Motofans
/
Charmed-Kubernetes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 3 Wiki Activity
Charmed-Kubernetes/etcd/actions.yaml

100 lines
3.7 KiB
YAML
Raw Permalink Blame History

"cis-benchmark":
"description": |
Run the CIS Kubernetes Benchmark against snap-based components.
"params":
"apply":
"type": "string"
"default": "none"
"description": |
Apply remediations to address benchmark failures. The default, 'none',
will not attempt to fix any reported failures. Set to 'conservative'
to resolve simple failures. Set to 'dangerous' to attempt to resolve
all failures.
Note: Applying any remediation may result in an unusable cluster.
"config":
"type": "string"
"default": "https://github.com/charmed-kubernetes/kube-bench-config/archive/cis-1.5.zip#sha1=811f21dbf6c841bafdbfbd8a21f912ad67582f46"
"description": |
Archive containing configuration files to use when running kube-bench.
The default value is known to be compatible with snap components. When
using a custom URL, append '#<hash_type>=<checksum>' to verify the
archive integrity when downloaded.
"release":
"type": "string"
"default": "https://github.com/aquasecurity/kube-bench/releases/download/v0.3.1/kube-bench_0.3.1_linux_amd64.tar.gz#sha256=6616f1373987259285e2f676a225d4a3885cd62b7e7a116102ff2fb445724281"
"description": |
Archive containing the 'kube-bench' binary to run. The default value
points to a stable upstream release. When using a custom URL, append
'#<hash_type>=<checksum>' to verify the archive integrity when
downloaded.
This may also be set to the special keyword 'upstream'. In this case,
the action will compile and use a local kube-bench binary built from
the master branch of the upstream repository:
https://github.com/aquasecurity/kube-bench
"debug":
"description": "Collect debug data"
"alarm-disarm":
"description": |
Disarm all alarms.
"alarm-list":
"description": |
List all alarms.
"compact":
"description": |
Compact etcd event history.
"params":
"revision":
"type": "string"
"default": ""
"description": |
Revision to compact to. Leave blank to compact to the latest revision.
"physical":
"type": "boolean"
"default": !!bool "false"
"description": |
Setting to True will cause the compaction process to exit only after
all revisions have been physically removed from the database.
"defrag":
"description": |
Defragment the storage of the local etcd member.
"health":
"description": "Report the health of the cluster."
"package-client-credentials":
"description": |
Generate a tarball of the client certificates to connect to the cluster
remotely.
"snap-upgrade":
"description": |
Execute a migration from the apt package to a snap package format.
"params":
"use-resource":
"type": "boolean"
"default": !!bool "false"
"description": "Default to using the resource (offline environments)"
"snapshot":
"description": "Export and compress a backup of the data in the Etcd cluster."
"params":
"target":
"type": "string"
"default": "/home/ubuntu/etcd-snapshots"
"description": "Location to save the etcd snapshot."
"keys-version":
"type": "string"
"default": "v3"
"description": "Version of keys to snapshoot. Allowed values 'v3' or 'v2'."
"restore":
"description": "Restore an etcd cluster's data from a snapshot tarball."
"params":
"target":
"type": "string"
"default": "/home/ubuntu"
"description": "Path on disk to save any pre-existing data."
"skip-backup":
"type": "boolean"
"default": !!bool "true"
"description": |
Dont backup any existing data, and skip directly to data restoration.
Reference in New Issue View Git Blame Copy Permalink