mr-bot requested to merge update-cluster-auditor-tag-1.5.0-bb.10 into master Nov 03, 2023

Package Merge Request

Package Changes

The package MR includes template modifications to disable API token auto-mounting for the opa-exporter ServiceAccount.

This essentially means that Pods leveraging the opa-exporter ServiceAccount, by default, will not have access to their Kubernetes API token (previously mounted at /var/run/secrets/kubernetes.io/serviceaccount/token).

Since this package deals with the Kubernetes API heavily - the cluster-auditor Pod will override this behavior at the Pod spec-level here. As such, a Kyverno policy exception will be made for this Pod.

Testing has shown no loss of functionality - pipelines have passed, and a Package codeowner has approved the change.

This is in support of epic &146.

Package MR

big-bang/product/packages/cluster-auditor!115 (merged)

For Issue

Closes https://repo1.dso.mil/big-bang/product/packages/cluster-auditor/-/issues/79

Edited Nov 06, 2023 by Justen Mehl

Admin message

clusterAuditor update to 1.5.0-bb.10

Package Merge Request

Package Changes

Package MR

For Issue

Merge request reports