codefresh-io · ramakuka-octarine · Nov 8, 2019 · Nov 8, 2019
diff --git a/README.md b/README.md
@@ -25,3 +25,4 @@ See each plugin readme for more info and usage instructions.
 | [Github Release](plugins/github-release/README.md) | Managing GitHub releases | `github` `release`|
 | [Google GKE](plugins/gke/README.md) | GKE Clusters | `GKE` `codefresh`|
 | [Vault](plugins/vault/README.md) | Export Vault Key/Value pairs as ENV variables | `Vault` `codefresh`|
+| [Octarine](plugins/octarine/README.md) | Security Scanning for applicatoin deployed to Kubernetes | `security`|
diff --git a/plugins/octarine/Notes.md b/plugins/octarine/Notes.md
@@ -0,0 +1 @@
+## Notes.md 
diff --git a/plugins/octarine/README.md b/plugins/octarine/README.md
@@ -0,0 +1,32 @@
+# Kubernetes Object Scanning Tool
+Docker image which invokes Kubernetes security scanning using Octactl 
+
+## Prerequisites:
+
+Codefresh Subscription (Dedicated Infrastructure) - https://codefresh.io/
+
+OctarineSec Subscription - https://www.octarinesec.com
+
+## options
+
+To use an ENVIRONMENT VARIABLE you need to add the variables to your Codefresh Pipeline and also to your codefresh.yaml.
+
+Check the project [Github](https://github.com/octarinesec/validator) for a full list of config options 
+
+## codefresh.yml
+
+Codefresh Build Step to execute OctarineSec scan.
+All `${{var}}` variables must be put into Codefresh Build Parameters
+codefresh.yml
+```console
+ steps:
+  validate_security:
+    title: "Validating Security By Octarine"
+    image: "octarinesec/validator:latest"
+    environment:
+      - OCTARINE_ACCOUNT=<ACCOUNT>
+      - OCTARINE_SESSION_ID=<YOUR_SESSION_ID> 
+      - OCTARINE_SESSION_ACCESSJWT=<YOUR ACCESS_JWT>
+      - OBJECT_DIR=${{CF_VOLUME_PATH}}/${{CF_REPO_NAME}}/kubernetes/
+    stage: "PreBuild test"
+```
diff --git a/plugins/octarine/plugin.yaml b/plugins/octarine/plugin.yaml
@@ -0,0 +1,30 @@
+image: octarinesec/validator
+tag: latest
+version: 19.1
+description: Execute Kubernetes object security scan with Octarin (https://octarinesec.com)
+keywords:
+  - security
+  - scan
+home: https://github.com/octarinesec/validator
+sources:
+  - https://github.com/octarinesec/validator
+maintainers:
+  - name: Ram Akuka
+    email: [email protected]
+icon: https://raw.githubusercontent.com/octarinesec/validator/master/images/logo_only.png
+envs:
+  - name: OCTARINE_ACCOUNT
+    type: required
+    description: Octarine account name
+  - name: OCTARINE_SESSION_ID
+    type: required
+    description: Octarine session ID
+  - name: OCTARINE_SESSION_ACCESSJWT
+    type: required
+    description: Octarine session access JWT
+  - name: OBJECT_DIR
+    type: required
+    description: Directory or file path with the Kubernetes yaml files
+  - name: OCTAINE_POLICY
+    type: required
+    description: Octarine Policy name to use for the validate