UNCLASSIFIED - NO CUI

Skip to content

Draft: Refactor automountServiceAccountToken hardening for consistency

Justen Mehl requested to merge 1860-refactor-old-hardening into master

General MR

Summary

tempo, kyverno-reporter, sonarqube, metrics-server, and cluster-auditor all were previously hardened to remove automountServiceAccountToken findings before our mutator existed.

To keep hardening methodology consistent across all packages, hardening of those packages has been added to this MR via the mutator.

This is a simple refactor and there is no functional change to the original hardening of these packages.

Relevant logs/screenshots

N/A

Linked Issue

https://repo1.dso.mil/big-bang/bigbang/-/issues/1860

Upgrade Notices

N/A

Edited by Justen Mehl

Merge request reports