capabilities

Usage

kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/mutation/pod-security-policy/capabilities/samples/mutation-modifyset.yaml

Mutation Examples

apiVersion: mutations.gatekeeper.sh/v1
kind: ModifySet
metadata:
  name: k8spspcapabilities
spec:
  applyTo:
    - groups: [""]
      versions: ["v1"]
      kinds: ["Pod"]
  match:
    scope: Namespaced
    kinds:
      - apiGroups: [""]
        kinds: ["Pod"]
  location: "spec.containers[name:*].securityContext.capabilities.add"
  parameters:
    operation: merge
    values:
      fromList: ["NEW_CAPABILITY"]

capabilities

Usage​

Mutation Examples​

Usage

Mutation Examples