Jaeger run as non root user/group (!53) · Merge requests · Big Bang / Universe / Product / Jaeger · GitLab

UNCLASSIFIED - NO CUI

Snippets Groups Projects

Currently supported Big Bang Version is 2.49

Attention Iron Bank Customers: On March 27, 2025, we are moving SBOM artifacts from the Anchore Scan job to the Build job to streamline the container hardening pipeline. If you currently download SBOMs from the Anchore Scan job, you can still get them from the Build job and from other sources, including IBFE and image attestations.

Project 'platform-one/big-bang/apps/core/jaeger' was moved to 'big-bang/product/packages/jaeger'. Please update any links and bookmarks that may still have the old path.

Merged Micah Nagel requested to merge run-non-root into main 2 years ago

Adds securityContext for all pods to ensure they run as a non-root user/group. No violations showing for Kyverno after these changes.

Note for testing: I had to deploy with Istio disabled so that the sidecar's violations would not show up.

For https://repo1.dso.mil/platform-one/big-bang/apps/core/jaeger/-/issues/28

Edited 2 years ago by Micah Nagel

Activity

Micah Nagel assigned to @micah.nagel 2 years ago

assigned to @micah.nagel
Micah Nagel changed the description 2 years ago

changed the description
Micah Nagel changed the description 2 years ago

changed the description
Micah Nagel marked this merge request as ready 2 years ago

marked this merge request as ready
Micah Nagel added statusreview label 2 years ago

added statusreview label
Micah Nagel added 3 commits 2 years ago
added 3 commits

c3fe53ba...999935a6 - 2 commits from branch main

d31aeded - rebase

Compare with previous version
Ryan Garcia approved this merge request 2 years ago

approved this merge request
Ryan Garcia mentioned in commit 399d21a0 2 years ago

mentioned in commit 399d21a0
Ryan Garcia merged 2 years ago

merged

Please register or sign in to reply

UNCLASSIFIED - NO CUI