dependabot[bot]
74f5c8b800
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1716 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.53.3 to 1.54.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/iot/v1.53.3...service/s3/v1.54.4 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 11:14:40 +06:00
dependabot[bot]
e2a97f49f5
build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 ( #1718 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 10:31:03 +06:00
dependabot[bot]
b4000f677b
build(deps): bump gorm.io/gorm from 1.25.10 to 1.25.12 ( #1714 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.25.10 to 1.25.12.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.10...v1.25.12 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 15:37:35 +06:00
dependabot[bot]
8a695eb8d1
build(deps): bump k8s.io/client-go from 0.29.3 to 0.31.2 ( #1712 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.29.3 to 0.31.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.29.3...v0.31.2 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 10:26:08 +06:00
dependabot[bot]
ddb586d441
build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.31.1 ( #1681 )
...
* build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.31.1
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.29.3 to 0.31.1.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.29.3...v0.31.1 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* skip go toolchain
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-24 12:51:14 +06:00
dependabot[bot]
1d8f80e846
build(deps): bump github.com/golang/glog from 1.2.0 to 1.2.2 ( #1702 )
...
Bumps [github.com/golang/glog](https://github.com/golang/glog ) from 1.2.0 to 1.2.2.
- [Release notes](https://github.com/golang/glog/releases )
- [Commits](https://github.com/golang/glog/compare/v1.2.0...v1.2.2 )
---
updated-dependencies:
- dependency-name: github.com/golang/glog
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-15 11:14:14 +06:00
dependabot[bot]
e47725299e
build(deps): bump gorm.io/driver/postgres from 1.5.6 to 1.5.9 ( #1698 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.5.6 to 1.5.9.
- [Commits](https://github.com/go-gorm/postgres/compare/v1.5.6...v1.5.9 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-10 10:37:41 +06:00
dependabot[bot]
c683e93968
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1696 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.53.1 to 1.53.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.53.1...service/iot/v1.53.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 12:21:07 +06:00
Wolfgang Reichert
f6877e3c17
Fix issue 1595: failed to output to ASFF ( #1691 )
...
A breaking change was introduced in aws-sdk-go-v2.
See https://github.com/aws/aws-sdk-go-v2/issues/2370#issuecomment-1953308268 .
Mixing aws-sdk-go-v2 packages from versions before and after the breaking change causes kube-bench to fail. This issue occurs when it attempts to access AWS Security Hub.
Addressed issue: https://github.com/aquasecurity/kube-bench/issues/1595
Supersedes bot PR: https://github.com/aquasecurity/kube-bench/pull/1689
Besides upgrading to latest SDK version, some variable types need to be adapted.
2024-09-28 13:36:44 +06:00
mjshastha
f8b6f2fc19
chore: fixed vulns - bump Go version ( #1687 )
2024-09-24 12:12:40 +06:00
dependabot[bot]
65c484e85a
build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.3 ( #1587 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.29.1 to 0.29.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.29.1...v0.29.3 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2024-04-18 09:54:55 +03:00
dependabot[bot]
73e1377ce0
build(deps): bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 ( #1586 )
...
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx ) from 5.4.3 to 5.5.4.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md )
- [Commits](https://github.com/jackc/pgx/compare/v5.4.3...v5.5.4 )
---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-06 08:59:45 +03:00
dependabot[bot]
dc8f4d37f0
build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.25.2 to 1.26.0 ( #1589 )
...
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) from 1.25.2 to 1.26.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.25.2...v1.26.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2024-03-30 12:41:07 +03:00
dependabot[bot]
45afbd76c2
build(deps): bump github.com/aws/aws-sdk-go-v2/config ( #1577 )
...
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) from 1.26.6 to 1.27.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.26.6...config/v1.27.4 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2024-03-08 15:36:33 +02:00
dependabot[bot]
57132a69fd
build(deps): bump gorm.io/driver/postgres from 1.5.4 to 1.5.6 ( #1567 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.5.4 to 1.5.6.
- [Commits](https://github.com/go-gorm/postgres/compare/v1.5.4...v1.5.6 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2024-02-19 10:27:44 +02:00
dependabot[bot]
30217061ac
build(deps): bump github.com/aws/aws-sdk-go-v2/config ( #1554 )
...
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) from 1.18.4 to 1.26.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.4...config/v1.26.6 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2024-02-03 09:35:10 +02:00
dependabot[bot]
a93b19f0c0
build(deps): bump k8s.io/client-go from 0.29.0 to 0.29.1 ( #1552 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.29.0 to 0.29.1.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.29.0...v0.29.1 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-28 12:21:47 +02:00
dependabot[bot]
b17aa709b3
build(deps): bump k8s.io/apimachinery from 0.29.0 to 0.29.1 ( #1553 )
...
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.29.0 to 0.29.1.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.29.0...v0.29.1 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2024-01-27 11:18:39 +02:00
dependabot[bot]
38949874d1
build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.18.0 to 1.24.1 ( #1550 )
...
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) from 1.18.0 to 1.24.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.18.0...v1.24.1 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-20 12:22:18 +02:00
dependabot[bot]
cc6c091b41
build(deps): bump gorm.io/driver/postgres from 1.4.6 to 1.5.4 ( #1514 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.4.6 to 1.5.4.
- [Commits](https://github.com/go-gorm/postgres/compare/v1.4.6...v1.5.4 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-11 11:02:00 +02:00
dependabot[bot]
7efba2b94d
build(deps): bump k8s.io/client-go from 0.26.0 to 0.29.0 ( #1540 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.26.0 to 0.29.0.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.26.0...v0.29.0 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-11 10:34:21 +02:00
Devendra Turkar
a4b46f50de
chore: update go version to 1.21 ( #1546 )
...
Updating go version to 1.21
2024-01-10 14:26:50 +02:00
dependabot[bot]
8c47d59e99
build(deps): bump github.com/spf13/viper from 1.14.0 to 1.18.2 ( #1541 )
...
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.14.0 to 1.18.2.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.14.0...v1.18.2 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 07:59:17 +02:00
dependabot[bot]
151efc3494
build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 ( #1542 )
...
Bumps [golang.org/x/crypto](https://github.com/golang/crypto ) from 0.14.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/crypto
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-12-29 20:57:02 +02:00
dependabot[bot]
875fbc7f20
build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.8.0 ( #1530 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.6.1 to 1.8.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.6.1...v1.8.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-12-08 08:07:14 +02:00
dependabot[bot]
ade7cef969
build(deps): bump gorm.io/gorm from 1.25.1 to 1.25.5 ( #1516 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.25.1 to 1.25.5.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.1...v1.25.5 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-01 20:11:43 +02:00
Kiran Bodipi
f8fe5ee173
Add CIS Benchmarks support to Rancher Distributions RKE/RKE2/K3s ( #1523 )
...
* add Support VMware Tanzu(TKGI) Benchmarks v1.2.53
with this change, we are adding
1. latest kubernetes cis benchmarks for VMware Tanzu1.2.53
2. logic to kube-bench so that kube-bench can auto detect vmware platform, will be able to execute the respective vmware tkgi compliance checks.
3. job-tkgi.yaml file to run the benchmark as a job in tkgi cluster
Reference Document for checks: https://network.pivotal.io/products/p-compliance-scanner/#/releases/1248397
* add Support VMware Tanzu(TKGI) Benchmarks v1.2.53
with this change, we are adding
1. latest kubernetes cis benchmarks for VMware Tanzu1.2.53
2. logic to kube-bench so that kube-bench can auto detect vmware platform, will be able to execute the respective vmware tkgi compliance checks.
3. job-tkgi.yaml file to run the benchmark as a job in tkgi cluster
Reference Document for checks: https://network.pivotal.io/products/p-compliance-scanner/#/releases/1248397
* release: prepare v0.6.15 (#1455 )
Signed-off-by: chenk <hen.keinan@gmail.com>
* build(deps): bump golang from 1.19.4 to 1.20.4 (#1436 )
Bumps golang from 1.19.4 to 1.20.4.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* build(deps): bump actions/setup-go from 3 to 4 (#1402 )
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
* Fix test_items in cis-1.7 - node - 4.2.12 (#1469 )
Related issue: https://github.com/aquasecurity/kube-bench/issues/1468
* Fix node.yaml - 4.1.7 and 4.1.8 audit by adding uniq (#1472 )
* chore: add fips compliant images (#1473 )
For fips complaince we need to generate fips compliant images.
As part of this change, we will create new kube-bench image which will be fips compliant. Image name follows this tag pattern <version>-ubi-fips
* release: prepare v0.6.16-rc (#1476 )
* release: prepare v0.6.16-rc
Signed-off-by: chenk <hen.keinan@gmail.com>
* release: prepare v0.6.16-rc
Signed-off-by: chenk <hen.keinan@gmail.com>
---------
Signed-off-by: chenk <hen.keinan@gmail.com>
* release: prepare v0.6.16 official (#1479 )
Signed-off-by: chenk <hen.keinan@gmail.com>
* Update job.yaml (#1477 )
* Update job.yaml
Fix on typo for image version
* chore: sync with upstream
Signed-off-by: chenk <hen.keinan@gmail.com>
---------
Signed-off-by: chenk <hen.keinan@gmail.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
* release: prepare v0.6.17 (#1480 )
Signed-off-by: chenk <hen.keinan@gmail.com>
* Bump docker base images (#1465 )
During a recent CVE scan we found kube-bench to use `alpine:3.18` as the final image which has a known high CVE.
```
grype aquasec/kube-bench:v0.6.15
✔ Vulnerability DB [no update available]
✔ Loaded image
✔ Parsed image
✔ Cataloged packages [73 packages]
✔ Scanning image... [4 vulnerabilities]
├── 0 critical, 4 high, 0 medium, 0 low, 0 negligible
└── 4 fixed
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
libcrypto3 3.1.0-r4 3.1.1-r0 apk CVE-2023-2650 High
libssl3 3.1.0-r4 3.1.1-r0 apk CVE-2023-2650 High
openssl 3.1.0-r4 3.1.1-r0 apk CVE-2023-2650 High
```
The CVE in question was addressed in the latest [alpine release](https://www.alpinelinux.org/posts/Alpine-3.15.9-3.16.6-3.17.4-3.18.2-released.html ), hence updating the dockerfiles accordingly
* build(deps): bump golang from 1.20.4 to 1.20.6 (#1475 )
Bumps golang from 1.20.4 to 1.20.6.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Add CIS Benchmarks support to Rancher Distributions RKE/RKE2/K3s
Based on the information furnished in https://ranchermanager.docs.rancher.com/v2.7/pages-for-subheaders/rancher-hardening-guides
kube-bench executes CIS-1.23 (Kubernetes v1.23) , CIS-1.24(Kubernetes v1.24),CIS-1.7 (Kubernetes v1.25,v1.26,v1.27) CIS Benchmarks of respective distributions.
* RKE/RKE2 CIS Benchmarks
Updated the order of checks for RKE and RKE2 Platforms.
* fixed vulnerabilities|upgraded package golang.org/x/net to version v0.17.0
* Error handling for RKE Detection Pre-requisites
* Based on the information furnished in https://ranchermanager.docs.rancher.com/v2.7/pages-for-subheaders/rancher-hardening-guides#hardening-guides-and-benchmark-versions , kube-bench executes CIS-1.23 (Kubernetes v1.23) , CIS-1.24(Kubernetes v1.24),CIS-1.7 (Kubernetes v1.25,v1.26,v1.27) CIS Benchmarks of respective distributions.
updated documentation specific to added rancher platforms
* addressed review comments
1.Implemented IsRKE functionality in kube-bench
2. Removed containerd from global level config and accommodated in individual config file
3. Corrected the control id from 1.2.25 to 1.2.23 in master.yaml(k3s-cis-1.23 and k3s-cis-1.24)
* Removed unncessary dependency - kubernetes-provider-detector
---------
Signed-off-by: chenk <hen.keinan@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Andy Pitcher <andy.pitcher@suse.com>
Co-authored-by: Devendra Turkar <devendra.turkar@gmail.com>
Co-authored-by: Guille Vigil <contact@guillermotti.com>
Co-authored-by: Jonas-Taha El Sesiy <jonas-taha.elsesiy@snowflake.com>
2023-11-26 12:27:38 +02:00
dependabot[bot]
63055a7332
build(deps): bump github.com/fatih/color from 1.14.1 to 1.16.0 ( #1520 )
...
Bumps [github.com/fatih/color](https://github.com/fatih/color ) from 1.14.1 to 1.16.0.
- [Release notes](https://github.com/fatih/color/releases )
- [Commits](https://github.com/fatih/color/compare/v1.14.1...v1.16.0 )
---
updated-dependencies:
- dependency-name: github.com/fatih/color
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-12 10:47:01 +02:00
dependabot[bot]
0918b41eca
build(deps): bump github.com/golang/glog from 1.0.0 to 1.1.2 ( #1489 )
...
Bumps [github.com/golang/glog](https://github.com/golang/glog ) from 1.0.0 to 1.1.2.
- [Release notes](https://github.com/golang/glog/releases )
- [Commits](https://github.com/golang/glog/compare/v1.0.0...v1.1.2 )
---
updated-dependencies:
- dependency-name: github.com/golang/glog
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-10-27 21:45:30 +03:00
Huang Huang
60dde65d72
support CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.2.0 ( #1449 )
...
closes #1448
2023-05-21 17:53:58 +03:00
dependabot[bot]
6de03bbd7d
build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.17.6 to 1.18.0 ( #1433 )
...
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) from 1.17.6 to 1.18.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.17.6...v1.18.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-05-20 18:45:31 +03:00
dependabot[bot]
e38c829dbc
build(deps): bump gorm.io/gorm from 1.24.2 to 1.25.1 ( #1437 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.24.2 to 1.25.1.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.24.2...v1.25.1 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-13 19:37:45 +03:00
dependabot[bot]
9e41099cec
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1397 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.23.5 to 1.29.1.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/ecs/v1.23.5...service/s3/v1.29.1 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: chenk <hen.keinan@gmail.com>
2023-03-25 12:34:54 +03:00
dependabot[bot]
7aeb6c3977
build(deps): bump github.com/fatih/color from 1.13.0 to 1.14.1 ( #1363 )
...
Bumps [github.com/fatih/color](https://github.com/fatih/color ) from 1.13.0 to 1.14.1.
- [Release notes](https://github.com/fatih/color/releases )
- [Commits](https://github.com/fatih/color/compare/v1.13.0...v1.14.1 )
---
updated-dependencies:
- dependency-name: github.com/fatih/color
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-11 09:29:38 +02:00
dependabot[bot]
edff7f45a9
build(deps): bump gorm.io/driver/postgres from 1.4.5 to 1.4.6 ( #1355 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.4.5 to 1.4.6.
- [Release notes](https://github.com/go-gorm/postgres/releases )
- [Commits](https://github.com/go-gorm/postgres/compare/v1.4.5...v1.4.6 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-04 22:15:32 +02:00
dependabot[bot]
07cd55da9c
build(deps): bump k8s.io/client-go from 0.25.4 to 0.26.0 ( #1354 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.25.4 to 0.26.0.
- [Release notes](https://github.com/kubernetes/client-go/releases )
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.25.4...v0.26.0 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-10 16:25:57 +02:00
dependabot[bot]
e6d0056b8e
build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.17.2 to 1.17.3 ( #1348 )
...
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2 ) from 1.17.2 to 1.17.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/v1.17.2...v1.17.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-30 20:57:17 +02:00
dependabot[bot]
e08cf54cb0
build(deps): bump github.com/magiconair/properties from 1.8.6 to 1.8.7 ( #1344 )
...
Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties ) from 1.8.6 to 1.8.7.
- [Release notes](https://github.com/magiconair/properties/releases )
- [Changelog](https://github.com/magiconair/properties/blob/main/CHANGELOG.md )
- [Commits](https://github.com/magiconair/properties/compare/v1.8.6...v1.8.7 )
---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 10:58:53 +02:00
dependabot[bot]
8f654a9fc6
build(deps): bump github.com/spf13/cobra from 1.6.0 to 1.6.1 ( #1341 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.6.0...v1.6.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 10:50:01 +02:00
dependabot[bot]
4ccffb8fdd
build(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 ( #1339 )
...
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.13.0...v1.14.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 17:00:45 +02:00
dependabot[bot]
ec51394eb7
build(deps): bump github.com/aws/aws-sdk-go-v2/config ( #1337 )
...
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) from 1.17.8 to 1.18.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.17.8...config/v1.18.4 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 16:50:23 +02:00
dependabot[bot]
98742f014e
build(deps): bump k8s.io/client-go from 0.25.2 to 0.25.4 ( #1322 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.25.2 to 0.25.4.
- [Release notes](https://github.com/kubernetes/client-go/releases )
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.25.2...v0.25.4 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 15:26:59 +02:00
dependabot[bot]
ba23ef534a
build(deps): bump gorm.io/driver/postgres from 1.3.10 to 1.4.5 ( #1312 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.3.10 to 1.4.5.
- [Release notes](https://github.com/go-gorm/postgres/releases )
- [Commits](https://github.com/go-gorm/postgres/compare/v1.3.10...v1.4.5 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 16:01:32 +02:00
dependabot[bot]
44eef9289e
build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 ( #1308 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.5.0...v1.6.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 09:00:50 +03:00
j-k
a1e2870e83
Migrate to aws-sdk-go-v2 ( #1268 )
...
* Migrate to aws-sdk-go-v2
* Update dependencies
Minimum go version increased due to k8s.io/client-go
2022-10-03 08:52:06 +03:00
dependabot[bot]
dd39b19ffc
build(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0 ( #1273 )
...
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.12.0...v1.13.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-30 20:56:43 +03:00
dependabot[bot]
df687cbe0d
build(deps): bump gorm.io/driver/postgres from 1.3.8 to 1.3.10 ( #1287 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.3.8 to 1.3.10.
- [Release notes](https://github.com/go-gorm/postgres/releases )
- [Commits](https://github.com/go-gorm/postgres/compare/v1.3.8...v1.3.10 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-27 10:51:06 +03:00
dependabot[bot]
818d57d620
build(deps): bump gorm.io/gorm from 1.23.8 to 1.23.9 ( #1284 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.23.8 to 1.23.9.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.23.8...v1.23.9 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-25 12:55:05 +03:00
dependabot[bot]
59760891bd
build(deps): bump github.com/aws/aws-sdk-go from 1.44.86 to 1.44.91 ( #1269 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.86 to 1.44.91.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.86...v1.44.91 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-12 12:26:26 +03:00
dependabot[bot]
9e95301f09
build(deps): bump github.com/aws/aws-sdk-go from 1.44.71 to 1.44.86 ( #1264 )
...
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go ) from 1.44.71 to 1.44.86.
- [Release notes](https://github.com/aws/aws-sdk-go/releases )
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md )
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.71...v1.44.86 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-04 11:39:00 +03:00