privilegedescalation/headlamp-kube-vip-plugin
Archived
12
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 8 Wiki Activity
This repository has been archived on 2026-06-16. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
96b7ff0e24d006b3e0a23f3f81474bfd0506227d
headlamp-kube-vip-plugin/SECURITY.md
T
Chris Farhood 96b7ff0e24 fix: revert docs namespace to kube-system and use KUBE_VIP_NAMESPACE constant 
Revert namespace references from headlamp back to kube-system in docs since
kube-vip workload runs in kube-system namespace (not headlamp which is the
Headlamp plugin install namespace).

Changes:
- CLAUDE.md: revert data sources and key constants namespace
- README.md: revert requirements line and troubleshooting table
- SECURITY.md: revert plugin scope namespaces
- OverviewPage.tsx: use KUBE_VIP_NAMESPACE constant instead of hardcoded string

Fixes PRI-562
2026-05-04 20:27:09 +00:00

644 B
Raw Blame History

Security Policy

Supported Versions

Version Supported
latest Yes

Plugin Scope

This plugin is read-only. It does not perform any write operations against the Kubernetes cluster. It reads:

  • Services (type: LoadBalancer)
  • Nodes
  • Pods in kube-system
  • DaemonSets in kube-system
  • Leases in kube-system
  • ConfigMaps in kube-system

All data is fetched through Headlamp's built-in API proxy, which respects the user's existing RBAC permissions.

Reporting a Vulnerability

Please report security vulnerabilities by opening a private issue or emailing the maintainers directly.

Reference in New Issue View Git Blame Copy Permalink