Closed dcmiddle closed 1 month ago
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
/remove-lifecycle stale
Issue is still relevant for assessing Software Supply Chain Security & OpenSSF Best Practices.
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.
This bot triages issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/reopen
/remove-lifecycle rotten
Please send feedback to sig-contributor-experience at kubernetes/community.
/close not-planned
@k8s-triage-robot: Closing this issue, marking it as "Not Planned".
https://kubectl.docs.kubernetes.io/references/kubectl/apply/ does not list the ability to use URLs as in https://github.com/confidential-containers/confidential-containers/blob/main/quickstart.md kubectl apply -k github.com/confidential-containers/operator/config/release?ref=v0.8.0
I would like to understand whether apply fetches that URL implicitly using a secure mechanism like https. This would satisfy an OpenSSF Best Practices criteria meant to protect users from downloading maliciously corrupted releases.
https://kubectl.docs.kubernetes.io/references/kubectl/kustomize/ mentions a git url but without example or clarification of the mechanism.
Presumably
kubectl apply
uses one of the mechanisms here https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols Which includes secure and insecure mechanisms.