Fix test request timeout (#874)

* Test 1.2.24 should be manual

* Test 1.2.26 should be manual

* Test 1.2.26 should be manual

* Change test 1.2.26

* Change test 1.2.26

* Change test 1.2.26

* Change test 1.2.26

* Change test 1.2.26

cfg/ack-1.0/master.yaml

@@ -680,12 +680,7 @@ groups:
       - id: 1.2.24
         text: "Ensure that the --request-timeout argument is set as appropriate (Automated)"
         audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
-        tests:
-          bin_op: or
-          test_items:
-            - flag: "--request-timeout"
-              set: false
-            - flag: "--request-timeout"
+        type: manual
         remediation: |
           Edit the API server pod specification file $apiserverconf
           and set the below parameter as appropriate and if needed.

cfg/cis-1.5/master.yaml

@@ -766,13 +766,7 @@ groups:
       - id: 1.2.26
         text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
         audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
-        tests:
-          bin_op: or
-          test_items:
-            - flag: "--request-timeout"
-              set: false
-            - flag: "--request-timeout"
-              set: true
+        type: manual
         remediation: |
           Edit the API server pod specification file $apiserverconf
           and set the below parameter as appropriate and if needed.

cfg/cis-1.6/master.yaml

@@ -714,12 +714,7 @@ groups:
       - id: 1.2.26
         text: "Ensure that the --request-timeout argument is set as appropriate (Automated)"
         audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
-        tests:
-          bin_op: or
-          test_items:
-            - flag: "--request-timeout"
-              set: false
-            - flag: "--request-timeout"
+        type: manual
         remediation: |
           Edit the API server pod specification file $apiserverconf
           and set the below parameter as appropriate and if needed.

integration/testdata/cis-1.5/job-master.data

@@ -47,7 +47,7 @@
 [FAIL] 1.2.23 Ensure that the --audit-log-maxage argument is set to 30 or as appropriate (Scored)
 [FAIL] 1.2.24 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate (Scored)
 [FAIL] 1.2.25 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate (Scored)
-[PASS] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Scored)
+[WARN] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Scored)
 [PASS] 1.2.27 Ensure that the --service-account-lookup argument is set to true (Scored)
 [PASS] 1.2.28 Ensure that the --service-account-key-file argument is set as appropriate (Scored)
 [PASS] 1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate (Scored)
@@ -140,6 +140,11 @@ on the master node and set the --audit-log-maxsize parameter to an appropriate s
 For example, to set it as 100 MB:
 --audit-log-maxsize=100
 
+1.2.26 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
+and set the below parameter as appropriate and if needed.
+For example,
+--request-timeout=300s
+
 1.2.33 Follow the Kubernetes documentation and configure a EncryptionConfig file.
 Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
 on the master node and set the --encryption-provider-config parameter to the path of that file: --encryption-provider-config=</path/to/EncryptionConfig/File>
@@ -166,13 +171,13 @@ on the master node and set the below parameter.
 
 
 == Summary master ==
-45 checks PASS
+44 checks PASS
 10 checks FAIL
-10 checks WARN
+11 checks WARN
 0 checks INFO
 
 == Summary total ==
-45 checks PASS
+44 checks PASS
 10 checks FAIL
-10 checks WARN
-0 checks INFO
+11 checks WARN
+0 checks INFO

integration/testdata/cis-1.5/job.data

@@ -47,7 +47,7 @@
 [FAIL] 1.2.23 Ensure that the --audit-log-maxage argument is set to 30 or as appropriate (Scored)
 [FAIL] 1.2.24 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate (Scored)
 [FAIL] 1.2.25 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate (Scored)
-[PASS] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Scored)
+[WARN] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Scored)
 [PASS] 1.2.27 Ensure that the --service-account-lookup argument is set to true (Scored)
 [PASS] 1.2.28 Ensure that the --service-account-key-file argument is set as appropriate (Scored)
 [PASS] 1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate (Scored)
@@ -140,6 +140,11 @@ on the master node and set the --audit-log-maxsize parameter to an appropriate s
 For example, to set it as 100 MB:
 --audit-log-maxsize=100
 
+1.2.26 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
+and set the below parameter as appropriate and if needed.
+For example,
+--request-timeout=300s
+
 1.2.33 Follow the Kubernetes documentation and configure a EncryptionConfig file.
 Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
 on the master node and set the --encryption-provider-config parameter to the path of that file: --encryption-provider-config=</path/to/EncryptionConfig/File>
@@ -166,9 +171,9 @@ on the master node and set the below parameter.
 
 
 == Summary master ==
-45 checks PASS
+44 checks PASS
 10 checks FAIL
-10 checks WARN
+11 checks WARN
 0 checks INFO
 
 [INFO] 2 Etcd Node Configuration
@@ -410,7 +415,7 @@ resources and that all new resources are created in a specific namespace.
 0 checks INFO
 
 == Summary total ==
-72 checks PASS
+71 checks PASS
 13 checks FAIL
-37 checks WARN
+38 checks WARN
 0 checks INFO

integration/testdata/cis-1.6/job-master.data

@@ -47,7 +47,7 @@
 [FAIL] 1.2.23 Ensure that the --audit-log-maxage argument is set to 30 or as appropriate (Automated)
 [FAIL] 1.2.24 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate (Automated)
 [FAIL] 1.2.25 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate (Automated)
-[PASS] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Automated)
+[WARN] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Automated)
 [PASS] 1.2.27 Ensure that the --service-account-lookup argument is set to true (Automated)
 [PASS] 1.2.28 Ensure that the --service-account-key-file argument is set as appropriate (Automated)
 [PASS] 1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate (Automated)
@@ -140,6 +140,11 @@ on the master node and set the --audit-log-maxsize parameter to an appropriate s
 For example, to set it as 100 MB:
 --audit-log-maxsize=100
 
+1.2.26 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
+and set the below parameter as appropriate and if needed.
+For example,
+--request-timeout=300s
+
 1.2.33 Follow the Kubernetes documentation and configure a EncryptionConfig file.
 Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
 on the master node and set the --encryption-provider-config parameter to the path of that file: --encryption-provider-config=</path/to/EncryptionConfig/File>
@@ -169,13 +174,13 @@ on the master node and set the below parameter.
 
 
 == Summary master ==
-45 checks PASS
+44 checks PASS
 10 checks FAIL
-10 checks WARN
+11 checks WARN
 0 checks INFO
 
 == Summary total ==
-45 checks PASS
+44 checks PASS
 10 checks FAIL
-10 checks WARN
-0 checks INFO
+11 checks WARN
+0 checks INFO

integration/testdata/cis-1.6/job.data

@@ -47,7 +47,7 @@
 [FAIL] 1.2.23 Ensure that the --audit-log-maxage argument is set to 30 or as appropriate (Automated)
 [FAIL] 1.2.24 Ensure that the --audit-log-maxbackup argument is set to 10 or as appropriate (Automated)
 [FAIL] 1.2.25 Ensure that the --audit-log-maxsize argument is set to 100 or as appropriate (Automated)
-[PASS] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Automated)
+[WARN] 1.2.26 Ensure that the --request-timeout argument is set as appropriate (Automated)
 [PASS] 1.2.27 Ensure that the --service-account-lookup argument is set to true (Automated)
 [PASS] 1.2.28 Ensure that the --service-account-key-file argument is set as appropriate (Automated)
 [PASS] 1.2.29 Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as appropriate (Automated)
@@ -140,6 +140,11 @@ on the master node and set the --audit-log-maxsize parameter to an appropriate s
 For example, to set it as 100 MB:
 --audit-log-maxsize=100
 
+1.2.26 Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
+and set the below parameter as appropriate and if needed.
+For example,
+--request-timeout=300s
+
 1.2.33 Follow the Kubernetes documentation and configure a EncryptionConfig file.
 Then, edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml
 on the master node and set the --encryption-provider-config parameter to the path of that file: --encryption-provider-config=</path/to/EncryptionConfig/File>
@@ -169,9 +174,9 @@ on the master node and set the below parameter.
 
 
 == Summary master ==
-45 checks PASS
+44 checks PASS
 10 checks FAIL
-10 checks WARN
+11 checks WARN
 0 checks INFO
 
 [INFO] 2 Etcd Node Configuration
@@ -413,7 +418,7 @@ resources and that all new resources are created in a specific namespace.
 0 checks INFO
 
 == Summary total ==
-72 checks PASS
+71 checks PASS
 11 checks FAIL
-39 checks WARN
+40 checks WARN
 0 checks INFO