github.com/khulnasoft-lab/kube-bench@v0.2.1-0.20240330183753-9df52345ae58/job.yaml (about) 1 --- 2 apiVersion: batch/v1 3 kind: Job 4 metadata: 5 name: kube-bench 6 spec: 7 template: 8 metadata: 9 labels: 10 app: kube-bench 11 spec: 12 containers: 13 - command: ["kube-bench"] 14 image: docker.io/khulnasoft/kube-bench:v0.7.0 15 name: kube-bench 16 volumeMounts: 17 - mountPath: /var/lib/etcd 18 name: var-lib-etcd 19 readOnly: true 20 - mountPath: /var/lib/kubelet 21 name: var-lib-kubelet 22 readOnly: true 23 - mountPath: /var/lib/kube-scheduler 24 name: var-lib-kube-scheduler 25 readOnly: true 26 - mountPath: /var/lib/kube-controller-manager 27 name: var-lib-kube-controller-manager 28 readOnly: true 29 - mountPath: /etc/systemd 30 name: etc-systemd 31 readOnly: true 32 - mountPath: /lib/systemd/ 33 name: lib-systemd 34 readOnly: true 35 - mountPath: /srv/kubernetes/ 36 name: srv-kubernetes 37 readOnly: true 38 - mountPath: /etc/kubernetes 39 name: etc-kubernetes 40 readOnly: true 41 - mountPath: /usr/local/mount-from-host/bin 42 name: usr-bin 43 readOnly: true 44 - mountPath: /etc/cni/net.d/ 45 name: etc-cni-netd 46 readOnly: true 47 - mountPath: /opt/cni/bin/ 48 name: opt-cni-bin 49 readOnly: true 50 hostPID: true 51 restartPolicy: Never 52 volumes: 53 - hostPath: 54 path: /var/lib/etcd 55 name: var-lib-etcd 56 - hostPath: 57 path: /var/lib/kubelet 58 name: var-lib-kubelet 59 - hostPath: 60 path: /var/lib/kube-scheduler 61 name: var-lib-kube-scheduler 62 - hostPath: 63 path: /var/lib/kube-controller-manager 64 name: var-lib-kube-controller-manager 65 - hostPath: 66 path: /etc/systemd 67 name: etc-systemd 68 - hostPath: 69 path: /lib/systemd 70 name: lib-systemd 71 - hostPath: 72 path: /srv/kubernetes 73 name: srv-kubernetes 74 - hostPath: 75 path: /etc/kubernetes 76 name: etc-kubernetes 77 - hostPath: 78 path: /usr/bin 79 name: usr-bin 80 - hostPath: 81 path: /etc/cni/net.d/ 82 name: etc-cni-netd 83 - hostPath: 84 path: /opt/cni/bin/ 85 name: opt-cni-bin