Skip to content

Instantly share code, notes, and snippets.

@alecmerdler

alecmerdler/vulnerable-deployments.yaml

Last active May 5, 2020 05:46
Show Gist options
  • Save alecmerdler/0f724dec817c889dc26cbef7f8f8fd9d to your computer and use it in GitHub Desktop.
Save alecmerdler/0f724dec817c889dc26cbef7f8f8fd9d to your computer and use it in GitHub Desktop.
Download ZIP
Set of k8s Deployments running container images with known vulnerabilities for rapid Clair testing
Raw
vulnerable-deployments.yaml
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: abject-testament
labels:
secscan.quay.redhat.com/severity: critical
spec:
replicas: 1
selector:
matchLabels:
app: abject-testament
template:
metadata:
labels:
app: abject-testament
spec:
containers:
- name: abject-testament
image: 'quay.io/alecmerdler/bad-image:critical'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: ebullient-prism
labels:
secscan.quay.redhat.com/severity: high
spec:
replicas: 1
selector:
matchLabels:
app: ebullient-prism
template:
metadata:
labels:
app: ebullient-prism
spec:
containers:
- name: ebullient-prism
image: 'quay.io/alecmerdler/bad-image:high'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: guilty-spark
labels:
secscan.quay.redhat.com/severity: medium
spec:
replicas: 1
selector:
matchLabels:
app: guilty-spark
template:
metadata:
labels:
app: guilty-spark
spec:
containers:
- name: guilty-spark
image: 'quay.io/alecmerdler/bad-image:medium'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: mendicant-bias
labels:
secscan.quay.redhat.com/severity: unknown
spec:
replicas: 1
selector:
matchLabels:
app: mendicant-bias
template:
metadata:
labels:
app: mendicant-bias
spec:
containers:
- name: mendicant-bias
image: 'quay.io/alecmerdler/bad-image:unknown'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: penitent-tangent
labels:
secscan.quay.redhat.com/severity: high
spec:
replicas: 1
selector:
matchLabels:
app: penitent-tangent
template:
metadata:
labels:
app: penitent-tangent
spec:
containers:
- name: penitent-tangent
# TODO(alecmerdler): Replace with different severity
image: 'quay.io/alecmerdler/bad-image:high'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: exuberant-witness
labels:
secscan.quay.redhat.com/severity: medium
spec:
replicas: 1
selector:
matchLabels:
app: exuberant-witness
template:
metadata:
labels:
app: exuberant-witness
spec:
containers:
- name: exuberant-witness
# TODO(alecmerdler): Replace with different severity
image: 'quay.io/alecmerdler/bad-image:medium'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: tragic-solitude
labels:
secscan.quay.redhat.com/severity: unknown
spec:
replicas: 1
selector:
matchLabels:
app: tragic-solitude
template:
metadata:
labels:
app: tragic-solitude
spec:
containers:
- name: tragic-solitude
# TODO(alecmerdler): Replace with different severity
image: 'quay.io/alecmerdler/bad-image:unknown'
command:
- /bin/sh
- '-c'
- '--'
args:
- while true; do sleep 30; done;
imagePullPolicy: IfNotPresent
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment