Chip Zoller

icon indicating a website link https://neonmirrors.net/

icon location Lexington, KY icon location Technologist

Results 886 comments of Chip Zoller

Require CPU Limits

Sign off is not complete.

Require CPU Limits

Converting to draft until all basic requirements are met.

Updated require-image-checksum.yaml policy to extend for all containers and container types

Please sign off on your PR.

Updated require-image-checksum.yaml policy to extend for all containers and container types

Sign off is not complete.

Updated require-image-checksum.yaml policy to extend for all containers and container types

Converting to draft until all basic requirements are met.

Updated require-image-checksum.yaml policy to extend for all containers and container types

@nsagark, do you intend to complete this PR or shall we close it?

Updated require-image-checksum.yaml policy to extend for all containers and container types

@nsagark, do you intend to complete this PR or shall we close it?

Prevent CVE-2024-3094

We wouldn't be "pointing people" to it; it would only be used for test purposes, inside an isolated CI/CD environment, not as part of the policy definition itself.

Prevent CVE-2024-3094

Yes. We have a number of images we use which fall into the same category. Their presence doesn't serve as an endorsement for others, only inputs for policy validation.

Prevent CVE-2024-3094

I get your intentions but I generally disagree. Regardless, how do we verify your policy works as intended? We obviously need an image with an SBOM with the affected packages...