Merge branch 'master' into config-files

2025-02-16 17:42:05 +00:00 · 2017-08-30 11:43:03 +01:00 · 2017-08-30 11:43:03 +01:00 · 21baf95d6b
commit 21baf95d6b
parent 437a5f686c 89e9d37cde
2 changed files with 5 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -105,3 +105,6 @@ These operations are:
 - `lte`: tests if the flag value is less than or equal to the compared value.
 - `has`: tests if the flag value contains the compared value.
 - `nothave`: tests if the flag value does not contain the compared value.
+
+# Roadmap 
+The tests are up-to-date with the CIS Benchmark 1.1.0, which refers to Kubernetes 1.7. Going forward we should release updates to kube-bench to reflect new releases of the Benchmark, which in turn we can anticipate being made for each new Kubernetes release. 
--- a/cfg/node.yaml
+++ b/cfg/node.yaml
@ -79,10 +79,11 @@ groups:
      text: "Ensure that the --streaming-connection-idle-timeout argument is not set to 0 (Scored)"
      audit: "ps -ef | grep $kubeletbin | grep -v grep"
      tests:
+        bin_op: or
        test_items:
          - flag: "--streaming-connection-idle-timeout"
            compare:
-              op: gt
+              op: noteq
              value: 0
            set: true
      remediation: "Edit the $kubeletconf file on each node and set the KUBELET_ARGS