Commit 60444d8f authored by Craig Squire's avatar Craig Squire

Put security context nil check back in

parent f5336492
Pipeline #129450041 passed with stages
in 34 minutes and 34 seconds
......@@ -589,6 +589,15 @@ func (c *KubernetesConfig) GetPodSecurityContext() *api.PodSecurityContext {
func (c *KubernetesConfig) GetBuildContainerSecurityContext() *api.SecurityContext {
securityContext := c.BuildContainerSecurityContext
if securityContext.Privileged == nil &&
securityContext.RunAsGroup == nil &&
securityContext.RunAsNonRoot == nil &&
securityContext.RunAsUser == nil &&
securityContext.ReadOnlyRootFilesystem == nil &&
securityContext.AllowPrivilegeEscalation == nil {
return nil
}
return &api.SecurityContext{
Capabilities: c.getBuildContainerCapabilities(),
Privileged: c.getPrivilegedEffective(securityContext.Privileged),
......@@ -603,6 +612,15 @@ func (c *KubernetesConfig) GetBuildContainerSecurityContext() *api.SecurityConte
func (c *KubernetesConfig) GetServiceContainerSecurityContext() *api.SecurityContext {
securityContext := c.ServiceContainerSecurityContext
if securityContext.Privileged == nil &&
securityContext.RunAsGroup == nil &&
securityContext.RunAsNonRoot == nil &&
securityContext.RunAsUser == nil &&
securityContext.ReadOnlyRootFilesystem == nil &&
securityContext.AllowPrivilegeEscalation == nil {
return nil
}
return &api.SecurityContext{
Capabilities: c.getServiceContainerCapabilities(),
Privileged: c.getPrivilegedEffective(securityContext.Privileged),
......@@ -617,6 +635,15 @@ func (c *KubernetesConfig) GetServiceContainerSecurityContext() *api.SecurityCon
func (c *KubernetesConfig) GetHelperContainerSecurityContext() *api.SecurityContext {
securityContext := c.HelperContainerSecurityContext
if securityContext.Privileged == nil &&
securityContext.RunAsGroup == nil &&
securityContext.RunAsNonRoot == nil &&
securityContext.RunAsUser == nil &&
securityContext.ReadOnlyRootFilesystem == nil &&
securityContext.AllowPrivilegeEscalation == nil {
return nil
}
return &api.SecurityContext{
Capabilities: c.getHelperContainerCapabilities(),
Privileged: c.getPrivilegedEffective(securityContext.Privileged),
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment