Liz Rice
af0eadc792
Add a couple more tests for file permission checks
2017-08-15 18:34:07 +01:00
Liz Rice
549adf23bd
Merge pull request #36 from ttousai/issue-25
...
Issue #25
2017-08-15 18:32:29 +01:00
Liz Rice
6b9f117f87
Allow for multiple words in executable names
2017-08-15 17:00:35 +01:00
Abubakr-Sadik Nii Nai Davis
086bb629db
Add 640 to permission checks.
2017-08-15 15:56:37 +00:00
Abubakr-Sadik Nii Nai Davis
e6f2b4d4fe
Add config checks for permissions stricter that 644 to definition files.
2017-08-15 15:47:01 +00:00
Liz Rice
34f8b8e980
Simplify verifying binaries and config files
2017-08-15 16:44:40 +01:00
Liz Rice
86d49b1b1a
We don’t care whether the binaries are in our path or not, just whether they are running
2017-08-15 16:01:27 +01:00
Liz Rice
aee2081d73
Merge pull request #35 from aquasecurity/roadmap-1
...
Update README.md
2017-08-14 12:58:51 +01:00
Abubakr-Sadik Nii Nai Davis
7c7d477d78
Import os to fix issue in previous merge commit.
2017-08-12 19:10:31 +00:00
Abubakr-Sadik Nii Nai Davis
dddea28713
Merge branch 'master' into issue-25
2017-08-12 19:05:48 +00:00
Abubakr-Sadik Nii Nai Davis
0933fa420b
Add new tests and clean up old tests.
2017-08-12 18:54:33 +00:00
Abubakr-Sadik Nii Nai Davis
d2fa9d35b6
Rewrite audit commands in the check definition that contain shell builtins
...
and modify text to command function to support this.
Shell builtins fail the binary command lookup test which result in a
WARN. Audit commands which include shell builtins must use the form:
"/bin/sh -c 'sh-builtin arg'"
So they are executed properly. Additionally Go will fail to execute
commands involving shell builtins if they are not in the above format.
2017-08-12 18:41:41 +00:00
Liz Rice
4e17e3b3d5
Update README.md
2017-08-11 18:24:53 +01:00
Liz Rice
45cf25e007
Merge pull request #34 from aquasecurity/kubectl-version
...
Use kubectl to check the kubernetes version
2017-08-11 18:05:31 +01:00
Liz Rice
96c469669c
Use kubectl to check the kubernetes version
2017-08-11 17:59:57 +01:00
Liz Rice
50cce99daf
Merge pull request #33 from aquasecurity/owners
...
Create OWNERS
2017-08-11 16:09:23 +01:00
Liz Rice
dee64c30ae
Create OWNERS
2017-08-11 16:06:44 +01:00
Liz Rice
0bbc867396
Merge pull request #32 from aquasecurity/issue-19-2
...
Issue 19, take 2
2017-08-08 22:26:22 +01:00
Liz Rice
767e8eb835
Sorting out the bad merge
2017-08-08 22:22:47 +01:00
Abubakr-Sadik Nii Nai Davis
9c07527069
Remove misleading comment about manual checks in node check definition.
2017-08-08 22:18:03 +01:00
Abubakr-Sadik Nii Nai Davis
c39516581b
Add master node manual check definitions.
2017-08-08 22:17:44 +01:00
Abubakr-Sadik Nii Nai Davis
09ca739dc0
Add check type manual.
...
Results of manual checks are forced to WARN to inform users to check manually.
2017-08-08 22:17:37 +01:00
Liz Rice
16fbf084e9
Merge pull request #31 from aquasecurity/revert-30-issue-19
...
Revert "Issue 19"
2017-08-08 22:00:43 +01:00
Liz Rice
b5f4876138
Revert "Issue 19"
2017-08-08 22:00:06 +01:00
Liz Rice
ffeb33defd
Merge pull request #30 from ttousai/issue-19
...
Issue 19
2017-08-07 16:24:08 +01:00
Liz Rice
cf5f025593
Merge branch 'master' into issue-19
2017-08-07 16:23:59 +01:00
Liz Rice
2b4047a3c1
Merge pull request #28 from ttousai/errorhandling
...
Improve error handling.
2017-08-07 10:06:32 +01:00
Abubakr-Sadik Nii Nai Davis
7bb66dd2da
Rename warning printing functions.
...
printlnWarn: prints warning with a newline.
sprintWarn: returns an optionally contextualized warning string.
2017-08-06 16:59:03 +00:00
Abubakr-Sadik Nii Nai Davis
9c563b0987
Remove misleading comment about manual checks in node check definition.
2017-08-06 16:41:39 +00:00
Abubakr-Sadik Nii Nai Davis
29122b82ad
Add master node manual check definitions.
2017-08-06 16:14:41 +00:00
Abubakr-Sadik Nii Nai Davis
43c1470c0e
Add check type manual.
...
Results of manual checks are forced to WARN to inform users to check manually.
2017-08-06 15:29:55 +00:00
Abubakr-Sadik Nii Nai Davis
82c92e0078
Change function name to be clearer about the fact it returns a string.
2017-08-06 14:25:02 +00:00
Liz Rice
1c58dfefbb
Revert "Add Docker build & push to Travis job" - it's already being built on Docker Hub!
...
This reverts commit b339a753b5
.
2017-08-03 16:05:27 +01:00
Liz Rice
b339a753b5
Add Docker build & push to Travis job
2017-08-03 15:53:49 +01:00
Liz Rice
21b7d8d9d6
Merge pull request #24 from ttousai/issue-19
...
Update controls to CIS Kubernetes Benchmark v1.1.0
2017-07-25 09:05:29 +01:00
Abubakr-Sadik Nii Nai Davis
f88de572f6
Improve error handling.
2017-07-25 00:34:07 +00:00
Abubakr-Sadik Nii Nai Davis
e08e069174
Update controls to CIS Kubernetes Benchmark v1.1.0
2017-07-24 17:30:13 +00:00
Liz Rice
34dd31970a
Update README about installation flag
2017-07-20 17:33:21 +01:00
Liz Rice
a6a784f55f
Merge pull request #18 from ttousai/issue-17
...
Issues #17 , #16
2017-07-17 18:25:53 +01:00
Abubakr-Sadik Nii Nai Davis
f589fd58e1
Add few modifications.
2017-07-13 01:01:18 +00:00
Abubakr-Sadik Nii Nai Davis
3d395994b0
Change environment variable prefix.
2017-07-13 00:24:57 +00:00
Abubakr-Sadik Nii Nai Davis
609c4ff01c
Move kubernetes binaries and config paths to kube-bench config.
2017-07-13 00:24:09 +00:00
Abubakr-Sadik Nii Nai Davis
2ee99eca64
Add support for various installation modes, hyperkube, kubeadm and kops.
...
Issue #17 .
2017-07-10 00:15:27 +00:00
Abubakr-Sadik Nii Nai Davis
bd53529387
Fix issue #16 about supporting verbosity.
2017-07-07 17:01:30 +00:00
Abubakr-Sadik Nii Nai Davis
06466d6573
Fix issue with kubernetes version check, where the master binary is
...
used for all modes including nodes and federated.
2017-07-06 18:31:18 +00:00
Liz Rice
6d26814cf6
Merge pull request #14 from ttousai/issue-7
...
Resolve issue #7 wait: error running audit command exit status 1.
2017-07-05 16:37:02 +01:00
Abubakr-Sadik Nii Nai Davis
dbbafd54a5
Do not exit on command exit, print error message to stderr and continue.
2017-07-05 12:56:01 +00:00
Abubakr-Sadik Nii Nai Davis
b1a76360e7
Do not clutter the output with error messages from commands in the audit pipeline.
2017-07-04 17:04:43 +00:00
Abubakr-Sadik Nii Nai Davis
6ee9bedfb8
Print verification warnings at only one point.
2017-07-04 16:53:39 +00:00
Abubakr-Sadik Nii Nai Davis
2119d119b0
Restore warning messages and dont quit on verification error.
2017-07-04 15:38:34 +00:00