-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security: Please set pod Security Context on all Pods #3
Comments
Context:
Random thought: it would be cool to have something which could extract these from a registry and mirror them to Kubernetes. Much simpler than that is to have a test that these are set in the |
We found |
Signed-off-by: Matthias Wessendorf <mwessend@redhat.com>
This issue is stale because it has been open for 90 days with no |
/remove-lifecycle stale |
This issue is stale because it has been open for 90 days with no |
Bump |
This issue is stale because it has been open for 90 days with no |
Many companies have a security requirement in place that all pods must not run as root and set the run as user. Please set this (Or allow it to be set) on all pods. This would mean either adding it yourself or adding it to any CRDs that end up creating pods so the user can set it. Note this is at the pod level, not the container level. I will be creating a separate feature request for the container security content.
https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
See the pod security context example below for what is required to be set.
Related Feature Request: knative/eventing#2881
The text was updated successfully, but these errors were encountered: