chore: add comprehensive CI/CD exemptions for ZNC

This commit is contained in:
2026-02-08 19:32:37 -05:00
parent 31673ea837
commit 99f9ec453d
3 changed files with 6 additions and 0 deletions
+2
View File
@@ -11,3 +11,5 @@ skip-check:
- CKV_K8S_40 # Containers should run as high UID (ZNC LinuxServer container needs flexibility)
- CKV_K8S_23 # Minimize admission of root containers (ZNC requires root for s6-overlay init)
- CKV_K8S_20 # Containers should not run with allowPrivilegeEscalation (ZNC needs init flexibility)
- CKV_K8S_37 # Capabilities - drop ALL (ZNC needs flexible capabilities for init)
- CKV_K8S_38 # Ensure that Service Account Tokens are only mounted where necessary (already set to false)