generated from kubewarden/go-policy-template
-
Notifications
You must be signed in to change notification settings - Fork 3
/
questions-ui.yml
32 lines (32 loc) · 1.01 KB
/
questions-ui.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
questions:
- default: null
description: >-
This policy validates which sysctls can get set in pods by specifying lists
of sysctls or sysctl patterns to be allowed or forbidden. You can then
modify the securityContext of Pods to make use of the Sysctls as permitted
by this policy.
group: Settings
label: Description
required: false
hide_input: true
type: string
variable: description
- default: []
description: >-
A list of plain sysctl names or sysctl patterns (which end with *) to be
forbidden. You can forbid a combination of safe and unsafe sysctls in the
list. To forbid setting any sysctls, use * on its own.
group: Settings
label: Forbidden sysctls
required: false
type: array[
variable: forbiddenSysctls
- default: []
description: >-
A list of plain sysctl names that can be used in Pods. * cannot be used. Has
precedence over forbiddenSysctls.
group: Settings
label: Allowed unsafe sysctls
required: false
type: array[
variable: allowedUnsafeSysctls