Kyverno - disallow-priviledged-escalation

Description

Use in ONAP charts: https://git.onap.org/oom/tree/kubernetes/common/common/templates/_pod.tpl#n67

Allowed Pod manifest :

spec:
  ...
  template:
    ...
    spec:
      securityContext:
        allowPrivilegeEscalation: false
      ...
      initContainers:
        - name: ...
          ...
          securityContext:
            allowPrivilegeEscalation: false
      containers:
        - name: someContainer
          ...
          securityContext:
            allowPrivilegeEscalation: false

Activity

Show:

Unresolved

Details
Assignee
Andreas Geißler
Reporter
Andreas Geißler
Components
Fix versions
Oslo Release
Priority
Medium
Parent
OOM-3288 Make charts kyverno policy compliant to be production ready

Created April 16, 2024 at 2:10 PM

Updated October 16, 2024 at 3:02 PM

Resolved April 16, 2024 at 2:10 PM

Kyverno - disallow-priviledged-escalation

Description

Activity

DetailsAssigneeAndreas GeißlerAndreas GeißlerReporterAndreas GeißlerAndreas GeißlerComponentsFix versionsOslo ReleasePriorityMediumParentOOM-3288 Make charts kyverno policy compliant to be production ready

Details

Assignee

Reporter

Components

Fix versions

Priority

Parent

Details
Assignee
Andreas Geißler
Reporter
Andreas Geißler
Components
Fix versions
Oslo Release
Priority
Medium
Parent
OOM-3288 Make charts kyverno policy compliant to be production ready