arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2025-06-25 01:18:59 +00:00
Code Issues Releases Wiki Activity

Merge branch 'master' into test_updates

Browse Source
This commit is contained in:
Liz Rice 2018-01-30 19:50:13 +00:00 committed by GitHub
commit 7f41564a62
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 7 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.goreleaser.yml
View File

@ -9,11 +9,6 @@ builds:
# Archive customization # Archive customization
archive: archive:
format: tar.gz format: tar.gz
dockers:
-
binary: kube-bench
image: aquasec/kube-bench
latest: true
fpm: fpm:
vendor: Aqua Security vendor: Aqua Security
description: "The Kubernetes Bench for Security is a Go application that checks whether Kubernetes is deployed according to security best practices" description: "The Kubernetes Bench for Security is a Go application that checks whether Kubernetes is deployed according to security best practices"

4
Dockerfile
View File

@ -5,8 +5,8 @@ RUN go get github.com/aquasecurity/kube-bench
FROM alpine:latest FROM alpine:latest
WORKDIR / WORKDIR /
COPY --from=0 /go/bin/kube-bench /kube-bench COPY --from=0 /go/bin/kube-bench /kube-bench
COPY cfg cfg COPY --from=0 /go/src/github.com/aquasecurity/kube-bench/cfg /cfg
COPY entrypoint.sh /entrypoint.sh COPY --from=0 /go/src/github.com/aquasecurity/kube-bench/entrypoint.sh /entrypoint.sh
ENTRYPOINT /entrypoint.sh ENTRYPOINT /entrypoint.sh
# Build-time metadata as defined at http://label-schema.org # Build-time metadata as defined at http://label-schema.org

2
cmd/common.go
View File

@ -103,7 +103,7 @@ func runChecks(t check.NodeType) {
fmt.Println(string(out)) fmt.Println(string(out))
} else { } else {
// if we want to store in PostgreSQL, convert to JSON and save it // if we want to store in PostgreSQL, convert to JSON and save it
if (summary.Fail > 0 || summary.Warn > 0 || summary.Pass > 0) && pgSql { if (summary.Fail > 0 || summary.Warn > 0 || summary.Pass > 0) && pgSQL {
out, err := controls.JSON() out, err := controls.JSON()
if err != nil { if err != nil {
exitWithError(fmt.Errorf("failed to output in JSON format: %v", err)) exitWithError(fmt.Errorf("failed to output in JSON format: %v", err))

2
cmd/database.go
View File

@ -7,7 +7,7 @@ import (
"github.com/golang/glog" "github.com/golang/glog"
"github.com/jinzhu/gorm" "github.com/jinzhu/gorm"
_ "github.com/jinzhu/gorm/dialects/postgres" _ "github.com/jinzhu/gorm/dialects/postgres" // database packages get blank imports
"github.com/spf13/viper" "github.com/spf13/viper"
) )

4
cmd/root.go
View File

@ -30,7 +30,7 @@ var (
defaultKubeVersion = "1.6" defaultKubeVersion = "1.6"
cfgFile string cfgFile string
jsonFmt bool jsonFmt bool
pgSql bool pgSQL bool
checkList string checkList string
groupList string groupList string
masterFile string masterFile string
@ -61,7 +61,7 @@ func init() {
cobra.OnInitialize(initConfig) cobra.OnInitialize(initConfig)
RootCmd.PersistentFlags().BoolVar(&jsonFmt, "json", false, "Prints the results as JSON") RootCmd.PersistentFlags().BoolVar(&jsonFmt, "json", false, "Prints the results as JSON")
RootCmd.PersistentFlags().BoolVar(&pgSql, "pgsql", false, "Save the results to PostgreSQL") RootCmd.PersistentFlags().BoolVar(&pgSQL, "pgsql", false, "Save the results to PostgreSQL")
RootCmd.PersistentFlags().StringVarP( RootCmd.PersistentFlags().StringVarP(
&checkList, &checkList,
"check", "check",

3
cmd/util.go
View File

@ -196,9 +196,8 @@ func findExecutable(candidates []string) (string, error) {
for _, c := range candidates { for _, c := range candidates {
if verifyBin(c) { if verifyBin(c) {
return c, nil return c, nil
} else {
glog.V(1).Info(fmt.Sprintf("executable '%s' not running", c))
} }
glog.V(1).Info(fmt.Sprintf("executable '%s' not running", c))
} }
return "", fmt.Errorf("no candidates running") return "", fmt.Errorf("no candidates running")