-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathdev.protsenko.security-linter-yaml.xml
More file actions
74 lines (72 loc) · 4.47 KB
/
dev.protsenko.security-linter-yaml.xml
File metadata and controls
74 lines (72 loc) · 4.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<!-- Plugin Configuration File. Read more: https://plugins.jetbrains.com/docs/intellij/plugin-configuration-file.html -->
<idea-plugin>
<resource-bundle>messages.SecurityPluginBundle</resource-bundle>
<depends>org.jetbrains.plugins.yaml</depends>
<extensions defaultExtensionNs="com.intellij">
<localInspection
implementationClass="dev.protsenko.securityLinter.dockerCompose.DockerComposeInspection"
displayName="Docker-compose best practices"
groupPathKey="common.group-key" groupKey="common.docker-compose-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.NonRootContainerInspection"
displayName="Non root containers"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.InsecureCapabilitiesInspection"
displayName="Insecure capabilities"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.HostNetworkPidIpcInspection"
displayName="Sharing host namespaces"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.PrivilegedContainersInspection"
displayName="Privileged containers"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.HostPathVolumesInspection"
displayName="HostPath volumes"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.HostPortsInspection"
displayName="HostPorts"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.AppArmorOverrideInspection"
displayName="AppArmor override"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.SettingSELinuxInspection"
displayName="Setting custom SELinux options"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.InsecureProcMount"
displayName="Non-default /proc mount"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.SeccompProfileInspection"
displayName="Unconfined seccomp profile"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.InsecureSysctlsInspection"
displayName="Insecure systctls"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
<localInspection
implementationClass="dev.protsenko.securityLinter.kubernetes.DisallowedVolumeType"
displayName="Disallowed volume types"
groupPathKey="common.group-key" groupKey="common.kubernetes-group-key"
enabledByDefault="true" language="yaml"/>
</extensions>
</idea-plugin>