Fix AppArmor violationText which was mistakenly reusing Empty Dir violationText

charts/k-rail/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 name: k-rail
 description: Kubernetes security tool for policy enforcement
 home: https://github.com/cruise-automation/k-rail
-version: v3.4.2
+version: v3.4.3
 maintainers:
   - name: cruise-automation
     url: https://cruise-automation.github.io/k-rail/

policies/pod/deny_unconfined_apparmor.go

@@ -35,6 +35,8 @@ func (p PolicyDenyUnconfinedApparmorPolicy) Validate(ctx context.Context, config
 		return nil, nil
 	}
 
+	violationText := "Unconfined AppArmor pod: Setting AppArmor annonation on Pod to unconfined is forbidden without an exception"
+
 	if podResource.ResourceKind == "Pod" {
 		for name, value := range podResource.PodAnnotations {
 			if strings.HasPrefix(name, "container.apparmor.security.beta.kubernetes.io") {

policies/pod/empty_dir_size_limit.go

@@ -28,8 +28,6 @@ func (p PolicyEmptyDirSizeLimit) Name() string {
 	return "pod_empty_dir_size_limit"
 }
 
-const violationText = "Empty dir size limit: size limit exceeds the max value"
-
 func (p PolicyEmptyDirSizeLimit) Validate(ctx context.Context, config policies.Config, ar *admissionv1.AdmissionRequest) ([]policies.ResourceViolation, []policies.PatchOperation) {
 	var resourceViolations []policies.ResourceViolation
 
@@ -41,6 +39,8 @@ func (p PolicyEmptyDirSizeLimit) Validate(ctx context.Context, config policies.C
 	cfg := config.MutateEmptyDirSizeLimit
 	var patches []policies.PatchOperation
 
+	violationText := "Empty dir size limit: size limit exceeds the max value"
+
 	for i, volume := range podResource.PodSpec.Volumes {
 		if volume.EmptyDir == nil {
 			continue