Skip to content

Commit

Permalink
Merge pull request #585 from armosec/delete_old_code
Browse files Browse the repository at this point in the history 
Remove deprecated attack chain scenarios and update related documenta…
  • Loading branch information
@kooomix
kooomix authored Jan 16, 2025
2 parents 9fb5f04 + c2b3dac commit 5e1530a
Show file tree
Hide file tree
Showing 4 changed files with 3 additions and 463 deletions.
267 changes: 0 additions & 267 deletions configurations/system/tests_cases/ks_microservice_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,232 +20,8 @@ def scan_with_kubescape_helm_chart():
deployments=join(DEFAULT_DEPLOYMENT_PATH, "wikijs"),
)

@staticmethod
def ac_5_fix_control_with_relevancy():
"""
install scenario #5 on the cluster, install the kubescape operator and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
'fix_object' parameter is used to determine which type of fix you want to apply, to test the attack-chain fix functionality.
fix_object = ["control", "image"]
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-5",
fix_object="control",
)

@staticmethod
def ac_5_fix_control_no_relevancy():
"""
install scenario #5 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-5",
fix_object="control",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)

@staticmethod
def ac_alpine_workload_external_track_fix_image():
"""
install scenario 'alpine' on the cluster, install the kubescape operator and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new image scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="alpine",
fix_object="image"
)

@staticmethod
def ac_alpine_workload_external_track_fix_image_with_cronjob():
"""
install scenario 'alpine' on the cluster, install the kubescape operator and run the scan triggered by a cronjob.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new image scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "cronjob", "operation": "create", "framework": [""], "hostsensor": True}],
test_scenario="alpine",
fix_object="image"
)

@staticmethod
def ac_alpine_workload_external_track_fix_control():
"""
install scenario 'alpine' on the cluster, install the kubescape operator and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="alpine",
fix_object="control"
)

@staticmethod
def ac_alpine_fix_image_no_relevancy():
"""
install scenario 'alpine' on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new image scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="alpine",
fix_object="image",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)

@staticmethod
def ac_alpine_fix_image_no_relevancy_with_cronjob():
"""
install scenario 'alpine' on the cluster, install the kubescape operator disabling relevancy and run the scan triggered by a cronjob.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new image scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "cronjob", "operation": "create", "framework": [""], "hostsensor": True}],
test_scenario="alpine",
fix_object="image",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)

@staticmethod
def ac_1_1_fix_control_no_relevancy():
"""
install scenario 1.1 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-1-1",
fix_object="control",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)

@staticmethod
def ac_1_1_fix_image_no_relevancy():
"""
install scenario 1.1 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new image scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-1-1",
fix_object="image",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)

@staticmethod
def ac_6_fix_control_with_relevancy():
"""
install scenario 6 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-6",
fix_object="control"
)

@staticmethod
def ac_6_fix_control_no_relevancy():
"""
install scenario 6 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-6",
fix_object="control",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)

@staticmethod
def ac_3_fix_control_with_relevancy():
"""
install scenario 3 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-3",
fix_object="control"
)

@staticmethod
def ac_3_fix_control_no_relevancy():
"""
install scenario 3 on the cluster, install the kubescape operator disabling relevancy and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-3",
fix_object="control",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED},
relevancy_enabled=False
)


@staticmethod
def attackchains_all():
"""
Expand All @@ -269,49 +45,6 @@ def attackchains_all():
)



@staticmethod
def ac_8_external_workload_with_cluster_takeover():
"""
install scenario #8 on the cluster, install the kubescape operator and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
'fix_object' parameter is used to determine which type of fix you want to apply, to test the attack-chain fix functionality.
fix_object = ["control", "image"]
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-8",
fix_object="control",
)

@staticmethod
def ac_9_unauthenticated_service():
"""
install scenario #9 on the cluster, install the kubescape operator and run the scan.
once the attack chain has been detected on the backend, fix the attack chain and verify that is has been solved
by triggering a new control scan.
'fix_object' parameter is used to determine which type of fix you want to apply, to test the attack-chain fix functionality.
fix_object = ["control", "image"]
"""
from tests_scripts.helm.ks_microservice import ScanAttackChainsWithKubescapeHelmChart
return TestConfiguration(
name=inspect.currentframe().f_code.co_name,
test_obj=ScanAttackChainsWithKubescapeHelmChart,
test_job=[{"trigger_by": "scan_on_start"}],
test_scenario="attack-chain-9",
fix_object="control",
helm_kwargs={statics.HELM_RELEVANCY_FEATURE: statics.HELM_RELEVANCY_FEATURE_DISABLED,
statics.HELM_VULNERABILITY_SCAN: statics.HELM_VULNERABILITY_SCAN_DISABLED,
statics.HELM_OFFLINE_VULN_DB: False}

)

@staticmethod
def ks_microservice_ns_creation():
from tests_scripts.helm.ks_microservice import ScanWithKubescapeAsServiceTest
Expand Down
12 changes: 0 additions & 12 deletions readme.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,18 +61,6 @@ Please ensure all these details are accurately filled to maintain the effectiven
| `ks_microservice_update_cronjob_schedule` | helm-chart | | in-cluster kubescape, backend |
| `ks_microservice_delete_cronjob` | helm-chart | | in-cluster kubescape, backend |
| `ks_microservice_create_2_cronjob_mitre_and_nsa` | helm-chart | | in-cluster kubescape, backend |
| `ac_scenario_5_fix_control_no_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_5_fix_control_with_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_3_fix_control_no_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_3_fix_control_with_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_8_external_workload_with_cluster_takeover` | helm-chart | | in-cluster kubescape, backend |
| `ac_1_1_fix_control_no_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_1_1_fix_control_with_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_alpine_workload_external_track_fix_image` | helm-chart | | in-cluster kubescape, backend |
| `ac_alpine_workload_external_track_fix_image_with_cronjob` | helm-chart | | in-cluster kubescape, backend |
| `ac_alpine_workload_external_track_fix_control` | helm-chart | | in-cluster kubescape, backend |
| `ac_alpine_fix_image_no_relevancy` | helm-chart | | in-cluster kubescape, backend |
| `ac_alpine_fix_image_no_relevancy_with_cronjob` | helm-chart | | in-cluster kubescape, backend |
| `attackchains_all` | helm-chart | | in-cluster kubescape, backend |
| `ks_microservice_create_2_cronjob_mitre_and_nsa_proxy` | helm-chart | | in-cluster kubescape, backend |
| `vuln_scan_triggering_with_cron_job` | helm-chart | | kubevuln, backend | |
Expand Down
Loading

0 comments on commit 5e1530a

Please sign in to comment.