mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-02-14 02:54:21 +01:00
159bc2713f
Restricting access to agent endpoints using agent-config.toml is expected to be deprecated in the main branch. Therefore, in preparation of merging this script with its main branch version, install default settings for main branch's kata-opa service. coco-default.rego blocks access to the same kata agent endpoints that are blocked by agent-config.toml. For additional information, search for "default-policy.rego" in main branch's rootfs.sh. Fixes: #8219 Signed-off-by: Dan Mihai <dmihai@microsoft.com>