UNCLASSIFIED - NO CUI

Skip to content

confidential issue 28 changes

Sean Thomas requested to merge confidential-issue-28 into main

General MR

Summary

For packages that violate require-drop-all-capabilities, add drop all in the container securityContext for containers in the package's podSpec.

capabilities:
  drop:
    - ALL

Kyverno Policies enforced

image

Dependency on this MR, minio requires enforce to be set in the Kyverno Policies

big-bang/bigbang!3964 (diffs)

Relevant logs/screenshots

No errors found:

image

Here are the events after deletes minio and minio-operator logs, looks like normal behavior:

image

Linked Issue

issue

Upgrade Notices

N/A

Edited by Cody Williams

Merge request reports

UNCLASSIFIED - NO CUI