-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix c0074 #613
Conversation
Signed-off-by: kooomix <[email protected]>
Signed-off-by: kooomix <[email protected]>
PR Description updated to latest commit (f5e71ba) |
Summary:
|
PR Review
✨ Review tool usage guide:Overview: The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.
See the review usage page for a comprehensive guide on using this tool. |
PR Code Suggestions
✨ Improve tool usage guide:Overview:
See the improve usage page for a comprehensive guide on using this tool. |
User description
Overview
Type
bug_fix, enhancement
Description
Changes walkthrough
2 files
raw.rego
Enhance Docker Socket Mount Detection and Alerting
rules/containers-mounting-docker-socket/raw.rego
alerts.
remediation.
raw.rego
Enhance Privilege Escalation Prevention and Handle Privileged
Containers
rules/rule-allow-privilege-escalation/raw.rego
privileged container issues.
11 files
expected.json
Update Test Output for CronJob Containerd
rules/containers-mounting-docker-socket/test/cronjob-containerd/expected.json
expected.json
Update Test Output for CronJob Crio
rules/containers-mounting-docker-socket/test/cronjob-crio/expected.json
expected.json
Update Test Output for Generic CronJob
rules/containers-mounting-docker-socket/test/cronjob/expected.json
paths.
expected.json
Update Test Output for Pod Containerd
rules/containers-mounting-docker-socket/test/pod-containerd/expected.json
expected.json
Update Test Output for Pod Crio
rules/containers-mounting-docker-socket/test/pod-crio/expected.json
expected.json
Update Test Output for Generic Pod
rules/containers-mounting-docker-socket/test/pod/expected.json
detection.
expected.json
Update Test Output for Workloads Containerd
rules/containers-mounting-docker-socket/test/workloads-containerd/expected.json
expected.json
Update Test Output for Workloads Crio
rules/containers-mounting-docker-socket/test/workloads-crio/expected.json
expected.json
Update Test Output for Generic Workloads
rules/containers-mounting-docker-socket/test/workloads/expected.json
expected.json
Update Test Output for CronJob with Privilege Escalation Checks
rules/rule-allow-privilege-escalation/test/cronjob/expected.json
expected.json
Update Test Output for Workloads with Enhanced Security Checks
rules/rule-allow-privilege-escalation/test/workloads/expected.json