Sidecar Container Approach¶

This document provides an overview of the Sidecar Container approach for scanning containers.

Introduction¶

The Sidecar Container approach involves deploying a CINC Auditor container alongside the target container within the same pod. This allows the scanner container to access the target container's filesystem through the shared process namespace.

Key Features¶

Works with any Kubernetes cluster regardless of version
Provides universal compatibility for all container types
Requires deploying containers with the sidecar configuration
Can access container filesystems through process namespace sharing

Detailed Documentation¶

Technical Implementation - How the approach works, pod configuration, and retrieving results
RBAC Configuration - Required permissions and security considerations
Integration - Integration with CI/CD pipelines and other systems
Limitations and Requirements - What's needed and where the approach has constraints
Security Considerations - Security implications and best practices
Future Work - Planned enhancements and development roadmap

Approach Comparison - Compare the Sidecar Container approach with other options
Decision Matrix - Help decide which approach is best for specific scenarios
Workflow Diagrams - Visual representation of workflows
Security Analysis - Detailed security analysis

Sidecar Container Approach¶

Introduction¶

Key Features¶

Detailed Documentation¶

Related Resources¶