diff --git a/src/__tests__/__snapshots__/index.spec.ts.snap b/src/__tests__/__snapshots__/index.spec.ts.snap index 77272a6d..9683ce3f 100644 --- a/src/__tests__/__snapshots__/index.spec.ts.snap +++ b/src/__tests__/__snapshots__/index.spec.ts.snap @@ -1111,7 +1111,7 @@ exports[`transform_kubewarden allowPrivilegeEscalation 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1210,7 +1210,7 @@ exports[`transform_kubewarden allowedCapabilities 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1313,7 +1313,7 @@ exports[`transform_kubewarden allowedFlexVolumes 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1416,7 +1416,7 @@ exports[`transform_kubewarden allowedHostPaths 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1520,7 +1520,7 @@ exports[`transform_kubewarden allowedProcMountTypes 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1619,7 +1619,7 @@ exports[`transform_kubewarden allowedUnsafeSysctls 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1721,7 +1721,7 @@ exports[`transform_kubewarden apparmor 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1822,7 +1822,7 @@ exports[`transform_kubewarden defaultAddCapabilities 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -1927,7 +1927,7 @@ exports[`transform_kubewarden defaultAllowPrivilegeEscalation 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2026,7 +2026,7 @@ exports[`transform_kubewarden forbiddenSysctls 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2128,7 +2128,7 @@ exports[`transform_kubewarden fsgroup 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2233,7 +2233,7 @@ exports[`transform_kubewarden hostIPC 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2301,7 +2301,7 @@ exports[`transform_kubewarden hostNetwork 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2369,7 +2369,7 @@ exports[`transform_kubewarden hostPID 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2437,7 +2437,7 @@ exports[`transform_kubewarden hostPorts 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2510,7 +2510,7 @@ exports[`transform_kubewarden privileged 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2607,7 +2607,7 @@ exports[`transform_kubewarden readOnlyRootFilesystem 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2675,7 +2675,7 @@ exports[`transform_kubewarden requiredDropCapabilities 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2778,7 +2778,7 @@ exports[`transform_kubewarden runAsGroup 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -2891,7 +2891,7 @@ exports[`transform_kubewarden runAsUser 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -3002,7 +3002,7 @@ exports[`transform_kubewarden seLinux 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -3105,7 +3105,7 @@ exports[`transform_kubewarden seccomp 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -3211,7 +3211,7 @@ exports[`transform_kubewarden supplementalGroups 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { @@ -3322,7 +3322,7 @@ exports[`transform_kubewarden volumes 1`] = ` "name": "psp-hostnamespaces", }, "spec": { - "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6", + "module": "registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7", "mutating": false, "rules": [ { diff --git a/src/kubewarden.ts b/src/kubewarden.ts index daf4e3e9..6951c493 100644 --- a/src/kubewarden.ts +++ b/src/kubewarden.ts @@ -19,7 +19,7 @@ export function transform_kubewarden(PSP: k8s.V1beta1PodSecurityPolicy): object[ policies.push(mod.kubewarden_policy_helper( 'hostnamespaces', - 'registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6', + 'registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7', { allow_host_ipc: PSP.spec?.hostIPC ? PSP.spec.hostIPC : false, allow_host_pid: PSP.spec?.hostPID ? PSP.spec.hostPID : false, diff --git a/tests/hostIPC/kubewarden.yaml b/tests/hostIPC/kubewarden.yaml index 588de75f..c47dad08 100644 --- a/tests/hostIPC/kubewarden.yaml +++ b/tests/hostIPC/kubewarden.yaml @@ -3,7 +3,7 @@ kind: ClusterAdmissionPolicy metadata: name: hostipc spec: - module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6 + module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7 rules: - apiGroups: [""] apiVersions: ["v1"] diff --git a/tests/hostNetwork/kubewarden.yaml b/tests/hostNetwork/kubewarden.yaml index c48ef6e9..f5a85a98 100644 --- a/tests/hostNetwork/kubewarden.yaml +++ b/tests/hostNetwork/kubewarden.yaml @@ -3,7 +3,7 @@ kind: ClusterAdmissionPolicy metadata: name: hostnetwork spec: - module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6 + module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7 rules: - apiGroups: [""] apiVersions: ["v1"] diff --git a/tests/hostPID/kubewarden.yaml b/tests/hostPID/kubewarden.yaml index c58d77bc..c30aa604 100644 --- a/tests/hostPID/kubewarden.yaml +++ b/tests/hostPID/kubewarden.yaml @@ -3,7 +3,7 @@ kind: ClusterAdmissionPolicy metadata: name: hostpid spec: - module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6 + module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7 rules: - apiGroups: [""] apiVersions: ["v1"] diff --git a/tests/hostPorts/kubewarden.yaml b/tests/hostPorts/kubewarden.yaml index c5343536..99d0d17d 100644 --- a/tests/hostPorts/kubewarden.yaml +++ b/tests/hostPorts/kubewarden.yaml @@ -3,7 +3,7 @@ kind: ClusterAdmissionPolicy metadata: name: hostports spec: - module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.6 + module: registry://ghcr.io/kubewarden/policies/host-namespaces-psp:v0.1.7 rules: - apiGroups: [""] apiVersions: ["v1"]