Update Kyverno self-assessment#1486
Conversation
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Update kyverno self assessment
✅ Deploy Preview for tag-security ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
JustinCappos
left a comment
JustinCappos
left a comment
There was a problem hiding this comment.
I think the goals and non-goals could use a little bit of lovin' here, but overall it's in a decent shape for a self assessment.
I do think that the failure modes / activities would need to be clarified in a lot more detail to be ready for a joint assessment. However, this could be merged with just the goals / non-goals changes, if desired.
|  | ||
|
|
||
| ### Webhook | ||
| Kyverno consists of four main controllers that work together to provide comprehensive policy management capabilities. Each controller handles specific aspects of policy processing, from admission control to background operations and cleanup tasks. |
There was a problem hiding this comment.
One of the big things you'd need to do for a joint assessment is to describe how a flaw / breach related to each of the controllers would impact users as a whole.
There was a problem hiding this comment.
Thank you for highlighting that important requirement. We will address the impact analysis for each controller during the joint assessment phase, where we can thoroughly evaluate how potential flaws or breaches would affect users across the system. This will be a key component of our comprehensive security review.
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Signed-off-by: ShutingZhao <shuting@nirmata.com>
Update self-assessment
Update kyverno self assessment
JustinCappos
left a comment
JustinCappos
left a comment
There was a problem hiding this comment.
Okay, thanks. This is in a mergable state now. As noted, there will be a moderate amount of work to get to the state where we could do a joint assessment.
|
FYI: I'm not sure why the link checker is failing. @eddie-knight Otherwise, this is ready to merge. |
Thank you Justin for your review and guidance. We're ready to tackle the work required to prepare for the joint assessment, and are looking forward to working with you on this next phase. |
3 participants
This PR updates the Kyverno self-assessment document with the most current and accurate security information, as of Kyverno v1.15.0 release, to reflect our current security posture and practices.