added missing securityContext field to 2022-10-01-preview and 2023-01-01-preview swagger (#23447)

fnuarnav · suxi-ms · commit fe20849ff6b3 · 2023-04-24T21:10:06.000+08:00
* added missing securityContext field to 2022-10-01-preview swagger

* added seccomp to custom-words

* added security context properties to api version 2023-02-01-preview

* run prettier-fix
diff --git a/custom-words.txt b/custom-words.txt
@@ -1919,6 +1919,7 @@ SDWAN
 searchbuffer
 searchindex
 searchservice
+seccomp
 SECG
 secondarybytes
 SECP
diff --git a/specification/containerinstance/resource-manager/Microsoft.ContainerInstance/preview/2022-10-01-preview/containerInstance.json b/specification/containerinstance/resource-manager/Microsoft.ContainerInstance/preview/2022-10-01-preview/containerInstance.json
@@ -947,6 +947,62 @@
         "readinessProbe": {
           "description": "The readiness probe.",
           "$ref": "#/definitions/ContainerProbe"
+        },
+        "securityContext": {
+          "description": "The container security properties.",
+          "$ref": "#/definitions/SecurityContextDefinition"
+        }
+      }
+    },
+    "SecurityContextDefinition": {
+      "description": "The security context for the container.",
+      "type": "object",
+      "properties": {
+        "privileged": {
+          "type": "boolean",
+          "description": "The flag to determine if the container permissions is elevated to Privileged."
+        },
+        "allowPrivilegeEscalation": {
+          "type": "boolean",
+          "description": "A boolean value indicating whether the init process can elevate its privileges"
+        },
+        "capabilities": {
+          "description": "The capabilities to add or drop from a container.",
+          "$ref": "#/definitions/SecurityContextCapabilitiesDefinition"
+        },
+        "runAsGroup": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Sets the User GID for the container."
+        },
+        "runAsUser": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Sets the User UID for the container."
+        },
+        "seccompProfile": {
+          "type": "string",
+          "description": "a base64 encoded string containing the contents of the JSON in the seccomp profile"
+        }
+      }
+    },
+    "SecurityContextCapabilitiesDefinition": {
+      "description": "The capabilities to add or drop from a container.",
+      "type": "object",
+      "properties": {
+        "add": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "The capabilities to add to the container."
+        },
+        "drop": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "The capabilities to drop from the container."
         }
       }
     },
@@ -2361,6 +2417,10 @@
           "x-ms-identifiers": [
             "name"
           ]
+        },
+        "securityContext": {
+          "description": "The container security properties.",
+          "$ref": "#/definitions/SecurityContextDefinition"
         }
       }
     },
diff --git a/specification/containerinstance/resource-manager/Microsoft.ContainerInstance/preview/2023-02-01-preview/containerInstance.json b/specification/containerinstance/resource-manager/Microsoft.ContainerInstance/preview/2023-02-01-preview/containerInstance.json
@@ -938,6 +938,62 @@
         "readinessProbe": {
           "description": "The readiness probe.",
           "$ref": "#/definitions/ContainerProbe"
+        },
+        "securityContext": {
+          "description": "The container security properties.",
+          "$ref": "#/definitions/SecurityContextDefinition"
+        }
+      }
+    },
+    "SecurityContextDefinition": {
+      "description": "The security context for the container.",
+      "type": "object",
+      "properties": {
+        "privileged": {
+          "type": "boolean",
+          "description": "The flag to determine if the container permissions is elevated to Privileged."
+        },
+        "allowPrivilegeEscalation": {
+          "type": "boolean",
+          "description": "A boolean value indicating whether the init process can elevate its privileges"
+        },
+        "capabilities": {
+          "description": "The capabilities to add or drop from a container.",
+          "$ref": "#/definitions/SecurityContextCapabilitiesDefinition"
+        },
+        "runAsGroup": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Sets the User GID for the container."
+        },
+        "runAsUser": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Sets the User UID for the container."
+        },
+        "seccompProfile": {
+          "type": "string",
+          "description": "a base64 encoded string containing the contents of the JSON in the seccomp profile"
+        }
+      }
+    },
+    "SecurityContextCapabilitiesDefinition": {
+      "description": "The capabilities to add or drop from a container.",
+      "type": "object",
+      "properties": {
+        "add": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "The capabilities to add to the container."
+        },
+        "drop": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "The capabilities to drop from the container."
         }
       }
     },
