Rory McCune
Rory McCune
inputrc is not installing with the playbook, need to fix that.
For openshift clusters, we should have the `oc` client tool. Download for v3 is https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz
edit by neolit123 ### tasks for 1.29 - [x] k/e tracking issue and KEP: https://github.com/kubernetes/enhancements/issues/4214 https://github.com/kubernetes/enhancements/pull/4218 https://github.com/kubernetes/enhancements/pull/4302 - [x] k/k changes: https://github.com/kubernetes/kubernetes/pull/121305 https://github.com/kubernetes/kubernetes/pull/121609 https://github.com/kubernetes/kubernetes/pull/121648 https://github.com/kubernetes/kubernetes/pull/121674 https://github.com/kubernetes/kubernetes/pull/121743 https://github.com/kubernetes/kubernetes/pull/121837 https://github.com/kubernetes/kubernetes/pull/121841 - [x]...
## What would you like to be added In default kubeadm clusters (and probably others) there is a default namespace created called `kube-public` which is intended for public information. There...
Description: As there have beena set of container breakout vulnerbiities in 2022, in a variety of parts of the stack, it's attracting more attention to this part of cloud native...
### What does this PR do? Adds a new Attack technique which creates and approves a Kubernetes Client Certificate with a username of `system:kube-controller-manager` which is a standard high-privileged user...
**What happened**: I have some images based on KinD node images, where I add python3 (to ease use in ansible playbooks). My standad workflow is to start an image with...
At the moment I don't think the PoC tests for the presence of Aggregated APIs, which could lead to it indicating that a cluster is more exposed than it is....
Kubernetes current default is to not set a seccomp profile on containers. At the moment [KSV030](https://github.com/aquasecurity/appshield/blob/master/kubernetes/policies/pss/restricted/5_runtime_default_seccomp_profile_not_set.rego) appears to only trigger when a seccomp policy or annotation is set which is...
At the moment the [seccomp policy](https://github.com/aquasecurity/appshield/blob/master/kubernetes/policies/general/seccomp_disabled.rego) uses the annotation based format to check whether a seccomp policy has been specified. As of Kubernetes 1.19, seccomp graduated to GA and the...