Merge pull request #130 from aquasecurity/fix-typo

A bunch of text edits

README.md

@@ -37,6 +37,19 @@ You can even use your own configs by mounting them over the default ones in `/op
 docker run --pid=host -v path/to/my-config.yaml:/opt/kube-bench/cfg/config.yaml aquasec/kube-bench:latest <master|node>
 ```
 
+### Running in a kubernetes cluster
+Run the master check
+
+```
+kubectl run --rm -i -t kube-bench-master --image=aquasec/kube-bench:latest --restart=Never --overrides="{ \"apiVersion\": \"v1\", \"spec\": { \"hostPID\": true, \"nodeSelector\": { \"kubernetes.io/role\": \"master\" }, \"tolerations\": [ { \"key\": \"node-role.kubernetes.io/master\", \"operator\": \"Exists\", \"effect\": \"NoSchedule\" } ] } }" -- master --version 1.8
+```
+
+Run the node check
+
+```
+kubectl run --rm -i -t kube-bench-node --image=aquasec/kube-bench:latest --restart=Never --overrides="{ \"apiVersion\": \"v1\", \"spec\": { \"hostPID\": true } }" -- node --version 1.8
+```
+
 ### Installing from a container
 
 This command copies the kube-bench binary and configuration files to your host from the Docker container:
@@ -55,25 +68,13 @@ go get github.com/Masterminds/glide
 cd $GOPATH/src/github.com/aquasecurity/kube-bench
 $GOPATH/bin/glide install
 go build -o kube-bench . 
-./kube-bench <master|node>
-```
 
-## Usage
+# See all supported options
-```./kube-bench [command]```
+./kube-bench --help
 
-```
+# Run the all checks on a master node
-Available Commands:
+./kube-bench master
-  federated   Run benchmark checks for a Kubernetes federated deployment.
-  help        Help about any command
-  master      Run benchmark checks for a Kubernetes master node.
-  node        Run benchmark checks for a Kubernetes node.
 
-Flags:
-  -c, --check string          A comma-delimited list of checks to run as specified in CIS document. Example --check="1.1.1,1.1.2"
-      --config string         config file (default is ./cfg/config.yaml)
-  -g, --group string          Run all the checks under this comma-delimited list of groups. Example --group="1.1"
-      --json                  Prints the results as JSON
-  -v, --verbose               verbose output (default false)
 ```
 
 ## Configuration

cfg/1.8/master.yaml

@@ -418,7 +418,7 @@ groups:
 
   - id: 1.1.26
     text: "Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as 
-      appropriate (Scored"
+      appropriate (Scored)"
     audit: "ps -ef | grep $apiserverbin | grep -v grep"
     tests:
       bin_op: and
@@ -666,7 +666,7 @@ groups:
     scored: true
 
   - id: 1.3.3
-    text: "Ensure that the --use-service-account-credentials argument is set"
+    text: "Ensure that the --use-service-account-credentials argument is set (Scored)"
     audit: "ps -ef | grep $controllermanagerbin | grep -v grep"
     tests:
       test_items:

cmd/root.go

@@ -46,7 +46,7 @@ var (
 var RootCmd = &cobra.Command{
 	Use:   os.Args[0],
 	Short: "Run CIS Benchmarks checks against a Kubernetes deployment",
-	Long:  `This tool runs the CIS Kubernetes 1.6 Benchmark v1.0.0 checks.`,
+	Long:  `This tool runs the CIS Kubernetes Benchmark (http://www.cisecurity.org/benchmark/kubernetes/)`,
 }
 
 // Execute adds all child commands to the root command sets flags appropriately.
@@ -65,7 +65,7 @@ func init() {
 	cobra.OnInitialize(initConfig)
 
 	// Output control
-	RootCmd.PersistentFlags().BoolVar(&noResults, "noresults", false, "Disable prints of results section")
+	RootCmd.PersistentFlags().BoolVar(&noResults, "noresults", false, "Disable printing of results section")
 	RootCmd.PersistentFlags().BoolVar(&noSummary, "nosummary", false, "Disable printing of summary section")
 	RootCmd.PersistentFlags().BoolVar(&noRemediations, "noremediations", false, "Disable printing of remediations section")
 	RootCmd.PersistentFlags().BoolVar(&jsonFmt, "json", false, "Prints the results as JSON")