Deployment adcs-issuer-controller-manager in namespace adcs-issuer
missingPodDisruptionBudget 😬 Warning
Reliability - Should have a PodDisruptionBudget
deploymentMissingReplicas 😬 Warning
Reliability - Only one replica is scheduled
metadataAndInstanceMismatched 😬 Warning
Reliability - Label app.kubernetes.io/instance must match metadata.name
automountServiceAccountToken 😬 Warning
Security - The ServiceAccount will be automounted
missingNetworkPolicy 😬 Warning
Security - A NetworkPolicy should match pod labels and contain applied egress and ingress rules
priorityClassNotSet 😬 Warning
Reliability - Priority class should be set
topologySpreadConstraint 😬 Warning
Reliability - Pod should be configured with a valid topology spread constraint
Container manager
insecureCapabilities 😬 Warning
Security - Container should not have insecure capabilities
notReadOnlyRootFilesystem 😬 Warning
Security - Filesystem should be read only
privilegeEscalationAllowed ❌ Danger
Security - Privilege escalation should not be allowed
linuxHardening 😬 Warning
Security - Use one of AppArmor, Seccomp, SELinux, or dropping Linux Capabilities to restrict containers using unwanted privileges
readinessProbeMissing 😬 Warning
Reliability - Readiness probe should be configured
livenessProbeMissing 😬 Warning
Reliability - Liveness probe should be configured
TODO Hardening deployment of adcs-issuer
Starting point
Grade: C Score: 75%