opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-08 23:00:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #19885 from rhatdan/kube

Browse Source 
Add support for kube  securityContext.procMount
This commit is contained in:
Daniel J Walsh
2023-09-08 06:56:05 -04:00
committed by GitHub
parent 5d6ec27e95 b83485022d
commit 6ee8f73d41
5 changed files with 30 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
test/system/710-kube.bats
View File

@@ -74,6 +74,21 @@ status | = | null
run_podman rm $cname
}
@test "podman kube generate unmasked" {
KUBE=$PODMAN_TMPDIR/kube.yaml
run_podman create --name test --security-opt unmask=all $IMAGE
run_podman inspect --format '{{ .HostConfig.SecurityOpt }}' test
is "$output" "[unmask=all]" "Inspect should see unmask all"
run_podman kube generate test -f $KUBE
assert "$(< $KUBE)" =~ "procMount: Unmasked" "Generated kube yaml should have procMount unmasked"
run_podman kube play $KUBE
run_podman inspect --format '{{ .HostConfig.SecurityOpt }}' test-pod-test
is "$output" "[unmask=all]" "Inspect kube play container should see unmask all"
run_podman kube down $KUBE
run_podman pod rm -a
run_podman rm -a
}
@test "podman kube generate - pod" {
local pname=p$(random_string 15)
local cname1=c1$(random_string 15)