Bumping k8s dependencies to 1.13
This commit is contained in:
Cheng Xing
11
vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context.go
generated
vendored
11
vendor/k8s.io/kubernetes/pkg/kubelet/kuberuntime/security_context.go
generated
vendored
@@ -30,7 +30,10 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *v1.Po
|
||||
effectiveSc := securitycontext.DetermineEffectiveSecurityContext(pod, container)
|
||||
synthesized := convertToRuntimeSecurityContext(effectiveSc)
|
||||
if synthesized == nil {
|
||||
synthesized = &runtimeapi.LinuxContainerSecurityContext{}
|
||||
synthesized = &runtimeapi.LinuxContainerSecurityContext{
|
||||
MaskedPaths: securitycontext.ConvertToRuntimeMaskedPaths(effectiveSc.ProcMount),
|
||||
ReadonlyPaths: securitycontext.ConvertToRuntimeReadonlyPaths(effectiveSc.ProcMount),
|
||||
}
|
||||
}
|
||||
|
||||
// set SeccompProfilePath.
|
||||
@@ -67,6 +70,9 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *v1.Po
|
||||
|
||||
synthesized.NoNewPrivs = securitycontext.AddNoNewPrivileges(effectiveSc)
|
||||
|
||||
synthesized.MaskedPaths = securitycontext.ConvertToRuntimeMaskedPaths(effectiveSc.ProcMount)
|
||||
synthesized.ReadonlyPaths = securitycontext.ConvertToRuntimeReadonlyPaths(effectiveSc.ProcMount)
|
||||
|
||||
return synthesized
|
||||
}
|
||||
|
||||
@@ -108,6 +114,9 @@ func convertToRuntimeSecurityContext(securityContext *v1.SecurityContext) *runti
|
||||
if securityContext.RunAsUser != nil {
|
||||
sc.RunAsUser = &runtimeapi.Int64Value{Value: int64(*securityContext.RunAsUser)}
|
||||
}
|
||||
if securityContext.RunAsGroup != nil {
|
||||
sc.RunAsGroup = &runtimeapi.Int64Value{Value: int64(*securityContext.RunAsGroup)}
|
||||
}
|
||||
if securityContext.Privileged != nil {
|
||||
sc.Privileged = *securityContext.Privileged
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user