Created
November 29, 2021 03:23
-
-
Save skaegi/fa67f00ed0fe34d91a6b2a699b0f9ba4 to your computer and use it in GitHub Desktop.
Nested data volume test cases -- base, kata using runtimeClass, kata using untrusted annotation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| data: | |
| config: my config | |
| kind: ConfigMap | |
| metadata: | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| data: | |
| config: more config | |
| kind: ConfigMap | |
| metadata: | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| data: | |
| secret: c2VjcmV0Cg== | |
| kind: Secret | |
| metadata: | |
| name: moresecrets | |
| type: Opaque | |
| --- | |
| apiVersion: v1 | |
| data: | |
| secret: bXkgc2VjcmV0Cg== | |
| kind: Secret | |
| metadata: | |
| name: secrets | |
| type: Opaque | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/more | |
| name: moreconfig | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - configMap: | |
| name: moreconfig | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-config-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config/more | |
| name: moreconfig | |
| - mountPath: /config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - configMap: | |
| name: moreconfig | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/self | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/more | |
| name: moredown | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: morename | |
| name: moredown | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-down-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down/more | |
| name: moredown | |
| - mountPath: /down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: morename | |
| name: moredown | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/self | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/more | |
| name: moreempty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - emptyDir: {} | |
| name: moreempty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-empty-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty/more | |
| name: moreempty | |
| - mountPath: /empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - emptyDir: {} | |
| name: moreempty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/self | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/more | |
| name: moresecrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - name: moresecrets | |
| secret: | |
| secretName: moresecrets | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-secret-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets/more | |
| name: moresecrets | |
| - mountPath: /secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - name: moresecrets | |
| secret: | |
| secretName: moresecrets | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/self | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| data: | |
| config: my config | |
| kind: ConfigMap | |
| metadata: | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| data: | |
| config: more config | |
| kind: ConfigMap | |
| metadata: | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| data: | |
| secret: c2VjcmV0Cg== | |
| kind: Secret | |
| metadata: | |
| name: moresecrets | |
| type: Opaque | |
| --- | |
| apiVersion: v1 | |
| data: | |
| secret: bXkgc2VjcmV0Cg== | |
| kind: Secret | |
| metadata: | |
| name: secrets | |
| type: Opaque | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/more | |
| name: moreconfig | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - configMap: | |
| name: moreconfig | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-config-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config/more | |
| name: moreconfig | |
| - mountPath: /config | |
| name: config | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - configMap: | |
| name: moreconfig | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/down | |
| name: down | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-config-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/self | |
| name: config | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/config | |
| name: config | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/more | |
| name: moredown | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: morename | |
| name: moredown | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-down-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down/more | |
| name: moredown | |
| - mountPath: /down | |
| name: down | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: morename | |
| name: moredown | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-down-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/self | |
| name: down | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/config | |
| name: config | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/down | |
| name: down | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/more | |
| name: moreempty | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - emptyDir: {} | |
| name: moreempty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-empty-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty/more | |
| name: moreempty | |
| - mountPath: /empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - emptyDir: {} | |
| name: moreempty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-empty-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/self | |
| name: empty | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/config | |
| name: config | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/down | |
| name: down | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/more | |
| name: moresecrets | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - name: moresecrets | |
| secret: | |
| secretName: moresecrets | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-secret-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets/more | |
| name: moresecrets | |
| - mountPath: /secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - name: moresecrets | |
| secret: | |
| secretName: moresecrets | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nested-secret-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/self | |
| name: secrets | |
| restartPolicy: OnFailure | |
| runtimeClassName: kata-qemu | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| data: | |
| config: my config | |
| kind: ConfigMap | |
| metadata: | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| data: | |
| config: more config | |
| kind: ConfigMap | |
| metadata: | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| data: | |
| secret: c2VjcmV0Cg== | |
| kind: Secret | |
| metadata: | |
| name: moresecrets | |
| type: Opaque | |
| --- | |
| apiVersion: v1 | |
| data: | |
| secret: bXkgc2VjcmV0Cg== | |
| kind: Secret | |
| metadata: | |
| name: secrets | |
| type: Opaque | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-config-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/more | |
| name: moreconfig | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - configMap: | |
| name: moreconfig | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-config-config-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config/more | |
| name: moreconfig | |
| - mountPath: /config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - configMap: | |
| name: moreconfig | |
| name: moreconfig | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-config-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-config-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-config-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-config-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /config/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /config | |
| name: config | |
| - mountPath: /config/self | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-down-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-down-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/more | |
| name: moredown | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: morename | |
| name: moredown | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-down-down-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down/more | |
| name: moredown | |
| - mountPath: /down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: morename | |
| name: moredown | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-down-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-down-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-down-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /down/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /down | |
| name: down | |
| - mountPath: /down/self | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-empty-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - configMap: | |
| name: config | |
| name: config | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-empty-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-empty-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/more | |
| name: moreempty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - emptyDir: {} | |
| name: moreempty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-empty-empty-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty/more | |
| name: moreempty | |
| - mountPath: /empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| - emptyDir: {} | |
| name: moreempty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-empty-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/secrets | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-empty-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /empty/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /empty | |
| name: empty | |
| - mountPath: /empty/self | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-secret-config | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/config | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/config | |
| name: config | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - configMap: | |
| name: config | |
| name: config | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-secret-down | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/down | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/down | |
| name: down | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - downwardAPI: | |
| items: | |
| - fieldRef: | |
| fieldPath: metadata.name | |
| path: name | |
| name: down | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-secret-empty | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/empty | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/empty | |
| name: empty | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - emptyDir: {} | |
| name: empty | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-secret-secret | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/more | |
| name: moresecrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - name: moresecrets | |
| secret: | |
| secretName: moresecrets | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-secret-secret-revmount | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/more | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets/more | |
| name: moresecrets | |
| - mountPath: /secrets | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets | |
| - name: moresecrets | |
| secret: | |
| secretName: moresecrets | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| annotations: | |
| io.kubernetes.cri.untrusted-workload: "true" | |
| name: nested-secret-self | |
| spec: | |
| containers: | |
| - args: | |
| - -c | |
| - ls /secrets/self | |
| command: | |
| - /bin/sh | |
| image: gcr.io/google_containers/busybox:latest | |
| name: busybox | |
| volumeMounts: | |
| - mountPath: /secrets | |
| name: secrets | |
| - mountPath: /secrets/self | |
| name: secrets | |
| restartPolicy: OnFailure | |
| volumes: | |
| - name: secrets | |
| secret: | |
| secretName: secrets |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment