privilegedescalation/org
Archived
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Add dev namespace access and kubectl to POLICIES.md and TOOLS.md

Browse Source 
Each org now has a -dev namespace where agents can freely use kubectl
for testing and iteration. Production namespaces remain Flux-only.

Access model:
- Cluster-wide: read-only
- Production namespace: read-write (Flux-managed, no manual kubectl)
- Dev namespace: read-write (agents may use kubectl freely)

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Chris Farhood
2026-03-21 11:05:32 -04:00
parent c0298d3052
commit 2fd9f0691d
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
TOOLS.md
+1
View File
@@ -25,6 +25,7 @@ Auto-injected env vars:
| `node` / `npm` / `pnpm` / `npx` | Node.js runtime and package management |
| `python3` | Python scripting |
| `pnpm paperclipai` | Paperclip CLI — issue/agent operations |
| `kubectl` | Kubernetes CLI — read-only cluster-wide, read-write in `privilegedescalation` and `privilegedescalation-dev` |
## Repos