clusterAuditor update to 1.5.0-bb.10
Package Merge Request
Package Changes
The package MR includes template modifications to disable API token auto-mounting for the opa-exporter ServiceAccount.
This essentially means that Pods leveraging the opa-exporter ServiceAccount, by default, will not have access to their Kubernetes API token (previously mounted at /var/run/secrets/kubernetes.io/serviceaccount/token).
Since this package deals with the Kubernetes API heavily - the cluster-auditor Pod will override this behavior at the Pod spec-level here. As such, a Kyverno policy exception will be made for this Pod.
Testing has shown no loss of functionality - pipelines have passed, and a Package codeowner has approved the change.
This is in support of epic &146.
Package MR
big-bang/product/packages/cluster-auditor!115 (merged)
For Issue
Closes https://repo1.dso.mil/big-bang/product/packages/cluster-auditor/-/issues/79
Merge request reports
Activity
- A deleted user
added botmr clusterAuditor statusreview labels
assigned to @justen.mehl
added 9 commits
-
6169e2c4...5b51a841 - 8 commits from branch
master - 15c5c7e3 - Updated clusterAuditor git tag
-
6169e2c4...5b51a841 - 8 commits from branch
requested review from @ryan.j.garcia, @chris.oconnell, and @michaelmartin
requested review from @ryan.thompson.44
@andrewshoell @rgsjustins : You have been tagged in this merge request for the purpose of conducting secondary review.
added 3 commits
-
15c5c7e3...ef538915 - 2 commits from branch
master - 48d70ddc - Updated clusterAuditor git tag
-
15c5c7e3...ef538915 - 2 commits from branch
added 3 commits
-
48d70ddc...9d1fad78 - 2 commits from branch
master - b392a261 - Updated clusterAuditor git tag
-
48d70ddc...9d1fad78 - 2 commits from branch
changed milestone to %2.15.0
mentioned in commit dcbcc087