You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Context: In the current CI we are validating yamls (lint, kube-bench run and check type correctness) for our own cfgs only, the ones that located in security-scan/package/cfgs. It's not the case for the upstream (kube-bench) profiles that we download during the build of security-scan.
The goal of this issue is to improve this by:
Adding a the validate-yaml step in the Dockerfile (right after the kube-bench's cfgs download)
Improving the comments in validate-yaml to mention that only the local cfgs are tested.
Context: In the current CI we are validating yamls (lint, kube-bench run and check type correctness) for our own cfgs only, the ones that located in security-scan/package/cfgs. It's not the case for the upstream (kube-bench) profiles that we download during the build of security-scan.
The goal of this issue is to improve this by:
cc @pjbgf
The text was updated successfully, but these errors were encountered: