9 docs tagged with "security"

Max allowed violations for a given severity level.

Image must not contain forbidden environment variables.

Image exposes permitted ports.

All vulnerabilities should be fixed if a patch exists.

OpenSSF Scorecard score is above the threshold.

Checks if requested image registry domain is in the domains list.

No secrets or credentials should be embedded in the image.

Max allowed issues for a given severity level.

Image must not run as root.