Skip to content

Commit cdd713d

Browse files
gnufiedgnufied
committed
Add code for fsgroupChangeAlways defaulting
1 parent 375cd1b commit cdd713d

File tree

4 files changed

+42
-2
lines changed

4 files changed

+42
-2
lines changed

pkg/securitycontext/accessors.go

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ type PodSecurityContextAccessor interface {
3535
SeccompProfile() *api.SeccompProfile
3636
SupplementalGroups() []int64
3737
FSGroup() *int64
38+
FSGroupChangePolicy() *api.PodFSGroupChangePolicy
3839
}
3940

4041
// PodSecurityContextMutator allows reading and writing the values of a PodSecurityContext object
@@ -52,6 +53,7 @@ type PodSecurityContextMutator interface {
5253
SetSeccompProfile(*api.SeccompProfile)
5354
SetSupplementalGroups([]int64)
5455
SetFSGroup(*int64)
56+
SetFSGroupChangePolicy(*api.PodFSGroupChangePolicy)
5557

5658
// PodSecurityContext returns the current PodSecurityContext object
5759
PodSecurityContext() *api.PodSecurityContext
@@ -231,6 +233,21 @@ func (w *podSecurityContextWrapper) SetFSGroup(v *int64) {
231233
w.podSC.FSGroup = v
232234
}
233235

236+
func (w *podSecurityContextWrapper) FSGroupChangePolicy() *api.PodFSGroupChangePolicy {
237+
if w.podSC == nil {
238+
return nil
239+
}
240+
return w.podSC.FSGroupChangePolicy
241+
}
242+
243+
func (w *podSecurityContextWrapper) SetFSGroupChangePolicy(v *api.PodFSGroupChangePolicy) {
244+
if w.podSC == nil && v == nil {
245+
return
246+
}
247+
w.ensurePodSC()
248+
w.podSC.FSGroupChangePolicy = v
249+
}
250+
234251
// ContainerSecurityContextAccessor allows reading the values of a SecurityContext object
235252
type ContainerSecurityContextAccessor interface {
236253
Capabilities() *api.Capabilities

vendor/github.com/openshift/api/security/v1/consts.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sccmatching/matcher.go

Lines changed: 16 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/openshift/apiserver-library-go/pkg/securitycontextconstraints/sccmatching/provider.go

Lines changed: 8 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)