b53b1c incorporating initial round of feedback 2021-07-21 15:33:46 +00:00
Samuel Roth 37dd90d81a feature: Pod Security Standards documentation 2021-07-12 12:53:36 +00:00
Tim Bannister b3aef35da7 Use shortcode for PodSecurityPolicy examples 2021-06-19 01:47:52 +01:00
Tim Allclair dcd2dd4852
Update SELinux standards (#27653) 
* Update SELinux standards

* address feedback
 2021-05-14 11:19:59 -07:00
Tim Allclair 6645f390f6 Remove "defalut" from the baseline policy name 2021-02-16 11:36:36 -08:00
Tej-Singh-Rana 70eba58d3b
Contex to Context 2020-09-19 16:48:42 +05:30
Kubernetes Prow Robot 70b75e16f0
Merge pull request #22981 from shuuji3/en/replace-special-quote-with-normal-ones 
Replace special quote characters with normal ones
 2020-08-26 14:55:02 -07:00
Savitha Raghunathan 95c94c03d5 resolving conflicts 2020-08-23 12:13:37 -04:00
TAKAHASHI Shuuji c6a96128c4
Replace special quote characters with normal ones. 2020-08-11 21:05:22 +09:00
Tabitha Sable 0a861ca7c0 use traditional UNIX language 
Refer to the 02000 and 04000 bits in file permissions as "set-user-ID mode" and "set-group-ID mode", as the UNIX manuals have done since 4th edition per suggestion by sftim
 2020-08-06 21:55:41 -05:00
Tabitha Sable aa8e0d6677
Correct Privilege Escalation section 2020-08-04 14:23:42 -05:00
Savitha Raghunathan e2a861c2f9 Merge remote-tracking branch 'upstream/master' into dev-1.19 2020-07-27 19:10:42 -04:00
hasheddan 3ad7ea77f1
Add documentation for generally available seccomp functionality 
Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
 2020-07-20 13:51:17 -05:00
Sertaç Özercan 259655797b
Remove container level supplementalGroups and fsgroup 2020-07-02 11:07:24 -07:00
Kubernetes Prow Robot 29f3c2858c
Merge pull request #21591 from scottstout/master 
Changed whitelist to allowlist and blacklist to denylist.
 2020-06-10 16:12:56 -07:00
Karen Bradshaw ecc27bbbe7 add en pages 2020-06-09 19:33:15 -04:00
Scott Stout e38b9dc9c6 revised to minumize usage of whitelist/blacklist 2020-06-09 14:14:52 -05:00
Tim Allclair 9065e168f0 Minor cleanup of standardized pod security 2020-06-04 11:22:52 -07:00
Tim Allclair 44db1a13c9 Add missing PSP restrictions to standard security profiles 2020-06-02 17:13:12 -07:00
Tim Allclair 75652e8585 Standardized pod security profiles 2020-05-20 16:54:37 -07:00