cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity
hscloud/kube
History
q3k 35d437883b kube/policies: implement mostlysecure 
This now allows to run apt and should allow to run most upstream docker
images. In return, we prohibit some mildly sketchy stuff. But this is
safe enough for project namespaces with limited administrative access.

We should still get gvisor sooner than later...

Change-Id: Ida5ccfae440bacb6f3fd55dcc34ca0addfddd5ae
 		2020-08-23 11:32:44 +00:00
..
OWNERS *: add more OWNERS 2020-04-13 01:46:15 +02:00
kube.libsonnet kube/kube.libsonnet: add OpenAPI.Require 2020-08-22 19:01:01 +00:00
kube.upstream.libsonnet kube: move cert-manager resources to kube.local.libsonnet 2019-10-02 21:03:13 +02:00
mirko.libsonnet devtools: fix sourcegraph 2020-08-23 11:05:57 +00:00
policies.libsonnet kube/policies: implement mostlysecure 2020-08-23 11:32:44 +00:00
postgres.libsonnet kube/postgres: run bouncer 2020-02-15 12:39:14 +01:00
redis.libsonnet kube/redis: run as unprivileged user 2020-02-15 12:39:35 +01:00