From 8fa842ae18af5718746fe27ba7b118cac5c3f1d4 Mon Sep 17 00:00:00 2001
From: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
Date: Fri, 17 Aug 2018 09:53:17 +0200
Subject: [PATCH 1/3] Add a dockerfile

---
 .gitignore |  3 +--
 Dockerfile | 12 ++++++++++++
 2 files changed, 13 insertions(+), 2 deletions(-)
 create mode 100644 Dockerfile

diff --git a/.gitignore b/.gitignore
index 5ce5b96..1dee0a2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,3 @@
 *.pyc
-Dockerfile
 .dockerignore
-*aqua*
\ No newline at end of file
+*aqua*
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..68a12ae
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,12 @@
+FROM python:2.7.15-alpine3.7
+
+RUN apk add --update \
+    linux-headers \
+    build-base
+
+RUN mkdir -p /kube-hunter 
+COPY . /kube-hunter
+WORKDIR /kube-hunter
+RUN pip install -r requirements.txt
+
+ENTRYPOINT ["python",  "kube-hunter.py"]

From afc4dd080331e8eb70068d19f54ec76bd0de450c Mon Sep 17 00:00:00 2001
From: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
Date: Fri, 17 Aug 2018 09:54:08 +0200
Subject: [PATCH 2/3] Add a job definition which runs the kube-hunter from
 inside the cluster

---
 job.yaml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 job.yaml

diff --git a/job.yaml b/job.yaml
new file mode 100644
index 0000000..f453667
--- /dev/null
+++ b/job.yaml
@@ -0,0 +1,14 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: kube-hunter
+spec:
+  template:
+    spec:
+      containers:
+      - name: kube-hunter
+        image: aquasec/kube-hunter 
+        command: ["python", "kube-hunter.py"]
+        args: ["--pod"]
+      restartPolicy: Never
+  backoffLimit: 4

From 80f03c99908cc06b7c8b20873446a6d123b4e0bf Mon Sep 17 00:00:00 2001
From: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
Date: Fri, 17 Aug 2018 10:16:35 +0200
Subject: [PATCH 3/3] Does not have to be blocked forever when executed in
 'pod' mode in a job

The logs of the job can be retrieved even when the job is completed.
---
 kube-hunter.py | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/kube-hunter.py b/kube-hunter.py
index bb12489..c00d6cd 100755
--- a/kube-hunter.py
+++ b/kube-hunter.py
@@ -112,8 +112,5 @@ def main():
             handler.free()
             logging.debug("Cleaned Queue")
 
-    if config.pod:
-        while True: time.sleep(5)
-
 if __name__ == '__main__':
     main()