Ramakant Sharma
Ramakant Sharma
## Feature Request **Short Description** Add Support to the KubeArmorConfig to pass all the command line configurations supported by the kubearmor. KubeArmorConfig already support some of the configurations i.e. defaultPosture,...
## Bug Report **General Information** - Environment description (OpenShift) - Kernel version (run `uname -a`) : Linux ip-10-0-237-48 5.14.0-284.41.1.el9_2.x86_64 SMP PREEMPT_DYNAMIC Thu Nov 9 13:57:27 EST 2023 x86_64 x86_64 x86_64...
## Feature Request **Short Description** KubeArmor Controller make use of kernel security path `/sys/kernel/security/lsm` to detect the enforcer and this dependency can be removed safely now with KubeArmor Operator, as...
currently there's only yaml manifest is available to deploy the DiscoveredPolicy (dsp) controller and CRD itself. we need to update helm charts to include dsp controller deployment.
```yaml - apiGroups: ["*"] resources: ["pods", "services", "deployments", "endpoints", "namespaces", "nodes","replicasets", "statefulsets", "daemonsets", "secrets"] verbs: ["get", "list", "watch","create", "update", "delete"] ``` analyze and use only required permissions for each resource...
**Purpose of PR?**: this PR adds multi-enforcer controller that handles the pod annotation based on the enforcer that scheduled node is configured with. Fixes # **Does this PR introduce a...
## Refactor KubeArmor Operator - refactor kubearmorConfig keep it close to k8s manifest spec Current: ``` kubearmorImage: image: imagePullPolicy ... ``` Proposed: ``` kubearmor: image: args: kubearmorRelay: image: args: kubearmorController:...
## Bug Report **General Information** - Environment description (GKE, VM-Kubeadm, vagrant-dev-env, minikube, microk8s, ...) ``` digitalocean managed cluster (reproducible on k3s as well) ``` - Kernel version (run `uname -a`)...
## Bug Report **General Information** - Environment description (GKE, VM-Kubeadm, vagrant-dev-env, minikube, microk8s, ...) - Kernel version (run `uname -a`): `CentOS Linux 8, 4.18.0-348.7.1.el8_5.x86_64 amd64` - Orchestration system version in...
## Feature Request Currently, KubeArmor daemonset runs inside a container (with alpine base image) as the root user. To enhance the security and maintain best practices, we need to modify...