mirror of
https://github.com/kubescape/kubescape.git
synced 2026-03-04 10:40:37 +00:00
kubescape
Kubescape is the first open-source tool for testing if Kubernetes is deployed securely according to multiple frameworks regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA and the MITRE ATT&CK® . Kubescape scans K8s clusters, YAML files, and HELM charts, and detect misconfigurations and software vulnerabilities at early stages of the CI/CD pipeline and provides a risk score instantly and risk trends over time. Kubescape integrates natively with other DevOps tools, including Jenkins, CircleCI and Github workflows.
Values
| Key | Type | Default | Description |
|---|---|---|---|
| affinity | object | {} |
|
| configMap | object | {"create":true,"params":{"clusterName":"<MyK8sClusterName>","customerGUID":"<MyGUID>,"}} |
ARMO customer information |
| fullnameOverride | string | "" |
|
| image | object | {"imageName":"kubescape","pullPolicy":"IfNotPresent","repository":"quay.io/armosec","tag":"latest"} |
Image and version to deploy |
| imagePullSecrets | list | [] |
|
| nameOverride | string | "" |
|
| nodeSelector | object | {} |
|
| podAnnotations | object | {} |
|
| podSecurityContext | object | {} |
|
| resources | object | {"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"200m","memory":"256Mi"}} |
Default resources for running the service in cluster |
| schedule | string | "0 0 * * *" |
Frequency of running the scan |
| securityContext | object | {} |
|
| serviceAccount | object | {"annotations":{},"create":true,"name":"kubescape-discovery"} |
Service account that runs the scan and has permissions to view the cluster |
| tolerations | list | [] |
Autogenerated from chart metadata using helm-docs v1.5.0