├── .deepsource.toml ├── .dockerignore ├── .editorconfig ├── .github ├── ISSUE_TEMPLATE │ ├── bug_report.yaml │ ├── config.yml │ └── feature_request.yaml ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yml └── workflows │ ├── lint_bash.yml │ ├── lint_docker.yml │ ├── lint_go.yml │ ├── lint_yml.yml │ ├── move_issues_to_board.yml │ ├── release.yml │ ├── release_containers.yml │ ├── release_containers_webhook.yml │ ├── security_analysis.yml │ ├── test_acceptance.yml │ └── test_unit.yml ├── .gitignore ├── .gitmodules ├── .goreleaser.yml ├── .hadolint.yaml ├── .markdownlint.yaml ├── .yamllint.yaml ├── CHANGELOG.md ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── Dockerfile ├── Dockerfile.scratch ├── LICENSE ├── MAINTAINERS ├── Makefile ├── README.md ├── SECURITY.md ├── cloudbuild.yaml ├── cmd ├── http.go ├── main.go ├── print-rules.go ├── scan.go └── version.go ├── go.mod ├── go.sum ├── main.go ├── pkg ├── report │ └── writer.go ├── ruler │ ├── report.go │ ├── rule.go │ ├── rule_test.go │ ├── ruleset.go │ ├── ruleset_test.go │ ├── schema.go │ └── schema_test.go ├── rules │ ├── allowPrivilegeEscalation.go │ ├── allowPrivilegeEscalation_test.go │ ├── apparmorAny.go │ ├── apparmorAny_test.go │ ├── apparmorTestCases.go │ ├── apparmorUnconfined.go │ ├── apparmorUnconfined_test.go │ ├── automountServiceAccountToken.go │ ├── automountServiceAccountToken_test.go │ ├── capDropAll.go │ ├── capDropAll_test.go │ ├── capDropAny.go │ ├── capDropAny_test.go │ ├── capSysAdmin.go │ ├── capSysAdmin_test.go │ ├── dockerSock.go │ ├── dockerSock_test.go │ ├── helper.go │ ├── helper_test.go │ ├── hostAliases.go │ ├── hostAliases_test.go │ ├── hostIPC.go │ ├── hostIPC_test.go │ ├── hostNetwork.go │ ├── hostNetwork_test.go │ ├── hostPID.go │ ├── hostPID_test.go │ ├── hostUsers.go │ ├── hostUsers_test.go │ ├── limitsCPU.go │ ├── limitsCPU_test.go │ ├── limitsMemory.go │ ├── limitsMemory_test.go │ ├── privileged.go │ ├── privileged_test.go │ ├── procMount.go │ ├── procMount_test.go │ ├── readOnlyRootFilesystem.go │ ├── readOnlyRootFilesystem_test.go │ ├── requestsCPU.go │ ├── requestsCPU_test.go │ ├── requestsMemory.go │ ├── requestsMemory_test.go │ ├── runAsGroup.go │ ├── runAsGroup_test.go │ ├── runAsNonRoot.go │ ├── runAsNonRoot_test.go │ ├── runAsUser.go │ ├── runAsUser_test.go │ ├── seccompAny.go │ ├── seccompAny_test.go │ ├── seccompTestCases.go │ ├── seccompUnconfined.go │ ├── seccompUnconfined_test.go │ ├── selector.go │ ├── serviceAccountName.go │ ├── serviceAccountName_test.go │ ├── volumeClaimAccessModeReadWriteOnce.go │ ├── volumeClaimAccessModeReadWriteOnce_test.go │ ├── volumeClaimRequestsStorage.go │ └── volumeClaimRequestsStorage_test.go ├── server │ └── server.go └── util │ ├── util.go │ └── util_test.go ├── templates └── sarif.tpl └── test ├── 0_test_deps.bats ├── 1_cli.bats ├── 2_regression.bats ├── 3_todo.bats ├── _helper.bash └── asset ├── allowPrivilegeEscalation.yaml ├── bug-dump-2.json ├── critical-double-multiple.yml ├── critical-double.yml ├── empty-file ├── empty-json-file ├── form-prefix-file.json ├── form-prefix-file.yml ├── form-prefix-not-file.json ├── form-prefix-not-file.yml ├── invalid-input-pod-dump.json ├── invalid-schema.yml ├── invalid-type.yml ├── multi.yml ├── score-0-cap-chown.yml ├── score-0-cap-sys-admin-and-cap-chown.yml ├── score-0-cap-sys-admin.yml ├── score-0-daemonset-host-network.yml ├── score-0-daemonset-host-pid.yml ├── score-0-daemonset-mount-docker-socket.yml ├── score-0-daemonset-securitycontext-privileged.yml ├── score-0-daemonset-volume-host-docker-socket.yml ├── score-0-dep-apparmor-empty-securitycontext.yml ├── score-0-dep-apparmor-unconfined-container.yml ├── score-0-dep-apparmor-unconfined-ephemeralcontainer.yml ├── score-0-dep-apparmor-unconfined-initcontainer.yml ├── score-0-dep-apparmor-unconfined-spec-securitycontext.yml ├── score-0-dep-seccomp-empty-securitycontext.yml ├── score-0-dep-seccomp-unconfined-container.yml ├── score-0-dep-seccomp-unconfined-ephemeralcontainer.yml ├── score-0-dep-seccomp-unconfined-initcontainer.yml ├── score-0-dep-seccomp-unconfined-spec-securitycontext.yml ├── score-0-podsecuritypolicy-permissive.yml ├── score-0-statefulset-no-sec.yml ├── score-1-cap-drop-all.yml ├── score-1-daemonset-default.yml ├── score-1-dep-apparmor-nonunconfined-container.yml ├── score-1-dep-apparmor-nonunconfined-ephemeralcontainer.yml ├── score-1-dep-apparmor-nonunconfined-initcontainer.yml ├── score-1-dep-apparmor-nonunconfined-spec-securitycontext.yml ├── score-1-dep-default.yml ├── score-1-dep-empty-security-context.yml ├── score-1-dep-invalid-security-context.yml ├── score-1-dep-podseccon-run-as-group-1.yml ├── score-1-dep-podseccon-run-as-group-10001.yml ├── score-1-dep-podseccon-run-as-non-root.yml ├── score-1-dep-podseccon-run-as-user-1.yml ├── score-1-dep-podseccon-run-as-user-10001.yml ├── score-1-dep-resource-limit-cpu.yml ├── score-1-dep-resource-limit-memory.yml ├── score-1-dep-ro-root-fs.yml ├── score-1-dep-seccomp-nonunconfined-container.yml ├── score-1-dep-seccomp-nonunconfined-ephemeralcontainer.yml ├── score-1-dep-seccomp-nonunconfined-initcontainer.yml ├── score-1-dep-seccomp-nonunconfined-spec-securitycontext.yml ├── score-1-dep-seccon-run-as-group-1.yml ├── score-1-dep-seccon-run-as-group-10001.yml ├── score-1-dep-seccon-run-as-non-root.yml ├── score-1-dep-seccon-run-as-user-1.yml ├── score-1-dep-seccon-run-as-user-10001.yml ├── score-1-pod-automount-sa-set-to-false.yml ├── score-1-pod-automountservicetoken.yml ├── score-1-pod-default.yml ├── score-1-pod-hostUsers-set-to-false.yml ├── score-1-prod-dump.yaml ├── score-1-statefulset-default.yml ├── score-1-statefulset-novolumeclaimtemplate.yml ├── score-1-statefulset-volumeclaimtemplate.yml ├── score-2-dep-serviceaccount.yml ├── score-2-pod-serviceaccount.yml ├── score-5-pod-serviceaccount.yml ├── sockshop ├── carts-db-dep.yaml ├── carts-dep.yaml ├── catalogue-db-dep.yaml ├── catalogue-dep.yaml ├── front-end-dep.yaml ├── loadtest-dep.yaml ├── orders-db-dep.yaml ├── orders-dep.yaml ├── payment-dep.yaml ├── queue-master-dep.yaml ├── rabbitmq-dep.yaml ├── session-db-dep.yaml ├── shipping-dep.yaml ├── user-db-dep.yaml └── user-dep.yaml ├── versioned ├── score-0-daemonset-v1.11.yml └── score-0-statefulset-v1.11.yml └── very-long-file /.deepsource.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.deepsource.toml -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.dockerignore -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.editorconfig -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/ISSUE_TEMPLATE/bug_report.yaml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/ISSUE_TEMPLATE/config.yml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/ISSUE_TEMPLATE/feature_request.yaml -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/PULL_REQUEST_TEMPLATE.md -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/dependabot.yml -------------------------------------------------------------------------------- /.github/workflows/lint_bash.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/lint_bash.yml -------------------------------------------------------------------------------- /.github/workflows/lint_docker.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/lint_docker.yml -------------------------------------------------------------------------------- /.github/workflows/lint_go.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/lint_go.yml -------------------------------------------------------------------------------- /.github/workflows/lint_yml.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/lint_yml.yml -------------------------------------------------------------------------------- /.github/workflows/move_issues_to_board.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/move_issues_to_board.yml -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/release.yml -------------------------------------------------------------------------------- /.github/workflows/release_containers.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/release_containers.yml -------------------------------------------------------------------------------- /.github/workflows/release_containers_webhook.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/release_containers_webhook.yml -------------------------------------------------------------------------------- /.github/workflows/security_analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/security_analysis.yml -------------------------------------------------------------------------------- /.github/workflows/test_acceptance.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/test_acceptance.yml -------------------------------------------------------------------------------- /.github/workflows/test_unit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.github/workflows/test_unit.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.gitignore -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.gitmodules -------------------------------------------------------------------------------- /.goreleaser.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.goreleaser.yml -------------------------------------------------------------------------------- /.hadolint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.hadolint.yaml -------------------------------------------------------------------------------- /.markdownlint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.markdownlint.yaml -------------------------------------------------------------------------------- /.yamllint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/.yamllint.yaml -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/Dockerfile -------------------------------------------------------------------------------- /Dockerfile.scratch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/Dockerfile.scratch -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/LICENSE -------------------------------------------------------------------------------- /MAINTAINERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/MAINTAINERS -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/SECURITY.md -------------------------------------------------------------------------------- /cloudbuild.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/cloudbuild.yaml -------------------------------------------------------------------------------- /cmd/http.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/cmd/http.go -------------------------------------------------------------------------------- /cmd/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/cmd/main.go -------------------------------------------------------------------------------- /cmd/print-rules.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/cmd/print-rules.go -------------------------------------------------------------------------------- /cmd/scan.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/cmd/scan.go -------------------------------------------------------------------------------- /cmd/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/cmd/version.go -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/go.sum -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/main.go -------------------------------------------------------------------------------- /pkg/report/writer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/report/writer.go -------------------------------------------------------------------------------- /pkg/ruler/report.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/report.go -------------------------------------------------------------------------------- /pkg/ruler/rule.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/rule.go -------------------------------------------------------------------------------- /pkg/ruler/rule_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/rule_test.go -------------------------------------------------------------------------------- /pkg/ruler/ruleset.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/ruleset.go -------------------------------------------------------------------------------- /pkg/ruler/ruleset_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/ruleset_test.go -------------------------------------------------------------------------------- /pkg/ruler/schema.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/schema.go -------------------------------------------------------------------------------- /pkg/ruler/schema_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/ruler/schema_test.go -------------------------------------------------------------------------------- /pkg/rules/allowPrivilegeEscalation.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/allowPrivilegeEscalation.go -------------------------------------------------------------------------------- /pkg/rules/allowPrivilegeEscalation_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/allowPrivilegeEscalation_test.go -------------------------------------------------------------------------------- /pkg/rules/apparmorAny.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/apparmorAny.go -------------------------------------------------------------------------------- /pkg/rules/apparmorAny_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/apparmorAny_test.go -------------------------------------------------------------------------------- /pkg/rules/apparmorTestCases.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/apparmorTestCases.go -------------------------------------------------------------------------------- /pkg/rules/apparmorUnconfined.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/apparmorUnconfined.go -------------------------------------------------------------------------------- /pkg/rules/apparmorUnconfined_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/apparmorUnconfined_test.go -------------------------------------------------------------------------------- /pkg/rules/automountServiceAccountToken.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/automountServiceAccountToken.go -------------------------------------------------------------------------------- /pkg/rules/automountServiceAccountToken_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/automountServiceAccountToken_test.go -------------------------------------------------------------------------------- /pkg/rules/capDropAll.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/capDropAll.go -------------------------------------------------------------------------------- /pkg/rules/capDropAll_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/capDropAll_test.go -------------------------------------------------------------------------------- /pkg/rules/capDropAny.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/capDropAny.go -------------------------------------------------------------------------------- /pkg/rules/capDropAny_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/capDropAny_test.go -------------------------------------------------------------------------------- /pkg/rules/capSysAdmin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/capSysAdmin.go -------------------------------------------------------------------------------- /pkg/rules/capSysAdmin_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/capSysAdmin_test.go -------------------------------------------------------------------------------- /pkg/rules/dockerSock.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/dockerSock.go -------------------------------------------------------------------------------- /pkg/rules/dockerSock_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/dockerSock_test.go -------------------------------------------------------------------------------- /pkg/rules/helper.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/helper.go -------------------------------------------------------------------------------- /pkg/rules/helper_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/helper_test.go -------------------------------------------------------------------------------- /pkg/rules/hostAliases.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostAliases.go -------------------------------------------------------------------------------- /pkg/rules/hostAliases_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostAliases_test.go -------------------------------------------------------------------------------- /pkg/rules/hostIPC.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostIPC.go -------------------------------------------------------------------------------- /pkg/rules/hostIPC_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostIPC_test.go -------------------------------------------------------------------------------- /pkg/rules/hostNetwork.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostNetwork.go -------------------------------------------------------------------------------- /pkg/rules/hostNetwork_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostNetwork_test.go -------------------------------------------------------------------------------- /pkg/rules/hostPID.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostPID.go -------------------------------------------------------------------------------- /pkg/rules/hostPID_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostPID_test.go -------------------------------------------------------------------------------- /pkg/rules/hostUsers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostUsers.go -------------------------------------------------------------------------------- /pkg/rules/hostUsers_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/hostUsers_test.go -------------------------------------------------------------------------------- /pkg/rules/limitsCPU.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/limitsCPU.go -------------------------------------------------------------------------------- /pkg/rules/limitsCPU_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/limitsCPU_test.go -------------------------------------------------------------------------------- /pkg/rules/limitsMemory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/limitsMemory.go -------------------------------------------------------------------------------- /pkg/rules/limitsMemory_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/limitsMemory_test.go -------------------------------------------------------------------------------- /pkg/rules/privileged.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/privileged.go -------------------------------------------------------------------------------- /pkg/rules/privileged_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/privileged_test.go -------------------------------------------------------------------------------- /pkg/rules/procMount.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/procMount.go -------------------------------------------------------------------------------- /pkg/rules/procMount_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/procMount_test.go -------------------------------------------------------------------------------- /pkg/rules/readOnlyRootFilesystem.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/readOnlyRootFilesystem.go -------------------------------------------------------------------------------- /pkg/rules/readOnlyRootFilesystem_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/readOnlyRootFilesystem_test.go -------------------------------------------------------------------------------- /pkg/rules/requestsCPU.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/requestsCPU.go -------------------------------------------------------------------------------- /pkg/rules/requestsCPU_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/requestsCPU_test.go -------------------------------------------------------------------------------- /pkg/rules/requestsMemory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/requestsMemory.go -------------------------------------------------------------------------------- /pkg/rules/requestsMemory_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/requestsMemory_test.go -------------------------------------------------------------------------------- /pkg/rules/runAsGroup.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/runAsGroup.go -------------------------------------------------------------------------------- /pkg/rules/runAsGroup_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/runAsGroup_test.go -------------------------------------------------------------------------------- /pkg/rules/runAsNonRoot.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/runAsNonRoot.go -------------------------------------------------------------------------------- /pkg/rules/runAsNonRoot_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/runAsNonRoot_test.go -------------------------------------------------------------------------------- /pkg/rules/runAsUser.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/runAsUser.go -------------------------------------------------------------------------------- /pkg/rules/runAsUser_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/runAsUser_test.go -------------------------------------------------------------------------------- /pkg/rules/seccompAny.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/seccompAny.go -------------------------------------------------------------------------------- /pkg/rules/seccompAny_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/seccompAny_test.go -------------------------------------------------------------------------------- /pkg/rules/seccompTestCases.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/seccompTestCases.go -------------------------------------------------------------------------------- /pkg/rules/seccompUnconfined.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/seccompUnconfined.go -------------------------------------------------------------------------------- /pkg/rules/seccompUnconfined_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/seccompUnconfined_test.go -------------------------------------------------------------------------------- /pkg/rules/selector.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/selector.go -------------------------------------------------------------------------------- /pkg/rules/serviceAccountName.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/serviceAccountName.go -------------------------------------------------------------------------------- /pkg/rules/serviceAccountName_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/serviceAccountName_test.go -------------------------------------------------------------------------------- /pkg/rules/volumeClaimAccessModeReadWriteOnce.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/volumeClaimAccessModeReadWriteOnce.go -------------------------------------------------------------------------------- /pkg/rules/volumeClaimAccessModeReadWriteOnce_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/volumeClaimAccessModeReadWriteOnce_test.go -------------------------------------------------------------------------------- /pkg/rules/volumeClaimRequestsStorage.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/volumeClaimRequestsStorage.go -------------------------------------------------------------------------------- /pkg/rules/volumeClaimRequestsStorage_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/rules/volumeClaimRequestsStorage_test.go -------------------------------------------------------------------------------- /pkg/server/server.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/server/server.go -------------------------------------------------------------------------------- /pkg/util/util.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/util/util.go -------------------------------------------------------------------------------- /pkg/util/util_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/pkg/util/util_test.go -------------------------------------------------------------------------------- /templates/sarif.tpl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/templates/sarif.tpl -------------------------------------------------------------------------------- /test/0_test_deps.bats: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/0_test_deps.bats -------------------------------------------------------------------------------- /test/1_cli.bats: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/1_cli.bats -------------------------------------------------------------------------------- /test/2_regression.bats: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/2_regression.bats -------------------------------------------------------------------------------- /test/3_todo.bats: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/3_todo.bats -------------------------------------------------------------------------------- /test/_helper.bash: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/_helper.bash -------------------------------------------------------------------------------- /test/asset/allowPrivilegeEscalation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/allowPrivilegeEscalation.yaml -------------------------------------------------------------------------------- /test/asset/bug-dump-2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/bug-dump-2.json -------------------------------------------------------------------------------- /test/asset/critical-double-multiple.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/critical-double-multiple.yml -------------------------------------------------------------------------------- /test/asset/critical-double.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/critical-double.yml -------------------------------------------------------------------------------- /test/asset/empty-file: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /test/asset/empty-json-file: -------------------------------------------------------------------------------- 1 | {} 2 | -------------------------------------------------------------------------------- /test/asset/form-prefix-file.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/form-prefix-file.json -------------------------------------------------------------------------------- /test/asset/form-prefix-file.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/form-prefix-file.yml -------------------------------------------------------------------------------- /test/asset/form-prefix-not-file.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/form-prefix-not-file.json -------------------------------------------------------------------------------- /test/asset/form-prefix-not-file.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/form-prefix-not-file.yml -------------------------------------------------------------------------------- /test/asset/invalid-input-pod-dump.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/invalid-input-pod-dump.json -------------------------------------------------------------------------------- /test/asset/invalid-schema.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/invalid-schema.yml -------------------------------------------------------------------------------- /test/asset/invalid-type.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/invalid-type.yml -------------------------------------------------------------------------------- /test/asset/multi.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/multi.yml -------------------------------------------------------------------------------- /test/asset/score-0-cap-chown.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-cap-chown.yml -------------------------------------------------------------------------------- /test/asset/score-0-cap-sys-admin-and-cap-chown.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-cap-sys-admin-and-cap-chown.yml -------------------------------------------------------------------------------- /test/asset/score-0-cap-sys-admin.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-cap-sys-admin.yml -------------------------------------------------------------------------------- /test/asset/score-0-daemonset-host-network.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-daemonset-host-network.yml -------------------------------------------------------------------------------- /test/asset/score-0-daemonset-host-pid.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-daemonset-host-pid.yml -------------------------------------------------------------------------------- /test/asset/score-0-daemonset-mount-docker-socket.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-daemonset-mount-docker-socket.yml -------------------------------------------------------------------------------- /test/asset/score-0-daemonset-securitycontext-privileged.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-daemonset-securitycontext-privileged.yml -------------------------------------------------------------------------------- /test/asset/score-0-daemonset-volume-host-docker-socket.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-daemonset-volume-host-docker-socket.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-apparmor-empty-securitycontext.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-apparmor-empty-securitycontext.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-apparmor-unconfined-container.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-apparmor-unconfined-container.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-apparmor-unconfined-ephemeralcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-apparmor-unconfined-ephemeralcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-apparmor-unconfined-initcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-apparmor-unconfined-initcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-apparmor-unconfined-spec-securitycontext.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-apparmor-unconfined-spec-securitycontext.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-seccomp-empty-securitycontext.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-seccomp-empty-securitycontext.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-seccomp-unconfined-container.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-seccomp-unconfined-container.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-seccomp-unconfined-ephemeralcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-seccomp-unconfined-ephemeralcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-seccomp-unconfined-initcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-seccomp-unconfined-initcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-0-dep-seccomp-unconfined-spec-securitycontext.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-dep-seccomp-unconfined-spec-securitycontext.yml -------------------------------------------------------------------------------- /test/asset/score-0-podsecuritypolicy-permissive.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-podsecuritypolicy-permissive.yml -------------------------------------------------------------------------------- /test/asset/score-0-statefulset-no-sec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-0-statefulset-no-sec.yml -------------------------------------------------------------------------------- /test/asset/score-1-cap-drop-all.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-cap-drop-all.yml -------------------------------------------------------------------------------- /test/asset/score-1-daemonset-default.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-daemonset-default.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-apparmor-nonunconfined-container.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-apparmor-nonunconfined-container.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-apparmor-nonunconfined-ephemeralcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-apparmor-nonunconfined-ephemeralcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-apparmor-nonunconfined-initcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-apparmor-nonunconfined-initcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-apparmor-nonunconfined-spec-securitycontext.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-apparmor-nonunconfined-spec-securitycontext.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-default.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-default.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-empty-security-context.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-empty-security-context.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-invalid-security-context.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-invalid-security-context.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-podseccon-run-as-group-1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-podseccon-run-as-group-1.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-podseccon-run-as-group-10001.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-podseccon-run-as-group-10001.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-podseccon-run-as-non-root.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-podseccon-run-as-non-root.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-podseccon-run-as-user-1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-podseccon-run-as-user-1.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-podseccon-run-as-user-10001.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-podseccon-run-as-user-10001.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-resource-limit-cpu.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-resource-limit-cpu.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-resource-limit-memory.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-resource-limit-memory.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-ro-root-fs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-ro-root-fs.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccomp-nonunconfined-container.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccomp-nonunconfined-container.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccomp-nonunconfined-ephemeralcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccomp-nonunconfined-ephemeralcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccomp-nonunconfined-initcontainer.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccomp-nonunconfined-initcontainer.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccomp-nonunconfined-spec-securitycontext.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccomp-nonunconfined-spec-securitycontext.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccon-run-as-group-1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccon-run-as-group-1.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccon-run-as-group-10001.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccon-run-as-group-10001.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccon-run-as-non-root.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccon-run-as-non-root.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccon-run-as-user-1.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccon-run-as-user-1.yml -------------------------------------------------------------------------------- /test/asset/score-1-dep-seccon-run-as-user-10001.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-dep-seccon-run-as-user-10001.yml -------------------------------------------------------------------------------- /test/asset/score-1-pod-automount-sa-set-to-false.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-pod-automount-sa-set-to-false.yml -------------------------------------------------------------------------------- /test/asset/score-1-pod-automountservicetoken.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-pod-automountservicetoken.yml -------------------------------------------------------------------------------- /test/asset/score-1-pod-default.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-pod-default.yml -------------------------------------------------------------------------------- /test/asset/score-1-pod-hostUsers-set-to-false.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-pod-hostUsers-set-to-false.yml -------------------------------------------------------------------------------- /test/asset/score-1-prod-dump.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-prod-dump.yaml -------------------------------------------------------------------------------- /test/asset/score-1-statefulset-default.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-statefulset-default.yml -------------------------------------------------------------------------------- /test/asset/score-1-statefulset-novolumeclaimtemplate.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-statefulset-novolumeclaimtemplate.yml -------------------------------------------------------------------------------- /test/asset/score-1-statefulset-volumeclaimtemplate.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-1-statefulset-volumeclaimtemplate.yml -------------------------------------------------------------------------------- /test/asset/score-2-dep-serviceaccount.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-2-dep-serviceaccount.yml -------------------------------------------------------------------------------- /test/asset/score-2-pod-serviceaccount.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-2-pod-serviceaccount.yml -------------------------------------------------------------------------------- /test/asset/score-5-pod-serviceaccount.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/score-5-pod-serviceaccount.yml -------------------------------------------------------------------------------- /test/asset/sockshop/carts-db-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/carts-db-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/carts-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/carts-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/catalogue-db-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/catalogue-db-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/catalogue-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/catalogue-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/front-end-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/front-end-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/loadtest-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/loadtest-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/orders-db-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/orders-db-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/orders-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/orders-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/payment-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/payment-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/queue-master-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/queue-master-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/rabbitmq-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/rabbitmq-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/session-db-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/session-db-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/shipping-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/shipping-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/user-db-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/user-db-dep.yaml -------------------------------------------------------------------------------- /test/asset/sockshop/user-dep.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/sockshop/user-dep.yaml -------------------------------------------------------------------------------- /test/asset/versioned/score-0-daemonset-v1.11.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/versioned/score-0-daemonset-v1.11.yml -------------------------------------------------------------------------------- /test/asset/versioned/score-0-statefulset-v1.11.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/versioned/score-0-statefulset-v1.11.yml -------------------------------------------------------------------------------- /test/asset/very-long-file: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/controlplaneio/kubesec/HEAD/test/asset/very-long-file --------------------------------------------------------------------------------