Uploaded image for project: 'Configuration Persistence Service'
  1. Configuration Persistence Service
  2. CPS-667

onap-cps-temporal-db container launched as root and without resource limits

XMLWordPrintable

      according to Daily CI chain, we moved from 100% to 60% on security due to onap-cps-temporal-db

      this docker is launched as root and without limit in kubernetes, which is not allowed by security rules.

      https://logs.onap.org/onap-integration/daily/onap_daily_pod4_master/2021-09/15_03-34/

      confirmed in DT daily chain https://logs.onap.org/onap-integration/daily/onap-master-daily-dell/2021-09/14_14-33/

      if it is an upstream component, it is possible to contact the seccom to get waiver

      + Seccom zwarico kopasiak Fabian_BZH Pawel_P

      + integration/oom MichalJagielloTMPL sdesbure

            michaljagiellotmpl michaljagiellotmpl
            mrichomme mrichomme
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: