-
Notifications
You must be signed in to change notification settings - Fork 752
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for cap_add,cap_drop #575
Comments
Hi @gitlawr, You are right, it looks like this is something that could be added to Kompose |
Hi @kadel . In that case, can I add a PR for this or wait for someone to handle it? I'm familiar with k8s but not with openshift by the way. |
You definitely can 😉 , that would be great 👍 , thank you! 💛 That is OK, you can start with doing it just for k8s. Once you send PR with k8s I can help with OpenShift bits, it should be easy once its done for Kubernetes. |
This commit Add support for cap_add & cap_drop which maps to Pod.Spec.Container.SecurityContext.Capabilities.Add/Drop Added unit tests for ConfigCapabilities function Updated conversion.md on support for these keys
This commit Add support for cap_add & cap_drop which maps to Pod.Spec.Container.SecurityContext.Capabilities.Add/Drop Added unit tests for ConfigCapabilities function Updated conversion.md on support for these keys
Currently these keys are marked as unsupported and kompose generates WARNINGs when they are used. But I think there is equivalent in Kubernetes.
see:
https://kubernetes.io/docs/concepts/policy/container-capabilities/
My proposal is to convert
cap_add/cap_drop
toPod.Spec.Container.SecurityContext.capabilities.add/drop
For example with such a docker-compose.yml
kompose generate
The text was updated successfully, but these errors were encountered: