Static analysis of security context requirements #1423
Description
Summary of the new feature / enhancement
Required security context can be described in the configuration via a top level directive, but individual resources can also have their own directive to override. Resource manifests can also declare which operations require a specific security context.
There is also a future feature to allow an elevated context to create restricted child processes for resources.
So the whole result is complicated, but ideally there should be static analysis performed if the deployment would be successful under the current security context before deployment starts.
Proposed technical implementation details (optional)
No response