mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-25 07:58:10 +00:00
1a08ef2dbc
57 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Matthieu MOREL
|
8ac8ebfc2a
|
Update Dependencies (#941)
* Create dependabot.yml * Bump crazy-max/ghaction-docker-meta from 1 to 3.4.0 (#1) Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta) from 1 to 3.4.0. - [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v1...v3.4.0) --- updated-dependencies: - dependency-name: crazy-max/ghaction-docker-meta dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update .yamllint.yaml * Update .yamllint.yaml * Update dependabot.yml * Update dependabot.yml * Bump github.com/onsi/ginkgo from 1.10.1 to 1.16.4 (#2) Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.10.1 to 1.16.4. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/ginkgo/compare/v1.10.1...v1.16.4) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/stretchr/testify from 1.4.0 to 1.7.0 (#4) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.7.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.7.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/fatih/color from 1.5.0 to 1.12.0 (#6) Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.5.0 to 1.12.0. - [Release notes](https://github.com/fatih/color/releases) - [Commits](https://github.com/fatih/color/compare/v1.5.0...v1.12.0) --- updated-dependencies: - dependency-name: github.com/fatih/color dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/magiconair/properties from 1.8.0 to 1.8.5 (#3) Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties) from 1.8.0 to 1.8.5. - [Release notes](https://github.com/magiconair/properties/releases) - [Changelog](https://github.com/magiconair/properties/blob/main/CHANGELOG.md) - [Commits](https://github.com/magiconair/properties/compare/v1.8.0...v1.8.5) --- updated-dependencies: - dependency-name: github.com/magiconair/properties dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.35.28 to 1.39.6 (#7) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.35.28 to 1.39.6. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.35.28...v1.39.6) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 (#8) Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.3.0 to 2.4.0. - [Release notes](https://github.com/go-yaml/yaml/releases) - [Commits](https://github.com/go-yaml/yaml/compare/v2.3.0...v2.4.0) --- updated-dependencies: - dependency-name: gopkg.in/yaml.v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/spf13/viper from 1.4.0 to 1.8.1 (#9) Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.4.0 to 1.8.1. - [Release notes](https://github.com/spf13/viper/releases) - [Commits](https://github.com/spf13/viper/compare/v1.4.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/spf13/viper dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/spf13/cobra from 0.0.3 to 0.0.7 (#10) Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.3 to 0.0.7. - [Release notes](https://github.com/spf13/cobra/releases) - [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md) - [Commits](https://github.com/spf13/cobra/compare/v0.0.3...0.0.7) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.39.6 to 1.40.0 (#11) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.39.6 to 1.40.0. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.39.6...v1.40.0) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump crazy-max/ghaction-docker-meta from 3.4.0 to 3.4.1 (#12) Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases) - [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v3.4.0...v3.4.1) --- updated-dependencies: - dependency-name: crazy-max/ghaction-docker-meta dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.40.0 to 1.40.1 (#13) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.0 to 1.40.1. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.0...v1.40.1) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.40.1 to 1.40.7 (#21) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.1 to 1.40.7. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.1...v1.40.7) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump codecov/codecov-action from 1 to 2.0.2 (#20) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 2.0.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v1...v2.0.2) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update build.yml * Update mkdocs-deploy.yaml * Update publish.yml * Update mkdocs-deploy.yaml * Bump github.com/aws/aws-sdk-go from 1.40.7 to 1.40.9 (#23) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.7 to 1.40.9. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.7...v1.40.9) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update .github/workflows/publish.yml * Update .github/workflows/build.yml * Update mkdocs-deploy.yaml * Update build.yml * Update dependabot.yml * Update dependabot.yml * Bump alpine from 3.13 to 3.14.0 (#27) Bumps alpine from 3.13 to 3.14.0. --- updated-dependencies: - dependency-name: alpine dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/aws/aws-sdk-go from 1.40.9 to 1.40.13 (#28) Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.9 to 1.40.13. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.9...v1.40.13) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
Yoav Rotem
|
6ca3ce6754
|
Update go modules 1.16 (#910)
* Update to go 1.16 * Update go modules to 1.16 |
||
Brian Terry
|
c3f94dd89f
|
Aws asff (#770)
* add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by: Liz Rice <liz@lizrice.com> |
||
Roberto Rojas
|
47c5661034
|
Fixes issue #439: Adds integration testing using KIND (#520)
* Fixes issue #439: Adds integration testing using KIND * try integration tests * started using ticker and timeouts * trying built container image * adds load image into KIND * adds comparison * fixes as per PR review |
||
John Schnake
|
6ffd382711 |
Add option to output in JUnit format (#516)
If running these checks in a CI system it may be beneficial to output in a more standardized format such as JUnit for parsing by other tools in a consistent manner. Fixes #460 Signed-off-by: John Schnake <jschnake@vmware.com> |
||
Simarpreet Singh
|
d12a45bba9 |
Properly initialize viper library when checking for master components (#434)
* common_test: Add a failing test to show the SISEGV Signed-off-by: Simarpreet Singh <simar@linux.com> * common: Go green by fixing isMaster() to instantiate viper Signed-off-by: Simarpreet Singh <simar@linux.com> * common: Inject a seam for getBinariesFunc to be patched-in. Also adds additional tests to showcase unhappy behaviors. Signed-off-by: Simarpreet Singh <simar@linux.com> * common_test: Rename TestIsMaster() Signed-off-by: Simarpreet Singh <simar@linux.com> * common: init viper with master config Signed-off-by: Simarpreet Singh <simar@linux.com> * common: Add a pre-check if valid yaml is passed but doesn't include master. Also adds additional tests to showcase unhappy behaviors. Signed-off-by: Simarpreet Singh <simar@linux.com> * mod: Upgrade viper to v1.4.0 Signed-off-by: Simarpreet Singh <simar@linux.com> * common: Refactor node only yaml to a file Signed-off-by: Simarpreet Singh <simar@linux.com> * common: Log when master components are not found Signed-off-by: Simarpreet Singh <simar@linux.com> * common_test: Refactor subtests into a table Signed-off-by: Simarpreet Singh <simar@linux.com> |
||
Manuel Rüger
|
f7e3257e3c |
Go modules / Alpine 3.10 update / Remove binary (#322)
* Remove binary that was accidentally added
|