Closed torredil closed 2 weeks ago
This PR does not change the code coverage
/approve
[APPROVALNOTIFIER] This PR is APPROVED
This pull-request has been approved by: ConnorJC3
The full list of commands accepted by this bot can be found here.
The pull request process is described here
Is this a bug fix or adding new feature?
Helm parameter
What is this PR about? / Why do we need it?
Note to reviewers:
seccompProfile
has now been set toRuntimeDefault
, which uses the default seccomp profile provided by the container runtime. This helps to restrict the system calls the containers can make, enhancing security. Do note that this changes the current default (unspecified, thusUnconfined
):^ https://github.com/kubernetes/kubernetes/blob/6e8e1f53b09328849f655d38eae9bacbbeb3445e/pkg/apis/core/types.go#L3749C1-L3756C2
For more information, see https://kubernetes.io/docs/tutorials/security/seccomp/.
closes https://github.com/kubernetes-sigs/aws-ebs-csi-driver/issues/1882
What testing is done?