* testing Azure config locations
* "Updated default config.yaml to incorporate Azure AKS file locations for kubelet"
* "Adjusted order of new lines. Removed unneeded lines."
* Update master.yaml
* Update node.yaml
Fix 2.1.11 - got DEPRECATED
2.1.14 changed to be a set of options, would be fixed by https://github.com/aquasecurity/kube-bench/pull/367
* Update master.yaml
* Update node.yaml
change 2.1.11 Title, and state to not scored
* issue #344: Adds support for array comparison. Every element in the source array must exist in the target array.
* issue #344: Fixed typo and found if condition based on code review
* adds unit tests for valid_elements comparison
* removes spaces from split strings
If kube-controller-manager is getting detected by older versions of
procps, it will only be detected if we're looking for kube-controller
(15 chars)
NOTE: "The command name is not the same as the command line. Previous versions of
procps and the kernel truncated this command name to 15
characters. This limitation is no longer present in both. If
you depended on matching only 15 characters, you may no longer
get a match."
This improves the TestControls_RunChecks() test by making
more comprehensive assertions on a more fully fledged input yaml
Fixes: https://github.com/aquasecurity/kube-bench/issues/304
Signed-off-by: Simarpreet Singh <simar@linux.com>
Support new configuration options besides --flags:
- JSON file through `jsonpath`
- YAML file through `yamlpath`
These new options are fully backwards-compatible with the existing
tests.
Added a new profile, 1.11-json, that expects a JSON kubelet
configuration file and scores accordingly. This profile is compatible
with EKS.
The OCP benchmarks uses configs for only binary component variable names.
This commit cleans up the OCP config by removing all configuration
except those component binaries required to run kube-bench on OCP
installations and adds missing ones.