Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

POC to add security context values #75

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Conversation

rpothier
Copy link
Contributor

Desired Outcome

In some Openshift environments the Secrets Provider and application need to run as the same
user ID for the Sentinel files to work correctly.

Implemented Changes

Adding a new sidecar annotation to allow the injector to add the security context,
some questions remain.

  • Should we always write the security context? or only when the annotation is present
  • Should we have a user defined default value, if so does it go in a config map or start up parameter.
  • Should we include other security context values?

Connected Issue/Story

Resolves #[relevant GitHub issue(s), e.g. 76]

CyberArk internal issue link: ONYX-25163

Definition of Done

Changelog

  • The CHANGELOG has been updated, or
  • This PR does not include user-facing changes and doesn't require a
    CHANGELOG update

Test coverage

  • This PR includes new unit and integration tests to go with the code
    changes, or
  • The changes in this PR do not require tests

Documentation

  • Docs (e.g. READMEs) were updated in this PR
  • A follow-up issue to update official docs has been filed here: insert issue ID
  • This PR does not require updating any documentation

Behavior

  • This PR changes product behavior and has been reviewed by a PO, or
  • These changes are part of a larger initiative that will be reviewed later, or
  • No behavior was changed with this PR

Security

  • Security architect has reviewed the changes in this PR,
  • These changes are part of a larger initiative with a separate security review, or
  • There are no security aspects to these changes

@rpothier rpothier force-pushed the add-run-as-user branch 2 times, most recently from 837f192 to 45f9cfc Compare September 30, 2022 20:45
@rpothier rpothier self-assigned this Sep 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant