Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Chart] Container security context is not defined #27612

Closed
1 of 2 tasks
NipunaPrashan opened this issue Nov 11, 2022 · 4 comments · Fixed by #31043
Closed
1 of 2 tasks

[Chart] Container security context is not defined #27612

NipunaPrashan opened this issue Nov 11, 2022 · 4 comments · Fixed by #31043
Labels
area:helm-chart Airflow Helm Chart kind:feature Feature Requests

Comments

@NipunaPrashan
Copy link

Apache Airflow version

main (development)

What happened

Container security context is not defined to change through values yaml. This is a security issue for containers.

https://github.com/apache/airflow/blob/main/chart/templates/triggerer/triggerer-deployment.yaml

What you think should happen instead

Include securitContext block under containers section and allow to change from values yaml.

How to reproduce

Run azure security compliance checks to identify the issues with the containers.
Kubernetes clusters should not allow container privilege escalation

Operating System

N/A

Versions of Apache Airflow Providers

No response

Deployment

Official Apache Airflow Helm Chart

Deployment details

No response

Anything else

No response

Are you willing to submit PR?

  • Yes I am willing to submit a PR!

Code of Conduct
@NipunaPrashan NipunaPrashan added area:core kind:bug This is a clearly a bug labels Nov 11, 2022
@boring-cyborg
Copy link

boring-cyborg bot commented Nov 11, 2022

Thanks for opening your first issue here! Be sure to follow the issue template!

@jedcunningham jedcunningham mentioned this issue Nov 11, 2022
Closed
@jedcunningham
Copy link
Member

This is coming (soon!) in #24588.

@jedcunningham jedcunningham added kind:feature Feature Requests area:helm-chart Airflow Helm Chart and removed kind:bug This is a clearly a bug area:core labels Nov 11, 2022
@potiuk potiuk added duplicate Issue that is duplicated and removed duplicate Issue that is duplicated labels Nov 16, 2022
@mikaeld
Copy link
Contributor

mikaeld commented Mar 30, 2023
edited
Loading

Hey @jedcunningham ! Any news on getting #24588 in 1.9.0? I was about to start implementing this exact feature when I found this PR.

@potiuk
Copy link
Member

potiuk commented Apr 14, 2023

@mikaeld - if you want #24588 to be merged, make sure it passes the tests first - author can do it if pinged, or you can take over. Passing tests is the prerequisite we look at it.

@mikaeld mikaeld mentioned this issue May 3, 2023
Merged
@jedcunningham jedcunningham mentioned this issue Jun 23, 2023
Closed
15 tasks
@rzjfr rzjfr mentioned this issue Jul 6, 2023
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area:helm-chart Airflow Helm Chart kind:feature Feature Requests
Projects
None yet
Milestone
No milestone
4 participants
@potiuk @mikaeld @NipunaPrashan @jedcunningham