Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Epic - Extend readOnlyRootFileSystem to include NAP WAF when present #5291

Open
2 tasks
brianehlert opened this issue Mar 21, 2024 Discussed in #5156 · 0 comments
Open
2 tasks

Epic - Extend readOnlyRootFileSystem to include NAP WAF when present #5291

brianehlert opened this issue Mar 21, 2024 Discussed in #5156 · 0 comments
Labels
epic Issues that need to be broken into smaller issues refined Issues that are ready to be prioritized
Milestone
v3.6.0

Comments

@brianehlert
Copy link
Collaborator

brianehlert commented Mar 21, 2024
edited by shaun-nx

Discussed in #5156

Originally posted by brianehlert February 22, 2024
Customers use the readOnlyRootFileSystem capability to align with security policy and customers would like to also use this when NAP WAF is included with NIC.

The current implementation of readOnlyRootFileSystem does not support the NAP WAF module and thus the capability needs to be extended to support NAP WAF module behavior and paths necessary.

Notes:

  • this can take the v4 / v5 work into consideration
  • when originally written the focus was v4
  • unknown how this impacts v5 considering new enforcer container is introduced

Tasks
Beta Give feedback

WAF v5 considerations
Beta Give feedback
@brianehlert brianehlert added the epic Issues that need to be broken into smaller issues label Mar 21, 2024
@brianehlert brianehlert added this to the v3.6.0 milestone Mar 21, 2024
@danielnginx danielnginx added the refined Issues that are ready to be prioritized label Apr 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
epic Issues that need to be broken into smaller issues refined Issues that are ready to be prioritized
Projects
NGINX Ingress Controller
Status: Prioritized Backlog
Milestone
v3.6.0
Development

No branches or pull requests
2 participants
@brianehlert @danielnginx