arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-22 08:08:07 +00:00
Code Issues Releases Wiki Activity

Add few modifications.

Browse Source
This commit is contained in:
Abubakr-Sadik Nii Nai Davis 2017-07-13 01:01:18 +00:00
parent 3d395994b0
commit f589fd58e1
2 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
check/check.go
View File

@ -106,7 +106,7 @@ func (c *Check) Run(verbose bool) {
cs[i-1].Stdout, err = cs[i].StdinPipe()
errmsgs += handleError(
err,
fmt.Sprintf("check.Run: Audit %s failed\nfailing command: %s",
fmt.Sprintf("failed to run: %s\nfailed command: %s",
c.Audit,
cs[i].Args,
),
@ -121,7 +121,7 @@ func (c *Check) Run(verbose bool) {
err := cs[i].Start()
errmsgs += handleError(
err,
fmt.Sprintf("check.Run: Audit %s failed\nfailing command: %s",
fmt.Sprintf("failed to run: %s\nfailed command: %s",
c.Audit,
cs[i].Args,
),
@ -135,7 +135,7 @@ func (c *Check) Run(verbose bool) {
err := cs[i].Wait()
errmsgs += handleError(
err,
fmt.Sprintf("check.Run: Audit %s failed\nfailing command: %s",
fmt.Sprintf("failed to run: %s\nfailed command:%s",
c.Audit,
cs[i].Args,
),

16
cmd/util.go
View File

@ -56,7 +56,13 @@ func verifyBin(binPath ...string) []string {
// Construct proc name for ps(1)
for _, b := range binPath {
binList += b + ","
_, err := exec.LookPath(b)
errmsgs += handleError(
err,
fmt.Sprintf("%s: command not found in path", b),
)
}
binList = strings.Trim(binList, ",")
// Run ps command
@ -64,7 +70,7 @@ func verifyBin(binPath ...string) []string {
out, err := cmd.Output()
errmsgs += handleError(
err,
fmt.Sprintf("verifyBin: %s failed", binList),
fmt.Sprintf("failed to run: %s", cmd.Args),
)
// Actual verification
@ -84,12 +90,18 @@ func verifyKubeVersion(b string) []string {
// TODO! Check the version number using kubectl, which is more likely to be on the path.
var w []string
_, err := exec.LookPath(b)
errmsgs += handleError(
err,
fmt.Sprintf("%s: command not found on path - version check skipped", b),
)
// Check version
cmd := exec.Command(b, "--version")
out, err := cmd.Output()
errmsgs += handleError(
err,
fmt.Sprintf("verifyKubeVersion: failed\nCommand:%s", cmd.Args),
fmt.Sprintf("failed to run:%s", cmd.Args),
)
matched := strings.Contains(string(out), kubeVersion)