UD-1425: set the trivy security context to run as non-root, preventin…

undistro / zora

Zora is an open source solution that helps you achieve compliance with Kubernetes best practices recommended by industry-leading frameworks. By scanning your cluster with multiple plugins, Zora identifies potential issues, misconfigurations, and vulnerabilities.

https://getup.io/opensource/zora-oss

Apache License 2.0

269 stars 21 forks source link

UD-1425: set the trivy security context to run as non-root, preventin… #281

Closed knrc closed 2 months ago

knrc commented 2 months ago

…g POP-302,POP-306

Description

Updated security context to force runAsNonRoot.

Note a separate change was made to the patched Trivy image to add a non-root user and specify that at runtime, see the modified Dockerfile

Linked Issues

How has this been tested?

Install zora and check for POP-306,POP-302 issues logged against Trivy

Checklist

[X] I have labeled this PR with the relevant Type labels
[ ] I have documented my code (if applicable)
[ ] My changes are covered by tests