A Developer's Guide to Kubernetes Security

Prep

git clone https://github.com/OWASP/NodeGoat
git clone https://github.com/microservices-demo/microservices-demo
git clone https://github.com/OtherDevOpsGene/k8s-tool-wrappers.git

cd ~/environment/k8s-tool-wrappers/
sudo SKIP_AWS=true sh install.sh
cd ..
trivy version
grype --version
checkov --version

pip install -U semgrep

Code

Semgrep

cd ~/environment/NodeGoat
semgrep scan --config auto

Trivy

trivy filesystem .

Grype

grype dir:.

Image

Checkov

checkov -d . --quiet --compact

Trivy

docker build --tag nodegoat:dev .
trivy image nodegoat:dev

Grype

grype nodegoat:dev

Deployment

Checkov

cd ~/environment/microservices-demo/deploy/kubernetes/manifests
checkov -d .

Maintenance

Renovate

https://github.com/renovatebot/renovate/pulls?q=is%3Apr+is%3Aclosed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

dev-guide-k8s-security.md

dev-guide-k8s-security.md

A Developer's Guide to Kubernetes Security

Prep

Code

Semgrep

Trivy

Grype

Image

Checkov

Trivy

Grype

Deployment

Checkov

Maintenance

Renovate

Files

dev-guide-k8s-security.md

Latest commit

History

dev-guide-k8s-security.md

File metadata and controls

A Developer's Guide to Kubernetes Security

Prep

Code

Semgrep

Trivy

Grype

Image

Checkov

Trivy

Grype

Deployment

Checkov

Maintenance

Renovate