Flatcar icon indicating copy to clipboard operation
Flatcar copied to clipboard
verified publisher icon flatcar

Track Security Self Assessment Completion for Flatcar CNCF Graduation

Open John15321 opened this issue 5 months ago • 2 comments

This issue is for tracking the progress and completion of the CNCF Security Self Assessment for Flatcar, which is required for CNCF graduation.

The Security Self Assessment is designed to help projects document current security practices, identify gaps, and prepare security documentation for both users and reviewers. It is a key requirement for projects progressing toward CNCF graduation.

For details and templates, refer to:

  • https://tag-security.cncf.io/community/assessments/guide/self-assessment/

This general issue is the central point for coordinating Flatcar's efforts to complete and maintain the Security Self Assessment as part of the CNCF graduation process.

John15321 avatar Jul 18 '25 15:07 John15321

Related:

Third Party Security Review. -- Moderate and low findings from the Third Party Security Review are planned/tracked for resolution as well as overall thematic findings, such as: improving project contribution guide providing a PR review guide to look for memory leaks and other vulnerabilities the project may be susceptible to by design or language choice ensuring adequate test coverage on all PRs.

John15321 avatar Sep 05 '25 14:09 John15321

NOTE: Changes that took place when working on https://github.com/flatcar/flatcar-linux-infra/issues/306 should be taken into account here

John15321 avatar Oct 02 '25 14:10 John15321