Loading k8s/kube-bench.yml +2 −1 Original line number Diff line number Diff line Loading @@ -2,13 +2,14 @@ k8s:kube-bench: stage: test image: name: bitnami/kubectl:latest name: alpine:edge entrypoint: [""] variables: KUBE_BENCH_VERSION: main # or use for example v0.6.7 from the available tags on https://github.com/aquasecurity/kube-bench/tags KUBE_BENCH_MANIFEST: https://raw.githubusercontent.com/aquasecurity/kube-bench/${KUBE_BENCH_VERSION}/job.yaml KUBE_BENCH_JOB_NAME: kube-bench # needs to match the metadata in the job manifest script: - apk add kubectl --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing yq - wget -O job.yaml ${KUBE_BENCH_MANIFEST} - yq eval -i '.spec.template.spec.containers[0].command = ["kube-bench", "--junit", "--alsologtostderr", "--outputfile", "kube-bench.xml"]' job.yaml - kubectl delete -f job.yaml --ignore-not-found=true Loading Loading
k8s/kube-bench.yml +2 −1 Original line number Diff line number Diff line Loading @@ -2,13 +2,14 @@ k8s:kube-bench: stage: test image: name: bitnami/kubectl:latest name: alpine:edge entrypoint: [""] variables: KUBE_BENCH_VERSION: main # or use for example v0.6.7 from the available tags on https://github.com/aquasecurity/kube-bench/tags KUBE_BENCH_MANIFEST: https://raw.githubusercontent.com/aquasecurity/kube-bench/${KUBE_BENCH_VERSION}/job.yaml KUBE_BENCH_JOB_NAME: kube-bench # needs to match the metadata in the job manifest script: - apk add kubectl --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing yq - wget -O job.yaml ${KUBE_BENCH_MANIFEST} - yq eval -i '.spec.template.spec.containers[0].command = ["kube-bench", "--junit", "--alsologtostderr", "--outputfile", "kube-bench.xml"]' job.yaml - kubectl delete -f job.yaml --ignore-not-found=true Loading
