X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=docker%2Fsecurity%2Ftestcases.yaml;fp=docker%2Fsecurity%2Ftestcases.yaml;h=c4f7e69b35903025aa892d1b01442cc087de8f2e;hb=bced94b6fe24c7e939fb22834deb77477e4a9bb9;hp=e5423a4719329b9764cfbe490fe2d88ce4c30b40;hpb=b866c73d70079fdb52e5fc999f49a32d2af82349;p=functest-kubernetes.git diff --git a/docker/security/testcases.yaml b/docker/security/testcases.yaml index e5423a47..c4f7e69b 100644 --- a/docker/security/testcases.yaml +++ b/docker/security/testcases.yaml @@ -2,7 +2,6 @@ tiers: - name: security - ci_loop: '(daily)|(weekly)' description: >- Set of basic security tests. testcases: @@ -15,17 +14,34 @@ tiers: Check that the kubernetes cluster has no known vulnerabilities run: - name: 'kube_hunter' + name: kube_hunter args: severity: high - - case_name: kube_bench + case_name: kube_bench_master project_name: functest criteria: 100 blocking: false description: >- - Check that the kubernetes cluster has no known - vulnerabilities + Checks whether Kubernetes is deployed securely by running + the master checks documented in the CIS Kubernetes + Benchmark. run: - name: 'kube_bench' + name: kube_bench + args: + target: master + + - + case_name: kube_bench_node + project_name: functest + criteria: 100 + blocking: false + description: >- + Checks whether Kubernetes is deployed securely by running + the node checks documented in the CIS Kubernetes + Benchmark. + run: + name: kube_bench + args: + target: node