Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Insecure connection handling #38

Merged
merged 17 commits into from
Nov 11, 2024
Merged

Insecure connection handling #38

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
231869d
handling insecure connections
surya9839 Sep 4, 2024
2bf42db
handling insecure connections
surya9839 Sep 4, 2024
36caeb6
handling insecure connections
surya9839 Sep 4, 2024
960501f
handling insecure connections
surya9839 Sep 4, 2024
86c4ba6
removed hardcorded data_type for curl command
surya9839 Sep 26, 2024
f860e05
modifing docker file
surya9839 Oct 1, 2024
624d711
modifing docker file
surya9839 Oct 1, 2024
88a5071
modifing K8s-risk-management
surya9839 Oct 1, 2024
e0a0a45
modifing K8s-risk-management
surya9839 Oct 1, 2024
125ea6a
values update
surya9839 Oct 1, 2024
2b19016
values update
surya9839 Oct 1, 2024
8f787f9
new_requirement of allowing local cert
surya9839 Oct 23, 2024
e64086e
Update curl_command.sh
surya9839 Oct 25, 2024
bdea86e
logic for cert from local
surya9839 Oct 25, 2024
56517ae
changes for local cert
surya9839 Oct 28, 2024
8931a58
changes for local cert
surya9839 Oct 29, 2024
102e238
Merge branch 'main' into insecure-connection-handling
SujithKasireddy Nov 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
modifing docker file
  • Loading branch information
@surya9839
surya9839 committed Oct 1, 2024
commit f860e05bc1434a46d18bf3473306744134796771
Binary file added .DS_Store
View file
Open in desktop
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove binary file

Binary file not shown.
3 changes: 3 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,7 @@ RUN apk --update add jq curl
COPY entrypoint.sh .
COPY curl_command.sh .

# Grant execute permissions to the scripts
RUN chmod +x entrypoint.sh curl_command.sh
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove this RUN step.
On your local system run:

chmod +x entrypoint.sh curl_command.sh
git add entrypoint.sh curl_command.sh


ENTRYPOINT ["/bin/sh", "entrypoint.sh"]
Binary file added cis-k8s-job/.DS_Store
View file
Open in desktop
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove binary file

Binary file not shown.
1 change: 1 addition & 0 deletions cis-k8s-job/test-scan.csv
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
CSV report generated successfully at runstatus_report.csv
9 changes: 8 additions & 1 deletion kiem-job/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,8 @@ spec:
mountPath: /data
containers:
- image: accuknox/accuknox-job:latest
command: ['sh', '-c', 'curl --location --request POST "https://${URL}/api/v1/artifact/?tenant_id=${TENANT_ID}&data_type=KIEM&save_to_s3=false&label_id=${LABEL_NAME}" --header "Tenant-Id: ${TENANT_ID}" --header "Authorization: Bearer ${AUTH_TOKEN}" --form "file=@\"/data/report.json\""']
command: ["/bin/sh", "-c"]
args: ['./curl_command.sh']
name: accuknox-kiem-cronjob
resources: {}
env:
Expand All @@ -40,6 +41,12 @@ spec:
value: {{ .Values.accuknox.clusterName }}
- name: LABEL_NAME
value: {{ .Values.accuknox.label | quote}}
- name: CERT_BUNDLE_URL
value: {{ .Values.accuknox.certBundleURL }}
- name: USE_INSECURE_CONNECTION
value: {{ .Values.accuknox.useInsecureConnection | quote }}
- name: DATA_TYPE
value: "KIEM"
volumeMounts:
- mountPath: /data
name: datapath
Expand Down