search

kubewarden / policy-hub

A place where to find and discover policies
https://hub.kubewarden.io
3 stars 3 forks source link

Create `seccomp` PSP policy #109

Closed jvanz closed 2 years ago

jvanz commented 2 years ago

Create a new Kubewarden policy that can be used to replace the seccomp official PSP.

Acceptance criteria

Implement a validating policy The policy doesn't take any configuration value The policy looks at the securityContext of all the Containers defined by a Pod The policy blocks the creation of Pods that do not set a valid value for the seccompProfile field The policy inspects: initContainers, spec.containers and ephemeral containers

jvanz commented 2 years ago

Related to https://github.com/kubewarden/policy-hub/issues/32

jvanz commented 2 years ago

This is blocked due to a missing repo to open the PR.