arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2025-08-03 12:28:09 +00:00
Code Issues Releases Wiki Activity

fix alternative method

Browse Source
This commit is contained in:
LaibaBareera 2025-06-02 15:51:00 +05:00
parent b446c25c3c
commit db04033730
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
cmd/util.go
View File

@ -300,7 +300,7 @@ func getKubeVersion() (*KubeVersion, error) {
glog.V(3).Infof("Error fetching cluster config: %s", err) glog.V(3).Infof("Error fetching cluster config: %s", err)
} }
isRKE := false isRKE := false
isAKS := false // Variable to track AKS detection isAKS := false
if err == nil && kubeConfig != nil { if err == nil && kubeConfig != nil {
k8sClient, err := kubernetes.NewForConfig(kubeConfig) k8sClient, err := kubernetes.NewForConfig(kubeConfig)
if err != nil { if err != nil {
@ -317,7 +317,7 @@ func getKubeVersion() (*KubeVersion, error) {
glog.V(3).Infof("Error detecting AKS cluster: %s", err) glog.V(3).Infof("Error detecting AKS cluster: %s", err)
} }
} }
} }
if k8sVer, err := getKubeVersionFromRESTAPI(); err == nil { if k8sVer, err := getKubeVersionFromRESTAPI(); err == nil {
@ -326,7 +326,7 @@ func getKubeVersion() (*KubeVersion, error) {
k8sVer.GitVersion = k8sVer.GitVersion + "-rancher1" k8sVer.GitVersion = k8sVer.GitVersion + "-rancher1"
} }
if isAKS { if isAKS {
k8sVer.GitVersion = k8sVer.GitVersion + "-aks1" // Mark it as AKS in the version k8sVer.GitVersion = k8sVer.GitVersion + "-aks1"
} }
return k8sVer, nil return k8sVer, nil
} }
@ -495,19 +495,18 @@ func getPlatformInfoFromVersion(s string) Platform {
} }
func IsAKS(ctx context.Context, k8sClient kubernetes.Interface) (bool, error) { func IsAKS(ctx context.Context, k8sClient kubernetes.Interface) (bool, error) {
// Query the nodes for any annotations that indicate AKS (Azure Kubernetes Service)
nodes, err := k8sClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{Limit: 1}) nodes, err := k8sClient.CoreV1().Nodes().List(ctx, metav1.ListOptions{Limit: 1})
if err != nil { if err != nil {
return false, err return false, err
} }
// If the cluster contains nodes with specific AKS annotations, its likely AKS
if len(nodes.Items) == 0 { if len(nodes.Items) == 0 {
return false, nil return false, nil
} }
annotations := nodes.Items[0].Annotations node := nodes.Items[0]
if _, exists := annotations["azure-identity-binding"]; exists { // "azure-identity-binding" is one possible AKS-specific annotation
if strings.HasPrefix(node.Spec.ProviderID, "azure://") {
return true, nil return true, nil
} }