UNCLASSIFIED - NO CUI

Skip to content

kyvernoReporter update to 2.16.0-bb.6

mr-bot requested to merge update-kyverno-reporter-tag-2.16.0-bb.6 into master

Package Merge Request

Package Changes

This package MR includes a default value modification in kyverno-reporter/chart/values.yaml to disable API token auto-mounting for the kyverno-reporter ServiceAccount.

This essentially means that Pods leveraging the kyverno-reporter ServiceAccount, by default, will not have access to their Kubernetes API token (previously mounted at /var/run/secrets/kubernetes.io/serviceaccount/token).

Since this package deals with the Kubernetes API heavily - the kyverno-reporter Pod overrides this behavior at the Pod spec-level here. As such, a Kyverno policy exception will be made for this Pod.

This is in support of epic &146.

Package MR

big-bang/product/packages/kyverno-reporter!42 (merged)

and

big-bang/product/packages/kyverno-reporter!41 (merged) (skip-bb-mr was used for this MR, since it just exposed some necessary values for the next MR)

For Issue

Closes https://repo1.dso.mil/big-bang/product/packages/kyverno-reporter/-/issues/27

Edited by Justen Mehl

Merge request reports