mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-26 01:49:28 +00:00
* Adds openshift to autodetect node type * detect okd node units * OCP fixes
This commit is contained in:
parent
13193d75b0
commit
9fc13ca02e
@ -171,7 +171,6 @@ func (c *Check) run() State {
|
|||||||
c.State = PASS
|
c.State = PASS
|
||||||
c.ActualValue = finalOutput.actualResult
|
c.ActualValue = finalOutput.actualResult
|
||||||
c.ExpectedResult = finalOutput.ExpectedResult
|
c.ExpectedResult = finalOutput.ExpectedResult
|
||||||
glog.V(3).Infof("Check.ID: %s Command: %q TestResult: %t Score: %q \n", c.ID, lastCommand, finalOutput.testResult, c.State)
|
|
||||||
} else {
|
} else {
|
||||||
if c.Scored {
|
if c.Scored {
|
||||||
c.State = FAIL
|
c.State = FAIL
|
||||||
@ -180,7 +179,9 @@ func (c *Check) run() State {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if finalOutput == nil {
|
if finalOutput != nil {
|
||||||
|
glog.V(3).Infof("Check.ID: %s Command: %q TestResult: %t State: %q \n", c.ID, lastCommand, finalOutput.testResult, c.State)
|
||||||
|
} else {
|
||||||
glog.V(3).Infof("Check.ID: %s Command: %q TestResult: <<EMPTY>> \n", c.ID, lastCommand)
|
glog.V(3).Infof("Check.ID: %s Command: %q TestResult: <<EMPTY>> \n", c.ID, lastCommand)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -242,8 +243,7 @@ func isShellCommand(s string) bool {
|
|||||||
|
|
||||||
out, err := cmd.Output()
|
out, err := cmd.Output()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%s\n", err)
|
exitWithError(fmt.Errorf("failed to check if command: %q is valid %v", s, err))
|
||||||
os.Exit(1)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if strings.Contains(string(out), s) {
|
if strings.Contains(string(out), s) {
|
||||||
@ -331,6 +331,13 @@ func runExecCommands(audit string, commands []*exec.Cmd, out *bytes.Buffer) (Sta
|
|||||||
i++
|
i++
|
||||||
}
|
}
|
||||||
|
|
||||||
glog.V(3).Infof("Command %q - Output:\n\n %s\n", audit, out.String())
|
glog.V(3).Infof("Command %q - Output:\n\n %q\n - Error Messages:%q \n", audit, out.String(), errmsgs)
|
||||||
return "", errmsgs
|
return "", errmsgs
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func exitWithError(err error) {
|
||||||
|
fmt.Fprintf(os.Stderr, "\n%v\n", err)
|
||||||
|
// flush before exit non-zero
|
||||||
|
glog.Flush()
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
@ -165,7 +165,7 @@ func compareOp(tCompareOp string, flagVal string, tCompareValue string) (string,
|
|||||||
case "gt", "gte", "lt", "lte":
|
case "gt", "gte", "lt", "lte":
|
||||||
a, b, err := toNumeric(flagVal, tCompareValue)
|
a, b, err := toNumeric(flagVal, tCompareValue)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "%v\n", err)
|
fmt.Fprintf(os.Stderr, "Not numeric value - flag: %q - compareValue: %q %v\n", flagVal, tCompareValue, err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
}
|
}
|
||||||
switch tCompareOp {
|
switch tCompareOp {
|
||||||
|
@ -90,7 +90,7 @@ func runChecks(nodetype check.NodeType, testYamlFile string) {
|
|||||||
|
|
||||||
// Checks that the executables we need for the section are running.
|
// Checks that the executables we need for the section are running.
|
||||||
if err != nil {
|
if err != nil {
|
||||||
exitWithError(err)
|
exitWithError(fmt.Errorf("failed to get a set of executables needed for tests: %v", err))
|
||||||
}
|
}
|
||||||
|
|
||||||
confmap := getFiles(typeConf, "config")
|
confmap := getFiles(typeConf, "config")
|
||||||
@ -229,7 +229,7 @@ func loadConfig(nodetype check.NodeType) string {
|
|||||||
|
|
||||||
benchmarkVersion, err := getBenchmarkVersion(kubeVersion, benchmarkVersion, viper.GetViper())
|
benchmarkVersion, err := getBenchmarkVersion(kubeVersion, benchmarkVersion, viper.GetViper())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
exitWithError(err)
|
exitWithError(fmt.Errorf("failed to get benchMark version: %v", err))
|
||||||
}
|
}
|
||||||
|
|
||||||
path, err := getConfigFilePath(benchmarkVersion, file)
|
path, err := getConfigFilePath(benchmarkVersion, file)
|
||||||
|
@ -29,12 +29,12 @@ var runCmd = &cobra.Command{
|
|||||||
Run: func(cmd *cobra.Command, args []string) {
|
Run: func(cmd *cobra.Command, args []string) {
|
||||||
targets, err := cmd.Flags().GetStringSlice("targets")
|
targets, err := cmd.Flags().GetStringSlice("targets")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
exitWithError(err)
|
exitWithError(fmt.Errorf("unable to get `targets` from command line :%v", err))
|
||||||
}
|
}
|
||||||
|
|
||||||
benchmarkVersion, err := getBenchmarkVersion(kubeVersion, benchmarkVersion, viper.GetViper())
|
benchmarkVersion, err := getBenchmarkVersion(kubeVersion, benchmarkVersion, viper.GetViper())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
exitWithError(err)
|
exitWithError(fmt.Errorf("unable to get benchmark version. error: %v", err))
|
||||||
}
|
}
|
||||||
|
|
||||||
glog.V(2).Infof("Checking targets %v for %v", targets, benchmarkVersion)
|
glog.V(2).Infof("Checking targets %v for %v", targets, benchmarkVersion)
|
||||||
|
Loading…
Reference in New Issue
Block a user