search

foundation-model-stack / multi-nic-cni

https://foundation-model-stack.github.io/multi-nic-cni/
Apache License 2.0
33 stars 5 forks source link

Security context violation of health-check and conn-check #110

Open sunya-ch opened 1 year ago

sunya-ch commented 1 year ago

Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Need to fix the following warning for supplementary tools (health checker, connection check)

Warning: would violate PodSecurity “restricted:latest”: allowPrivilegeEscalation != false (container “checker” must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container “checker” must set securityContext.capabilities.drop=[“ALL”]), runAsNonRoot != true (pod or container “checker” must set securityContext.runAsNonRoot=true), seccompProfile (pod or container “checker” must set securityContext.seccompProfile.type to “RuntimeDefault” or “Localhost”)

Warning: would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "server" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "server" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "server" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "server" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")

Describe the solution you'd like A clear and concise description of what you want to happen.

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

Additional context Add any other context or screenshots about the feature request here.