-
Notifications
You must be signed in to change notification settings - Fork 8
/
garden.yaml
34 lines (34 loc) · 1.34 KB
/
garden.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
providers: # contains information about known providers
- id: garden # unique provider identifier
name: "Garden" # user friendly name of the provider
metadata:
foo: bar
args:
kubeconfigPath: /tmp/garden.config # path to garden cluster kubeconfig
rulesets:
- id: security-hardened-shoot-cluster
name: Security Hardened Shoot Cluster
version: v0.1.0
args:
projectNamespace: garden-project-name # name of project namespace containing the shoot resource to be tested
shootName: foo # name of shoot resource to be tested
ruleOptions:
# - ruleID: "1000"
# args:
# extensions:
# - type: extension-type-1
# - type: extension-type-2
# - ruleID: "2000"
# skip:
# enabled: true
# justification: "the whole rule is accepted for ... reasons"
# - ruleID: "2007"
# args:
# minPodSecurityStandardsProfile: baseline # if set it will indicate the min Pod Security Standards profile that is allowed. Possible values are "privileged", "baseline" and "restricted".
# metadata: # optional, additional metadata to be added to summary json report
# foo: bar
# bar:
# foo: bar
output:
path: /tmp/test-output.json # optional, path to summary json report. If --output flag is set this configuration is ignored
minStatus: Passed