-
Notifications
You must be signed in to change notification settings - Fork 433
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Pod security standards restricted defaults (#9490)
* first round helm changes * gateway test secure helm * updates * Adding changelog file to new location * Deleting changelog file from old location * Update helm.yaml * update names * Update helm.yaml * Update helm.yaml * Update helm_test.go * refactor GetStructuredDeployment * Revert "refactor GetStructuredDeployment" This reverts commit c7325a8. * All the containers * generated * generate and k8s-utils * Update pod-security-standards.yaml * Update 7-gateway-proxy-deployment.yaml * Start of pod security defaults * Update pod-security-standards.yaml * updates * More container updates * steps - can;t apply defaults * Helm fixes and add to kube2e helm * whitespace cleanup * Update helm-override.yaml * tests * add seccompTypeValue * Update helm_test.go * Update pod-security-standards.yaml * Update pod-security-standards.yaml * Update pod-security-standards.yaml * Update _helpers.tpl * Update values.go * Adding changelog file to new location * Deleting changelog file from old location * Update _helpers.tpl * update template to take ".indent" argument * Update _helpers.tpl * generate * Update _helpers.tpl * Update _helpers.tpl * Update changelog/v1.17.0-beta29/pod-security-standards.yaml Co-authored-by: Bernie Birnbaum <bewebi@earthlink.net> * indenting includes * PR feedback * Update install/test/helm_test.go Co-authored-by: Bernie Birnbaum <bewebi@earthlink.net> --------- Co-authored-by: soloio-bulldozer[bot] <48420018+soloio-bulldozer[bot]@users.noreply.github.com> Co-authored-by: changelog-bot <changelog-bot> Co-authored-by: Bernie Birnbaum <bewebi@earthlink.net>
- Loading branch information
1 parent
d4724c0
commit d976f62
Showing
32 changed files
with
627 additions
and
200 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
changelog: | ||
- type: NEW_FEATURE | ||
issueLink: https://github.com/solo-io/gloo/issues/8864 | ||
resolvesIssue: false | ||
description: >- | ||
Add helm values for all containers to allow for conforming to [Pod Security Standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/) | ||
- type: HELM | ||
description: >- | ||
* Add helm values for all containers to allow defining containers' securityContexts | ||
* Add global.podSecurityStandards.enableRestrictedContainerDefaults to default to using a restricted set of container defaults | ||
* Add new helper template to render the container securityContexts and apply the defaults if neccessary | ||
issueLink: https://github.com/solo-io/gloo/issues/8864 | ||
resolvesIssue: false | ||
- type: DEPENDENCY_BUMP | ||
resolvesIssue: false | ||
dependencyOwner: solo-io | ||
dependencyRepo: k8s-utils | ||
dependencyTag: v0.6.3 | ||
description: >- | ||
Pull in support for converting unstructured k8s CronJobs into k8s resources. |
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.