Expand validate-yaml to kube-bench cfgs

**Context:** In the current CI we are validating yamls (lint, kube-bench run and check type correctness) for our own cfgs only, the ones that located in [security-scan/package/cfgs](https://github.com/rancher/security-scan/tree/main/package/cfg). It's not the case for the upstream (kube-bench) profiles that we download during the build of security-scan.

The goal of this issue is to improve this by:

1. Adding a the validate-yaml step in the [Dockerfile](https://github.com/rancher/security-scan/blob/f4ac97eed5496a4f6c3bdfd9d42f46abdb74953a/package/Dockerfile#L87) (right after the kube-bench's cfgs download)
2. Improving the comments in [validate-yaml](https://github.com/rancher/security-scan/blob/main/hack/validate-yaml) to mention that only the local cfgs are tested.

cc @pjbgf 


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Expand validate-yaml to kube-bench cfgs #503

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Expand validate-yaml to kube-bench cfgs #503

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions