1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-30 10:28:09 +00:00
Commit Graph

956 Commits

Author SHA1 Message Date
Liz Rice
7d9089d376
Merge pull request #273 from danielpacak/issue-172-filter-cis-checks
Add flags to further filter CIS checks to run
2019-05-05 15:55:39 +01:00
Liz Rice
aebd35a5ab
Update copyright date 2019-05-02 18:15:31 -07:00
Liz Rice
8c8ae7ce76
Update copyright date 2019-05-02 18:15:05 -07:00
Liz Rice
0d57a9dff3
Update copyright date 2019-05-02 18:13:25 -07:00
Daniel Pacak
5fb133cd02 Adjust the semantics of scored and unscored flags 2019-05-01 22:52:56 +02:00
Daniel Pacak
306e1960af Add flags to further filter CIS checks to run 2019-05-01 22:52:56 +02:00
Liz Rice
fc536b239b
Merge pull request #275 from aquasecurity/fix-270
Fix failing check 1.5.2 in version 1.11
2019-05-01 08:11:21 -07:00
Abubakr-Sadik Nii Nai Davis
fbbf6b37c7 Change test_items in 1.11 master.yaml check 1.5.2 to fix issue with
check failing even when --client-cert-auth is set.
2019-04-30 16:51:10 +00:00
Liz Rice
e5b6603da5
Merge branch 'master' into no-master-binaries 2019-04-24 10:02:32 +01:00
Liz Rice
6d9a3b4888
Merge pull request #260 from aquasecurity/json-config
Json & YAML config, continued
2019-04-24 09:59:10 +01:00
Liz Rice
a800ac6ccc
Merge branch 'master' into json-config 2019-04-24 09:29:18 +01:00
Liz Rice
331d64b294
Merge pull request #267 from aquasecurity/lizrice-patch-1
Add OCP info into the README
2019-04-23 17:15:46 +02:00
Liz Rice
ceb44583dd
Tidy up a couple of things 2019-04-23 16:07:27 +01:00
Liz Rice
91c6ef2155
Merge branch 'master' into json-config 2019-04-23 13:51:30 +02:00
Liz Rice
f9d0f4acc1
Add OCP info into the README 2019-04-23 11:59:54 +01:00
Liz Rice
ab2001e393
Merge pull request #261 from aquasecurity/yoavrotems-patch-3
update files
2019-04-23 12:54:39 +02:00
Liz Rice
7e8dfbc6ea
Fix invalid YAML 2019-04-23 11:41:48 +01:00
Liz Rice
b4419e810f
Tiny typo 2019-04-23 11:01:38 +01:00
Liz Rice
d05d71553f
Tiny typo 2019-04-23 10:57:15 +01:00
yoavrotems
e70f50b2b5 update files 2019-04-16 06:01:51 +00:00
Liz Rice
a613f6f028
Document job for EKS 2019-04-11 19:00:17 +01:00
Liz Rice
fa60fb68fd
Add job for EKS 2019-04-11 18:45:16 +01:00
Liz Rice
27dc75fefa No need for unused master config file.
Better comments in config file
2019-04-11 18:36:30 +01:00
Liz Rice
de623220e1
No need to load config just to check if components are running.
This also allows for there to be no master.yaml file, for environments where such a thing doesn’t need to exist
2019-04-11 18:34:22 +01:00
Liz Rice
248942e2fa
No need to load config just to check if components are running.
This also allows for there to be no master.yaml file, for environments where such a thing doesn’t need to exist
2019-04-11 18:31:26 +01:00
Liz Rice
596dae03d9
Don't assume master if 0 master binaries specified 2019-04-11 17:19:50 +01:00
Liz Rice
01179963ce
Don't assume master if 0 master binaries specified 2019-04-11 17:15:50 +01:00
Liz Rice
902a10f1c7
Just have one path for both json and yaml 2019-04-11 17:09:33 +01:00
Liz Rice
9b034024a7
Complete merge where test numbers changes 2019-04-11 10:21:19 +01:00
Liz Rice
c887794807
Merge branch 'master' into feature/json-config 2019-04-11 10:03:07 +01:00
Liz Rice
d30786da4a
Merge pull request #258 from aquasecurity/fix-241
Add ":" as a valid flag-value separator for tests
2019-04-11 09:37:39 +01:00
Liz Rice
c03e958311
Merge branch 'master' into fix-241 2019-04-11 09:34:02 +01:00
Liz Rice
241972c659
Merge pull request #249 from aquasecurity/document-output
Document output states
2019-04-11 09:18:34 +01:00
Liz Rice
d93ed0acca
Merge branch 'master' into fix-241 2019-04-11 09:05:18 +01:00
Liz Rice
b5f3299e92
Merge branch 'master' into document-output 2019-04-11 09:04:04 +01:00
Liz Rice
588d75d20d
Merge pull request #251 from aquasecurity/version-mapping
Add CIS & Kubernetes version mapping to README
2019-04-11 09:03:44 +01:00
Abubakr-Sadik Nii Nai Davis
4b8a7ffbe1 Add ":" as a valid flag-value separator for tests
This is useful for checking values in YAML (possibly JSON) kubernetes config files.
2019-04-10 22:47:26 +00:00
Liz Rice
651b72f7d1
Merge branch 'master' into document-output 2019-04-10 08:45:55 +01:00
Liz Rice
0c40532e76
Merge branch 'master' into version-mapping 2019-04-10 08:31:04 +01:00
Liz Rice
54502c5f75
Merge pull request #247 from aquasecurity/yoavrotems-patch-2
Update master.yaml
2019-03-27 14:24:03 +00:00
Liz Rice
df556c2f42
Add CIS & Kubernetes version mapping to README 2019-03-27 14:21:22 +00:00
Liz Rice
488f5221ef
Document output states
Also describe how tests can be omitted by editing the YAML
2019-03-26 10:37:17 +00:00
Liz Rice
b1ce0a9a75
Merge branch 'master' into yoavrotems-patch-2 2019-03-26 09:51:03 +00:00
Liz Rice
0f86bfc060
Merge pull request #246 from aquasecurity/yoavrotems-patch-1
Update master.yaml
2019-03-26 09:41:40 +00:00
yoavrotems
d059196b71
Update master.yaml
Fix 1.1.23 to check *if* --service-account-lookup argument is set and if so then if it's equal to true
2019-03-25 14:41:06 +02:00
yoavrotems
a85e5a7759
Update master.yaml
Fix title of 1.4.21 from 644 to 600 according to cis benchmark
2019-03-25 14:33:52 +02:00
Florent Delannoy
abfc38d672 Update documentation after review 2019-03-21 15:05:20 +00:00
Florent Delannoy
4d3144ca21 Support JSON and YAML configuration
Support new configuration options besides --flags:
- JSON file through `jsonpath`
- YAML file through `yamlpath`

These new options are fully backwards-compatible with the existing
tests.

Added a new profile, 1.11-json, that expects a JSON kubelet
configuration file and scores accordingly. This profile is compatible
with EKS.
2019-03-21 12:13:31 +00:00
Liz Rice
573136a700
Merge pull request #238 from Kuqd/features/autodetect-nodetype
Adds master node detection - thanks @Kuqd!
2019-03-18 18:43:13 +00:00
Liz Rice
9246be924d
Merge branch 'master' into features/autodetect-nodetype 2019-03-13 20:36:19 -07:00