e2e tests - pod security admission restrictions
24 views
Skip to first unread message
Sergiusz Urbaniak
Mar 25, 2022, 11:59:47 AM3/25/22
to d...@kubernetes.io
Dear Kubernetes developers,
Pod Security Admission (https://kubernetes.io/docs/concepts/security/pod-security-admission/) has been introduced and is gaining wider adoption. In order to ensure e2e tests can run in environments that use this feature, we've introduced more extensive pod security policy checks in e2e tests.
Once https://github.com/kubernetes/kubernetes/pull/106454 is merged, e2e tests will be executed under the restricted pod security policy level (https://kubernetes.io/docs/concepts/security/pod-security-admission/#pod-security-levels) by default.
Of course, this can be overridden if e2e test pods need escalated privileges. See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/e2e-tests.md#pod-security-admission for more details.
sig-auth,
Jordan Liggitt,
Sergiusz Urbaniak,
Stanislav Laznicka
Pod Security Admission (https://kubernetes.io/docs/concepts/security/pod-security-admission/) has been introduced and is gaining wider adoption. In order to ensure e2e tests can run in environments that use this feature, we've introduced more extensive pod security policy checks in e2e tests.
Once https://github.com/kubernetes/kubernetes/pull/106454 is merged, e2e tests will be executed under the restricted pod security policy level (https://kubernetes.io/docs/concepts/security/pod-security-admission/#pod-security-levels) by default.
Of course, this can be overridden if e2e test pods need escalated privileges. See https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/e2e-tests.md#pod-security-admission for more details.
sig-auth,
Jordan Liggitt,
Sergiusz Urbaniak,
Stanislav Laznicka
Reply all
Reply to author
Forward
0 new messages