https://github.com/githubfoam/openshift-origin-sandbox
openshift origin travisci CIS K8s Benchmark kube-bench smoke tests(jenkins pipelines)
https://github.com/githubfoam/openshift-origin-sandbox
cis-benchmark jenkins-pipeline k8s kube-bench openshift-origin smoke-tests
Last synced: 6 months ago
JSON representation
openshift origin travisci CIS K8s Benchmark kube-bench smoke tests(jenkins pipelines)
- Host: GitHub
- URL: https://github.com/githubfoam/openshift-origin-sandbox
- Owner: githubfoam
- License: gpl-3.0
- Created: 2020-01-13T06:15:32.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2020-10-03T20:37:19.000Z (about 5 years ago)
- Last Synced: 2025-02-05T07:49:35.093Z (8 months ago)
- Topics: cis-benchmark, jenkins-pipeline, k8s, kube-bench, openshift-origin, smoke-tests
- Homepage:
- Size: 157 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# openshift-origin-sandbox
Travis (.com) master branch:
[](https://travis-ci.com/githubfoam/openshift-origin-sandbox)
~~~~
travisci test branch
https://docs.travis-ci.com/user/deployment-v2/providers/openshift/
~~~~
smoke tests
~~~~
Basic Pipeline
Maven Slave Example
Blue Green Deployment Example
NodeJS (and Declarative) Pipeline Example
OpenShift 3 Jenkins Example
https://github.com/openshift/origin/tree/master/examples/jenkins
Using Jenkins Pipelines with OKD
https://github.com/openshift/origin/tree/master/examples/jenkins/pipeline
~~~~
CIS Kubernetes Benchmark - kube-bench
~~~~
== Remediations ==
7.9 Reset to the OpenShift defaults
7.12 Reset to the OpenShift default values.
7.14 Edit the Openshift node config file /etc/origin/node/node-config.yaml and set RotateKubeletClientCertificate to true.
7.15 Edit the Openshift node config file /etc/origin/node/node-config.yaml and set RotateKubeletServerCertificate to true.
8.1 Run the below command on each worker node.
chmod 644 /etc/origin/node/node.kubeconfig
8.2
8.3 Run the below command on each worker node.
chmod 644 $nodesvc
8.4
8.5 Run the below command on each worker node.
chmod 644 /etc/origin/node/node.kubeconfig
8.6
8.7 Run the below command on each worker node.
chmod 644 /etc/origin/node/client-ca.crt
8.8
== Summary ==
7 checks PASS
8 checks FAIL
4 checks WARN
4 checks INFO
The command "./kube-bench --version ocp-3.11" exited with 0.
~~~~
~~~~
CIS Kubernetes benchmark
https://docs.docker.com/compliance/cis/k8s/
kube-bench
https://github.com/aquasecurity/kube-bench
An objective, consensus-driven security guideline for the Kubernetes Server Software
https://www.cisecurity.org/benchmark/kubernetes/
An objective, consensus-driven security guideline for the Microsoft Azure Cloud Providers.
https://www.cisecurity.org/benchmark/azure/
~~~~