mirror of
https://github.com/kubernetes/kubernetes.git
synced 2026-03-17 08:03:10 -04:00
f73101066a
Automatic merge from submit-queue (batch tested with PRs 64344, 64709, 64717, 63631, 58647). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Add support for enforcing read only host paths in PSPs. **What this PR does / why we need it**: This PR adds support for the PSP to enforce that host paths are readonly. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes #57371 xref https://github.com/kubernetes/features/issues/5 **Special notes for your reviewer**: **Release note**: ```release-note PodSecurityPolicy now supports restricting hostPath volume mounts to be readOnly and under specific path prefixes ``` /cc @ericchiang @liggitt |
||
|---|---|---|
| .. | ||
| abac | ||
| admission | ||
| admissionregistration | ||
| apps | ||
| authentication | ||
| authorization | ||
| autoscaling | ||
| batch | ||
| certificates | ||
| componentconfig | ||
| core | ||
| events | ||
| extensions | ||
| imagepolicy | ||
| networking | ||
| policy | ||
| rbac | ||
| scheduling | ||
| settings | ||
| storage | ||
| OWNERS | ||