security-profiles-operator

security-profiles-operator copied to clipboard

#2857: Add Request UID to JSON log enricher to correlate container and API Server Audit log

8

#### What type of PR is this? /kind feature #### What this PR does / why we need it: This PR addresses an issue with JSON Log Enricher: the inability...

ngopalak-redhat

Add or document globing in AppArmorProfile spec

2

#### What would you like to be added: Various globs are available in an AppArmor profile, such as path*, /**/path, and /base/{path1,path2}. If this is also supported by the AppArmorProfile...

Edan-Hamilton

Add end user information to In-Pod Activity logs

5

#### What would you like to be added: Now that we've added the [In-Pod Activity log recorder](https://github.com/kubernetes-sigs/security-profiles-operator/issues/2817), we need to figure out which end user is performing actions in the...

ngopalak-redhat

install can not ready

3

I have installed metrics server,but still can not ready #### What happened: ``` I0526 06:49:09.102192 120964 main.go:333] "Starting profiling server" endpoint=":6062" I0526 06:49:09.102238 120964 bpfrecorder.go:149] "Setting up caches with expiry...

13567436138

Remove support for Flatcar Linux and E2E tests to increase CI stability

2

#### What happened: We should remove the E2E tests for Flatcar Linux from CI in order to improve the stability and to reduce the maintenance effort. It's not clear if...

ccojocar

Should we remove BTFHub support?

1

I discovered today that the BTF information in [bpfrecorder/generated.go](https://github.com/kubernetes-sigs/security-profiles-operator/blob/f8916fb3d6d726c241318a024489cf96023149cf/internal/pkg/daemon/bpfrecorder/generated.go#L30) should be updated after ~ every change to the BPF information. This clearly hasn't happend (last update is from 2022), and...

mhils

Add AppArmorProfile to security-profiles-operator role

7

#### What type of PR is this? /kind bug #### What this PR does / why we need it: Fixes a bug where the operator is unable to list AppArmorProfiles....

Edan-Hamilton

Add extra field to Abstract AppArmorProfile spec

9

#### What type of PR is this? /kind api-change #### What this PR does / why we need it: Adds an "extra" field to the Abstract spec, which allows including...

Edan-Hamilton

Fix failed to read configmap when deployed using helm chart

11

``` E0511 13:04:55.948743 1 main.go:277] "running security-profiles-operator" err="enable controllers: setup spod-config controller: get tunables: could not determine selinuxd image: configmaps \"security-profiles-operator-profile\" is forbidden: User \"system:serviceaccount:security-profiles-operator:security-profiles-operator\" cannot get resource \"configmaps\" in...

Rash419

Add ptrace to AppArmorProfile spec

1

#### What would you like to be added: Add the ability to limit ptrace via AppArmorProfile. Allow restricting ptrace peer. I can't think of much of a usecase for the...

Edan-Hamilton