diff --git a/README.md b/README.md index 053bb9be..902eb4da 100644 --- a/README.md +++ b/README.md @@ -25,3 +25,4 @@ See each plugin readme for more info and usage instructions. | [Github Release](plugins/github-release/README.md) | Managing GitHub releases | `github` `release`| | [Google GKE](plugins/gke/README.md) | GKE Clusters | `GKE` `codefresh`| | [Vault](plugins/vault/README.md) | Export Vault Key/Value pairs as ENV variables | `Vault` `codefresh`| +| [Octarine](plugins/octarine/README.md) | Security Scanning for applicatoin deployed to Kubernetes | `security`| diff --git a/plugins/octarine/Notes.md b/plugins/octarine/Notes.md new file mode 100644 index 00000000..07e5a008 --- /dev/null +++ b/plugins/octarine/Notes.md @@ -0,0 +1 @@ +## Notes.md diff --git a/plugins/octarine/README.md b/plugins/octarine/README.md new file mode 100644 index 00000000..9cdf1796 --- /dev/null +++ b/plugins/octarine/README.md @@ -0,0 +1,32 @@ +# Kubernetes Object Scanning Tool +Docker image which invokes Kubernetes security scanning using Octactl + +## Prerequisites: + +Codefresh Subscription (Dedicated Infrastructure) - https://codefresh.io/ + +OctarineSec Subscription - https://www.octarinesec.com + +## options + +To use an ENVIRONMENT VARIABLE you need to add the variables to your Codefresh Pipeline and also to your codefresh.yaml. + +Check the project [Github](https://github.com/octarinesec/validator) for a full list of config options + +## codefresh.yml + +Codefresh Build Step to execute OctarineSec scan. +All `${{var}}` variables must be put into Codefresh Build Parameters +codefresh.yml +```console + steps: + validate_security: + title: "Validating Security By Octarine" + image: "octarinesec/validator:latest" + environment: + - OCTARINE_ACCOUNT= + - OCTARINE_SESSION_ID= + - OCTARINE_SESSION_ACCESSJWT= + - OBJECT_DIR=${{CF_VOLUME_PATH}}/${{CF_REPO_NAME}}/kubernetes/ + stage: "PreBuild test" +``` diff --git a/plugins/octarine/plugin.yaml b/plugins/octarine/plugin.yaml new file mode 100644 index 00000000..2dee4e7f --- /dev/null +++ b/plugins/octarine/plugin.yaml @@ -0,0 +1,30 @@ +image: octarinesec/validator +tag: latest +version: 19.1 +description: Execute Kubernetes object security scan with Octarin (https://octarinesec.com) +keywords: + - security + - scan +home: https://github.com/octarinesec/validator +sources: + - https://github.com/octarinesec/validator +maintainers: + - name: Ram Akuka + email: ram@octarinesec.com +icon: https://raw.githubusercontent.com/octarinesec/validator/master/images/logo_only.png +envs: + - name: OCTARINE_ACCOUNT + type: required + description: Octarine account name + - name: OCTARINE_SESSION_ID + type: required + description: Octarine session ID + - name: OCTARINE_SESSION_ACCESSJWT + type: required + description: Octarine session access JWT + - name: OBJECT_DIR + type: required + description: Directory or file path with the Kubernetes yaml files + - name: OCTAINE_POLICY + type: required + description: Octarine Policy name to use for the validate