How to handle Findings from Helm Charts #2258
Unanswered
amrap030
asked this question in
Help & Support
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Today I started to look through all the findings in the ConfigAuditReport and the VulnerabilityReport and tried to fix some of them. Pretty soon, I realized that I was not able to fix them, because the values in the underlying Helm charts are not modifiable through the values.yaml file or there is a library used in an image which has a vulnerability.
Now my question is, what can I do in these cases? Via Renovate Bot my applications are all up to date but there are still over 500 high vulnerabilities which probably cannot be fixed by me because I am not the maintainer of the Helm chart. This is a little bit disappointing because I would always want the findings to be close to zero.
Any help would be appreciated :)
Beta Was this translation helpful? Give feedback.
All reactions