DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Jail/chroot nginx process inside controller container (#8337)

Browse source 
* Initial work on chrooting nginx process

* More improvements in chroot

* Fix charts and some file locations

* Fix symlink on non chrooted container

* fix psp test

* Add e2e tests to chroot image

* Fix logger

* Add internal logger in controller

* Fix overlay for chrooted tests

* Fix tests

* fix boilerplates

* Fix unittest to point to the right pid

* Fix PR review
This commit is contained in:
Ricardo Katz 2022-04-09 01:48:04 -03:00 committed by GitHub
parent 83ce21b4dd
commit 3def835a6a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
41 changed files with 456 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

1
charts/ingress-nginx/README.md
View file

@ -306,6 +306,7 @@ Kubernetes: `>=1.19.0-0`
| controller.hostPort.ports.https | int | `443` | 'hostPort' https port |
| controller.hostname | object | `{}` | Optionally customize the pod hostname. |
| controller.image.allowPrivilegeEscalation | bool | `true` | |
| controller.image.chroot | bool | `false` | |
| controller.image.digest | string | `"sha256:31f47c1e202b39fadecf822a9b76370bd4baed199a005b3e7d4d1455f4fd3fe2"` | |
| controller.image.image | string | `"ingress-nginx/controller"` | |
| controller.image.pullPolicy | string | `"IfNotPresent"` | |