From 365dc40eeaf025b3b21c4532a6631dbee927203f Mon Sep 17 00:00:00 2001
From: LaibaBareera <laibabareeradcg@gmail.com>
Date: Tue, 17 Jun 2025 12:28:59 +0500
Subject: [PATCH] fix test cases

---
 cfg/aks-1.7/policies.yaml | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/cfg/aks-1.7/policies.yaml b/cfg/aks-1.7/policies.yaml
index 383356b..5bb3d7b 100644
--- a/cfg/aks-1.7/policies.yaml
+++ b/cfg/aks-1.7/policies.yaml
@@ -12,9 +12,9 @@ groups:
         text: "Ensure that the cluster-admin role is only used where required (Automated)"
         audit: |
           kubectl get clusterrolebindings -o json | jq -r '
-            .items[] 
-            | select(.roleRef.name == "cluster-admin") 
-            | .subjects[]? 
+            .items[]
+            | select(.roleRef.name == "cluster-admin")
+            | .subjects[]?
             | select(.kind != "Group" or (.name != "system:masters" and .name != "system:nodes"))
             | "FOUND_CLUSTER_ADMIN_BINDING"
           ' || echo "NO_CLUSTER_ADMIN_BINDINGS"
@@ -41,9 +41,9 @@ groups:
         text: "Minimize access to secrets (Automated)"
         audit: |
           count=$(kubectl get roles --all-namespaces -o json | jq '
-            .items[] 
-            | select(.rules[]? 
-              | (.resources[]? == "secrets") 
+            .items[]
+            | select(.rules[]?
+              | (.resources[]? == "secrets")
               and ((.verbs[]? == "get") or (.verbs[]? == "list") or (.verbs[]? == "watch"))
             )' | wc -l)
 
@@ -341,7 +341,6 @@ groups:
         scored: true
 
 
-
   - id: 4.5
     text: "Secrets Management"
     checks:
@@ -416,4 +415,3 @@ groups:
           kubectl get deployment my-app -n default -o yaml | sed 's/namespace: default/namespace: my-namespace/' | kubectl apply -f -
           kubectl delete deployment my-app -n default
         scored: true
-