Loading...

XML

Word

Printable

Type: Story
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Labels:
None

Activity Type:
Product / Portfolio Work
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
CNTRLPLANE-73
Story Points:
None

Target Version:
None
Release Blocker:
None
Sprint:
Auth - Sprint 230, Auth - Sprint 231, Auth - Sprint 232, Auth - Sprint 233, Auth - Sprint 234

Modify the PodSecurityViolation alert to show namespace information. To prevent cardinality explosion on the namespace label, only limit the values of the label to platform namespaces ("openshift", "default", "kube-").

This will also need a carry patch in o/k

links to

openshift/cluster-kube-apiserver-operator#1435: AUTH-336: PSA Violation alert: add ocp_namespace label

openshift/kubernetes#1454: AUTH-336: UPSTREAM: <carry>: PSa metrics: log platform namespaces in audit denies

openshift/kubernetes#1489: AUTH-336: UPSTREAM: <carry>: PSa metrics: unset ocp_namespace on non-platform n…

Assignee:: Stanislav Láznička (Inactive)

Reporter:: Stanislav Láznička (Inactive)

Need Info From:: None

Contributors:: None

QA Contact:: Giriyamma Karagere Ramaswamy (Inactive)

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2023/01/17 10:55 AM

Updated:: 2025/06/27 10:05 AM

Resolved:: 2023/04/03 9:41 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide