Merge pull request #5 from prachidamle/benchmarkcrd_change

Adding clusterscanbenchmark CRD and validation of profile

Author: prachidamle

crds/clusterscan.yaml

@@ -38,8 +38,6 @@ spec:
                 type: object
               nullable: true
               type: array
-            enabled:
-              type: boolean
             lastRunTimestamp:
               type: string
             observedGeneration:

crds/clusterscanbenchmark.yaml

@@ -0,0 +1,34 @@
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+  scope: Cluster
+  subresources:
+    status: {}
+  validation:
+    openAPIV3Schema:
+      properties:
+        spec:
+          properties:
+            clusterProvider:
+              type: string
+            customBenchmarkConfigMapName:
+              type: string
+            customBenchmarkConfigMapNameSpace:
+              type: string
+            maxKubernetesVersion:
+              type: string
+            minKubernetesVersion:
+              type: string
+          type: object
+      type: object
+  version: v1
+  versions:
+  - name: v1
+    served: true
+    storage: true

crds/clusterscanprofile.yaml

@@ -17,16 +17,6 @@ spec:
           properties:
             benchmarkVersion:
               type: string
-            clusterProvider:
-              type: string
-            configMap:
-              type: string
-            configMapNamespace:
-              type: string
-            maxKubernetesVersion:
-              type: string
-            minKubernetesVersion:
-              type: string
             skipTests:
               items:
                 type: string

examples/benchmark-cis-1.5.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.5
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.15"

examples/benchmark-eks-1.0.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.0
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15"

examples/benchmark-gke-1.0.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15"

examples/benchmark-rke-cis-1.5-permissive.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"

examples/benchmark-rke-cis-1.5.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"

examples/clusterscaneks.yml

@@ -4,7 +4,4 @@ kind: ClusterScan
 metadata:
   name: run-eks-1.0
 spec:
-  clusterProvider: eks
-  runType: manual
-  scanConfig:
-    profileName: eks-1.0
+  scanProfileName: eks-profile

examples/clusterscangke.yml

@@ -4,7 +4,4 @@ kind: ClusterScan
 metadata:
   name: run-gke-scan
 spec:
-  clusterProvider: gke
-  runType: manual
-  scanConfig:
-    profileName: gke-1.0
+  scanProfileName: gke-profile