Age | Commit message (Collapse) | Author | Files | Lines |
|
It allows offline testing via xrally_kubernetes, k8s_vims, kube_bench
and kube_hunter.
Change-Id: I3084abec19f06a894d0083ecb3ed61882eddd785
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
|
|
The Kubernetes default pull policy is IfNotPresent unless the image tag
is :latest in which case the default policy is Always. IfNotPresent
causes the Kubelet to skip pulling an image if it already exists [1]
[1] https://kind.sigs.k8s.io/docs/user/quick-start/
Change-Id: I83dac6165d2bbef165ca852dd03e5b76a5356f2f
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
|
|
https://github.com/aquasecurity/kube-hunter/commit/3e06647b4c09257cb994bbdd174ee621e2af5406
Change-Id: Idf470f0161aaeb7a326a3e2a4e680445d9f00eac
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
|
|
It now creates a namespace to allow running the test cases twice in
parallel. It also overprotects clean operations to force a full delete.
Change-Id: Ie0becd8ea9126328e7280591bacc0d88e14dd031
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
|
|
Else Xtesting publishes the default xtesting.log [1]
[1] https://build.opnfv.org/ci/job/functest-kubernetes-opnfv-functest-kubernetes-security-latest-kube_hunter-run/2/console
Change-Id: I0b9b9eda04762771d4e10f0d124b4d5f2975a4da
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
|
|
run kube-hunter and kube-bench cases dealing with security in kubernetes (check
vulnerabilities) [1][2]
It's the first step only printing the output.
[1]: https://github.com/aquasecurity/kube-bench
[2]: https://github.com/aquasecurity/kube-hunter
Co-Authored-By: Cédric Ollivier <cedric.ollivier@orange.com>
Change-Id: I3bd9bda80046ef7a0c494d51dfb0b8cbfea02bb0
Signed-off-by: mrichomme <morgan.richomme@orange.com>
|