add soulsync

Signed-off-by: gwg313 <gwg313@pm.me>
This commit is contained in:
gwg313 2026-06-18 14:01:20 -04:00
parent 2671abc98c
commit 67a2318a96
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
13 changed files with 467 additions and 0 deletions

View file

@ -17,6 +17,12 @@ spec:
- resources:
kinds:
- Pod
exclude:
any:
- resources:
selector:
matchLabels:
security.policy/allow-root: "true"
validate:
message: "Pods must set runAsNonRoot=true."
@ -31,6 +37,12 @@ spec:
- resources:
kinds:
- Pod
exclude:
any:
- resources:
selector:
matchLabels:
security.policy/allow-root: "true"
validate:
message: "All containers must set runAsNonRoot=true."