Address CNCF TAG Security and Compliance feedback on self-assessment#2034
Merged
ytsarev merged 1 commit intok8gb-io:masterfrom Aug 24, 2025
Merged
Conversation
Updates the k8gb security self-assessment document based on feedback from cncf/tag-security#1446. Changes: - Define acronyms on first use throughout document - Update references to "CNCF TAG Security and Compliance" - Enhance overview section with clearer context and explanations - Replace placeholder "Future state" section with actual compliance content - Clarify risk reduction comparisons with specific context - Correctly reflect SLSA Level 3 compliance with signed provenance - Distinguish between functional and security-focused pipeline components These improvements make the self-assessment more accessible to readers unfamiliar with k8gb while accurately representing the project's security practices and compliance achievements. Signed-off-by: Yury Tsarev <yury@upbound.io>
ytsarev
requested review from
abaguas,
donovanmuller,
jkremser,
k0da and
kuritka
as code owners
kuritka
approved these changes
Aug 24, 2025
itsfarhan
pushed a commit
to itsfarhan/k8gb
that referenced
this pull request
Sep 3, 2025
…8gb-io#2034) Updates the k8gb security self-assessment document based on feedback from cncf/tag-security#1446. Changes: - Define acronyms on first use throughout document - Update references to "CNCF TAG Security and Compliance" - Enhance overview section with clearer context and explanations - Replace placeholder "Future state" section with actual compliance content - Clarify risk reduction comparisons with specific context - Correctly reflect SLSA Level 3 compliance with signed provenance - Distinguish between functional and security-focused pipeline components These improvements make the self-assessment more accessible to readers unfamiliar with k8gb while accurately representing the project's security practices and compliance achievements. Signed-off-by: Yury Tsarev <yury@upbound.io>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updates the k8gb security self-assessment document based on feedback from cncf/tag-security#1446.
Changes:
These improvements make the self-assessment more accessible to readers unfamiliar with k8gb while accurately representing the project's security practices and compliance achievements.
..
HOW TO RUN CI
---By default, all the checks will be run automatically. Furthermore, when changing website-related stuff, the preview will be generated by the netlify bot.
Heavy tests
Add the
heavy-testslabel on this PR if you want full-blown tests that include more than 2-cluster scenarios.Debug tests
If the test suite is failing for you, you may want to try triggering
Re-run all jobs(top right) with debug logging enabled. It will also make the print debug action more verbose.