-
Task
-
Resolution: Done
-
Medium
-
None
-
None
-
None
The recent scans has flagged all MOD components for running as root. Unless there is external dependency, these container should be switched to non-root user.
Following are reported in Integration team scan (if any other MOD components are also running as root and not reported below, should be switced to non-root also).
POD: onap-dcaemod-distributor-api-5f674f7785-7rxv4 container: dcaemod-distributor-api uid: 0(root) POD: onap-dcaemod-genprocessor-dbf57c64c-8x9wj container: dcaemod-genprocessor-http uid: 0(root) POD: onap-dcaemod-genprocessor-dbf57c64c-8x9wj container: dcaemod-genprocessor uid: 0(root) POD: onap-dcaemod-onboarding-api-7855795f79-ctvc6 container: dcaemod-onboarding-api uid: 0(root) POD: onap-dcaemod-runtime-api-574b99cdc-6bfxq container: dcaemod-runtime-api uid: 0(root)
- relates to
-
DCAEGEN2-1220 SECCOM requirement for having containers run as non-root
- Closed
-
DCAEGEN2-2121 Pods still run as root
- Closed