Skip to content

Releases: DevSpecOps/k8s-security-linter

v0.1.4 – Final Docker publishing fix (GHCR)

13 Jun 18:52
@DevSpecOps DevSpecOps
v0.1.4
f70fce8

Choose a tag to compare

View all tags
v0.1.4 – Final Docker publishing fix (GHCR) Latest
Latest

What's Changed

  • Fixed GitHub Container Registry permissions (added packages: write)
  • Corrected Docker image tags to use lowercase repository owner (devspecops)
  • Resolved workflow syntax error with | operator
  • Docker image now successfully builds and pushes to ghcr.io/devspecops/k8s-security-linter

🚀 Installation & Usage

Docker

docker pull ghcr.io/devspecops/k8s-security-linter:latest
docker run --rm -v $(pwd):/workspace ghcr.io/devspecops/k8s-security-linter --path /workspace

GitHub Action

  • uses: DevSpecOps/k8s-security-linter@v0.1.4
    with:
    path: './deploy'

Pre-commit hook

Add to .pre-commit-config.yaml:

📦 What's inside

5 built‑in security rules (privileged, runAsNonRoot, readOnlyRootFilesystem, memory limits, latest tag)

Rego (OPA) engine for custom policies

Support for Pod, Deployment, StatefulSet, DaemonSet, Job, CronJob

JSON output, exit code 1 on violation

Prometheus metrics (optional)

Donation page with BTC/ETH QR codes

🙏 Support

If this tool helps you, consider donating.

Assets 2
Loading

v0.1.3 – Final Docker push fix

13 Jun 18:43
@DevSpecOps DevSpecOps
v0.1.3
96cfd82

Choose a tag to compare

View all tags
v0.1.3 – Final Docker push fix

Changes

  • Fixed GitHub Container Registry permissions (added packages: write)
  • Corrected image name to lowercase using github.repository_owner | lower
  • Docker image now builds and pushes successfully to ghcr.io/devspecops/k8s-security-linter
Loading

v0.1.2 – Fix Docker build (Go 1.26.4)

13 Jun 18:38
@DevSpecOps DevSpecOps
v0.1.2
09d315c

Choose a tag to compare

View all tags
v0.1.2 – Fix Docker build (Go 1.26.4)

Changes

  • Fixed Dockerfile: now uses golang:1.26.4-alpine (compatible with go.mod requirements)
  • Docker image successfully builds and pushes to GHCR

Installation

See README

Loading

v0.1.1 – Fix Docker image tag case sensitivity

13 Jun 18:32
@DevSpecOps DevSpecOps
v0.1.1
bc7ad07

Choose a tag to compare

View all tags
v0.1.1 – Fix Docker image tag case sensitivity

Changes

  • Fixed Docker image tags: repository name now lowercase (ghcr.io/devspecops/k8s-security-linter)
  • No functional changes, only CI/CD improvement

Installation

See README for usage.

Loading

v0.1.0 – Initial release

13 Jun 18:07
@DevSpecOps DevSpecOps
v0.1.0
4e9afe9

Choose a tag to compare

View all tags
v0.1.0 – Initial release

Features

  • 🔍 5 built-in security rules (privileged, runAsNonRoot, readOnlyRootFilesystem, memory limits, latest tag)
  • 🐳 Supports Pod, Deployment, StatefulSet, DaemonSet, Job, CronJob
  • 📊 JSON output and exit code 1 on violation
  • 🧩 Rego policy engine – easily add custom rules
  • 🐳 Docker image available (ghcr.io)
  • 🤖 GitHub Action and pre-commit hook
  • 💖 Donation page with BTC/ETH QR codes

Installation

See README for quick start.

Loading