1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-30 03:48:13 +00:00
Commit Graph

1116 Commits

Author SHA1 Message Date
Michal Jankowski
5f254de415 Fixing checks 2.2.9 and 2.2.10 on 1.11 nodes.
Path to kubelet configuration was accidentally prefixed with a dollar
symbol (probably as a result of copying some other test that used
variable name).
After removing the dollar sign from paths both checks pass on conforming
deployment.
2018-10-24 17:06:21 -07:00
Liz Rice
64f4f638e9
Merge pull request #167 from aquasecurity/fix-issue-with-kubelet-config-and-unitfile-checks
Fix issue with kubelet config and unitfile checks
2018-10-23 14:45:19 +01:00
Abubakr-Sadik Nii Nai Davis
97623aea05 Update kubernetes node benchmark to check kubelet systemd unitfile.
Also clean up the config file for 1.11 a bit.
2018-10-23 02:30:08 +00:00
Abubakr-Sadik Nii Nai Davis
ed21839464 Add getServiceFiles function.
The CIS benchmark check for node checks 2 config files for kubelet:
  - kubelet config file (kubelet.conf)
  - kubelet systemd unitfile (10-kubeadm.conf)

The getServiceFiles function gets candidates for kubelet systemd
unitfile and returns valid untifiles.
2018-10-23 02:26:38 +00:00
Liz Rice
277ec9c823
Merge pull request #163 from noqcks/master
Update tests for Kubernetes 1.11 - thank you @noqcks!
2018-10-13 22:09:24 +01:00
Abubakr-Sadik Nii Nai Davis
b1369832bc A few corrections to node tests. (#2)
* Add a few corrections.

* Add a few corrections to node test file.
2018-10-13 15:48:50 -04:00
Abubakr-Sadik Nii Nai Davis
934b4aef96 Add a few corrections. (#1) 2018-10-12 10:22:08 -04:00
noqcks
e85de9e8af
fix simple errors 2018-10-09 19:16:08 -04:00
noqcks
ded5aff482
update README 2018-10-09 18:58:30 -04:00
noqcks
b3a115963b
adding 1.11 config and node checks 2018-10-09 18:57:37 -04:00
noqcks
e5c05a97f7
updating README with 1.11 updates 2018-10-09 18:56:48 -04:00
noqcks
ba5ec8d4be
adding 1.11 master configuration 2018-10-09 18:34:52 -04:00
Liz Rice
d56afd4104
Merge pull request #159 from lukebond/master
Update README.md
2018-09-04 08:37:04 +01:00
Luke Bond
8894b1dc4f
Update README.md
Specify `-t` to get colour in the Docker output.
Added a note about mounting kubectl or kubelet to get the version.
2018-09-03 23:05:48 +01:00
Liz Rice
ff59938f94
Merge pull request #155 from bvwells/cis-benchmark-link
Add link to CIS kubernetes benchmark
2018-08-20 09:14:37 +01:00
bvwells
cc43fcbb7e Add link to CIS kubernetes benchmark 2018-08-10 20:55:02 +01:00
Liz Rice
2f4f55a363
Merge pull request #149 from aquasecurity/itai_cis_results
Support actual result in json output.
2018-07-31 18:18:51 +01:00
Itai Ben-Natan
e9076233dd Support actual result in json output.
This commit adds the actual value of the result
of the value which was returned by the test.
2018-07-30 14:19:18 +00:00
Liz Rice
b1e41d345f
Merge pull request #147 from aquasecurity/version-fix
Shouldn't need kubelet or kubectl if version specified
2018-07-28 14:53:56 +01:00
Liz Rice
ccc2b6c9ae Shouldn't need kubelet or kubectl if version specified 2018-07-26 12:03:09 +01:00
Liz Rice
668a9e10ce
Merge pull request #141 from aquasecurity/version-default
Default version
2018-07-02 15:36:31 +01:00
Liz Rice
8c3bb62dd4
Merge pull request #140 from aquasecurity/manifest-extension
Inlcude .manifest extension config files for kops & kubespray
2018-07-02 15:34:49 +01:00
Liz Rice
9d0141871a Use new utility function for finding correct config files.
Improve order of message output
Remove unnecessary local variable
2018-06-29 12:20:29 +01:00
Liz Rice
344d2bfd24 Utility for getting the right config file for the Kubernetes version 2018-06-29 12:19:34 +01:00
Liz Rice
ecd14ed682 File substitutions should be a detailed log 2018-06-29 12:19:00 +01:00
Liz Rice
223ac14642 Don't override version specified on command line 2018-06-29 10:35:44 +01:00
Liz Rice
c44e0db97b Inlcude .manifest extension config files for kops & kubespray 2018-06-29 10:24:09 +01:00
Liz Rice
0bc004468b Include .manifest extensions as an option for config files (as used by kops and kubespreay) 2018-06-29 10:23:06 +01:00
Liz Rice
83704a7d89
Merge pull request #134 from hutr/master
fix grep string for check 1.4.11 and 1.4.12
2018-06-18 08:44:13 -07:00
Liz Rice
024b7ed396
Merge branch 'master' into master 2018-06-18 08:30:24 -07:00
Liz Rice
c5e04677cf
Merge pull request #138 from jgsqware/patch-1
Rule node 2.2.4 is not correct
2018-06-18 08:28:38 -07:00
Julien Garcia Gonzalez
2073e08363
update 2.2.4 rules 2018-06-18 13:44:25 +02:00
Julien Garcia Gonzalez
db096c9f51
Rule node 2.2.4 is not correct 2018-06-15 15:49:55 +02:00
hutr
d736d10f90
fix sed string for 1.4.12 2018-06-07 16:34:03 +02:00
hutr
50a3725ff2
Merge branch 'master' into master 2018-06-07 16:12:04 +02:00
hutr
468f5fac6e
changes for 1.4.11 and 1.4.2
added tests: for 1.4.11 and removed grep -v grep for both
2018-06-07 16:08:43 +02:00
Liz Rice
3408e0f865
Merge pull request #135 from mirwan/node_2.2.6_audit_field
Addition of missing audit field in 2.2.6 node item
2018-06-07 13:33:50 +01:00
Erwan Miran
182e9b5e01 Addition of missing audit field in 2.2.6 node item 2018-06-05 15:27:20 +02:00
hutr
e4100a4435
fixed grep string for 1.4.11 and 1.4.22
check 1.4.11 and 1.4.22 FAIL even when permissions is correct.
2018-05-28 15:39:07 +02:00
Liz Rice
b502d09f8b
Merge pull request #132 from wmedlar/issue-116
Migrate dependency management to dep
2018-05-18 10:03:47 +01:00
Will Medlar
6c7422a938 Migrate dependency management to dep 2018-05-16 18:16:41 -05:00
Liz Rice
82b1e05a32
Merge pull request #131 from philalex/fixBooleansComparaison-issue125
Fix booleans comparaison issue125
2018-05-15 11:57:44 +01:00
Liz Rice
97e5bc9b97
Merge branch 'master' into fixBooleansComparaison-issue125 2018-05-15 11:42:21 +01:00
Liz Rice
c0d80b4669
Merge pull request #130 from aquasecurity/fix-typo
A bunch of text edits
2018-05-15 11:41:51 +01:00
Philippe ALEXANDRE
7b61cf60fe Add strings.ToLower ... 2018-05-15 11:52:49 +02:00
Philippe ALEXANDRE
c4e7487ba7 Do case insensitive comparaison for booleans - Fix #125 2018-05-15 11:48:49 +02:00
Abubakr-Sadik Nii Nai Davis
6d237607fb Fix typo in help text. 2018-05-15 04:50:39 +00:00
Abubakr-Sadik Nii Nai Davis
b4b3ebe99c Add instruction for running kube-bench against a kubernetes cluster.
#218
2018-05-15 04:40:41 +00:00
Abubakr-Sadik Nii Nai Davis
609335510a Remove kube-bench --help output.
It has grown stale and no longer reflects the supported options, and can be misleading (see #127).
2018-05-15 04:24:33 +00:00
Abubakr-Sadik Nii Nai Davis
5da707b8d6 Remove CIS benchmark version in tool title.
it has grown stale and is dependent on k8s version we are checking.
2018-05-15 04:23:39 +00:00