summaryrefslogtreecommitdiff
path: root/cmd/podman/play_kube.go
diff options
context:
space:
mode:
authorPeter Hunt <pehunt@redhat.com>2020-01-03 10:15:03 -0500
committerPeter Hunt <pehunt@redhat.com>2020-01-03 13:27:17 -0500
commitb6792b61de7706ad6019a98db23c2a62753b1bde (patch)
tree75c4b9c1f428103b1b52565fcbba9607e186272a /cmd/podman/play_kube.go
parent50b44463760a224cd72e0920f03ed2041689bc63 (diff)
downloadpodman-b6792b61de7706ad6019a98db23c2a62753b1bde.tar.gz
podman-b6792b61de7706ad6019a98db23c2a62753b1bde.tar.bz2
podman-b6792b61de7706ad6019a98db23c2a62753b1bde.zip
play kube: make seccomp handling better conform to k8s
Add flag --seccomp-profile-root in play kube to allow users to specify where to look for seccomp profiles update tests Signed-off-by: Peter Hunt <pehunt@redhat.com>
Diffstat (limited to 'cmd/podman/play_kube.go')
-rw-r--r--cmd/podman/play_kube.go3
1 files changed, 3 insertions, 0 deletions
diff --git a/cmd/podman/play_kube.go b/cmd/podman/play_kube.go
index fc9f2d5b6..2028d2ef4 100644
--- a/cmd/podman/play_kube.go
+++ b/cmd/podman/play_kube.go
@@ -28,6 +28,8 @@ var (
},
Example: `podman play kube demo.yml`,
}
+ // https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
+ defaultSeccompRoot = "/var/lib/kubelet/seccomp"
)
func init() {
@@ -46,6 +48,7 @@ func init() {
flags.StringVar(&playKubeCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&playKubeCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&playKubeCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ flags.StringVar(&playKubeCommand.SeccompProfileRoot, "seccomp-profile-root", defaultSeccompRoot, "Directory path for seccomp profiles")
markFlagHidden(flags, "signature-policy")
}
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-15 20:05:18 +0000