genpolicy: add policy support for runAsUser #8879

danmihai1 · 2024-01-22T23:46:56Z

genpolicy doesn't generate correct policy for the K8s YAML filed runAsUser field of SecurityContext and PodSecurityContext.

Example from Kata CI: pod-security-context.yaml

Add policy support for SecurityContext and PodSecurityContext runAsUser. Also, remove outdated UID rule workaround. Fixes: kata-containers#8879 Signed-off-by: Dan Mihai <dmihai@microsoft.com>

danmihai1 added bug Incorrect behaviour needs-review Needs to be assessed by the team. no-backport-needed labels Jan 22, 2024

danmihai1 self-assigned this Jan 22, 2024

katacontainersbot added this to To do in Issue backlog Jan 22, 2024

stevenhorsman removed no-backport-needed labels Apr 10, 2024

Redent0r linked a pull request Apr 30, 2024 that will close this issue

genpolicy: add support for runAsUser #9578

Draft

katacontainersbot moved this from To do to In progress in Issue backlog Apr 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

genpolicy: add policy support for runAsUser #8879

genpolicy: add policy support for runAsUser #8879

danmihai1 commented Jan 22, 2024

genpolicy: add policy support for runAsUser #8879

genpolicy: add policy support for runAsUser #8879

Comments

danmihai1 commented Jan 22, 2024