From d2e3de579f1c753ef9a1e2a5224ee7bd3036897c Mon Sep 17 00:00:00 2001
From: entlein <einentlein@gmail.com>
Date: Mon, 2 May 2022 16:53:13 +0200
Subject: [PATCH] adding cis benchmark, not deploying by default, ust gave me
 99 FAILS, needs validation

---
 .../manifests/deploy-rancher-cisbench.j2      | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 roles/rke2/templates/manifests/deploy-rancher-cisbench.j2

diff --git a/roles/rke2/templates/manifests/deploy-rancher-cisbench.j2 b/roles/rke2/templates/manifests/deploy-rancher-cisbench.j2
new file mode 100644
index 0000000..37e2f57
--- /dev/null
+++ b/roles/rke2/templates/manifests/deploy-rancher-cisbench.j2
@@ -0,0 +1,23 @@
+---
+
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: cis-operator-system
+
+---
+
+apiVersion: helm.cattle.io/v1
+kind: HelmChart
+metadata:
+  name: rancher
+  namespace: kube-system
+spec:
+  repo: {{ item.value.repo | default("https://releases.rancher.com/server-charts/latest") }}
+  chart: rancher-cis-benchmark
+  version: {{ item.value.version | default("2.0.3") }}
+  targetNamespace: cis-operator-system
+  set:
+    alerts.enabled: true
+
+
-- 
GitLab