Skip to content

Initial phase 1-3 of a per-node Kata config delivery#78

Merged
ebourgeois merged 1 commit into
mainfrom
kata-config
Jun 10, 2026
Merged

Initial phase 1-3 of a per-node Kata config delivery#78
ebourgeois merged 1 commit into
mainfrom
kata-config

Initial phase 1-3 of a per-node Kata config delivery

8d5caaa
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / Semgrep OSS succeeded Jun 10, 2026 in 3s

1 new alert

New alerts in code changed by this pull request

  • 1 note

See annotations below for details.

View all branch alerts.

Annotations

Check notice on line 59 in deploy/kata-config-agent/daemonset.yaml

See this annotation in the file changed.

Code scanning / Semgrep OSS

Semgrep Finding: yaml.kubernetes.security.run-as-non-root-unsafe-value.run-as-non-root-unsafe-value Note

When running containers in Kubernetes, it's important to ensure that they are properly secured to prevent privilege escalation attacks. One potential vulnerability is when a container is allowed to run applications as the root user, which could allow an attacker to gain access to sensitive resources. To mitigate this risk, it's recommended to add a securityContext to the container, with the parameter runAsNonRoot set to true. This will ensure that the container runs as a non-root user, limiting the damage that could be caused by any potential attacks. By adding a securityContext to the container in your Kubernetes pod, you can help to ensure that your containerized applications are more secure and less vulnerable to privilege escalation attacks.