k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/hack/testdata/pod-restricted-runtime-default.yaml

k8s.io/kubernetes@v1.31.0-alpha.0.0.20240520171757-56147500dadc/hack/testdata/pod-restricted-runtime-default.yaml (about)

     1  apiVersion: v1
     2  kind: Pod
     3  metadata:
     4    labels:
     5      run: target
     6    name: target
     7  spec:
     8    securityContext:
     9      seccompProfile: 
    10        type: RuntimeDefault
    11    containers:
    12    - image: busybox
    13      name: target
    14      command: ["/bin/sh", "-c", "sleep 100"]
    15      securityContext:
    16          runAsUser: 1000
    17          runAsGroup: 1000
    18          runAsNonRoot: true
    19          allowPrivilegeEscalation: false
    20          capabilities:
    21            drop: 
    22            - "ALL"