Helm chart to deploy run kube-bench as a cronjob on aks, gke or eks.
Homepage: https://github.com/aquasecurity/kube-bench
A simple install with default values, latest chart version and generated name:
helm install --generate-name oci://ghcr.io/deliveryhero/helm-charts/kube-benchTo install a specific version of this chart:
helm install --generate-name oci://ghcr.io/deliveryhero/helm-charts/kube-bench --version 0.1.17To install the chart with the release name my-release:
helm install my-release oci://ghcr.io/deliveryhero/helm-charts/kube-benchTo install with some set values:
helm install my-release oci://ghcr.io/deliveryhero/helm-charts/kube-bench --set values_key1=value1 --set values_key2=value2To install with custom values file:
helm install my-release oci://ghcr.io/deliveryhero/helm-charts/kube-bench -f values.yaml| Key | Type | Default | Description |
|---|---|---|---|
| affinity | object | {} |
|
| concurrencyPolicy | string | "Forbid" |
|
| cronjob.command | list | [] |
|
| cronjob.schedule | string | "0 0 1 * *" |
|
| extraLabels | object | {} |
|
| fullnameOverride | string | "" |
|
| image.pullPolicy | string | "IfNotPresent" |
|
| image.repository | string | "aquasec/kube-bench" |
|
| image.tag | string | "v0.8.0" |
|
| nameOverride | string | "" |
|
| nodeSelector | object | {} |
|
| podLabels | object | {} |
|
| provider | string | "eks" |
|
| resources | object | {} |
|
| securityContext | object | {} |
|
| serviceAccount.annotations | object | {} |
|
| serviceAccount.create | bool | false |
|
| tolerations | list | [] |
|
| volumeMounts[0].mountPath | string | "/var/lib/kubelet" |
|
| volumeMounts[0].name | string | "var-lib-kubelet" |
|
| volumeMounts[0].readOnly | bool | true |
|
| volumeMounts[1].mountPath | string | "/etc/systemd" |
|
| volumeMounts[1].name | string | "etc-systemd" |
|
| volumeMounts[1].readOnly | bool | true |
|
| volumeMounts[2].mountPath | string | "/etc/kubernetes" |
|
| volumeMounts[2].name | string | "etc-kubernetes" |
|
| volumeMounts[2].readOnly | bool | true |
|
| volumes[0].hostPath.path | string | "/var/lib/kubelet" |
|
| volumes[0].name | string | "var-lib-kubelet" |
|
| volumes[1].hostPath.path | string | "/etc/systemd" |
|
| volumes[1].name | string | "etc-systemd" |
|
| volumes[2].hostPath.path | string | "/etc/kubernetes" |
|
| volumes[2].name | string | "etc-kubernetes" |
| Name | Url | |
|---|---|---|
| goelankitt | https://github.com/goelankitt |
Chart source: github.com/deliveryhero/helm-charts/kube-bench
Older chart versions: github.com/deliveryhero/helm-charts/pkgs/container/helm-charts/kube-bench