aboutsummaryrefslogtreecommitdiffstats
path: root/test/security/k8s/src/check/raw
AgeCommit message (Collapse)AuthorFilesLines
2020-01-29k8s: Drop process name trimming from etcd on RKEPawel Wieczorek1-1/+5
Information for etcd extracted from container on a RKE-based cluster does not include process name. Issue-ID: SECCOM-235 Change-Id: Ie6aee550868431d5f4d27c3b3d262e17e1aa6156 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2020-01-29k8s: Mock etcd information collectionPawel Wieczorek1-0/+6
Rancher does not provide information on etcd as container arguments. Its collection requires implementation of a new information extraction method. RKE does not include etcd process name in container arguments. Issue-ID: SECCOM-235 Change-Id: I7576474fb2848962360771d2850aeb3f3869790a Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-09-30k8s: Resolve Docker response formatting issuePawel Wieczorek1-0/+9
Checker collects information on cluster by Docker queries: $ docker ps ARGS... # Casablanca $ docker inspect ARGS... # Dublin Arrays of values are then filtered from those. They include: * opening bracket ('['), * closing bracket (']'), * new line. Additional characters affect check results if last flag (including "]\n") requires specific value. Issue-ID: SECCOM-235 Change-Id: I6838342b7e2ecdc44a47ffe02286266003e0b4d3 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-09-27k8s: Add controller manager information collectionPawel Wieczorek1-0/+6
Issue-ID: SECCOM-235 Change-Id: Ieceb6337f935e6a5a6b94248ccf072229116510a Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-09-27k8s: Add scheduler information collectionPawel Wieczorek1-0/+6
Issue-ID: SECCOM-235 Change-Id: I7da645737440172d3cf11f33069daa2697f83056 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-09-27k8s: Extract common interface to simplify developmentPawel Wieczorek1-12/+19
Common command and service name extraction is intended to limit execution to small set of allowed processes. This patch also drops unnecessary use of "Kubernetes" name because this whole subproject concerns its clusters. Issue-ID: SECCOM-235 Change-Id: I8babfeb4f24cf3baa4d236ca622c21170ab6205e Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
2019-08-07k8s: Add support for RKE-deployed clustersPawel Wieczorek1-0/+149
RKE is used as a Kubernetes cluster deployment method from ONAP Dublin release. RKE cluster definition is used to get access to necessary information. Issue-ID: SECCOM-235 Change-Id: I588598011ea746b5f7ba327a48f1cea605e56d31 Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>