Open hikkyXII opened 2 years ago
@hikkyXII Did you resolve your problem? I am facing a similar issue.
No. Need to edit rules code for that. But as this project seems abandoned, we are going to move to another admission controller.
Thanks for your reply. It seems like you are right. Too bad, since I liked the simplicity. Is there any admission controller you are favouring? istio, OPA, Gatekeeper, kyverno, ... ?
Have no experience with them yet, but: Istio - is for network operations OPA, Gatekeeper - they work together. We are going to evaluate this one. The only one I heard of several times. kyverno - never heard of.
👋 The k-rail project has been deprecated and is no longer under active development. We recommend taking a look at OPA Gatekeeper to see if it might meet your needs going forward.
Thanks for your contribution(s) to the project!
Hello! K-Rail policy No Root User allows me to run Pod only if runAsNonRoot: true is specified in Pod's AND Container's securityContext same time. Is it correct behavior or should I be able to run pod ONLY with runAsNonRoot: true in PodSecurityContext? Thanks in advance.