UNCLASSIFIED - NO CUI

Iron Bank will be replacing the old container signing certificate with the new container signing certificate. No additional action is required. Users can find additional information regarding the certificate rotation and container signature verification here and here.

Currently supported Big Bang Version is 2.36

mr-bot requested to merge update-kyverno-policies-tag-3.0.4-bb.17 into master Jan 04, 2024

Package Merge Request

Package Changes

Fixes a bug where setting serviceAccounts to be mutated and hardened as it pertains to automountServiceAccountToken settings, inadvertently exempted underlying pods from being scrutinized by this policy.
Adds a new mutator that can be used to harden automountServiceAccountToken (set to false) on Pods; to be used in situations where upstream sets the pods to be explicitly TRUE in this regard unnecessarily.

Package MR

big-bang/product/packages/kyverno-policies!121 (merged)

For Issue

Related to https://repo1.dso.mil/big-bang/bigbang/-/issues/1835

Edited Jan 04, 2024 by Dustin Hilgaertner

UNCLASSIFIED - NO CUI