# Risk Assessment ## How to check Risks without being too intrusive? create a copy of the container for which risk is being calculated. ``` kubectl debug nginx-77b4fdf86c-5dfvt -it --copy-to=myapp-debug --container=nginx -- sh ``` It's a copy so doesn't impact anything on the actual application - It's per container, what if a container depends on other containers to function, like dev2 (dependency on rabbitmq container) We can alleviate the downside by changing entrypoint, we don't care about the actual application running anyway - What if it's a pod like cert-manager with no shell? We can attach a debug container, copy busybox inside the shell and continue with our set of actions? https://stackoverflow.com/questions/73355970/how-to-get-access-to-filesystem-with-kubectl-debug-ephemeral-containers Rest of the process can be taken from our Ginkgo utils? Exec and fetching output, we don't even need to verify alerts in general