Ensure not directly use kubectl in script

The kubectl apply command applies changes made to IAC files and uses superuser privileges to sync Kubernetes infrastructure. A vector attack could involve injecting code into Kubernetes and abusing superuser privileges.

Risk Level: medium
Platform: Github
Spectral Rule ID: GHAC011

REMEDIATION

Remove 'kubectl' command

Read more:


Did this page help you?