Roberto Rojas
9fc13ca02e
Fixes Issue #538 ( #539 )
...
* Adds openshift to autodetect node type
* detect okd node units
* OCP fixes
2019-12-13 11:04:58 -05:00
Roberto Rojas
af976e6f50
Fixes Issue #494 - add tests for CIS 1.5 ( #530 )
...
* Initial commit.
* Add master and node config.
* Add section 5 of CIS 1.5.1.
* Split sections into section files
* Fix YAML issues.
* adds target translation
* adds target translation
* adds cis-1.5 mapping
* fixed tests
* fixes are per PR
* fixed intergration test
* integration kind test file to appropriate ks8 version
* fixed etcd text
* fixed README
* fixed text
* etcd: fixed grep path
* etcd: fixes
* fixed error message bug
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* fixes as per PR review
2019-12-05 15:55:44 -05:00
John Schnake
6ffd382711
Add option to output in JUnit format ( #516 )
...
If running these checks in a CI system it may be beneficial
to output in a more standardized format such as JUnit for
parsing by other tools in a consistent manner.
Fixes #460
Signed-off-by: John Schnake <jschnake@vmware.com>
2019-11-13 08:03:04 -05:00
Sebastian Ehmann
56fa231376
Remove nil check ( #493 )
...
As the length of a nil slice is defined as 0, the nil check is
redundand. (suggested by golanci-lint/gosimple)
2019-11-05 20:23:31 -05:00
Sebastian Ehmann
b9be7daa4a
Directly convert buffer to string ( #492 )
...
Using `buf.String()` instead of `fmt.Sprintf` is simpler
2019-11-05 20:07:41 -05:00
Roberto Rojas
a6ee61fd08
Fixes issue #289 : removed versions prior to 1.11 ( #429 )
...
* removed version prior to 1.11
* removed references to kubernetes versions prior to 1.11
2019-10-14 10:52:43 -04:00
Roberto Rojas
3aa41db166
Issue #353 : Merges JSON and Exec Params files ( #426 )
...
* starts fixes #353
* new approach to minize duplications
* applied merged yaml files for v1.11 and v1.13
* yaml files json/params merged
* fixes to remove double quotes from numbers and booleans
* fixed bug
* fixed certificate check
* removed -json files
* changes based on PR review
* Update check/check_test.go
Yay more tests!
Co-Authored-By: Liz Rice <liz@lizrice.com>
* changes as PR review
* fixed bug when scored check is missing tests
* attempt to improve the code
* fixed list breaks
* removes handleError function
* Update check/check.go
Accepting suggested log level.
Co-Authored-By: Liz Rice <liz@lizrice.com>
2019-10-14 10:37:10 -04:00
Roberto Rojas
c22f81610d
removes federated ( #431 )
2019-10-12 19:00:26 -04:00
Roberto Rojas
4416e46967
Adds Unit Tests for check/toNumeric ( #401 )
...
* fixes issue #364
* fixed unit test error text
2019-10-12 18:46:19 -04:00
Roberto Rojas
937bfc7b2e
issue #344 : Adds support for array comparison. Every element in the s… ( #367 )
...
* issue #344 : Adds support for array comparison. Every element in the source array must exist in the target array.
* issue #344 : Fixed typo and found if condition based on code review
* adds unit tests for valid_elements comparison
* removes spaces from split strings
2019-07-26 11:11:59 -07:00
Roberto Rojas
dab5e92bb5
Issue #363 : Adds Unit Tests for Test Comparisons ( #366 )
...
* issue #363 : starts unit tests for Test Comparison.
* issue #363 : Adds tests for "eq" operation
* changes test result message
* issue #363 : Adds tests for "noteq" operation
* issue #363 : Adds tests for "gt" operation
* issue #363 : Adds tests for "lt" operation
* issue #363 : Adds tests for "gte" operation
* issue #363 : Adds tests for "lte" operation
* issue #363 : Adds tests for "has" operation
* issue #363 : Adds tests for "nothave" operation
* issue #363 : Adds tests for "regex" operation
2019-07-17 10:08:11 -04:00
Roberto Rojas
86e3456f33
issue #243 : Changes condition so that score: false tests are performed ( #357 )
...
* issue #243 : Changes condition so that score: false tests are performed
* issue #243 : Changes comments.
2019-07-13 08:05:29 +01:00
Roberto Rojas
d43cdfdf01
Issue #355 : Adds Unit Tests for JSONPath Parse & Execute ( #358 )
...
* issue #335 : Adds json/yaml unmarshal Unit Tests.
* issue #335 : Adds jsonpath Unit Tests.
* issue #335 : Removes log package.
2019-07-12 07:09:27 +01:00
Liz Rice
7f2e9b5231
Merge branch 'master' into op-regex
2019-06-11 04:28:03 +01:00
Simarpreet Singh
5df39eed02
ocp-3.10: Fix malformed yaml and improve TestControls_RunChecks
...
This improves the TestControls_RunChecks() test by making
more comprehensive assertions on a more fully fledged input yaml
Fixes: https://github.com/aquasecurity/kube-bench/issues/304
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-06-10 13:39:43 -07:00
wwwil
83c7536c8a
Add tests for regex test op
2019-06-05 15:29:15 +01:00
wwwil
e4f0f470ee
Add regex op to test
2019-06-04 11:38:17 +01:00
Yoav Hizkiahou
ddb677bc69
Generate expected result by strings join
2019-05-26 10:15:00 +03:00
Yoav Hizkiahou
d1c3e3163b
Genereate expected result automatically for each test
2019-05-26 10:14:25 +03:00
Liz Rice
31019c44da
Merge branch 'master' into bugfix-no-actual-result
2019-05-24 13:18:34 +02:00
Yoav Hizkiahou
e7a8c14715
Save the audit command when requesting json output under the "audit" key
2019-05-19 11:23:44 +03:00
Yoav Hizkiahou
240c8ad5b0
The check's actual result property is now set to be the audit command's output
...
fix #280
2019-05-16 10:48:04 +03:00
Liz Rice
c361b9b82f
Merge branch 'master' into issue_278_remediation
2019-05-10 09:47:57 +01:00
Murali Paluru
7c6b9680b4
add remediation field
2019-05-05 16:06:13 -07:00
Liz Rice
8c8ae7ce76
Update copyright date
2019-05-02 18:15:05 -07:00
Liz Rice
0d57a9dff3
Update copyright date
2019-05-02 18:13:25 -07:00
Daniel Pacak
5fb133cd02
Adjust the semantics of scored and unscored flags
2019-05-01 22:52:56 +02:00
Daniel Pacak
306e1960af
Add flags to further filter CIS checks to run
2019-05-01 22:52:56 +02:00
Liz Rice
902a10f1c7
Just have one path for both json and yaml
2019-04-11 17:09:33 +01:00
Liz Rice
9b034024a7
Complete merge where test numbers changes
2019-04-11 10:21:19 +01:00
Liz Rice
c887794807
Merge branch 'master' into feature/json-config
2019-04-11 10:03:07 +01:00
Abubakr-Sadik Nii Nai Davis
4b8a7ffbe1
Add ":" as a valid flag-value separator for tests
...
This is useful for checking values in YAML (possibly JSON) kubernetes config files.
2019-04-10 22:47:26 +00:00
Florent Delannoy
4d3144ca21
Support JSON and YAML configuration
...
Support new configuration options besides --flags:
- JSON file through `jsonpath`
- YAML file through `yamlpath`
These new options are fully backwards-compatible with the existing
tests.
Added a new profile, 1.11-json, that expects a JSON kubelet
configuration file and scores accordingly. This profile is compatible
with EKS.
2019-03-21 12:13:31 +00:00
Liz Rice
cd231106cc
Improve comment
...
Tests could easily be marked "skip" because the user doesn't want to run them in their environment, and in this common case the set of tests will be non-nil
2019-02-18 08:46:26 +00:00
Liz Rice
db962a0ad9
Fix merge of skip check
2019-02-18 08:40:57 +00:00
Abubakr-Sadik Nii Nai Davis
911e9051dc
Merge remote-tracking branch 'origin/master' into ocp-configs
2019-02-15 19:48:53 +00:00
Abubakr-Sadik Nii Nai Davis
e899e941f7
Add OCP 3.10 benchmarks.
2019-02-15 19:44:39 +00:00
Yoav Hizkiahou
49f745af8e
Support new check type - skip:
...
If a check is marked with type "skip", it will be marked as Info.
Support scored property:
If a check is not scored and is not marked with type skip, it will be marked as Warn.
2019-01-29 19:05:12 +02:00
Itai Ben-Natan
e9076233dd
Support actual result in json output.
...
This commit adds the actual value of the result
of the value which was returned by the test.
2018-07-30 14:19:18 +00:00
Philippe ALEXANDRE
7b61cf60fe
Add strings.ToLower ...
2018-05-15 11:52:49 +02:00
Philippe ALEXANDRE
c4e7487ba7
Do case insensitive comparaison for booleans - Fix #125
2018-05-15 11:48:49 +02:00
nazemu
017a9836ce
Result structure changes
...
Changes to the json structure and field names
2017-11-29 19:04:05 +02:00
Steven Logue
d79a2a5478
added support for saving scan results to pgsql
2017-10-31 13:08:46 -07:00
Abubakr-Sadik Nii Nai Davis
d9e1eee2cd
Merge remote-tracking branch 'origin/master' into support for multiple
...
Kubernetes versions.
2017-09-20 00:39:30 +00:00
Abubakr-Sadik Nii Nai Davis
8ea0892437
Update controls to support multiple Kubernetes versions.
2017-09-17 00:09:02 +00:00
Liz Rice
e8579ade6c
Add tests for #50
2017-09-13 15:32:33 +01:00
Juned Memon
44994ced33
Fixed issue of The controls for master - admission control showing wrong status #49
2017-09-13 04:31:43 +05:30
Liz Rice
0e9c11ebd5
Remove empty error messages that manifested as "%s"
2017-08-31 14:41:52 +01:00
Liz Rice
af0eadc792
Add a couple more tests for file permission checks
2017-08-15 18:34:07 +01:00
Abubakr-Sadik Nii Nai Davis
7c7d477d78
Import os to fix issue in previous merge commit.
2017-08-12 19:10:31 +00:00