Skip to content

Commit

Permalink
Update API docs for securityProfile
Browse files Browse the repository at this point in the history
  • Loading branch information
@EronWright
EronWright committed Oct 7, 2024
1 parent a796cd9 commit 3f74ac3
Show file tree
Hide file tree
Showing 8 changed files with 77 additions and 25 deletions.
8 changes: 6 additions & 2 deletions deploy/crds/auto.pulumi.com_workspaces.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8413,8 +8413,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to the workspace,
'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down
16 changes: 12 additions & 4 deletions deploy/crds/pulumi.com_stacks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9334,8 +9334,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down Expand Up @@ -18871,8 +18875,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down
8 changes: 6 additions & 2 deletions deploy/helm/pulumi-operator/crds/auto.pulumi.com_workspaces.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8413,8 +8413,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to the workspace,
'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down
16 changes: 12 additions & 4 deletions deploy/helm/pulumi-operator/crds/pulumi.com_stacks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9334,8 +9334,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down Expand Up @@ -18871,8 +18875,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down
24 changes: 18 additions & 6 deletions deploy/yaml/install.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9569,8 +9569,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down Expand Up @@ -19106,8 +19110,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down Expand Up @@ -27868,8 +27876,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to the workspace,
'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down
6 changes: 5 additions & 1 deletion operator/api/auto/v1alpha1/workspace_types.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,11 @@ type WorkspaceSpec struct {
// +kubebuilder:default="default"
ServiceAccountName string `json:"serviceAccountName,omitempty"`

// SecurityProfile applies a security profile to the workspace, 'restricted' by default.
// SecurityProfile applies a security profile to the workspace.
// The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
// the Restricted policy of the Pod Security Standards.
// The baseline profile runs the pod as the root user and with a security context that conforms with
// the Baseline policy of the Pod Security Standards.
// +kubebuilder:default="restricted"
// +optional
SecurityProfile SecurityProfile `json:"securityProfile,omitempty"`
Expand Down
8 changes: 6 additions & 2 deletions operator/config/crd/bases/auto.pulumi.com_workspaces.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8413,8 +8413,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to the workspace,
'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down
16 changes: 12 additions & 4 deletions operator/config/crd/bases/pulumi.com_stacks.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9334,8 +9334,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down Expand Up @@ -18871,8 +18875,12 @@ spec:
type: object
securityProfile:
default: restricted
description: SecurityProfile applies a security profile to
the workspace, 'restricted' by default.
description: |-
SecurityProfile applies a security profile to the workspace.
The restricted profile (default) runs the pod as a non-root user and with a security context that conforms with
the Restricted policy of the Pod Security Standards.
The baseline profile runs the pod as the root user and with a security context that conforms with
the Baseline policy of the Pod Security Standards.
type: string
serviceAccountName:
default: default
Expand Down

0 comments on commit 3f74ac3

Please sign in to comment.