Liz Rice
4e17e3b3d5
Update README.md
7 years ago
Liz Rice
45cf25e007
Merge pull request #34 from aquasecurity/kubectl-version
...
Use kubectl to check the kubernetes version
7 years ago
Liz Rice
96c469669c
Use kubectl to check the kubernetes version
7 years ago
Liz Rice
50cce99daf
Merge pull request #33 from aquasecurity/owners
...
Create OWNERS
7 years ago
Liz Rice
dee64c30ae
Create OWNERS
7 years ago
Liz Rice
0bbc867396
Merge pull request #32 from aquasecurity/issue-19-2
...
Issue 19, take 2
7 years ago
Liz Rice
767e8eb835
Sorting out the bad merge
7 years ago
Abubakr-Sadik Nii Nai Davis
9c07527069
Remove misleading comment about manual checks in node check definition.
7 years ago
Abubakr-Sadik Nii Nai Davis
c39516581b
Add master node manual check definitions.
7 years ago
Abubakr-Sadik Nii Nai Davis
09ca739dc0
Add check type manual.
...
Results of manual checks are forced to WARN to inform users to check manually.
7 years ago
Liz Rice
16fbf084e9
Merge pull request #31 from aquasecurity/revert-30-issue-19
...
Revert "Issue 19"
7 years ago
Liz Rice
b5f4876138
Revert "Issue 19"
7 years ago
Liz Rice
ffeb33defd
Merge pull request #30 from ttousai/issue-19
...
Issue 19
7 years ago
Liz Rice
cf5f025593
Merge branch 'master' into issue-19
7 years ago
Liz Rice
2b4047a3c1
Merge pull request #28 from ttousai/errorhandling
...
Improve error handling.
7 years ago
Abubakr-Sadik Nii Nai Davis
7bb66dd2da
Rename warning printing functions.
...
printlnWarn: prints warning with a newline.
sprintWarn: returns an optionally contextualized warning string.
7 years ago
Abubakr-Sadik Nii Nai Davis
9c563b0987
Remove misleading comment about manual checks in node check definition.
7 years ago
Abubakr-Sadik Nii Nai Davis
29122b82ad
Add master node manual check definitions.
7 years ago
Abubakr-Sadik Nii Nai Davis
43c1470c0e
Add check type manual.
...
Results of manual checks are forced to WARN to inform users to check manually.
7 years ago
Abubakr-Sadik Nii Nai Davis
82c92e0078
Change function name to be clearer about the fact it returns a string.
7 years ago
Liz Rice
1c58dfefbb
Revert "Add Docker build & push to Travis job" - it's already being built on Docker Hub!
...
This reverts commit b339a753b5
.
7 years ago
Liz Rice
b339a753b5
Add Docker build & push to Travis job
7 years ago
Liz Rice
21b7d8d9d6
Merge pull request #24 from ttousai/issue-19
...
Update controls to CIS Kubernetes Benchmark v1.1.0
7 years ago
Abubakr-Sadik Nii Nai Davis
f88de572f6
Improve error handling.
7 years ago
Abubakr-Sadik Nii Nai Davis
e08e069174
Update controls to CIS Kubernetes Benchmark v1.1.0
7 years ago
Liz Rice
34dd31970a
Update README about installation flag
7 years ago
Liz Rice
a6a784f55f
Merge pull request #18 from ttousai/issue-17
...
Issues #17 , #16
7 years ago
Abubakr-Sadik Nii Nai Davis
f589fd58e1
Add few modifications.
7 years ago
Abubakr-Sadik Nii Nai Davis
3d395994b0
Change environment variable prefix.
7 years ago
Abubakr-Sadik Nii Nai Davis
609c4ff01c
Move kubernetes binaries and config paths to kube-bench config.
7 years ago
Abubakr-Sadik Nii Nai Davis
2ee99eca64
Add support for various installation modes, hyperkube, kubeadm and kops.
...
Issue #17 .
7 years ago
Abubakr-Sadik Nii Nai Davis
bd53529387
Fix issue #16 about supporting verbosity.
7 years ago
Abubakr-Sadik Nii Nai Davis
06466d6573
Fix issue with kubernetes version check, where the master binary is
...
used for all modes including nodes and federated.
7 years ago
Liz Rice
6d26814cf6
Merge pull request #14 from ttousai/issue-7
...
Resolve issue #7 wait: error running audit command exit status 1.
7 years ago
Abubakr-Sadik Nii Nai Davis
dbbafd54a5
Do not exit on command exit, print error message to stderr and continue.
7 years ago
Abubakr-Sadik Nii Nai Davis
b1a76360e7
Do not clutter the output with error messages from commands in the audit pipeline.
7 years ago
Abubakr-Sadik Nii Nai Davis
6ee9bedfb8
Print verification warnings at only one point.
7 years ago
Abubakr-Sadik Nii Nai Davis
2119d119b0
Restore warning messages and dont quit on verification error.
7 years ago
Abubakr-Sadik Nii Nai Davis
e6479afd01
Reset audit commands to ps -ef ... closer to benchmark.
7 years ago
Abubakr-Sadik Nii Nai Davis
e61dcabdfb
Remove extraneous debug commands.
7 years ago
Abubakr-Sadik Nii Nai Davis
d0d9900b29
Resolve issue #7 wait: error running audit command exit status 1.
...
This is caused by a command in the audit pipeline (for example
ps -ef | grep kube-apiserver) failing. The causes of this failure
in my testing is usually a missing config file.
Extensive refactor and correction in verification code to check for
config files and binaries.
Replace joncalhoun/pipes with implementation using exec.Cmds so errors
are visible and can be handled when audit pipeline commands fail.
Change some audit commands
from: ps -ef | grep <cmd> | grep -v
to: ps -C <something> -o comm,args --no-headers
which is simpler to work with.
7 years ago
Liz Rice
e8df4aa512
Add test to validate the YAML files
7 years ago
Liz Rice
b4237ccb73
Better error handling when reading YAML files
7 years ago
Liz Rice
f920d61a6a
Merge pull request #9 from aquasecurity/json
...
If output format is JSON, don't also output human-readable warnings
7 years ago
Liz Rice
1b3144af37
Hopefully this adds go tests to the travis job
7 years ago
Liz Rice
07750ea43a
Don't output message about config file if output format is JSON
7 years ago
Liz Rice
6340ee44c5
Don’t output warnings as text if we’re generating JSON output. Add error handling in a few missing cases. Some comment tidying.
7 years ago
Liz Rice
f6509b804e
Typo
7 years ago
Liz Rice
b36832e40c
Correct block-copy error in flanneld config directory
7 years ago
Liz Rice
1be52fb304
Add missing error output if JSON output can't be emitted
7 years ago