privilegedescalation/headlamp-kube-vip-plugin
Archived
12
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 8 Wiki Activity
This repository has been archived on 2026-06-16. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
7ac6e6caa8cb690d0df51835220befdb491691be
headlamp-kube-vip-plugin/SECURITY.md
T
Chris Farhood 7ac6e6caa8 fix(kube-vip): revert docs namespace to kube-system (PRI-562) 
Revert CLAUDE.md, README.md, and SECURITY.md namespace references from
'headlamp' back to 'kube-system' to match src/api/k8s.ts KUBE_VIP_NAMESPACE.

The source code uses 'kube-system' as the namespace constant; docs must
match code to avoid misleading users.

Also fixes hardcoded namespace string in OverviewPage.tsx to use
KUBE_VIP_NAMESPACE constant instead of literal 'kube-system'.

Option A per PRI-562 QA guidance.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-05-04 20:34:29 +00:00

644 B
Raw Blame History

Security Policy

Supported Versions

Version Supported
latest Yes

Plugin Scope

This plugin is read-only. It does not perform any write operations against the Kubernetes cluster. It reads:

  • Services (type: LoadBalancer)
  • Nodes
  • Pods in kube-system
  • DaemonSets in kube-system
  • Leases in kube-system
  • ConfigMaps in kube-system

All data is fetched through Headlamp's built-in API proxy, which respects the user's existing RBAC permissions.

Reporting a Vulnerability

Please report security vulnerabilities by opening a private issue or emailing the maintainers directly.

Reference in New Issue View Git Blame Copy Permalink