SecurityContextConstraints: update description of the Priority field.

php-coder · php-coder · commit dbea4af1541b · 2017-08-03T15:18:21.000+02:00
diff --git a/pkg/security/apis/security/types.go b/pkg/security/apis/security/types.go
@@ -21,7 +21,10 @@ type SecurityContextConstraints struct {
 
 	// Priority influences the sort order of SCCs when evaluating which SCCs to try first for
 	// a given pod request based on access in the Users and Groups fields.  The higher the int, the
-	// higher priority.  If scores for multiple SCCs are equal they will be sorted by name.
+	// higher priority. An unset value is considered a 0 priority. If scores
+	// for multiple SCCs are equal they will be sorted from most restrictive to
+	// least restrictive. If both priorities and restrictions are equal the
+	// SCCs will be sorted by name.
 	Priority *int32
 
 	// AllowPrivilegedContainer determines if a container can request to be run as privileged.
diff --git a/pkg/security/apis/security/v1/types.go b/pkg/security/apis/security/v1/types.go
@@ -23,7 +23,10 @@ type SecurityContextConstraints struct {
 
 	// Priority influences the sort order of SCCs when evaluating which SCCs to try first for
 	// a given pod request based on access in the Users and Groups fields.  The higher the int, the
-	// higher priority.  If scores for multiple SCCs are equal they will be sorted by name.
+	// higher priority. An unset value is considered a 0 priority. If scores
+	// for multiple SCCs are equal they will be sorted from most restrictive to
+	// least restrictive. If both priorities and restrictions are equal the
+	// SCCs will be sorted by name.
 	Priority *int32 `json:"priority" protobuf:"varint,2,opt,name=priority"`
 
 	// AllowPrivilegedContainer determines if a container can request to be run as privileged.
