diff --git a/pkg/tfkschema/name_mapper.go b/pkg/tfkschema/name_mapper.go index 89ada8b..7f32852 100644 --- a/pkg/tfkschema/name_mapper.go +++ b/pkg/tfkschema/name_mapper.go @@ -21,6 +21,7 @@ func init() { inflection.AddSingular("resources", "resources") inflection.AddSingular("requests", "requests") inflection.AddSingular("imagePullSecrets", "imagePullSecrets") + inflection.AddSingular("capabilities", "capabilities") inflection.AddUncountable("data") inflection.AddUncountable("metadata") diff --git a/pkg/tfkschema/name_mapper_test.go b/pkg/tfkschema/name_mapper_test.go index fceac95..66d8bcd 100644 --- a/pkg/tfkschema/name_mapper_test.go +++ b/pkg/tfkschema/name_mapper_test.go @@ -234,7 +234,15 @@ func Test_NormalizeTerraformName(t *testing.T) { }, "image_pull_secrets", }, - + { + "capabilities", + args{ + "capabilities", + true, + "", + }, + "capabilities", + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { diff --git a/test-fixtures/deployment.tf.golden b/test-fixtures/deployment.tf.golden index 4abb2fe..b1a070d 100644 --- a/test-fixtures/deployment.tf.golden +++ b/test-fixtures/deployment.tf.golden @@ -68,6 +68,12 @@ resource "kubernetes_deployment" "backend_api" { } termination_message_path = "/dev/termination-log" image_pull_policy = "IfNotPresent" + security_context { + capabilities { + add = ["NET_BIND_SERVICE"] + drop = ["ALL"] + } + } } container { name = "api" diff --git a/test-fixtures/deployment.yaml b/test-fixtures/deployment.yaml index a6ecff9..ab50a43 100644 --- a/test-fixtures/deployment.yaml +++ b/test-fixtures/deployment.yaml @@ -66,6 +66,12 @@ spec: port: 443 timeoutSeconds: 1 resources: {} + securityContext: + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: