scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-04 04:08:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #54703 from php-coder/psp_update_examples

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 54533, 54777, 54763, 54806, 54703). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

examples/podsecuritypolicy/rbac: fix names in comments and sync with examples repository

**What this PR does / why we need it**:
This PR fixes policies, roles, and bindings names in the comments. Also it sync examples with the examples from https://github.com/kubernetes/examples/tree/master/staging/podsecuritypolicy/rbac 

**Release note**:
```release-note
NONE
```

CC @simo5
This commit is contained in:
Kubernetes Submit Queue
2017-10-30 17:38:25 -07:00
committed by GitHub
parent 1d594764b0 1f0c5e1587
commit d0c4c5647f
3 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
examples/podsecuritypolicy/rbac/bindings.yaml
View File

@@ -1,5 +1,5 @@
# privilegedPSP gives the privilegedPSP role # privileged-psp-users gives the privileged-psp-user role
# to the group privileged. # to the group privileged-psp-users.
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
@@ -13,8 +13,8 @@ roleRef:
kind: ClusterRole kind: ClusterRole
name: privileged-psp-user name: privileged-psp-user
--- ---
# restrictedPSP grants the restrictedPSP role to # restricted-psp-users grants the restricted-psp-user role to
# the groups restricted and privileged. # the groups restricted-psp-users and privileged-psp-users.
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:
@@ -32,7 +32,7 @@ roleRef:
name: restricted-psp-user name: restricted-psp-user
--- ---
# edit grants edit role to the groups # edit grants edit role to the groups
# restricted and privileged. # restricted-psp-users and privileged-psp-users.
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding kind: ClusterRoleBinding
metadata: metadata:

10
examples/podsecuritypolicy/rbac/policies.yaml
View File

@@ -16,6 +16,12 @@ spec:
- '*' - '*'
allowedCapabilities: allowedCapabilities:
- '*' - '*'
hostPID: true
hostIPC: true
hostNetwork: true
hostPorts:
- min: 1
max: 65536
--- ---
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: PodSecurityPolicy kind: PodSecurityPolicy
@@ -38,4 +44,6 @@ spec:
- 'configMap' - 'configMap'
- 'persistentVolumeClaim' - 'persistentVolumeClaim'
- 'projected' - 'projected'
hostPID: false
hostIPC: false
hostNetwork: false

10
examples/podsecuritypolicy/rbac/roles.yaml
View File

@@ -1,10 +1,9 @@
# restrictedPSP grants access to use # restricted-psp-user grants access to use the restricted PSP.
# the restricted PSP.
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
name: restricted-psp-user name: restricted-psp-user
rules: rules:
- apiGroups: - apiGroups:
- extensions - extensions
resources: resources:
@@ -14,13 +13,12 @@ rules:
verbs: verbs:
- use - use
--- ---
# privilegedPSP grants access to use the privileged # privileged-psp-user grants access to use the privileged PSP.
# PSP.
apiVersion: rbac.authorization.k8s.io/v1 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole kind: ClusterRole
metadata: metadata:
name: privileged-psp-user name: privileged-psp-user
rules: rules:
- apiGroups: - apiGroups:
- extensions - extensions
resources: resources: