Feature request: Check for AppArmor/Seccomp profile

zegl / kube-score

Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.

https://kube-score.com

MIT License

2.67k stars 175 forks source link

Feature request: Check for AppArmor/Seccomp profile #194

Open mrueg opened 4 years ago

mrueg commented 4 years ago

As a user, it would be great if kube-score would add an optional check to verify if a deployment is creating pods with an unconfined AppArmor/Seccomp profile.

mrueg commented 4 years ago

I saw there was an effort here: https://github.com/zegl/kube-score/pull/160

zegl commented 3 years ago

There is a new Seccomp API landing in v1.19 and is becoming GA: [KEP].

With this in mind, this issue is likely worth revisiting as the Seccomps are here to stay.

wargamez commented 3 months ago

Seccomps are here to stay!