Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cis-benchmarks won't run offline #623

Open
evilnick opened this issue Dec 13, 2021 · 1 comment
Open

cis-benchmarks won't run offline #623

evilnick opened this issue Dec 13, 2021 · 1 comment
Labels
help wanted Issues seeking community contribution

Comments

@evilnick
Copy link
Collaborator

we should document that
@kwmonroe
Copy link
Contributor

kwmonroe commented Dec 13, 2021
edited
Loading

Today, I think the procedure would go like this:

Use a connected machine to download CIS benchmark configuration data:

wget https://github.com/charmed-kubernetes/kube-bench-config/archive/cis-1.20.zip

Then download the kube-bench application:

wget https://github.com/aquasecurity/kube-bench/releases/download/v0.6.5/kube-bench_0.6.5_linux_amd64.tar.gz

Transfer the above archives to a location that can be accessed by applications in the Charmed Kubernetes deployment. Specify these locations as action parameters when running the benchmark:

juju run-action --wait kubernetes-master/0 cis-benchmark \
    config=http://my_proxy/cis-1.20.zip \
    release=http://my_proxy/kube-bench_0.6.5_linux_amd64.tar.gz

In the future, perhaps we could turn these into formal resources that would be attached to charms that include this layer, but that's not on our radar atm.

@evilnick evilnick added the help wanted Issues seeking community contribution label Oct 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Issues seeking community contribution
Milestone
No milestone
Development

No branches or pull requests
2 participants
@evilnick @kwmonroe