From a1ab112ee4490abb195975e89f9bdd2788000c76 Mon Sep 17 00:00:00 2001
From: rjbrown57 <rjbrown57@gmail.com>
Date: Thu, 2 Nov 2023 15:01:14 -0500
Subject: [PATCH] fix: cover empty securityContext in container_deny_escalation
 (#449)

Co-authored-by: Russell Brown <russell.brown@sony.com>
---
 examples/container-deny-escalation/src.rego | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/examples/container-deny-escalation/src.rego b/examples/container-deny-escalation/src.rego
index eb824b80..fb99e923 100644
--- a/examples/container-deny-escalation/src.rego
+++ b/examples/container-deny-escalation/src.rego
@@ -34,6 +34,10 @@ container_allows_escalation(c) {
 	c.securityContext.allowPrivilegeEscalation == true
 }
 
+container_allows_escalation(c) {
+	core.missing_field(c, "securityContext")
+}
+
 container_allows_escalation(c) {
 	core.missing_field(c.securityContext, "allowPrivilegeEscalation")
 }