-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add more delete / review paths #509
Conversation
Signed-off-by: YiscahLevySilas1 <[email protected]>
PR Analysis
PR Feedback
How to use
|
Summary:
|
Signed-off-by: YiscahLevySilas1 <[email protected]>
Signed-off-by: YiscahLevySilas1 <[email protected]>
Summary:
|
PR Type:
Enhancement
PR Description:
This pull request introduces enhancements to various security rules by adding 'reviewPaths' and 'deletePaths'. These paths provide additional information about the location of potential security issues within the codebase, aiding in their review and potential deletion.
PR Main Files Walkthrough:
files:
rules/CVE-2022-0492/raw.rego
: Added 'reviewPaths' and 'deletePaths' to the deny rules related to the CVE-2022-0492 vulnerability.rules/drop-capability-netraw/raw.rego
: Added 'deletePaths' to the deny rules related to the 'drop-capability-netraw' security rule.rules/exposed-sensitive-interfaces/raw.rego
: Added 'reviewPaths' to the deny rules related to the 'exposed-sensitive-interfaces' security rule.rules/etcd-unique-ca/raw.rego
: Added 'reviewPaths' to the deny rules related to the 'etcd-unique-ca' security rule.rules/ensure-default-service-accounts-has-only-default-roles/raw.rego
: Added 'deletePaths' to the deny rules related to the 'ensure-default-service-accounts-has-only-default-roles' security rule.rules/ensure-that-the-api-server-secure-port-argument-is-not-set-to-0/raw.rego
: Added 'reviewPaths' to the deny rules related to the 'ensure-that-the-api-server-secure-port-argument-is-not-set-to-0' security rule.rules/ensure-that-the-admission-control-plugin-SecurityContextDeny-is-set-if-PodSecurityPolicy-is-not-used/raw.rego
: Added 'reviewPaths' to the deny rules related to the 'ensure-that-the-admission-control-plugin-SecurityContextDeny-is-set-if-PodSecurityPolicy-is-not-used' security rule.rules/CVE-2021-25742/raw.rego
: Added 'reviewPaths' to the deny rules related to the CVE-2021-25742 vulnerability.rules/ensure-that-the-controller-manager-root-ca-file-argument-is-set-as-appropriate/raw.rego
: Added 'reviewPaths' to the deny rules related to the 'ensure-that-the-controller-manager-root-ca-file-argument-is-set-as-appropriate' security rule.rules/ensure-that-the-admission-control-plugin-EventRateLimit-is-set/raw.rego
: Added 'reviewPaths' to the deny rules related to the 'ensure-that-the-admission-control-plugin-EventRateLimit-is-set' security rule.User Description:
Overview