From 17f3aaf129080d6729aee293c7fc0dc2425a170f Mon Sep 17 00:00:00 2001
From: Maciej Golaszewski <maciej.golaszewski@canonical.com>
Date: Thu, 21 Nov 2024 12:03:55 +0100
Subject: [PATCH] Add SECURITY.md and CODEOWNERS This pr adds security.md and
 introduces a policy enabling users to report security issues.

KU-2046
---
 CODEOWNERS  |  1 +
 SECURITY.md | 15 +++++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 CODEOWNERS
 create mode 100644 SECURITY.md

diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 0000000..370b7d8
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1 @@
+*               @canonical/kubernetes
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..88f689a
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,15 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+To report a security issue, please follow the steps below:
+
+Using GitHub, file a [Private Security Report](https://github.com/canonical/coredns-rock/security/advisories/new) with:
+- A description of the issue
+- Steps to reproduce the issue
+- Affected versions of the `coredns-rock` package
+- Any known mitigations for the issue
+
+The [Ubuntu Security disclosure and embargo policy](https://ubuntu.com/security/disclosure-policy) contains more information about what to expect during this process and our requirements for responsible disclosure.
+
+Thank you for contributing to the security and integrity of the `coredns-rock`!