mondoo-operator
mondoo-operator copied to clipboard
mondoohq
☸️ Mondoo Client Kubernetes Operator
Added a step to install protoc before building the binaries for the operator
Currently, if a PR is opened from a fork the integration tests are skipped. They can be triggered by labeling the PR. This works correctly, however, it also means we...
**Is your feature request related to a problem? Please describe.** Currently, we only have set `privileged` implicitly to `false` by not specifying it: ``` securityContext: allowPrivilegeEscalation: false capabilities: drop: -...
The cloud integration tests have been failing for a while now. We should investigate the root cause and fix them https://github.com/mondoohq/mondoo-operator/actions/runs/3406390108/jobs/5665044460
When we implemented the more complicated Mondoo use-cases at a point we copied the inventory definition to this repo (see [here](https://github.com/mondoohq/mondoo-operator/blob/main/pkg/inventory/inventory.go)). This is now part of the open-sourced cnquery. We...
**Is your feature request related to a problem? Please describe.** - **Describe the solution you'd like** We should give server side apply (SSA) a try for our operator. From what...
**Is your feature request related to a problem? Please describe.** We currently only set memory and CPU, but we are using also `ephemeral-storage` for the Scan API and the nodes...
**Is your feature request related to a problem? Please describe.** - **Describe the solution you'd like** Currently the flag `--score-threshold` is hardcoded: https://github.com/mondoohq/mondoo-operator/blob/ef083785aea4fffebeaa3b9bdf904c332dc55d70/controllers/nodes/resources.go#L67 We might need this configurable. We might...
Today the individual k8s nodes are scanned/reported as regular machine/instance/vm assets (nothing wrong with that), but there no link to clearly be able to filter/associate each k8s node with the...
Regardless of what the value of the `--timeout` parameter is for the GC command it would always fail at 30sec. This timeout is coming from inside the scan API. I...