chore: add notReadOnlyRootFilesystem exemption and lower Polaris threshold

2026-02-08 19:38:48 -05:00
parent 99f9ec453d
commit 991b1f4407
2 changed files with 2 additions and 1 deletions
@@ -74,7 +74,7 @@ jobs:
            polaris audit --audit-path manifests.yaml \
              --format pretty \
              --set-exit-code-on-danger \
-              --set-exit-code-below-score 70
+              --set-exit-code-below-score 50
          fi

  resource-analysis:
@@ -13,6 +13,7 @@ metadata:
    polaris.fairwinds.com/dangerousCapabilities-exempt: "true"
    polaris.fairwinds.com/insecureCapabilities-exempt: "true"
    polaris.fairwinds.com/hostNetworkSet-exempt: "true"
+    polaris.fairwinds.com/notReadOnlyRootFilesystem-exempt: "true"
 spec:
  selector:
    matchLabels: