Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Umbrella] Security Assessment Process for Kubernetes sub-projects #2

Closed
7 tasks done
PushkarJ opened this issue Jul 29, 2021 · 15 comments
Closed
7 tasks done

[Umbrella] Security Assessment Process for Kubernetes sub-projects #2

PushkarJ opened this issue Jul 29, 2021 · 15 comments
Assignees
@aladewberry
Labels
area/security-assessment Issues or PRs related to security assessment of sub-projects sig/security Categorizes an issue or PR as relevant to SIG Security.

Comments

@PushkarJ
Copy link
Member

PushkarJ commented Jul 29, 2021
edited
Loading

Goal: Define, execute and improve on a community driven security assessment process for kubernetes sub-projects, which is self-service and welcomes beginners without prior security background to engage and contribute

Background

CNCF TAG Security has a well established process for project maintainers to engage them in a security review process. However, typically the scope is limited to CNCF projects not sub-projects of graduated projects like Kubernetes. In case of Kubernetes, SIG Security is taking up this responsibility to work within the project community through self-assessments as a partnership between maintainers and SIG Security Members

Scope

Related Issues

Cluster API pilot discussion: cncf/tag-security#603
Cluster API tracker: https://github.com/kubernetes/community/issues/5814
Admission controller: cncf/tag-security#731

/assign @PushkarJ
cc @rficcaglia @reylejano @savitharaghunathan @kubernetes/sig-security-leads
/sig security
@PushkarJ
Copy link
Member Author

/transfer sig-security

@k8s-ci-robot k8s-ci-robot transferred this issue from kubernetes/community Sep 14, 2021
@k8s-ci-robot k8s-ci-robot added the sig/security Categorizes an issue or PR as relevant to SIG Security. label Sep 14, 2021
@PushkarJ
Copy link
Member Author

PushkarJ commented Nov 4, 2021

/area security-assessment

(Trying out the new label that was merged today)

@k8s-ci-robot k8s-ci-robot added the area/security-assessment Issues or PRs related to security assessment of sub-projects label Nov 4, 2021
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 2, 2022
@PushkarJ
Copy link
Member Author

PushkarJ commented Feb 3, 2022

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 3, 2022
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 13, 2022
@reylejano
Copy link
Member

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jun 13, 2022
@PushkarJ
Copy link
Member Author

/unassign
/assign aladewberry

@k8s-ci-robot k8s-ci-robot assigned aladewberry and unassigned PushkarJ Aug 30, 2022
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue or PR as fresh with /remove-lifecycle stale
  • Mark this issue or PR as rotten with /lifecycle rotten
  • Close this issue or PR with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 28, 2022
@reylejano
Copy link
Member

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 29, 2022
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 27, 2023
@reylejano
Copy link
Member

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 27, 2023
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle stale
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 28, 2023
@k8s-triage-robot
Copy link

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

  • After 90d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
  • After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

  • Mark this issue as fresh with /remove-lifecycle rotten
  • Close this issue with /close
  • Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Jun 27, 2023
@reylejano
Copy link
Member

/remove-lifecycle rotten

@k8s-ci-robot k8s-ci-robot removed the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Jun 27, 2023
@PushkarJ
Copy link
Member Author

PushkarJ commented Aug 4, 2023

@aladewberry I updated the description to cover links to all the tasks in the list and marked them as done. Since we have a new sub-project that is going places and making things secure, the issue has served its purpose.

So, I am closing this issue since we can track future self-assessments through their own issues like you are already doing for vsphere-csi-driver #21 and #40 for cluser-api

Feel free to re-open if you disagree :) (Just doing this as part of backlog clearing on my end)

@PushkarJ PushkarJ closed this as completed Aug 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aladewberry aladewberry

Labels
area/security-assessment Issues or PRs related to security assessment of sub-projects sig/security Categorizes an issue or PR as relevant to SIG Security.
Projects
sig-security-tracker
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@PushkarJ @k8s-ci-robot @reylejano @k8s-triage-robot @aladewberry