Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Clarify init container use case for security #17404

Merged
merged 1 commit into from
Nov 7, 2019
Merged

Clarify init container use case for security #17404

merged 1 commit into from
Nov 7, 2019

Conversation

christophercarney
Copy link
Contributor

@christophercarney christophercarney commented Nov 4, 2019
edited
Loading

Fixes #16686

Reasoning: This bullet point has lead to some confusion about how exactly it increases security. I believe it makes more sense to put it at the end of the bullet points list to introduce all concepts first, this makes it a little easier to follow. Second, clarify that running tools in your init containers reduces the attack surface of your application, introducing the clarity of why it makes your app more secure.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. language/en Issues or PRs related to English language sig/docs Categorizes an issue or PR as relevant to SIG Docs. labels Nov 4, 2019
@netlify
Copy link

netlify bot commented Nov 4, 2019

Deploy preview for kubernetes-io-master-staging ready!

Built with commit 66f3873

https://deploy-preview-17404--kubernetes-io-master-staging.netlify.com

@makoscafee
Copy link
Contributor

makoscafee commented Nov 4, 2019
edited
Loading

/assign @sftim

sftim
sftim approved these changes Nov 6, 2019
View reviewed changes
Copy link
Contributor

@sftim sftim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 6, 2019
@christophercarney
Copy link
Contributor Author

/assign @cody-clark

@tengqm
Copy link
Contributor

tengqm commented Nov 7, 2019

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tengqm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Nov 7, 2019
@k8s-ci-robot k8s-ci-robot merged commit c247cda into kubernetes:master Nov 7, 2019
@christophercarney christophercarney deleted the patch-2 branch November 7, 2019 15:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sftim sftim sftim approved these changes

@Rajakavitha1 Rajakavitha1 Awaiting requested review from Rajakavitha1

Assignees

@sftim sftim

@cody-clark cody-clark

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. language/en Issues or PRs related to English language lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/docs Categorizes an issue or PR as relevant to SIG Docs. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Init container use case document clarification
6 participants
@christophercarney @makoscafee @tengqm @k8s-ci-robot @sftim @cody-clark