search

FairwindsOps / polaris

Validation of best practices in your Kubernetes clusters
https://www.fairwinds.com/polaris
Apache License 2.0
3.17k stars 213 forks source link

chore: fix privilegeEscalationAllowed check #998

Closed sempex closed 10 months ago

sempex commented 1 year ago

This PR fixes #997

Checklist

Description

What's the goal of this PR?

Fixes the Problem of this Issue #997

What changes did you make?

I removed the requirement that the container must explicitly have the following configuration:

securityContext:
  allowPrivilegeEscalation: false

However, the check still fails when the configuration is as follows:

securityContext:
  allowPrivilegeEscalation: true

What's important to understand now is that when you omit any securityContext configuration entirely, the check will pass. This is because Kubernetes defaults to a configuration where allowPrivilegeEscalation is set to false.

What alternative solution should we consider, if any?

-

sempex commented 1 year ago

The check is correct, have to fix go tests