generated from kubewarden/go-policy-template
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathquestions-ui.yml
33 lines (33 loc) · 1.26 KB
/
questions-ui.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
questions:
- default: []
description: >-
This policy is a replacement for the Kubernetes Pod Security Policy that
controls the usage of `hostPath` volumes. The policy inspects both the
containers and the init containers that are using `hostPath` volumes.
`allowedHostPaths` is a list of host paths that are allowed to be used by
hostPath volumes. An empty `allowedHostPaths` list means there is no
restriction on host paths used. Each entry of `allowedHostPaths` must have:
a `pathPrefix` field, which allows hostPath volumes to mount a path that
begins with an allowed prefix, and a `readOnly` field indicating it must be
mounted read-only.
tooltip: A list of host paths that are allowed to be used by hostPath volumes.
group: Settings
label: Allow host path
hide_input: true
type: sequence[
variable: allowedHostPaths
sequence_questions:
- default: ''
description: >-
Allows hostPath volumes to mount a path that begins with an allowed
prefix.
group: Settings
label: Path prefix
type: string
variable: pathPrefix
- default: false
tooltip: Indicates if the volume must be mounted read-only.
group: Settings
label: Read only
type: boolean
variable: readOnly