Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Document and contextualise kube-bench results for KKP #1406

Open
embik opened this issue Mar 15, 2023 · 1 comment
Open

Document and contextualise kube-bench results for KKP #1406

embik opened this issue Mar 15, 2023 · 1 comment
Labels
kind/documentation Categorizes issue or PR as related to documentation.

Comments

@embik
Copy link
Member

embik commented Mar 15, 2023

We should look into publishing results for https://github.com/aquasecurity/kube-bench on a stock KKP user cluster to our docs. Some tests might also be false-negatives, so we need to document why we believe those are not valid, so users running kube-bench on their own can understand the results they are getting.

I think it would be best to store the results in some data format (e.g. JSON, maybe kube-bench supports that as output), enrich it with context and render it into a document nicely. That way, we might be able to update it nicely.
@embik embik added the kind/documentation Categorizes issue or PR as related to documentation. label Mar 15, 2023
@embik
Copy link
Member Author

embik commented Jun 13, 2023

It's also possible to provide a custom kube-bench configuration that would exclude the checks not applying to KKP. As long as we publicly document why we are excluding them, it should be fine.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
kind/documentation Categorizes issue or PR as related to documentation.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@embik