From c40b2a72e2be30a4ef4b3c77a98467e2f9f3e5fd Mon Sep 17 00:00:00 2001 From: Simon Alexander Alsing Date: Tue, 4 Mar 2025 07:27:13 +0100 Subject: [PATCH] fix: typo of applicaions which should have been applications (#1819) --- cfg/ack-1.0/policies.yaml | 2 +- cfg/cis-1.10/policies.yaml | 2 +- cfg/cis-1.20/policies.yaml | 2 +- cfg/cis-1.23/policies.yaml | 2 +- cfg/cis-1.24/policies.yaml | 2 +- cfg/cis-1.5/policies.yaml | 2 +- cfg/cis-1.6/policies.yaml | 2 +- cfg/cis-1.7/policies.yaml | 2 +- cfg/cis-1.8/policies.yaml | 2 +- cfg/cis-1.9/policies.yaml | 2 +- cfg/k3s-cis-1.23/policies.yaml | 2 +- cfg/rh-1.0/policies.yaml | 2 +- cfg/rke-cis-1.23/policies.yaml | 2 +- cfg/rke-cis-1.24/policies.yaml | 2 +- cfg/rke-cis-1.7/policies.yaml | 2 +- cfg/rke2-cis-1.23/policies.yaml | 2 +- cfg/rke2-cis-1.24/policies.yaml | 2 +- cfg/rke2-cis-1.7/policies.yaml | 2 +- cfg/tkgi-1.2.53/policies.yaml | 2 +- integration/testdata/Expected_output.data | 2 +- 20 files changed, 20 insertions(+), 20 deletions(-) diff --git a/cfg/ack-1.0/policies.yaml b/cfg/ack-1.0/policies.yaml index d30bbae..fbceda0 100644 --- a/cfg/ack-1.0/policies.yaml +++ b/cfg/ack-1.0/policies.yaml @@ -132,7 +132,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications runnning on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.10/policies.yaml b/cfg/cis-1.10/policies.yaml index eee0163..8d84fc8 100644 --- a/cfg/cis-1.10/policies.yaml +++ b/cfg/cis-1.10/policies.yaml @@ -443,7 +443,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.20/policies.yaml b/cfg/cis-1.20/policies.yaml index 309422a..591d3e5 100644 --- a/cfg/cis-1.20/policies.yaml +++ b/cfg/cis-1.20/policies.yaml @@ -146,7 +146,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.23/policies.yaml b/cfg/cis-1.23/policies.yaml index 92216e4..e508177 100644 --- a/cfg/cis-1.23/policies.yaml +++ b/cfg/cis-1.23/policies.yaml @@ -153,7 +153,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.24/policies.yaml b/cfg/cis-1.24/policies.yaml index b59afc6..bbdf0e0 100644 --- a/cfg/cis-1.24/policies.yaml +++ b/cfg/cis-1.24/policies.yaml @@ -153,7 +153,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.5/policies.yaml b/cfg/cis-1.5/policies.yaml index 0fab552..544ec20 100644 --- a/cfg/cis-1.5/policies.yaml +++ b/cfg/cis-1.5/policies.yaml @@ -132,7 +132,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.6/policies.yaml b/cfg/cis-1.6/policies.yaml index 554a0d6..ebb7ffe 100644 --- a/cfg/cis-1.6/policies.yaml +++ b/cfg/cis-1.6/policies.yaml @@ -132,7 +132,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.7/policies.yaml b/cfg/cis-1.7/policies.yaml index 82592a8..1ded45d 100644 --- a/cfg/cis-1.7/policies.yaml +++ b/cfg/cis-1.7/policies.yaml @@ -188,7 +188,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.8/policies.yaml b/cfg/cis-1.8/policies.yaml index c9b13c9..1bcbe40 100644 --- a/cfg/cis-1.8/policies.yaml +++ b/cfg/cis-1.8/policies.yaml @@ -188,7 +188,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/cis-1.9/policies.yaml b/cfg/cis-1.9/policies.yaml index 770d2cb..cc597d1 100644 --- a/cfg/cis-1.9/policies.yaml +++ b/cfg/cis-1.9/policies.yaml @@ -289,7 +289,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/k3s-cis-1.23/policies.yaml b/cfg/k3s-cis-1.23/policies.yaml index 7faffa3..ded4a2d 100644 --- a/cfg/k3s-cis-1.23/policies.yaml +++ b/cfg/k3s-cis-1.23/policies.yaml @@ -153,7 +153,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rh-1.0/policies.yaml b/cfg/rh-1.0/policies.yaml index e90cd87..fb2ea6c 100644 --- a/cfg/rh-1.0/policies.yaml +++ b/cfg/rh-1.0/policies.yaml @@ -184,7 +184,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider + contains applications which do not require any Linux capabities to operate consider adding a SCC which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rke-cis-1.23/policies.yaml b/cfg/rke-cis-1.23/policies.yaml index 5e4c6d6..3fea035 100644 --- a/cfg/rke-cis-1.23/policies.yaml +++ b/cfg/rke-cis-1.23/policies.yaml @@ -153,7 +153,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rke-cis-1.24/policies.yaml b/cfg/rke-cis-1.24/policies.yaml index 2b8dba3..984a1a9 100644 --- a/cfg/rke-cis-1.24/policies.yaml +++ b/cfg/rke-cis-1.24/policies.yaml @@ -193,7 +193,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rke-cis-1.7/policies.yaml b/cfg/rke-cis-1.7/policies.yaml index 207dd78..a34e92d 100644 --- a/cfg/rke-cis-1.7/policies.yaml +++ b/cfg/rke-cis-1.7/policies.yaml @@ -191,7 +191,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rke2-cis-1.23/policies.yaml b/cfg/rke2-cis-1.23/policies.yaml index 87db5aa..d3f69a1 100644 --- a/cfg/rke2-cis-1.23/policies.yaml +++ b/cfg/rke2-cis-1.23/policies.yaml @@ -153,7 +153,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rke2-cis-1.24/policies.yaml b/cfg/rke2-cis-1.24/policies.yaml index 2613f85..6495964 100644 --- a/cfg/rke2-cis-1.24/policies.yaml +++ b/cfg/rke2-cis-1.24/policies.yaml @@ -153,7 +153,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/rke2-cis-1.7/policies.yaml b/cfg/rke2-cis-1.7/policies.yaml index 75a3efe..c36238c 100644 --- a/cfg/rke2-cis-1.7/policies.yaml +++ b/cfg/rke2-cis-1.7/policies.yaml @@ -188,7 +188,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/cfg/tkgi-1.2.53/policies.yaml b/cfg/tkgi-1.2.53/policies.yaml index ef5f1ad..03a0f1f 100644 --- a/cfg/tkgi-1.2.53/policies.yaml +++ b/cfg/tkgi-1.2.53/policies.yaml @@ -160,7 +160,7 @@ groups: type: "manual" remediation: | Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. Exception This is site-specific setting. diff --git a/integration/testdata/Expected_output.data b/integration/testdata/Expected_output.data index 934f90e..f1b603d 100644 --- a/integration/testdata/Expected_output.data +++ b/integration/testdata/Expected_output.data @@ -385,7 +385,7 @@ UIDs not including 0. it is set to an empty array. 5.2.9 Review the use of capabilites in applications running on your cluster. Where a namespace -contains applicaions which do not require any Linux capabities to operate consider adding +contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. 5.3.1 If the CNI plugin in use does not support network policies, consideration should be given to