-
## Expected Behavior
Integration test for PR should pass
## Actual Behavior
Integration test is failing on master
## Steps to Reproduce the Problem
1.
1.
1.
## Specifications…
-
Currently the API server accepts an audit-id as a request header even from unauthenticated clients. There seems to be almost no input validation for this and all kinds of special characters are allowe…
-
### Preflight Checklist
- [X] I have searched the [issue tracker](https://www.github.com/bank-vaults/vault-secrets-webhook/issues) for an issue that matches the one I want to file, without success.
-…
-
**How to categorize this issue?**
/area quality
/kind enhancement
**What would you like to be added**:
If we check `client/kubernetes/deployemnts.go`, `utils/kubernetes/deployment.go` and `cli…
-
#### What happened:
After concluding some seccomp `ProfileRecording`s, two of the profiles failed to install; one has an empty status and the other is stuck in `Terminating`:
```
$ k get sp -A …
-
Hi Crowdsec Team, first of all thanks for this great product, I used it a lot in the past months and really liked it.
Unfortunately this image as well as the kubernetes lapi and deamonsets expose a …
-
## Context
With the more growing ability to harden deployments with [Pod Security Standards](https://kubernetes.io/docs/concepts/security/pod-security-standards/) and [Pod Security Admission](https:/…
-
# Enhancement Description
- One-line enhancement description (can be used as a release note): Support ambient capabilities in kubernetes.
- Kubernetes Enhancement Proposal: https://github.com/kube…
-
I am not deeply familiar with the scope of the pod security admission policies. However, it seems that setting `automountServiceAccountToken` to `true` (the default) on a pod spec can allow a pod to e…
-
Currently, GCP PD CSI driver requires a Service Account that has the `iam.serviceAccountUser` role:
https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/blob/eead51bd9029e92e6b…