-
**Is your feature request related to a problem? Please describe.**
Not a problem, per se, but hard-coded backend values do not fit my use case. For my use case, which is a Government complianc…
-
Kubeless uses bitnami/minideb:jessie as it's base for a number of components. Minideb is a slimmed down packaging of upstream Debian and as such they provide no additional security patching beyond wha…
-
### Description
Exposing the tenancy field in the AwsNodeTemplate API will help allow AWS GovCloud customers and anyone else that requires an extra level of security use Karpenter without compromise.…
-
Im not sure if this is something that can be sourced from the community or not, but it would be ideal to be able to load in the CIS 1.5 Compliance requirements, or the DISA Kubernetes stig.
Whats…
-
### Description
Hi team,
When undergoing an audit for SOC2 compliance, an issue was highlighted that our services should not be directly using DB roles and passwords for connecting to the DB, and …
-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/)._
**Security Policy Violation**
Project is out of compliance with Binary Artifacts policy: binaries present in sou…
-
Compliance trestle demos [repo](https://github.com/oscal-compass/compliance-trestle-demos) is outdated and needs refreshment and review.
It is needed to go through the [Trestle as Foundation Examp…
-
### What would you like to be added?
- Introduce a well-known, documented name for the HNS endpoint used as the source VIP, proposed to be named `sourcevip`. When `kube-proxy` starts up in [VXLAN o…
-
The _Requirements_ section of the spec states the following:
Requirements
Registries conforming to this specification MUST handle all APIs required by the following workflow categories:
…
-
**Description**
In a Bring your Own PKI scenario, a user may want to specify a CRL file ( in addition to a fullchain file ) that can be used to check if the certificate embedded in a signature arti…