UNCLASSIFIED - NO CUI

Snippets Groups Projects

Attention Iron Bank Customers: On March 27, 2025, we are moving SBOM artifacts from the Anchore Scan job to the Build job to streamline the container hardening pipeline. If you currently download SBOMs from the Anchore Scan job, you can still get them from the Build job and from other sources, including IBFE and image attestations.

Merged Chris Harden requested to merge automount-sa-wildcard-istio into master 1 year ago

Package Merge Request

Package Changes

Omits the serviceAccounts list in Istio automountServiceAccountToken hardening, allowing the mutator to target all SAs via wildcard. This is more robust and better accommodates upstream changes over time.

At the moment, however, this is a simple refactor and there is no change to the original hardening.

Package MR

(Link to Package MR here)

For Issue

Closes https://repo1.dso.mil/big-bang/bigbang/-/issues/1899

Upgrade Notices

N/A

Edited 1 year ago by Chris Harden

Activity

Chris Harden added istio kindenhancement priority7 statusdoing labels 1 year ago

added istio kindenhancement priority7 statusdoing labels
Chris Harden assigned to @charden 1 year ago

assigned to @charden
Chris Harden changed the description 1 year ago

changed the description
Chris Harden marked this merge request as ready 1 year ago

marked this merge request as ready
Chris Harden removed statusdoing label 1 year ago

removed statusdoing label
Chris Harden added statusreview label 1 year ago

added statusreview label
bigbang bot requested review from @chris.oconnell, @ryan.thompson.44, @ryan.j.garcia, and @michaelmartin 1 year ago

requested review from @chris.oconnell, @ryan.thompson.44, @ryan.j.garcia, and @michaelmartin
bigbang bot @bb8-bot · 1 year ago

Developer

@andrewshoell : You have been tagged in this merge request for the purpose of conducting secondary review.
Michael Martin approved this merge request 1 year ago

approved this merge request
Michael Martin merged 1 year ago

merged
Michael Martin mentioned in commit 4f12886d 1 year ago

mentioned in commit 4f12886d

Please register or sign in to reply

UNCLASSIFIED - NO CUI