sig-security
sig-security copied to clipboard
kubernetes
Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security
This came out of a SIG Security meeting and builds on issue https://github.com/kubernetes/sig-security/issues/97 For https://kubernetes.io/docs/reference/issues-security/official-cve-feed/, people reading the site want to find out what's there. There are different views on...
With growing number of eyes on Kubernetes, the number of CVEs related to Kubernetes have increased. Although most CVEs are regularly fixed that directly or indirectly or transitively impact Kubernetes,...
Job run: https://storage.googleapis.com/kubernetes-jenkins/logs/ci-kubernetes-snyk-master/1643706990876168192/build-log.txt ``` /bin/bash: line 30: null: unbound variable ``` Fix needs to happen where `TOTAL_COUNT` variable is set as `null` when curl command returns this error: ``` {"message":"API...
Create a security recommendation/hardening guide for applications that use the Kubernetes client. This could include different use-cases like: 1. Creating an application which runs `kubectl` commands. 2. An application that...
to help keep the google docs snappy, let's copy some of the old notes into documents here in this git repo. Proposed plan: * Keep the current year and the...
## WHAT As part of #95 we have now setup `govulncheck` to run on each PR and periodically on master + stable release branches as part of `verify` jobs. `govulncheck`...
Wait until after https://github.com/kubernetes/community/pull/8085 merges
See also https://github.com/kubernetes/community/pull/8085
### Motivation Currently, only a subset of repositories under in Kubernetes org are onboarded for codeQL scanning ([example repo running scans via Github Runners](https://github.com/kubernetes/release/blob/master/.github/workflows/codeql-analysis.yml)). This issue is opened with the...
Metadata
Owner
Metadata
Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security