From 0165e2a556a49e923a926cf16ae145a832e1dfd2 Mon Sep 17 00:00:00 2001 From: suhasgummanirmata Date: Tue, 6 Feb 2024 14:10:00 +0530 Subject: [PATCH] NDEV-17894: correct mutate resource for disallow-previliged containers --- .../remediate-disallow-privileged-containers.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pod-security/baseline/disallow-privileged-containers/remediate-disallow-privileged-containers.yaml b/pod-security/baseline/disallow-privileged-containers/remediate-disallow-privileged-containers.yaml index cfa4c38f..2defd82c 100644 --- a/pod-security/baseline/disallow-privileged-containers/remediate-disallow-privileged-containers.yaml +++ b/pod-security/baseline/disallow-privileged-containers/remediate-disallow-privileged-containers.yaml @@ -20,12 +20,12 @@ spec: - Job - DaemonSet mutate: - foreach: + foreach: - list: request.object.spec.template.spec.containers[] order: Descending preconditions: all: - - key: "{{ element.securityContext && element.securityContext.privileged }}" + - key: "{{ element.securityContext && element.securityContext.privileged || 'false' }}" operator: Equals value: true patchesJson6902: |- @@ -36,7 +36,7 @@ spec: order: Descending preconditions: all: - - key: "{{ element.securityContext && element.securityContext.privileged }}" + - key: "{{ element.securityContext && element.securityContext.privileged || 'false' }}" operator: Equals value: true patchesJson6902: |- @@ -47,7 +47,7 @@ spec: order: Descending preconditions: all: - - key: "{{ element.securityContext && element.securityContext.privileged }}" + - key: "{{ element.securityContext && element.securityContext.privileged || 'false' }}" operator: Equals value: true patchesJson6902: |-