SonarQube Community Edition( 10.4.1.88267) is not able to detect privilege escalation rule

The documentation includes general guidance on adding coding rules, including which languages support adding custom rules, and general guidance on how to go about it.
If the docs don’t answer your question, please tell us:

• What language are you writing rules for? Kubernetes(.yaml Files)
• What have you tried, and what’s your challenge / stumbling block : yes
  SonarQube Community Edition( 10.4.1.88267) is not able to detect Allowing process privilege escalations is security-sensitive

I tried on the below deployment file, and we are unable to detect Privilege escalation issue through SonarQube Community Version

Please share the relevant code snippet, along with any error messages you’re encountering:

apiVersion: v1
kind: Pod
metadata:
  name: example
spec:
  containers:
    - name: web
      image: nginx
      ports:
        - name: web
          containerPort: 80
          protocol: TCP
      securityContext:
        allowPrivilegeEscalation: true

Hello @reshmipatro. Welcome to the community!

Unfortunately, I was not able to reproduce your issue. With SQ Community Edition 10.4.1.88267 and sonar-scanner-cli 5.0.1 I can see the rule creating a security hotspot. Please note that this rule is a security hotspot and its findings are located in a different tab.

Could you provide some more context: how are you executing analysis (with sonar-scanner-cli or with maven/gradle?), what’s your project structure, and the section of SQ logs after the line INFO: Sensor IaC Kubernetes Sensor [iac]?

Best,

Peter