From 7d9830962d692ae5a7dcb114878f1fae9727c58f Mon Sep 17 00:00:00 2001
From: joshuaking42 <joshuaking42@users.noreply.github.com>
Date: Sat, 11 Apr 2026 12:02:15 +0800
Subject: [PATCH 1/3] security: add seccomp, readOnlyRootFilesystem,
 NetworkPolicy, fix HEALTHCHECK

- Dockerfile: HEALTHCHECK now probes HTTP endpoint instead of just pgrep
- k8s/deployment.yaml: add seccompProfile RuntimeDefault, readOnlyRootFilesystem
- charts/openab/values.yaml: add seccompProfile RuntimeDefault, readOnlyRootFilesystem
- k8s/networkpolicy.yaml: new NetworkPolicy restricting ingress/egress
---
 Dockerfile                |  2 +-
 charts/openab/values.yaml |  3 +++
 k8s/deployment.yaml       |  3 +++
 k8s/networkpolicy.yaml    | 26 ++++++++++++++++++++++++++
 4 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 k8s/networkpolicy.yaml

diff --git a/Dockerfile b/Dockerfile
index fdb14e2a..b0aa7763 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,6 +38,6 @@ COPY --from=builder --chown=agent:agent /build/target/release/openab /usr/local/
 
 USER agent
 HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
-  CMD pgrep -x openab || exit 1
+  CMD curl -sf http://localhost:18789/health || exit 1
 ENTRYPOINT ["openab"]
 CMD ["/etc/openab/config.toml"]
diff --git a/charts/openab/values.yaml b/charts/openab/values.yaml
index 1f7c2134..79a17d11 100644
--- a/charts/openab/values.yaml
+++ b/charts/openab/values.yaml
@@ -9,9 +9,12 @@ podSecurityContext:
   runAsUser: 1000
   runAsGroup: 1000
   fsGroup: 1000
+  seccompProfile:
+    type: RuntimeDefault
 
 containerSecurityContext:
   allowPrivilegeEscalation: false
+  readOnlyRootFilesystem: true
   capabilities:
     drop:
       - ALL
diff --git a/k8s/deployment.yaml b/k8s/deployment.yaml
index cb12c2ba..10e3e5a7 100644
--- a/k8s/deployment.yaml
+++ b/k8s/deployment.yaml
@@ -21,12 +21,15 @@ spec:
         runAsUser: 1000
         runAsGroup: 1000
         fsGroup: 1000
+        seccompProfile:
+          type: RuntimeDefault
       containers:
         - name: openab
           image: openab:latest
           imagePullPolicy: Never
           securityContext:
             allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
             capabilities:
               drop:
                 - ALL
diff --git a/k8s/networkpolicy.yaml b/k8s/networkpolicy.yaml
new file mode 100644
index 00000000..0b7fe228
--- /dev/null
+++ b/k8s/networkpolicy.yaml
@@ -0,0 +1,26 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: openab-network-policy
+spec:
+  podSelector:
+    matchLabels:
+      app: openab
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - port: 18789
+          protocol: TCP
+  egress:
+    # DNS
+    - ports:
+        - port: 53
+          protocol: UDP
+        - port: 53
+          protocol: TCP
+    # HTTPS (Discord API, LLM APIs)
+    - ports:
+        - port: 443
+          protocol: TCP

From 124806937fd4cac2fb2aaed378c59731edb83df8 Mon Sep 17 00:00:00 2001
From: Saitama <saitama3292-onepunch@users.noreply.github.com>
Date: Wed, 15 Apr 2026 02:20:14 +0000
Subject: [PATCH 2/3] security: address review feedback on PR #197

- Revert HEALTHCHECK to pgrep (openab has no HTTP listener)
- Remove k8s/networkpolicy.yaml (defer until HTTP endpoint exists)
- Add emptyDir /tmp volume mounts for readOnlyRootFilesystem
  (k8s/deployment.yaml and Helm deployment template)
- Keep seccomp RuntimeDefault + readOnlyRootFilesystem
---
 Dockerfile                              |  2 +-
 charts/openab/templates/deployment.yaml |  4 ++++
 k8s/deployment.yaml                     |  4 ++++
 k8s/networkpolicy.yaml                  | 26 -------------------------
 4 files changed, 9 insertions(+), 27 deletions(-)
 delete mode 100644 k8s/networkpolicy.yaml

diff --git a/Dockerfile b/Dockerfile
index b0aa7763..fdb14e2a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,6 +38,6 @@ COPY --from=builder --chown=agent:agent /build/target/release/openab /usr/local/
 
 USER agent
 HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
-  CMD curl -sf http://localhost:18789/health || exit 1
+  CMD pgrep -x openab || exit 1
 ENTRYPOINT ["openab"]
 CMD ["/etc/openab/config.toml"]
diff --git a/charts/openab/templates/deployment.yaml b/charts/openab/templates/deployment.yaml
index f1ab9b0b..2d2185c1 100644
--- a/charts/openab/templates/deployment.yaml
+++ b/charts/openab/templates/deployment.yaml
@@ -72,6 +72,8 @@ spec:
               mountPath: {{ $cfg.workingDir | default "/home/agent" }}/AGENTS.md
               subPath: AGENTS.md
             {{- end }}
+            - name: tmp
+              mountPath: /tmp
       {{- with $cfg.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}
@@ -93,5 +95,7 @@ spec:
           persistentVolumeClaim:
             claimName: {{ include "openab.agentFullname" $d }}
         {{- end }}
+        - name: tmp
+          emptyDir: {}
 {{- end }}
 {{- end }}
diff --git a/k8s/deployment.yaml b/k8s/deployment.yaml
index 10e3e5a7..d3db29f3 100644
--- a/k8s/deployment.yaml
+++ b/k8s/deployment.yaml
@@ -51,6 +51,8 @@ spec:
             - name: data
               mountPath: /home/agent/.local/share/kiro-cli
               subPath: kiro-cli-data
+            - name: tmp
+              mountPath: /tmp
       volumes:
         - name: config
           configMap:
@@ -58,3 +60,5 @@ spec:
         - name: data
           persistentVolumeClaim:
             claimName: openab-data
+        - name: tmp
+          emptyDir: {}
diff --git a/k8s/networkpolicy.yaml b/k8s/networkpolicy.yaml
deleted file mode 100644
index 0b7fe228..00000000
--- a/k8s/networkpolicy.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: openab-network-policy
-spec:
-  podSelector:
-    matchLabels:
-      app: openab
-  policyTypes:
-    - Ingress
-    - Egress
-  ingress:
-    - ports:
-        - port: 18789
-          protocol: TCP
-  egress:
-    # DNS
-    - ports:
-        - port: 53
-          protocol: UDP
-        - port: 53
-          protocol: TCP
-    # HTTPS (Discord API, LLM APIs)
-    - ports:
-        - port: 443
-          protocol: TCP

From ca19fd361118a3f15a56fe79144b73de19788efe Mon Sep 17 00:00:00 2001
From: Saitama <saitama3292-onepunch@users.noreply.github.com>
Date: Wed, 15 Apr 2026 07:23:30 +0000
Subject: [PATCH 3/3] chore: remove k8s/deployment.yaml changes (k8s/ is
 deprecated)

---
 k8s/deployment.yaml | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/k8s/deployment.yaml b/k8s/deployment.yaml
index d3db29f3..cb12c2ba 100644
--- a/k8s/deployment.yaml
+++ b/k8s/deployment.yaml
@@ -21,15 +21,12 @@ spec:
         runAsUser: 1000
         runAsGroup: 1000
         fsGroup: 1000
-        seccompProfile:
-          type: RuntimeDefault
       containers:
         - name: openab
           image: openab:latest
           imagePullPolicy: Never
           securityContext:
             allowPrivilegeEscalation: false
-            readOnlyRootFilesystem: true
             capabilities:
               drop:
                 - ALL
@@ -51,8 +48,6 @@ spec:
             - name: data
               mountPath: /home/agent/.local/share/kiro-cli
               subPath: kiro-cli-data
-            - name: tmp
-              mountPath: /tmp
       volumes:
         - name: config
           configMap:
@@ -60,5 +55,3 @@ spec:
         - name: data
           persistentVolumeClaim:
             claimName: openab-data
-        - name: tmp
-          emptyDir: {}