linkerd
/
linkerd2
mirror of https://github.com/linkerd/linkerd2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linkerd2/cni-plugin
History
Gerald Pape 535e533510
Enable readOnlyFileSystem for cni plugin chart (#6469) 
Increase container security by making the root file system of the cni
install plugin read-only.

Change the temporary directory used in the cni install script, add a
writable EmptyDir volume and enable readOnlyFileSystem securityContext
in cni plugin helm chart.

Tested this by building the container image of the cni plugin and
installed the chart onto a cluster. Logs looked the same as before this
change.

Fixes #6468

Signed-off-by: Gerald Pape <gerald@giantswarm.io>
 		2021-07-21 14:45:58 -05:00
..
deployment Enable readOnlyFileSystem for cni plugin chart (#6469) 2021-07-21 14:45:58 -05:00
test fix: issues affecting code quality (#5827) 2021-03-15 17:35:40 -04:00
Dockerfile Update Go to 1.16.4 (#6170) 2021-05-24 11:57:46 -07:00
main.go cni: add ConfigureFirewall error propagation (#5811) 2021-02-24 15:23:03 -05:00