You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 lines
663 B
14 lines
663 B
#!/bin/bash
|
|
set -euxo pipefail
|
|
|
|
NAMESPACES=("istio-system" "auth" "cert-manager" "oauth2-proxy" "kubeflow" "knative-serving")
|
|
for NAMESPACE in "${NAMESPACES[@]}"; do
|
|
if kubectl get namespace "$NAMESPACE" >/dev/null 2>&1; then
|
|
if [ -f "./experimental/security/PSS/static/restricted/patches/${NAMESPACE}-labels.yaml" ]; then
|
|
PATCH_OUTPUT=$(kubectl patch namespace $NAMESPACE --patch-file ./experimental/security/PSS/static/restricted/patches/${NAMESPACE}-labels.yaml 2>&1)
|
|
if echo "$PATCH_OUTPUT" | grep -q "violate the new PodSecurity"; then
|
|
echo "\nWARNING PSS VIOLATED\n"
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
|