pub/well-known
1
0
Fork 0
Code Releases Activity Actions

fix: kubescape

Browse source
This commit is contained in:
Dries De Peuter 2023-03-12 00:21:20 +01:00
parent e447675de4
commit ff9f2705d7
No known key found for this signature in database
2 changed files with 23 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
.github/kubescape-exceptions.json vendored Normal file
View file

@ -0,0 +1,22 @@
[
{
"name": "exclude-default-namespace-control",
"policyType": "postureExceptionPolicy",
"actions": [
"alertOnly"
],
"resources": [
{
"designatorType": "Attributes",
"attributes": {
"kind": ".*"
}
}
],
"posturePolicies": [
{
"controlID": "CIS-5.7.4"
}
]
}
]

2
.github/workflows/chart.yaml vendored
View file

@ -78,7 +78,7 @@ jobs:
version: v3.7.1
- name: Scan helm
run: helm template ./charts/well-known --generate-name --dry-run | kubescape scan --controls-config .github/kubescape-controls-inputs.json -v --fail-threshold 5 -
run: helm template ./charts/well-known --generate-name --dry-run | kubescape scan --controls-config .github/kubescape-controls-inputs.json --exceptions .github/kubescape-exceptions.json -v --fail-threshold 5 -
pluto-scan:
runs-on: ubuntu-latest