Try to search the right ca file of kubelet (#633)

cfg/cis-1.3/node.yaml

@@ -456,7 +456,12 @@ groups:
 
       - id: 2.2.8
         text: Ensure that the client certificate authorities file ownership is set to root:root (Scored)
-        audit: '/bin/sh -c ''if test -e $kubeletcafile; then stat -c %U:%G $kubeletcafile; fi'' '
+        audit: |
+          CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
+          if [[ -z $CAFILE ]]; then
+            CAFILE=$kubeletcafile
+          fi
+          if test -e $CAFILE; then stat -c %U:%G $CAFILE; fi
         tests:
           test_items:
             - flag: root:root

cfg/cis-1.4/node.yaml

@@ -447,7 +447,12 @@ groups:
 
       - id: 2.2.8
         text: Ensure that the client certificate authorities file ownership is set to root:root (Scored)
-        audit: '/bin/sh -c ''if test -e $kubeletcafile; then stat -c %U:%G $kubeletcafile; fi'' '
+        audit: |
+          CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
+          if [[ -z $CAFILE ]]; then
+            CAFILE=$kubeletcafile
+          fi
+          if test -e $CAFILE; then stat -c %U:%G $CAFILE; fi
         tests:
           test_items:
             - flag: root:root

cfg/cis-1.5/node.yaml

@@ -107,7 +107,12 @@ groups:
 
       - id: 4.1.8
         text: "Ensure that the client certificate authorities file ownership is set to root:root (Scored)"
-        audit: '/bin/sh -c ''if test -e $kubeletcafile; then stat -c %U:%G $kubeletcafile; fi'' '
+        audit: |
+          CAFILE=$(ps -ef | grep kubelet | grep -v apiserver | grep -- --client-ca-file= | awk -F '--client-ca-file=' '{print $2}' | awk '{print $1}')
+          if [[ -z $CAFILE ]]; then
+            CAFILE=$kubeletcafile
+          fi
+          if test -e $CAFILE; then stat -c %U:%G $CAFILE; fi
         tests:
           test_items:
             - flag: root:root