-
Kubernetes Submit Queue authored
Automatic merge from submit-queue (batch tested with PRs 47073, 47457, 47479) PodSecurityPolicy should respect and validate user-supplied RunAsNonR… **What this PR does / why we need it**: PodSecurityPolicies overwrite and then fail to validate the RunAsNonRoot field in the container security context. **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #47071 **Special notes for your reviewer**: gce/gke don't use this in 1.6. You'll need to speak up if you think this is important enough to patch. It should almost certainly go into 1.7. **Release note**: ```release-note PodSecurityPolicy now recognizes pods that specify `runAsNonRoot: false` in their security context and does not overwrite the specified value ```
60c1c1e8
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| apparmor | ||
| podsecuritypolicy | ||
| BUILD | ||
| doc.go |