Open wargamez opened 3 months ago
It seems the optional check for seccomp only looks at some annotation (Which I am not sure is the right way to look for this). Kubernetes documentations says this should be set in securityContext or podSecurityContext and seems kubeaudit thinks the same. So even if I have this set like that (Without annotation, but in Context) kubescore is giving a warning. Ref: https://github.com/Shopify/kubeaudit/blob/main/docs/auditors/seccomp.md and https://kubernetes.io/docs/tutorials/security/seccomp/
Also applying dry-run label on migration from psp to restricted psa the warining on not set vanishes when set as part of any securityContext...
/E
It seems the optional check for seccomp only looks at some annotation (Which I am not sure is the right way to look for this). Kubernetes documentations says this should be set in securityContext or podSecurityContext and seems kubeaudit thinks the same. So even if I have this set like that (Without annotation, but in Context) kubescore is giving a warning. Ref: https://github.com/Shopify/kubeaudit/blob/main/docs/auditors/seccomp.md and https://kubernetes.io/docs/tutorials/security/seccomp/
Also applying dry-run label on migration from psp to restricted psa the warining on not set vanishes when set as part of any securityContext...
/E