search

stakater / Forecastle

Forecastle is a control panel which dynamically discovers and provides a launchpad to access applications deployed on Kubernetes – [✩Star] if you're using it!
https://stakater.com
Apache License 2.0
601 stars 62 forks source link

patch helm chart rbac #313

Closed c-dst closed 1 year ago

c-dst commented 1 year ago

Hi,

This PR update the helm chart and reduce cluster role permissions from the apiGroups 'forecastle.stakater.com' to comply with trivy security checks.

- category: Kubernetes Security Check
  checkID: KSV046
  description: Check whether role permits specific verb on wildcard resources
  messages:
    - Role permits specific verb on wildcard resource
  severity: CRITICAL
  title: No wildcard resource roles

The patch was tested again the lastest (v1.0.118) forcastle helm release.

github-actions[bot] commented 1 year ago

@c-dst Image is available for testing. docker pull stakater/forecastle:SNAPSHOT-PR-313-78565468

karl-johan-grahn commented 1 year ago

@faizanahmad055 please test with CRC