From 98d9f93337ab514fa9aafc1cd1e87473de68b364 Mon Sep 17 00:00:00 2001
From: mrichomme <morgan.richomme@orange.com>
Date: Mon, 10 Feb 2020 17:49:43 +0100
Subject: Add security docker for functest-kubernetes
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

run kube-hunter and kube-bench cases dealing with security in kubernetes (check
vulnerabilities) [1][2]

It's the first step only printing the output.

[1]: https://github.com/aquasecurity/kube-bench
[2]: https://github.com/aquasecurity/kube-hunter

Co-Authored-By: Cédric Ollivier <cedric.ollivier@orange.com>
Change-Id: I3bd9bda80046ef7a0c494d51dfb0b8cbfea02bb0
Signed-off-by: mrichomme <morgan.richomme@orange.com>
---
 .travis.yml | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

(limited to '.travis.yml')

diff --git a/.travis.yml b/.travis.yml
index dfdaa176..b2996055 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -34,7 +34,7 @@ jobs:
           --platforms linux/amd64 \
           --template ${DOCKER_USERNAME}/functest-kubernetes-core:ARCH-latest \
           --target ${DOCKER_USERNAME}/functest-kubernetes-core:latest
-    - stage: build functest-kubernetes-[healthcheck,cnf] images
+    - stage: build functest-kubernetes-[healthcheck,cnf,security] images
       script: sudo -E bash build.sh
       env:
         - REPO="${DOCKER_USERNAME}"
@@ -46,7 +46,13 @@ jobs:
         - amd64_dirs="docker/cnf"
         - arm64_dirs=""
         - arm_dirs=""
-    - stage: publish functest-kubernetes-[healthcheck,cnf] manifests
+    - script: sudo -E bash build.sh
+      env:
+        - REPO="${DOCKER_USERNAME}"
+        - amd64_dirs="docker/security"
+        - arm64_dirs=""
+        - arm_dirs=""
+    - stage: publish functest-kubernetes-[healthcheck,cnf,security] manifests
       script: >
         sudo manifest-tool push from-args \
           --platforms linux/amd64 \
@@ -58,6 +64,12 @@ jobs:
           --platforms linux/amd64 \
           --template ${DOCKER_USERNAME}/functest-kubernetes-cnf:ARCH-latest \
           --target ${DOCKER_USERNAME}/functest-kubernetes-cnf:latest
+    - script: >
+        sudo manifest-tool push from-args \
+          --platforms linux/amd64 \
+          --template \
+            ${DOCKER_USERNAME}/functest-kubernetes-security:ARCH-latest \
+          --target ${DOCKER_USERNAME}/functest-kubernetes-security:latest
     - stage: build functest-kubernetes-smoke image
       script: sudo -E bash build.sh
       env:
-- 
cgit 1.2.3-korg