search

cnti-testcatalog / testsuite

📞📱☎️📡🌐 Cloud Native Telecom Initiative (CNTI) Test Catalog is a tool to check for and provide feedback on the use of K8s + cloud native best practices in networking applications and platforms
https://wiki.lfnetworking.org/display/LN/Test+Catalog
Apache License 2.0
169 stars 70 forks source link

[Feature] Add support of excluding containers with the allowlist argument in Kubescape "privileged_containers" test #2029

Open horecoli opened 1 month ago

horecoli commented 1 month ago

Is your feature request related to a problem? Please describe. Check my grammar: This problem was already reported some time ago on https://github.com/cnti-testcatalog/testsuite/issues/1433 . But at that time, it was decided that it was not needed and the allowlist would be removed. However, in https://github.com/cnti-testcatalog/testsuite/pull/1928 , it was decided to keep this allowlist, which caused tests for privileged containers to have different results because one is respecting this allowlist argument and the Kubescape test is not.

Describe the solution you'd like Implement somehow possibility of exclusion some containers from Kubescape scan.

Describe alternatives you've considered If exclusion won't be implemented directly in Kubescape, then it has to be implemented in testsuite.

How will this be tested? aka Acceptance Criteria (optional)

"privileged_containers" test has to have same results like "privileged" test when allowlist is set in cnf-testsuite.yml.

horecoli commented 1 month ago

Issue created in kubescape project -> https://github.com/kubescape/kubescape/issues/1684