Skip to content

luojun96/k8s-admission-webhook-opt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
.github/workflows
.github/workflows
 
 
cmd/webhook-server
cmd/webhook-server
 
 
metric
metric
 
 
resources
resources
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

A Simple Admission Controller Webhook

Introduction

This admission controller webhook is used to configure the security context for pods that are created in non Kubernetes-owned namespaces (kube-system and kube-public). The detail logic of the webhook is that for every pod that is created (outside of Kubernetes namespaces), it first checks if runAsNonRoot is set. If it is not, it is set to a default value of false. Furthermore, if runAsUser is not set (and runAsNonRoot was not initially set), it defaults runAsUser to a value of 1234.

Getting Started

Build

make

Deploy

./resources/scripts/deploy.sh

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages