diff options
Diffstat (limited to 'test/security/check_versions/env')
6 files changed, 224 insertions, 0 deletions
diff --git a/test/security/check_versions/env/Vagrantfile b/test/security/check_versions/env/Vagrantfile new file mode 100644 index 000000000..28abbc504 --- /dev/null +++ b/test/security/check_versions/env/Vagrantfile @@ -0,0 +1,35 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +Vagrant.configure("2") do |config| + + config.vm.provider :libvirt do |libvirt| + libvirt.default_prefix = "k8s_bin_versions_inspector"; + libvirt.driver = "kvm"; + libvirt.cpus = 6; + libvirt.memory = 12288; + end + + config.vm.box = "generic/ubuntu1804"; + config.vm.hostname = "k8s-bin-versions-inspector"; + config.vm.synced_folder ".", "/vagrant", disabled: true; + config.vm.synced_folder "..", "/home/vagrant/k8s_bin_versions_inspector", type: :sshfs; + + config.vm.provision "shell", inline: <<-end + export DEBIAN_FRONTEND=noninteractive &&\ + apt-get update &&\ + apt-get upgrade -y &&\ + apt-get dist-upgrade -y &&\ + apt-get install -y python3 python3-pip snap git vim net-tools htop &&\ + pip3 install --system -r /home/vagrant/k8s_bin_versions_inspector/env/requirements-dev.txt &&\ + snap install --classic microk8s &&\ + usermod -a -G microk8s vagrant + end + config.vm.provision :reload; + config.vm.provision "shell", privileged: false, inline: <<-end + microk8s reset &&\ + microk8s config > /home/vagrant/.kube/config &&\ + microk8s kubectl apply -f /home/vagrant/k8s_bin_versions_inspector/env/configuration + end +end + diff --git a/test/security/check_versions/env/configuration/namespaces.yaml b/test/security/check_versions/env/configuration/namespaces.yaml new file mode 100644 index 000000000..f300cc7da --- /dev/null +++ b/test/security/check_versions/env/configuration/namespaces.yaml @@ -0,0 +1,45 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: ingress-nginx + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-ingress-nginx + namespace: ingress-nginx +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-ingress-nginx + template: + metadata: + labels: + app: kbvi-test-ingress-nginx + spec: + containers: + - name: echo-server + image: jmalloc/echo-server + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-kube-system + namespace: kube-system +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-kube-system + template: + metadata: + labels: + app: kbvi-test-kube-system + spec: + containers: + - name: echo-server + image: jmalloc/echo-server diff --git a/test/security/check_versions/env/configuration/terminated.yaml b/test/security/check_versions/env/configuration/terminated.yaml new file mode 100644 index 000000000..dd6ce829d --- /dev/null +++ b/test/security/check_versions/env/configuration/terminated.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-terminated +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-terminated + template: + metadata: + labels: + app: kbvi-test-terminated + spec: + containers: + - name: python + image: python diff --git a/test/security/check_versions/env/configuration/versions.yaml b/test/security/check_versions/env/configuration/versions.yaml new file mode 100644 index 000000000..75b7f7b85 --- /dev/null +++ b/test/security/check_versions/env/configuration/versions.yaml @@ -0,0 +1,112 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-python-jupyter +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-python-jupyter + template: + metadata: + labels: + app: kbvi-test-python-jupyter + spec: + containers: + - name: jupyter + image: jupyter/base-notebook + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-python-jupyter-old +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-python-jupyter-old + template: + metadata: + labels: + app: kbvi-test-python-jupyter-old + spec: + containers: + - name: jupyter-old + image: jupyter/base-notebook:ff922f8f533a + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-python-stderr-filebeat +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-python-stderr-filebeat + template: + metadata: + labels: + app: kbvi-test-python-stderr-filebeat + spec: + containers: + - name: filebeat + image: docker.elastic.co/beats/filebeat:5.5.0 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-java-keycloak +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-java-keycloak + template: + metadata: + labels: + app: kbvi-test-java-keycloak + spec: + containers: + - name: keycloak + image: jboss/keycloak + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-java-keycloak-old +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-java-keycloak-old + template: + metadata: + labels: + app: kbvi-test-java-keycloak-old + spec: + containers: + - name: keycloak-old + image: jboss/keycloak:8.0.0 + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kbvi-test-java-keycloak-very-old +spec: + replicas: 1 + selector: + matchLabels: + app: kbvi-test-java-keycloak-very-old + template: + metadata: + labels: + app: kbvi-test-java-keycloak-very-old + spec: + containers: + - name: keycloak-very-old + image: jboss/keycloak:2.0.0.Final diff --git a/test/security/check_versions/env/requirements-dev.txt b/test/security/check_versions/env/requirements-dev.txt new file mode 100644 index 000000000..1ced42c04 --- /dev/null +++ b/test/security/check_versions/env/requirements-dev.txt @@ -0,0 +1,9 @@ +cerberus +dataclasses +kubernetes +pyyaml +tabulate +black +pylint +pytest + diff --git a/test/security/check_versions/env/requirements.txt b/test/security/check_versions/env/requirements.txt new file mode 100644 index 000000000..e81358f72 --- /dev/null +++ b/test/security/check_versions/env/requirements.txt @@ -0,0 +1,6 @@ +cerberus +dataclasses +kubernetes +pyyaml +tabulate + |