Documentation: Security/authorization model for Tekton users in a multi-tenant cluster #2257
Labels
help wanted
Denotes an issue that needs help from a contributor. Must meet "help wanted" guidelines.
kind/documentation
Categorizes issue or PR as related to documentation.
kind/question
Issues or PRs that are questions around the project or a particular feature
lifecycle/rotten
Denotes an issue or PR that has aged beyond stale and will be auto-closed.
lifecycle/stale
Denotes an issue or PR has remained open with no activity and has become stale.
I'm not sure this is the appropriate avenue to ask this question, but I'm wondering about Tekton and multi-tenancy.
We have some general purpose clusters with RBAC enabled and customer workloads completely namespaced, using OPA policy and some other mechanisms to prevent customers from executing privileged operations in the cluster (e.g. accessing the host, accessing other customers' workloads, etc.)
In such a set up, how does Tekton come into the picture? For example, can we deloy Tekton as a "cluster-wide service" while still maintaining namespace separation for cluster tenants? Can we prevent cluster tenants from using Tekton to escalate privileges within the cluster (e.g. use privileged Linux capabilities, run privileged containers, etc.)?
Based on the history of the project (Knative Build + kaniko for unprivileged image builds), I'm thinking Tekton does fit into this picture. But I'm looking for specifics or documentation that explains it in more depth. I took a look at the Kubernetes objects in the Tekton installation files, and I see Tekton receives some elevated privileges. But it's not particularly clear what the workflow looks like.
The text was updated successfully, but these errors were encountered: