Skip to content

Commit

Permalink
Switch to bitnami/nginx:1.21.4 containers
Browse files Browse the repository at this point in the history 
Original nginx images can't runAsNonRoot user we have to switch to better tuned
bitnami nginx latest 1.21.4 images. This makes examples running in restricted
namespace for Kubernetes v1.23

Signed-off-by: Michal Jura <mjura@suse.com>
  • Loading branch information
@mjura
mjura committed Dec 20, 2021
1 parent e52772a commit 1ddfe67
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 9 deletions.
2 changes: 1 addition & 1 deletion examples/kubernetes/deployments-should-fail.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
spec:
containers:
- name: nginx
image: nginx:1.14.2
image: bitnami/nginx:1.21.4
ports:
- containerPort: 80
volumeMounts:
Expand Down
15 changes: 7 additions & 8 deletions examples/kubernetes/deployments-should-succeed.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,33 +18,32 @@ spec:
spec:
containers:
- name: nginx
image: nginx:1.14.2
image: bitnami/nginx:1.21.4
ports:
- containerPort: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: app-restricted-success
name: nginx-restricted-success
namespace: restricted
spec:
selector:
matchLabels:
app: app-restricted-success
app: nginx-restricted-success
replicas: 1
template:
metadata:
labels:
app: app-restricted-success
app: nginx-restricted-success
spec:
securityContext:
runAsUser: 101
seccompProfile:
type: "RuntimeDefault"
containers:
- name: app-restricted
image: busybox
command: [ "sh", "-c", "sleep 3600" ]
- name: nginx
image: bitnami/nginx:1.21.4
ports:
- containerPort: 80
securityContext:
Expand All @@ -70,7 +69,7 @@ spec:
spec:
containers:
- name: nginx
image: nginx:1.14.2
image: bitnami/nginx:1.21.4
ports:
- containerPort: 80
---
Expand Down

0 comments on commit 1ddfe67

Please # to comment.