aboutsummaryrefslogtreecommitdiffstats
path: root/functest_kubernetes/security/kube-bench.yaml
AgeCommit message (Collapse)AuthorFilesLines
2020-09-13Split kube-bench master and nodeCédric Ollivier1-52/+0
The former deployment asked for all-in-one. Change-Id: I12e470cec9e82b82c6f3ea5ff2431087f5deb9be Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-12Improve kube_bench outputCédric Ollivier1-0/+1
It also fills self.details. Change-Id: Ie73215ebcbd34de9d457fd364de4ab9cbdf64319 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-08Set all image tagsCédric Ollivier1-1/+1
It allows offline testing via xrally_kubernetes, k8s_vims, kube_bench and kube_hunter. Change-Id: I3084abec19f06a894d0083ecb3ed61882eddd785 Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-09-08Remove latest in all imagesCédric Ollivier1-1/+1
The Kubernetes default pull policy is IfNotPresent unless the image tag is :latest in which case the default policy is Always. IfNotPresent causes the Kubelet to skip pulling an image if it already exists [1] [1] https://kind.sigs.k8s.io/docs/user/quick-start/ Change-Id: I83dac6165d2bbef165ca852dd03e5b76a5356f2f Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
2020-03-13Add security docker for functest-kubernetesmrichomme1-0/+51
run kube-hunter and kube-bench cases dealing with security in kubernetes (check vulnerabilities) [1][2] It's the first step only printing the output. [1]: https://github.com/aquasecurity/kube-bench [2]: https://github.com/aquasecurity/kube-hunter Co-Authored-By: Cédric Ollivier <cedric.ollivier@orange.com> Change-Id: I3bd9bda80046ef7a0c494d51dfb0b8cbfea02bb0 Signed-off-by: mrichomme <morgan.richomme@orange.com>