Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: docker
Labels:
None

Sprint:
devex #128 February 2017
Story Points:
10

Every ws pod automatically mounts a volume that contains a token for service account cheserviceaccount. This volume is not needed and represent a security threat.

kind: Pod
spec:
  volumes:
    -
      name: cheserviceaccount-token-6ch7l
      secret:
        secretName: cheserviceaccount-token-6ch7l
  containers:
    -
      volumeMounts:
        -
          name: cheserviceaccount-token-6ch7l
          readOnly: true
          mountPath: /var/run/secrets/kubernetes.io/serviceaccount
    ...

That's related to the following kubernetes issue:
https://github.com/kubernetes/kubernetes/issues/16779

Assignee:: Victor Rubezhny (Inactive)

Reporter:: Mario Loriedo

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2016/12/01 7:22 PM

Updated:: 2017/03/15 8:18 AM

Resolved:: 2017/03/15 8:18 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates