UNCLASSIFIED - NO CUI

Skip to content

Add Defender tolerations to init script

Hitesh Sharma requested to merge update-defender-script into main

The Twistlock Defender API does not allow for passing in a list of tolerations to add to the DaemonSet definition. As a result, if the nodes in the cluster have taints set, the Defender DaemonSet will not run on every node. Added TWISTLOCK_DEFENDER_TOLERATIONS env variable to pass to the init scrips, so that the tolerations can be added after retrieving the DaemonSet definition via the Twistlock API.

Related issue: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/twistlock/-/issues/38

Edited by Ryan Salcido

Merge request reports

Loading