privilegedescalation/headlamp-kube-vip-plugin
Archived
12
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 8 Wiki Activity
This repository has been archived on 2026-06-16. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
7ac6e6caa8cb690d0df51835220befdb491691be
headlamp-kube-vip-plugin/SECURITY.md
T
Chris Farhood 7ac6e6caa8 fix(kube-vip): revert docs namespace to kube-system (PRI-562) 
Revert CLAUDE.md, README.md, and SECURITY.md namespace references from
'headlamp' back to 'kube-system' to match src/api/k8s.ts KUBE_VIP_NAMESPACE.

The source code uses 'kube-system' as the namespace constant; docs must
match code to avoid misleading users.

Also fixes hardcoded namespace string in OverviewPage.tsx to use
KUBE_VIP_NAMESPACE constant instead of literal 'kube-system'.

Option A per PRI-562 QA guidance.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-05-04 20:34:29 +00:00

25 lines
644 B
Markdown
Raw Blame History

# Security Policy
## Supported Versions
| Version | Supported |
|---------|-----------|
| latest | Yes |
## Plugin Scope
This plugin is **read-only**. It does not perform any write operations against the Kubernetes cluster. It reads:
- Services (type: LoadBalancer)
- Nodes
- Pods in `kube-system`
- DaemonSets in `kube-system`
- Leases in `kube-system`
- ConfigMaps in `kube-system`
All data is fetched through Headlamp's built-in API proxy, which respects the user's existing RBAC permissions.
## Reporting a Vulnerability
Please report security vulnerabilities by opening a private issue or emailing the maintainers directly.
Reference in New Issue View Git Blame Copy Permalink