Yoav Hizkiahou
3aa28c4c32
Printing the actual test result of failed tests - when a flag is raised
...
fix #110
2019-05-15 10:14:11 +03:00
Daniel Pacak
5fb133cd02
Adjust the semantics of scored and unscored flags
2019-05-01 22:52:56 +02:00
Daniel Pacak
306e1960af
Add flags to further filter CIS checks to run
2019-05-01 22:52:56 +02:00
Cyril Tovena
5baf81a70a
Adds master node detection and a root command that automatically detect checks to run.
...
The root command will run node checks and if possible master checks.
I've also added some Makefile targets to improve local testing and improve the documentation.
2019-03-12 19:32:05 -04:00
bvwells
cc43fcbb7e
Add link to CIS kubernetes benchmark
2018-08-10 20:55:02 +01:00
Abubakr-Sadik Nii Nai Davis
6d237607fb
Fix typo in help text.
2018-05-15 04:50:39 +00:00
Abubakr-Sadik Nii Nai Davis
5da707b8d6
Remove CIS benchmark version in tool title.
...
it has grown stale and is dependent on k8s version we are checking.
2018-05-15 04:23:39 +00:00
Liz Rice
0b4872104d
Merge branch 'master' into feature/issue-107
2018-04-16 17:15:30 +01:00
Will Medlar
9469b1c124
Allow kubernetes version and config directory to be specified ( resolves #107 )
2018-04-12 15:01:58 -04:00
Abubakr-Sadik Nii Nai Davis
ade064006e
Add extra output manipulation flags, --noremediations, --nosummary and
...
--noresults.
These flags disable printing sections of the final output of kube-bench.
2018-04-10 20:01:47 +00:00
Lee Briggs
94a1f3c41f
Lint all code for golint tests
2018-01-11 10:01:58 -08:00
Abubakr-Sadik Nii Nai Davis
42a1068964
Add default version if version check fails.
2017-11-13 15:25:34 +00:00
Steven Logue
d79a2a5478
added support for saving scan results to pgsql
2017-10-31 13:08:46 -07:00
Liz Rice
c4be4a1240
Remove installation flag and some other unused variables
2017-08-31 17:52:21 +01:00
Abubakr-Sadik Nii Nai Davis
f88de572f6
Improve error handling.
2017-07-25 00:34:07 +00:00
Abubakr-Sadik Nii Nai Davis
3d395994b0
Change environment variable prefix.
2017-07-13 00:24:57 +00:00
Abubakr-Sadik Nii Nai Davis
609c4ff01c
Move kubernetes binaries and config paths to kube-bench config.
2017-07-13 00:24:09 +00:00
Abubakr-Sadik Nii Nai Davis
2ee99eca64
Add support for various installation modes, hyperkube, kubeadm and kops.
...
Issue #17 .
2017-07-10 00:15:27 +00:00
Abubakr-Sadik Nii Nai Davis
bd53529387
Fix issue #16 about supporting verbosity.
2017-07-07 17:01:30 +00:00
Abubakr-Sadik Nii Nai Davis
d0d9900b29
Resolve issue #7 wait: error running audit command exit status 1.
...
This is caused by a command in the audit pipeline (for example
ps -ef | grep kube-apiserver) failing. The causes of this failure
in my testing is usually a missing config file.
Extensive refactor and correction in verification code to check for
config files and binaries.
Replace joncalhoun/pipes with implementation using exec.Cmds so errors
are visible and can be handled when audit pipeline commands fail.
Change some audit commands
from: ps -ef | grep <cmd> | grep -v
to: ps -C <something> -o comm,args --no-headers
which is simpler to work with.
2017-06-30 14:19:38 +00:00
Liz Rice
07750ea43a
Don't output message about config file if output format is JSON
2017-06-23 10:48:49 +01:00
Liz Rice
f6509b804e
Typo
2017-06-23 10:28:58 +01:00
Liz Rice
0d6d3a03ef
Allow config file to be specified on the command line
2017-06-22 15:34:21 +01:00
Liz Rice
96364e3f29
Error if the config file can’t be found
2017-06-22 15:34:01 +01:00
jerbia
432651e85f
Added test 1.4.11 ( #8 )
2017-06-21 22:45:50 +03:00
Liz Rice
c3d67e0fee
Use colorPrint for config file info too
2017-06-20 11:10:11 +01:00
Liz Rice
dcd416a521
Executable name changes
...
Updates to travis file, readme and help text
2017-06-20 09:52:53 +01:00
Amir Jerbi
55fd838191
No need to run install.sh.
...
Simply clone the project, compile the go app and run ./cis_kubernetes
2017-06-20 00:03:46 +03:00
Liz Rice
26cc77ec1d
Get the tests working on deployments where file names may be different or not in path ( #1 )
...
* Replace the default help text
* Readme file, including the test config format documentation
* Typo
* Warn if config files / executables aren't found
* Ignore original name of executable (as per current README)
* Update tests to avoid failing on stat of a non-existant file
* Add a makefile for ease of build
2017-06-19 23:17:19 +03:00
Amir Jerbi
154a140f74
Initial commit
2017-06-19 17:01:57 +03:00