kubernetes/sig-security issues and pull requests

#125 - [Housekeeping] PR cailynse into k/k and k/website OWNERS_ALIASES files

Issue - State: open - Opened by tabbysable 2 months ago

#124 - Add Cailyn to the readme

Pull Request - State: open - Opened by tabbysable 2 months ago - 2 comments
Labels: size/XS, approved, cncf-cla: yes

#123 - Add Cailyn Edwards for chair onboarding

Pull Request - State: closed - Opened by tabbysable 2 months ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#122 - update info on SIG Security README

Pull Request - State: closed - Opened by IanColdwater 2 months ago - 1 comment
Labels: size/XS, approved, cncf-cla: yes

#121 - Security recommendation/hardening guide for applications that use Kubernetes client

Issue - State: open - Opened by AnshumanTripathi 4 months ago - 1 comment

#120 - Housekeeping: archive old meeting notes into git

Issue - State: open - Opened by tabbysable 5 months ago - 11 comments
Labels: good first issue, help wanted, sig/security

#119 - Add github issue template for audit roadmap request

Pull Request - State: closed - Opened by reylejano 5 months ago - 3 comments
Labels: size/M, approved, lgtm, cncf-cla: yes

#118 - tooling: add tetragon learning session recording link

Pull Request - State: closed - Opened by mtardy 5 months ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#117 - Handle multiple CVEs per issue in official CVE feed

Pull Request - State: closed - Opened by robert-cronin 5 months ago - 7 comments
Labels: approved, lgtm, size/S, cncf-cla: yes

#116 - [govulncheck] Generate VEX documents from `govulncheck` output

Issue - State: open - Opened by PushkarJ 5 months ago - 7 comments
Labels: kind/feature, sig/release, sig/security, area/dependency, sig/docs, sig/architecture

#115 - Include CVE status in JSON feed

Pull Request - State: closed - Opened by jbiers 5 months ago - 2 comments
Labels: approved, lgtm, size/S, cncf-cla: yes

#114 - Update audit roadmap with topics suggested from KubeCon EU 2024

Pull Request - State: closed - Opened by reylejano 7 months ago - 2 comments
Labels: approved, lgtm, size/S, cncf-cla: yes

#113 - [WIP] Update README for external audit

Pull Request - State: open - Opened by reylejano 9 months ago - 4 comments
Labels: size/M, approved, lgtm, do-not-merge/work-in-progress, cncf-cla: yes

#112 - [Draft] POC of CVE publication auto-generated artifacts

Pull Request - State: open - Opened by PushkarJ 9 months ago - 5 comments
Labels: approved, do-not-merge/work-in-progress, size/L, lifecycle/stale, cncf-cla: yes

#111 - Security Checklist for Applications from a developer perespective

Issue - State: open - Opened by savitharaghunathan 10 months ago - 4 comments
Labels: lifecycle/stale

#110 - Add ericsmalling as reviewer for tooling sub-project

Pull Request - State: closed - Opened by ericsmalling 11 months ago - 2 comments
Labels: approved, lgtm, size/S, cncf-cla: yes

#109 - Add Eric Smalling as "Reviewer" for vuln-mgmt sub-directory

Issue - State: closed - Opened by PushkarJ 12 months ago - 2 comments

#108 - Fixed link to Recipe Book

Pull Request - State: closed - Opened by Alestrix about 1 year ago - 4 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#107 - Update self-assessment.md

Pull Request - State: closed - Opened by aladewberry about 1 year ago - 5 comments
Labels: size/XS, approved, lifecycle/rotten, cncf-cla: yes

#106 - Remove the must be closed requirement in CVE feed

Pull Request - State: closed - Opened by enj about 1 year ago - 3 comments
Labels: size/XS, approved, lgtm, sig/security, cncf-cla: yes

#105 - Add Windows as focus Area

Pull Request - State: closed - Opened by jsturtevant about 1 year ago - 3 comments
Labels: size/XS, approved, lgtm, sig/windows, cncf-cla: yes

#104 - Kubernetes Third-Party Security Audit for 2024 (tracking issue)

Issue - State: closed - Opened by reylejano about 1 year ago - 8 comments
Labels: sig/security, lifecycle/rotten

#103 - add PDF for Kubernetes Policy GRC paper

Pull Request - State: closed - Opened by JimBugwadia about 1 year ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#102 - Added Monokle to Policy Engines tooling

Pull Request - State: closed - Opened by olensmar about 1 year ago - 9 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#101 - Add govulncheck script to expose go vulnerabilities in a PR

Pull Request - State: closed - Opened by ArkaSaha30 about 1 year ago - 5 comments
Labels: size/S, cncf-cla: yes

#100 - [govulncheck] Periodic Prow Job for `govulncheck`

Issue - State: closed - Opened by PushkarJ about 1 year ago - 12 comments
Labels: sig/release, sig/security, area/dependency, sig/architecture

#99 - [govulncheck] Pre-submit Prow Job for `govulncheck`

Issue - State: closed - Opened by PushkarJ about 1 year ago - 2 comments
Labels: sig/security, area/dependency, sig/architecture

#98 - Publish CVE issue status in JSON CVE feed

Issue - State: closed - Opened by sftim over 1 year ago - 14 comments

#97 - Include open issues in official CVE feed

Issue - State: closed - Opened by sftim over 1 year ago - 4 comments

#96 - Link not working - Under contact section in README.md

Issue - State: closed - Opened by aadarsh-nagrath over 1 year ago - 3 comments
Labels: lifecycle/stale

#95 - Scan `kubernetes/kubernetes` with `govulncheck`

Issue - State: open - Opened by PushkarJ over 1 year ago - 6 comments
Labels: committee/security-response, sig/release, sig/security, lifecycle/stale, sig/architecture

#94 - Policy-based governance, risk, and compliance paper

Pull Request - State: closed - Opened by JimBugwadia over 1 year ago - 6 comments
Labels: approved, lgtm, size/L, cncf-cla: yes

#93 - Kubernetes Policy-Based Governance, Risk, and Compliance paper

Issue - State: closed - Opened by JimBugwadia over 1 year ago - 3 comments

#92 - Update RSS feed title

Pull Request - State: closed - Opened by bartier over 1 year ago - 4 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#91 - REQUEST: Request a Learning session on bpfd

Issue - State: closed - Opened by anfredette over 1 year ago - 10 comments
Labels: sig/security, lifecycle/stale

#90 - REQUEST: Request a Learning session for Tetragon

Issue - State: closed - Opened by mtardy over 1 year ago - 19 comments
Labels: sig/security, lifecycle/rotten

#89 - Add link to Copacetic presentation

Pull Request - State: closed - Opened by tabbysable over 1 year ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#88 - Add Copacetic recording

Pull Request - State: closed - Opened by tabbysable over 1 year ago - 3 comments
Labels: size/XS, approved, cncf-cla: no

#87 - Add v1.24 external security audit

Pull Request - State: closed - Opened by reylejano over 1 year ago - 3 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#86 - Update tooling subproject learning session list

Pull Request - State: closed - Opened by mtardy over 1 year ago - 2 comments
Labels: approved, lgtm, size/S, cncf-cla: yes

#85 - Bug: Unbound variable in vulnerability scanning script

Issue - State: closed - Opened by PushkarJ over 1 year ago - 7 comments
Labels: kind/bug, help wanted, sig/testing, sig/security, sig/k8s-infra

#84 - Updating Learning Sessions Markdown

Pull Request - State: closed - Opened by dataplex over 1 year ago - 4 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#83 - CVE feed: Add a link to the testgrid.k8s.io prow job as metadata

Pull Request - State: closed - Opened by mtardy over 1 year ago - 1 comment
Labels: size/XS, approved, lgtm, cncf-cla: yes

#82 - Update self-assessment.md

Pull Request - State: closed - Opened by aladewberry over 1 year ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#81 - Create vSphere CSI Driver Skeleton doc & folder for self assessment effort

Pull Request - State: closed - Opened by aladewberry over 1 year ago - 2 comments
Labels: approved, lgtm, size/L, cncf-cla: yes

#80 - Fix a naming issue in CVE feed script

Pull Request - State: closed - Opened by mtardy over 1 year ago - 4 comments
Labels: approved, lgtm, priority/critical-urgent, size/S, cncf-cla: yes

#79 - REQUEST: Request a Learning session for Copa

Issue - State: closed - Opened by salaxander almost 2 years ago - 7 comments
Labels: sig/security

#78 - Add Self-assessment Docs

Pull Request - State: closed - Opened by cailynse almost 2 years ago - 5 comments
Labels: size/M, approved, lgtm, cncf-cla: yes

#77 - Support RSS feeds by generating data in Atom format

Issue - State: closed - Opened by PushkarJ almost 2 years ago - 4 comments
Labels: sig/security, triage/accepted, sig/docs

#76 - Fix CVE feed: comply with the JSON feed specifications and add the full JSON feed object in the script output to add `last_updated` root fields

Pull Request - State: closed - Opened by mtardy almost 2 years ago - 11 comments
Labels: size/M, approved, lgtm, cncf-cla: yes

#76 - Fix CVE feed: comply with the JSON feed specifications and add the full JSON feed object in the script output to add `last_updated` root fields

Pull Request - State: closed - Opened by mtardy almost 2 years ago - 11 comments
Labels: size/M, approved, lgtm, cncf-cla: yes

#75 - Fix CVE feed: comply with the JSON feed specifications

Pull Request - State: closed - Opened by mtardy almost 2 years ago - 10 comments
Labels: size/M, do-not-merge/hold, cncf-cla: yes

#74 - DISCUSSION: How can we improve the new contributor experience?

Issue - State: closed - Opened by cailynse almost 2 years ago - 6 comments
Labels: lifecycle/rotten

#73 - CVE Feed: Sort Markdown Table from most recent to least recently announced CVE

Issue - State: closed - Opened by PushkarJ about 2 years ago - 5 comments

#72 - CVE Feed: Add `lastUpdatedAt` as a metadata field

Issue - State: closed - Opened by PushkarJ about 2 years ago - 4 comments
Labels: kind/feature, sig/security, triage/accepted, sig/docs

#71 - CVE Feed: Add Prow job link as a metadata field

Issue - State: closed - Opened by PushkarJ about 2 years ago - 6 comments
Labels: kind/feature, sig/security, triage/accepted, sig/docs

#70 - added recipe book

Pull Request - State: closed - Opened by aladewberry about 2 years ago - 14 comments
Labels: approved, size/S, cncf-cla: no, lifecycle/rotten

#69 - Public Community CTF at CNCF/Kube CON EU 2023 AMSTERDAM

Issue - State: closed - Opened by p4ck3t0 about 2 years ago - 4 comments
Labels: lifecycle/rotten

#68 - Update the CVE feed URL datasource

Pull Request - State: closed - Opened by s4rd1nh4 about 2 years ago - 4 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#67 - CVE Feed: Consider to use other datasource for CVEs

Issue - State: closed - Opened by s4rd1nh4 about 2 years ago
Labels: sig/security, area/security-assessment

#66 - Improve the CVE feed python script HTTP request

Pull Request - State: closed - Opened by mtardy about 2 years ago - 9 comments
Labels: approved, lgtm, tide/merge-method-squash, size/S, cncf-cla: yes

#65 - Increase default no. of results for Github Search API

Pull Request - State: closed - Opened by PushkarJ about 2 years ago - 3 comments
Labels: kind/bug, size/XS, approved, lgtm, cncf-cla: yes

#64 - REQUEST: Request a Learning session - Security-Guard

Issue - State: closed - Opened by davidhadas about 2 years ago - 10 comments
Labels: sig/security, lifecycle/rotten

#63 - CVE Feed: Include a timestamp field for each CVE indicating when it was last updated

Issue - State: closed - Opened by Dentrax about 2 years ago - 13 comments
Labels: kind/feature, needs-triage, sig/security, triage/accepted

#62 - SIG-Security-Docs idea - Risks of hostPath volumes

Issue - State: closed - Opened by raesene about 2 years ago - 13 comments
Labels: sig/security, sig/docs, lifecycle/rotten

#61 - move script from test-infra to sig-security

Pull Request - State: closed - Opened by lakshya8066 about 2 years ago - 12 comments
Labels: size/M, do-not-merge/hold, cncf-cla: yes

#60 - Move Snyk Scripts from k/test-infra to k/sig-security/sig-security-tooling

Issue - State: open - Opened by PushkarJ about 2 years ago - 7 comments
Labels: good first issue, help wanted, sig/security

#59 - Add links to New Learning Sessions

Pull Request - State: closed - Opened by PushkarJ about 2 years ago - 4 comments
Labels: size/XS, approved, lgtm, sig/security, sig/docs, cncf-cla: yes

#58 - basic-docs

Pull Request - State: closed - Opened by aladewberry over 2 years ago - 4 comments
Labels: size/XS, approved, cncf-cla: yes

#57 - Install missing pip3

Pull Request - State: closed - Opened by PushkarJ over 2 years ago - 3 comments
Labels: size/XS, sig/testing, approved, lgtm, sig/security, cncf-cla: yes, sig/k8s-infra

#56 - [Blog post] Current State of findings from Kubernetes Third Party Security Audit of 2019

Issue - State: closed - Opened by PushkarJ over 2 years ago - 4 comments
Labels: sig/security, sig/docs

#55 - [KEP-3203] Add hack script to generate CVE Feed

Pull Request - State: closed - Opened by nehaLohia27 over 2 years ago - 4 comments
Labels: approved, lgtm, size/L, cncf-cla: yes

#54 - REQUEST: Request a Learning session on Trousseau

Issue - State: closed - Opened by romdalf over 2 years ago - 11 comments
Labels: sig/security, lifecycle/rotten

#53 - REQUEST: Learning session on Shopify/kubeaudit

Issue - State: closed - Opened by genevieveluyt over 2 years ago - 9 comments
Labels: sig/security, lifecycle/rotten

#52 - Add Cluster API fuzzing report

Pull Request - State: closed - Opened by killianmuldoon over 2 years ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#51 - Blog post on PSP history context

Issue - State: closed - Opened by savitharaghunathan over 2 years ago - 5 comments
Labels: sig/security

#50 - Add draft report from Adalogics fuzzing efforts

Pull Request - State: closed - Opened by tabbysable over 2 years ago - 5 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#49 - REQUEST: Learning sessions on Eraser

Issue - State: closed - Opened by salaxander over 2 years ago - 3 comments
Labels: sig/security

#48 - Record Keeping for sig security assessments

Pull Request - State: closed - Opened by aladewberry over 2 years ago - 13 comments
Labels: size/XS, approved, lgtm, sig/security, cncf-cla: yes

#47 - Learning sessions added

Pull Request - State: closed - Opened by chetak123 over 2 years ago - 3 comments
Labels: approved, lgtm, sig/security, tide/merge-method-squash, size/S, cncf-cla: yes

#46 - Rename subdir for the current audit

Pull Request - State: closed - Opened by reylejano over 2 years ago - 4 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#45 - Add learning session request GitHub Issue template

Pull Request - State: closed - Opened by PushkarJ over 2 years ago - 4 comments
Labels: size/M, approved, lgtm, sig/security, cncf-cla: yes

#44 - Create a template for Requesting Learning sessions in SIG Security Tooling meeting

Issue - State: closed - Opened by PushkarJ over 2 years ago
Labels: kind/cleanup, sig/security

#43 - Document previous learning sessions in SIG Security Tooling

Issue - State: closed - Opened by PushkarJ over 2 years ago - 8 comments
Labels: good first issue, help wanted, kind/cleanup, sig/security

#42 - Kubernetes API Server Bypass Risks

Issue - State: closed - Opened by raesene over 2 years ago - 7 comments
Labels: sig/security, sig/docs

#41 - Kubernetes RBAC Best Practices Guide

Issue - State: closed - Opened by raesene over 2 years ago - 5 comments
Labels: sig/security, sig/docs

#40 - Cluster API Security Self Assessment

Pull Request - State: closed - Opened by PushkarJ over 2 years ago - 14 comments
Labels: kind/feature, approved, lgtm, sig/cluster-lifecycle, sig/security, size/XXL, tide/merge-method-squash, cncf-cla: yes

#39 - Create a periodic prow job to implement KEP-3203

Issue - State: closed - Opened by nehaLohia27 over 2 years ago - 15 comments
Labels: sig/testing, sig/security

#38 - Add feeds directory with OWNERS file under tooling sub-project

Issue - State: closed - Opened by PushkarJ over 2 years ago - 7 comments
Labels: good first issue, help wanted, sig/security

#37 - Create .gitignore

Pull Request - State: closed - Opened by praveenrewar over 2 years ago - 7 comments
Labels: size/M, approved, lgtm, cncf-cla: yes

#36 - Create .gitignore file

Issue - State: closed - Opened by PushkarJ almost 3 years ago - 2 comments
Labels: good first issue, help wanted, sig/security

#35 - Update third-party rfp about vendor selection announcement

Pull Request - State: closed - Opened by reylejano almost 3 years ago - 3 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#34 - Add 2021/2022 RFP decision

Pull Request - State: closed - Opened by reylejano almost 3 years ago - 5 comments
Labels: size/M, approved, lgtm, cncf-cla: yes

#33 - Configure a prow job that writes CVE JSON data to GC bucket every hour

Issue - State: closed - Opened by PushkarJ almost 3 years ago - 5 comments
Labels: sig/testing, sig/security, sig/k8s-infra

#32 - Configure a Prow Job that creates a k/website PR

Issue - State: closed - Opened by PushkarJ almost 3 years ago - 7 comments
Labels: sig/testing, sig/security

#31 - add PDF with layout

Pull Request - State: closed - Opened by JimBugwadia almost 3 years ago - 2 comments
Labels: size/XS, approved, lgtm, cncf-cla: yes

#30 - Kubernetes Hardening Guide

Issue - State: open - Opened by raesene over 3 years ago - 39 comments

#29 - Blog post: Kubernetes SLSA Level 1 support

Issue - State: closed - Opened by savitharaghunathan almost 3 years ago - 7 comments
Labels: sig/security, sig/docs, lifecycle/rotten

#28 - Create a security checklist for deploying a cluster

Issue - State: closed - Opened by savitharaghunathan almost 3 years ago - 27 comments
Labels: sig/security, sig/docs

#27 - Admission Control Threat Model

Pull Request - State: closed - Opened by raesene almost 3 years ago - 12 comments
Labels: approved, lgtm, size/XL, cncf-cla: yes

GitHub / kubernetes/sig-security issues and pull requests