1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-24 07:28:06 +00:00

Config file improvements

Correct defaults in main config.yaml file
Remove unnecessary overrides in version-specific config.yaml
This commit is contained in:
Liz Rice 2019-05-17 14:21:42 +01:00
parent 74fd7cd595
commit 12e48297a6
5 changed files with 17 additions and 114 deletions

View File

@ -1,33 +1,2 @@
--- ---
## Controls Files. ## Version-specific settings that override the values in cfg/config.yaml
# These are YAML files that hold all the details for running checks.
#
## Uncomment to use different control file paths.
# masterControls: ./cfg/master.yaml
# nodeControls: ./cfg/node.yaml
# federatedControls: ./cfg/federated.yaml
master:
apiserver:
confs:
- /etc/kubernetes/manifests/kube-apiserver.yaml
- /etc/kubernetes/manifests/kube-apiserver.manifest
defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
scheduler:
confs:
- /etc/kubernetes/manifests/kube-scheduler.yaml
- /etc/kubernetes/manifests/kube-scheduler.manifest
defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
controllermanager:
confs:
- /etc/kubernetes/manifests/kube-controller-manager.yaml
- /etc/kubernetes/manifests/kube-controller-manager.manifest
defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
etcd:
confs:
- /etc/kubernetes/manifests/etcd.yaml
- /etc/kubernetes/manifests/etcd.manifest
defaultconf: /etc/kubernetes/manifests/etcd.yaml

View File

@ -1,33 +1,2 @@
--- ---
## Controls Files. ## Version-specific settings that override the values in cfg/config.yaml
# These are YAML files that hold all the details for running checks.
#
## Uncomment to use different control file paths.
# masterControls: ./cfg/master.yaml
# nodeControls: ./cfg/node.yaml
# federatedControls: ./cfg/federated.yaml
master:
apiserver:
confs:
- /etc/kubernetes/manifests/kube-apiserver.yaml
- /etc/kubernetes/manifests/kube-apiserver.manifest
defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
scheduler:
confs:
- /etc/kubernetes/manifests/kube-scheduler.yaml
- /etc/kubernetes/manifests/kube-scheduler.manifest
defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
controllermanager:
confs:
- /etc/kubernetes/manifests/kube-controller-manager.yaml
- /etc/kubernetes/manifests/kube-controller-manager.manifest
defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
etcd:
confs:
- /etc/kubernetes/manifests/etcd.yaml
- /etc/kubernetes/manifests/etcd.manifest
defaultconf: /etc/kubernetes/manifests/etcd.yaml

View File

@ -1,33 +1,2 @@
--- ---
## Controls Files. ## Version-specific settings that override the values in cfg/config.yaml
# These are YAML files that hold all the details for running checks.
#
## Uncomment to use different control file paths.
# masterControls: ./cfg/master.yaml
# nodeControls: ./cfg/node.yaml
# federatedControls: ./cfg/federated.yaml
master:
apiserver:
confs:
- /etc/kubernetes/manifests/kube-apiserver.yaml
- /etc/kubernetes/manifests/kube-apiserver.manifest
defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
scheduler:
confs:
- /etc/kubernetes/manifests/kube-scheduler.yaml
- /etc/kubernetes/manifests/kube-scheduler.manifest
defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
controllermanager:
confs:
- /etc/kubernetes/manifests/kube-controller-manager.yaml
- /etc/kubernetes/manifests/kube-controller-manager.manifest
defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
etcd:
confs:
- /etc/kubernetes/manifests/etcd.yaml
- /etc/kubernetes/manifests/etcd.manifest
defaultconf: /etc/kubernetes/manifests/etcd.yaml

View File

@ -27,9 +27,9 @@ master:
- "hyperkube kube-apiserver" - "hyperkube kube-apiserver"
- "apiserver" - "apiserver"
confs: confs:
- /etc/kubernetes/apiserver.conf - /etc/kubernetes/manifests/kube-apiserver.yaml
- /etc/kubernetes/apiserver - /etc/kubernetes/manifests/kube-apiserver.manifest
defaultconf: /etc/kubernetes/apiserver defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
scheduler: scheduler:
bins: bins:
@ -38,9 +38,9 @@ master:
- "hyperkube kube-scheduler" - "hyperkube kube-scheduler"
- "scheduler" - "scheduler"
confs: confs:
- /etc/kubernetes/scheduler.conf - /etc/kubernetes/manifests/kube-scheduler.yaml
- /etc/kubernetes/scheduler - /etc/kubernetes/manifests/kube-scheduler.manifest
defaultconf: /etc/kubernetes/scheduler defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
controllermanager: controllermanager:
bins: bins:
@ -49,17 +49,19 @@ master:
- "hyperkube kube-controller-manager" - "hyperkube kube-controller-manager"
- "controller-manager" - "controller-manager"
confs: confs:
- /etc/kubernetes/controller-manager.conf - /etc/kubernetes/manifests/kube-controller-manager.yaml
- /etc/kubernetes/controller-manager - /etc/kubernetes/manifests/kube-controller-manager.manifest
defaultconf: /etc/kubernetes/controller-manager defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
etcd: etcd:
optional: true optional: true
bins: bins:
- "etcd" - "etcd"
confs: confs:
- /etc/kubernetes/manifests/etcd.yaml
- /etc/kubernetes/manifests/etcd.manifest
- /etc/etcd/etcd.conf - /etc/etcd/etcd.conf
defaultconf: /etc/etcd/etcd.conf defaultconf: /etc/kubernetes/manifests/etcd.yaml
flanneld: flanneld:
optional: true optional: true

View File

@ -1,11 +1,5 @@
--- ---
## Controls Files. ## Version-specific settings that override the values in cfg/config.yaml
# These are YAML files that hold all the details for running checks.
#
## Uncomment to use different control file paths.
# masterControls: ./cfg/master.yaml
# nodeControls: ./cfg/node.yaml
# federatedControls: ./cfg/federated.yaml
master: master:
apiserver: apiserver: