Feature Request: Support new operations #102
Description
Is your feature request related to a problem?
Currently, hostpaths-psp-policy only supports allowlist behavior for allowedHostPaths.
Request: Add support for additional operations similar to those available in annotations-policy, such as:
- contains ANY of
- contains ALL of
- does NOT contain ANY of
- contains OTHER than
This would provide more flexible control over hostPath volume restrictions.
Solution you'd like
Introduce a new standalone setting that accepts either a single value or an allowlist.
The rule uses the containsAnyOf operator to match against allowed host paths.
settings:
operator: containsAnyOf
values:
- /host/path1
- /host/path2- Behavior: Allow if the target path matches any entry in
values. - Cardinality:
valuesmay contain one item (single value) or multiple items . - Validation:
valuesis a non-empty array of unique, normalized paths- Each item is a non-empty string
Alternatives you've considered
No response
Anything else?
No response