andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,484 Commits
50 Branches
2 Tags
432 MiB
Commit Graph

36 Commits (8249d2d75327cafe7e64de0ddc82f19ec9c63960)

Author SHA1 Message Date
Mauren Berti 79a977493b
Update PSP approach for rancher-cis-benchmark. 
* Remove all previous capabilities checks.
* Bump version from 3.0.1-rc6 to 4.0.0-rc1.
* Add new flag global.cattle.psp.enabled to control installation of PodSecurityPolicies.
* Add new validate-psp-install.yaml file to check whether PSPs can be installed.
* Update app-readme.md with PSP notice.
* Bump Kubernetes compatibility versions to < 1.26.0.
 2023-02-09 09:22:06 -05:00
vardhaman 0f5ef706c1 CIS: updated clusterrolebinding name 
also removed the unnecessary hook for deleting role binding
 2023-02-07 17:54:12 +05:30
vardhaman 1e8345e71d added tolerations variable for security scan job 2023-02-01 10:28:52 +05:30
Rayan Das 6335f0ec97 add condition to check for PSP capability in rancher-cis-benchmark 2023-01-11 22:42:48 +05:30
Vaishnav Gaikwad 8edef0570a Update cis-operator imagePullPolicy 2022-12-15 19:59:13 +05:30
vardhaman 39a83006e9 CIS BENCHMARK: added debug env var for cis operator 2022-12-06 11:48:40 +05:30
galal-hussein 3d4a61d672 fix permissions for cis-serviceaccount 2022-10-18 22:59:53 +02:00
galal-hussein 7641784193 Add PSP for cis-benchmark 2022-10-14 21:06:23 +02:00
galal-hussein 3fc4b81e99 Add privielges to cis-operator-serviceaccount in cis-operator namespace 2022-10-14 02:05:27 +02:00
galal-hussein 9a8fbadde3 Add pre-hook for upgrade fix and add serviceaccounts rbac 2022-10-13 20:51:13 +02:00
galal-hussein e0c2133e61 Add RBAC roles for cis benchmark chart 2022-10-12 20:07:16 +02:00
mitulshah-suse 60f61ebef4 update version in benchmark,remove 1.5 scanprofile 2022-09-16 09:56:33 +05:30
dhruvmewada15 324b47d504 Added cis-1.23 profiles for base CIS, rke1, rke2, k3s 2022-07-11 16:31:35 +05:30
dhruvmewada15 463e7431dd Added cis-1.20 profiles for base CIS, rke1, rke2, k3s 2022-07-11 16:22:15 +05:30
Vaishnav Gaikwad 6929fe59ab Bump security-scan version 
New security-scan image has the eks-version fix
 2022-06-23 19:16:13 +05:30
Vaishnav Gaikwad ccc57dfdf4 make clusterName string 2022-06-14 09:32:19 +05:30
Arvind Iyengar 5bf902b453
Fix rancher-cis-benchmark nodeSelector and tolerations 2022-03-18 13:58:09 -07:00
Luther Monson be5a59aeac add permits-os to all charts that needed it 2022-03-02 17:11:40 -07:00
dhruvmewada15 b0bc7a03ba Add AKS CIS Scan benchmark config 2022-02-15 23:04:00 +05:30
Jacob Payne 7821fd2296
(dev-v2.6-archive) Fix/issue 32301 (#1247) 
* cis 1.0.6 1.22 fixes

* make charts

(partially cherry picked from commit 0e089425ab)
 2022-01-06 11:34:09 -08:00
Arvind Iyengar 63af4011e1
(dev-v2.6-archive) Checkout current packages from dev-v2.5-source 
```bash
git fetch upstream
git checkout upstream/dev-v2.5-source -- packages; git reset HEAD; git checkout -- packages/README.md
```

(partially cherry picked from commit 551327b14e)
 2022-01-06 11:33:32 -08:00
actions decb1db44b
(dev-v2.6-archive) Generated changes 
(partially cherry picked from commit 88defdad62)
 2022-01-06 11:33:31 -08:00
Prachi Damle a63a0d586a
(dev-v2.6-archive) Merge pull request #676 from prachidamle/airgap_fix 
Use global registry for security-scan and sonobuoy tool images to support airgapped setups

(partially cherry picked from commit 0f786657a2)
 2022-01-06 11:33:27 -08:00
Jacob Payne fba428baa7
(dev-v2.6-archive) allow tolerations to be passed to fluentbit containers (#673) 
(partially cherry picked from commit 91d1dedca1)
 2022-01-06 11:33:27 -08:00
Prachi Damle 2d82003905
(dev-v2.6-archive) Use the system_default_registry for security-scan and sonobuoy images 
Deleting tgz assets

(partially cherry picked from commit 42f30bfad1)
 2022-01-06 11:33:26 -08:00
aiyengar2 f04ef106ae
(dev-v2.6-archive) Merge pull request #662 from aiyengar2/use_new_busybox 
Replace rancher/busybox w/ rancher/library-busybox

(partially cherry picked from commit afb3af8690)
 2022-01-06 11:33:18 -08:00
rajashree 748bfc929f
(dev-v2.6-archive) Update resourceset to include configmaps for clusterrepos 
(partially cherry picked from commit b3cc3a717c)
 2022-01-06 11:33:18 -08:00
Prachi Damle 866397beaa
(dev-v2.6-archive) Delete tgz files from assets, parameter in the post-install hook for namespace should use the 
helm templating

(partially cherry picked from commit 2dd35d89bb)
 2022-01-06 11:33:16 -08:00
Darren Shepherd 824e9a5211
(dev-v2.6-archive) fleet-0.3.0-beta1 
(partially cherry picked from commit ecd90e66af)
 2022-01-06 11:33:15 -08:00
Prachi Damle 3b038e7b76
(dev-v2.6-archive) Fixes to clear error state on scan retry, fixes for CIS hardened cluster 
(partially cherry picked from commit af609af172)
 2022-01-06 11:33:15 -08:00
Prachi Damle 3a84d26ed3
(dev-v2.6-archive) Adding rancher-cis-benchmark-crds - CRD chart for CIS v2 
Adding rancher-cis-benchmark - Main chart for deploying cis-operator

Review comments and changes CRDs and adding the roles

Adding default ClusterScanProfiles in a Configmap

Updating kubernetes version to have major.minor.patch

Package the CRDs within the original chart and add package.yaml

chart changes for tolerations, crds, added
global.cattle.systemDefaultRegistry

Review changes to removed nodeSelector helper, combine all cis clusterroles in one file

CRD name change and adding keywords, moving package.yaml one folder upi
Renamed hardened benchmark
Move providesGVR to chart.yaml

(partially cherry picked from commit b55e6ec019)
 2022-01-06 11:32:59 -08:00
Caleb Bron 2087de28b5 clean up main 2020-09-30 16:45:24 -07:00
Prachi Damle 42f30bfad1 Use the system_default_registry for security-scan and sonobuoy images 
Deleting tgz assets
 2020-09-21 15:21:56 -07:00
Prachi Damle 2dd35d89bb Delete tgz files from assets, parameter in the post-install hook for namespace should use the 
helm templating
 2020-09-18 10:36:16 -07:00
Prachi Damle af609af172 Fixes to clear error state on scan retry, fixes for CIS hardened cluster 2020-09-18 00:33:33 -07:00
Prachi Damle b55e6ec019 Adding rancher-cis-benchmark-crds - CRD chart for CIS v2 
Adding rancher-cis-benchmark - Main chart for deploying cis-operator

Review comments and changes CRDs and adding the roles

Adding default ClusterScanProfiles in a Configmap

Updating kubernetes version to have major.minor.patch

Package the CRDs within the original chart and add package.yaml

chart changes for tolerations, crds, added
global.cattle.systemDefaultRegistry

Review changes to removed nodeSelector helper, combine all cis clusterroles in one file

CRD name change and adding keywords, moving package.yaml one folder upi
Renamed hardened benchmark
Move providesGVR to chart.yaml
 2020-09-09 15:45:25 -07:00