Add security docker for functest-kubernetes

run kube-hunter and kube-bench cases dealing with security in kubernetes (check vulnerabilities) [1][2] It's the first step only printing the output. [1]: https://github.com/aquasecurity/kube-bench [2]: https://github.com/aquasecurity/kube-hunter Co-Authored-By: Cédric Ollivier <cedric.ollivier@orange.com> Change-Id: I3bd9bda80046ef7a0c494d51dfb0b8cbfea02bb0 Signed-off-by: mrichomme <morgan.richomme@orange.com>
author: mrichomme <morgan.richomme@orange.com> 2020-02-10 17:49:43 +0100
committer: Cédric Ollivier <cedric.ollivier@orange.com> 2020-03-13 15:56:01 +0100
commit: 98d9f93337ab514fa9aafc1cd1e87473de68b364 (patch)
tree: 01a1f75403de65cb1d014bfe012528f14ac65519 /.travis.yml
parent: 080d2414682d5fecea8c01640e2e5971278fe19d (diff)
1 files changed, 14 insertions, 2 deletions
diff --git a/.travis.yml b/.travis.yml
index dfdaa176..b2996055 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -34,7 +34,7 @@ jobs:
           --platforms linux/amd64 \
           --template ${DOCKER_USERNAME}/functest-kubernetes-core:ARCH-latest \
           --target ${DOCKER_USERNAME}/functest-kubernetes-core:latest
-    - stage: build functest-kubernetes-[healthcheck,cnf] images
+    - stage: build functest-kubernetes-[healthcheck,cnf,security] images
       script: sudo -E bash build.sh
       env:
         - REPO="${DOCKER_USERNAME}"
@@ -46,7 +46,13 @@ jobs:
         - amd64_dirs="docker/cnf"
         - arm64_dirs=""
         - arm_dirs=""
-    - stage: publish functest-kubernetes-[healthcheck,cnf] manifests
+    - script: sudo -E bash build.sh
+      env:
+        - REPO="${DOCKER_USERNAME}"
+        - amd64_dirs="docker/security"
+        - arm64_dirs=""
+        - arm_dirs=""
+    - stage: publish functest-kubernetes-[healthcheck,cnf,security] manifests
       script: >
         sudo manifest-tool push from-args \
           --platforms linux/amd64 \
@@ -58,6 +64,12 @@ jobs:
           --platforms linux/amd64 \
           --template ${DOCKER_USERNAME}/functest-kubernetes-cnf:ARCH-latest \
           --target ${DOCKER_USERNAME}/functest-kubernetes-cnf:latest
+    - script: >
+        sudo manifest-tool push from-args \
+          --platforms linux/amd64 \
+          --template \
+            ${DOCKER_USERNAME}/functest-kubernetes-security:ARCH-latest \
+          --target ${DOCKER_USERNAME}/functest-kubernetes-security:latest
     - stage: build functest-kubernetes-smoke image
       script: sudo -E bash build.sh
       env:
author	mrichomme <morgan.richomme@orange.com>	2020-02-10 17:49:43 +0100
committer	Cédric Ollivier <cedric.ollivier@orange.com>	2020-03-13 15:56:01 +0100
commit	98d9f93337ab514fa9aafc1cd1e87473de68b364 (patch)
tree	01a1f75403de65cb1d014bfe012528f14ac65519 /.travis.yml
parent	080d2414682d5fecea8c01640e2e5971278fe19d (diff)