From 65b45f699ddfbb33a94225dbf620126409dd256f Mon Sep 17 00:00:00 2001
From: Huang Huang <mozillazg101@gmail.com>
Date: Mon, 8 Nov 2021 17:25:59 +0800
Subject: [PATCH] Fix status of cis-1.20 4.1.6 should be Automated (#1041)

---
 cfg/cis-1.20/node.yaml                    | 4 ++--
 integration/testdata/Expected_output.data | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/cfg/cis-1.20/node.yaml b/cfg/cis-1.20/node.yaml
index 8963e2a..aa12820 100644
--- a/cfg/cis-1.20/node.yaml
+++ b/cfg/cis-1.20/node.yaml
@@ -84,7 +84,7 @@ groups:
         scored: true
 
       - id: 4.1.6
-        text: "Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root (Manual)"
+        text: "Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root (Automated)"
         audit: '/bin/sh -c ''if test -e $kubeletkubeconfig; then stat -c %U:%G $kubeletkubeconfig; fi'' '
         tests:
           test_items:
@@ -93,7 +93,7 @@ groups:
           Run the below command (based on the file location on your system) on the each worker node.
           For example,
           chown root:root $kubeletkubeconfig
-        scored: false
+        scored: true
 
       - id: 4.1.7
         text: "Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Manual)"
diff --git a/integration/testdata/Expected_output.data b/integration/testdata/Expected_output.data
index 0281037..1dd154e 100644
--- a/integration/testdata/Expected_output.data
+++ b/integration/testdata/Expected_output.data
@@ -224,7 +224,7 @@ minimum.
 [PASS] 4.1.3 If proxy kubeconfig file exists ensure permissions are set to 644 or more restrictive (Manual)
 [PASS] 4.1.4 If proxy kubeconfig file exists ensure ownership is set to root:root (Manual)
 [PASS] 4.1.5 Ensure that the --kubeconfig kubelet.conf file permissions are set to 644 or more restrictive (Automated)
-[PASS] 4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root (Manual)
+[PASS] 4.1.6 Ensure that the --kubeconfig kubelet.conf file ownership is set to root:root (Automated)
 [PASS] 4.1.7 Ensure that the certificate authorities file permissions are set to 644 or more restrictive (Manual)
 [PASS] 4.1.8 Ensure that the client certificate authorities file ownership is set to root:root (Manual)
 [PASS] 4.1.9 Ensure that the kubelet --config configuration file has permissions set to 644 or more restrictive (Automated)