UNCLASSIFIED - NO CUI

Skip to content

kyvernoPolicies update to 3.0.4-bb.17

mr-bot requested to merge update-kyverno-policies-tag-3.0.4-bb.17 into master

Package Merge Request

Package Changes

  • Fixes a bug where setting serviceAccounts to be mutated and hardened as it pertains to automountServiceAccountToken settings, inadvertently exempted underlying pods from being scrutinized by this policy.
  • Adds a new mutator that can be used to harden automountServiceAccountToken (set to false) on Pods; to be used in situations where upstream sets the pods to be explicitly TRUE in this regard unnecessarily.

Package MR

big-bang/product/packages/kyverno-policies!121 (merged)

For Issue

Related to https://repo1.dso.mil/big-bang/bigbang/-/issues/1835

Edited by Dustin Hilgaertner

Merge request reports

UNCLASSIFIED - NO CUI