dependabot[bot]
cce6b9d24f
build(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 ( #1750 )
...
Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties ) from 1.8.7 to 1.8.9.
- [Release notes](https://github.com/magiconair/properties/releases )
- [Commits](https://github.com/magiconair/properties/compare/v1.8.7...v1.8.9 )
---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-12 13:39:04 +06:00
dependabot[bot]
84fb69d65e
build(deps): bump golang from 1.23.3 to 1.23.4 ( #1752 )
...
Bumps golang from 1.23.3 to 1.23.4.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-12 13:23:48 +06:00
dependabot[bot]
2fa813e790
build(deps): bump alpine from 3.20.3 to 3.21.0 ( #1751 )
...
Bumps alpine from 3.20.3 to 3.21.0.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-11 12:34:47 +06:00
afdesk
b6687c1b79
release: prepare v0.9.3 ( #1748 )
2024-12-09 14:38:35 +06:00
Abubakr-Sadik Nii Nai Davis
20604a5f86
fix: change the folder name for certificate files in rke-cis-1.7
2024-12-09 11:16:04 +06:00
lizhang96
64bc05354b
fix: k3s-cis-*- CHECK 4.2.1-4.2.3 ( #1739 )
...
* fix the node kubelet related tests
* update the tests
2024-12-06 13:29:34 +06:00
dependabot[bot]
3ee8299bc4
build(deps): bump github.com/aws/aws-sdk-go-v2/config ( #1743 )
...
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) from 1.28.4 to 1.28.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.4...config/v1.28.6 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-05 15:56:34 +06:00
dependabot[bot]
6aa242e2e5
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1745 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.54.6 to 1.55.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/kendra/v1.54.6...service/s3/v1.55.0 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-05 15:43:04 +06:00
dependabot[bot]
6da5ff4026
build(deps): bump gorm.io/driver/postgres from 1.5.9 to 1.5.11 ( #1742 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.5.9 to 1.5.11.
- [Commits](https://github.com/go-gorm/postgres/compare/v1.5.9...v1.5.11 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-05 15:25:34 +06:00
dependabot[bot]
09aa59e0cc
build(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 ( #1736 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.9.0...v1.10.0 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-29 13:20:56 +06:00
dependabot[bot]
2500ceed5b
build(deps): bump k8s.io/client-go from 0.31.2 to 0.31.3 ( #1738 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.31.2 to 0.31.3.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.31.2...v0.31.3 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-29 12:41:36 +06:00
dependabot[bot]
0eae00cf44
build(deps): bump codecov/codecov-action from 4 to 5 ( #1733 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4 to 5.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codecov/codecov-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: codecov/codecov-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-19 12:14:09 +06:00
Konstantinos Tsakalozos
39dfe93b68
Ensure 127.0.0.1 for the --bind-address parameter ( #1723 )
2024-11-18 09:56:28 +06:00
afdesk
4de7b2095a
release: prepare v0.9.2 ( #1730 )
2024-11-16 16:05:57 +06:00
Saurabh Misra
5eccb498c1
FIX| RKE-CIS-1.24- CHECK 1.1.19 ( #1722 )
...
We have added the missing script required for check 1.1.19 in rke-cis-1.24 and made it available to the kube-bench file system(https://github.com/rancher/security-scan/blob/master/package/helper_scripts/check_files_owner_in_dir.sh ).
2024-11-15 18:32:24 +06:00
dependabot[bot]
7ce327f1db
build(deps): bump github.com/aws/aws-sdk-go-v2/config ( #1728 )
...
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2 ) from 1.27.37 to 1.28.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.37...config/v1.28.4 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-15 18:21:14 +06:00
dependabot[bot]
8656945200
build(deps): bump github.com/golang/glog from 1.2.2 to 1.2.3 ( #1726 )
...
Bumps [github.com/golang/glog](https://github.com/golang/glog ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/golang/glog/releases )
- [Commits](https://github.com/golang/glog/compare/v1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: github.com/golang/glog
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-15 17:53:09 +06:00
dependabot[bot]
702107daff
build(deps): bump github.com/spf13/viper from 1.18.2 to 1.19.0 ( #1720 )
...
Bumps [github.com/spf13/viper](https://github.com/spf13/viper ) from 1.18.2 to 1.19.0.
- [Release notes](https://github.com/spf13/viper/releases )
- [Commits](https://github.com/spf13/viper/compare/v1.18.2...v1.19.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/viper
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-15 17:34:30 +06:00
dependabot[bot]
5fac7f626b
build(deps): bump github.com/fatih/color from 1.16.0 to 1.18.0 ( #1719 )
...
Bumps [github.com/fatih/color](https://github.com/fatih/color ) from 1.16.0 to 1.18.0.
- [Release notes](https://github.com/fatih/color/releases )
- [Commits](https://github.com/fatih/color/compare/v1.16.0...v1.18.0 )
---
updated-dependencies:
- dependency-name: github.com/fatih/color
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-15 16:14:30 +06:00
dependabot[bot]
27a1942bcc
build(deps): bump golang from 1.23.2 to 1.23.3 ( #1727 )
...
Bumps golang from 1.23.2 to 1.23.3.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-15 15:39:05 +06:00
dependabot[bot]
9f0f5567ae
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1724 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.54.4 to 1.54.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.54.4...service/lambda/v1.54.6 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-15 11:32:36 +06:00
dependabot[bot]
ea24d0e240
build(deps): bump engineerd/setup-kind from 0.5.0 to 0.6.2 ( #1721 )
...
Bumps [engineerd/setup-kind](https://github.com/engineerd/setup-kind ) from 0.5.0 to 0.6.2.
- [Release notes](https://github.com/engineerd/setup-kind/releases )
- [Commits](https://github.com/engineerd/setup-kind/compare/v0.5.0...v0.6.2 )
---
updated-dependencies:
- dependency-name: engineerd/setup-kind
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-06 10:15:05 +06:00
dependabot[bot]
74f5c8b800
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1716 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.53.3 to 1.54.4.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/iot/v1.53.3...service/s3/v1.54.4 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 11:14:40 +06:00
dependabot[bot]
e2a97f49f5
build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 ( #1718 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-11-01 10:31:03 +06:00
dependabot[bot]
b4000f677b
build(deps): bump gorm.io/gorm from 1.25.10 to 1.25.12 ( #1714 )
...
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm ) from 1.25.10 to 1.25.12.
- [Release notes](https://github.com/go-gorm/gorm/releases )
- [Commits](https://github.com/go-gorm/gorm/compare/v1.25.10...v1.25.12 )
---
updated-dependencies:
- dependency-name: gorm.io/gorm
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 15:37:35 +06:00
dependabot[bot]
86c6a27cc4
build(deps): bump golang from 1.22.7 to 1.23.2 ( #1697 )
...
Bumps golang from 1.22.7 to 1.23.2.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 14:08:26 +06:00
dependabot[bot]
8a695eb8d1
build(deps): bump k8s.io/client-go from 0.29.3 to 0.31.2 ( #1712 )
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.29.3 to 0.31.2.
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.29.3...v0.31.2 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 10:26:08 +06:00
dependabot[bot]
e48c3dd7b5
build(deps): bump golangci/golangci-lint-action from 5 to 6 ( #1707 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 5 to 6.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-25 10:05:00 +06:00
dependabot[bot]
ddb586d441
build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.31.1 ( #1681 )
...
* build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.31.1
Bumps [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ) from 0.29.3 to 0.31.1.
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.29.3...v0.31.1 )
---
updated-dependencies:
- dependency-name: k8s.io/apimachinery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* skip go toolchain
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-24 12:51:14 +06:00
afdesk
5568895095
chore: add go toolchain version ( #1710 )
...
* chore: add go toolchain version
* bump up toolchain to 1.22.7
2024-10-24 12:40:41 +06:00
dependabot[bot]
d5ba5edca0
build(deps): bump actions/setup-python from 4 to 5 ( #1536 )
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4 to 5.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-22 11:30:08 +06:00
dependabot[bot]
0e3dbfa985
build(deps): bump docker/build-push-action from 5 to 6 ( #1631 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 5 to 6.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-21 23:30:31 +06:00
dependabot[bot]
e9ea1dbb74
build(deps): bump golangci/golangci-lint-action from 4 to 5 ( #1604 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 4 to 5.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-21 15:47:43 +06:00
afdesk
c5dc28ee6f
release: prepare v0.9.1 ( #1705 )
2024-10-16 19:48:17 +06:00
Omar kamoun
fa478ce238
fix: correct TLSCipherSuites to tlsCipherSuites ( #1703 )
2024-10-16 11:50:10 +06:00
dependabot[bot]
1d8f80e846
build(deps): bump github.com/golang/glog from 1.2.0 to 1.2.2 ( #1702 )
...
Bumps [github.com/golang/glog](https://github.com/golang/glog ) from 1.2.0 to 1.2.2.
- [Release notes](https://github.com/golang/glog/releases )
- [Commits](https://github.com/golang/glog/compare/v1.2.0...v1.2.2 )
---
updated-dependencies:
- dependency-name: github.com/golang/glog
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-15 11:14:14 +06:00
Abubakr-Sadik Nii Nai Davis
a15e8acaa3
Add GKE 1.6 CIS benchmark for GCP environment ( #1672 )
...
* Add config entries for GKE 1.6 controls
* Add gke1.6 control plane recommendations
* Add gke-1.6.0 worker node recommendations
* Add gke-1.6.0 policy recommendations
* Add managed services and policy recommendation
* Add master recommendations
* Fix formatting across gke-1.6.0 files
* Add gke-1.6.0 benchmark selection based on k8s version
* Workaround: hardcode kubelet config path for gke-1.6.0
* Fix tests for makeIPTablesUtilChaings
* Change scored field for all node tests to true
* Fix kubelet file permission to check for
---------
Co-authored-by: afdesk <work@afdesk.com>
2024-10-11 10:49:35 +06:00
dependabot[bot]
e47725299e
build(deps): bump gorm.io/driver/postgres from 1.5.6 to 1.5.9 ( #1698 )
...
Bumps [gorm.io/driver/postgres](https://github.com/go-gorm/postgres ) from 1.5.6 to 1.5.9.
- [Commits](https://github.com/go-gorm/postgres/compare/v1.5.6...v1.5.9 )
---
updated-dependencies:
- dependency-name: gorm.io/driver/postgres
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-10 10:37:41 +06:00
Matthias Muth
e8562f2944
Extend default kubelet configlist to fit AWS EKS ( #1637 )
...
- the latest default Kubernetes setup of AWS has
its kubelet config path in the added location.
Proposing to extend the list of scanned paths in
order to make kube-bench execution more painless
and "quick start like" in default setups.
2024-10-04 14:08:03 +06:00
Arano-kai
3a0ccc440c
fix: rh-1.0 check 4.1.3 typo ( #1652 )
...
Co-authored-by: Arano-kai <captcha.is(dot)evil(meov)gmail.com>
2024-10-04 13:42:56 +06:00
dependabot[bot]
c683e93968
build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub ( #1696 )
...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2 ) from 1.53.1 to 1.53.3.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases )
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/s3/v1.53.1...service/iot/v1.53.3 )
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 12:21:07 +06:00
jdesouza
e75cd6bbc8
Updated KUBECTL_VERSION to 1.31.0 for fixing vulnerabilities ( #1690 )
...
* Bumped Go to 1.22.7 for fixing Critical/High vulberabilities
* Bumped Go to 1.22.7 for fixing Critical/High vulberabilities
* Bumped kubectl version for fixing vulnerabilities
* Fixed kubectl version
* Update go.mod
2024-10-03 22:43:01 +06:00
dependabot[bot]
d8f041a826
build(deps): bump alpine from 3.20.0 to 3.20.3 ( #1676 )
...
Bumps alpine from 3.20.0 to 3.20.3.
---
updated-dependencies:
- dependency-name: alpine
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 09:20:12 +06:00
Winnerson Kharsunai
7ea1d59bb1
update audit script for cis-1.9 kubernetes policies id 5.1.6 ( #1655 )
2024-10-01 11:48:02 +06:00
Winnerson Kharsunai
89842dcaaa
update dockerfile to add package findutils ( #1657 )
2024-10-01 11:32:23 +06:00
za
674d8e8bb7
Update command to build docker to run in EKS cluster ( #1648 )
...
because with the previous command unable to get the argument.
Issue: https://github.com/aquasecurity/kube-bench/issues/1647
Co-authored-by: za <za@noreply.users.github.com>
2024-09-30 12:13:10 +06:00
Andy Pitcher
4b4c1ce709
Modify 1.2.3 Ensure that the DenyServiceExternalIPs is set
in CIS-1.7/1.8 ( #1607 )
...
* Modify 1.2.3 Ensure that the DenyServiceExternalIPs is set
- op changed from `have` to `has` and removed bin_op: or
- remediation description changed to only include --enable-admission-plugins
* Apply changes for CIS-1.9
2024-09-30 10:30:59 +06:00
Andy Pitcher
b85ec78a84
Fix CIS-1.9 policies 5.1.1/5.1.5 typos ( #1658 )
...
* Fix CIS-1.9 policies 5.1.1 typo
* Fix typo CIS-1.9 5.1.5
* Add new lines to CIS-1.9
2024-09-30 09:54:45 +06:00
Wolfgang Reichert
f6877e3c17
Fix issue 1595: failed to output to ASFF ( #1691 )
...
A breaking change was introduced in aws-sdk-go-v2.
See https://github.com/aws/aws-sdk-go-v2/issues/2370#issuecomment-1953308268 .
Mixing aws-sdk-go-v2 packages from versions before and after the breaking change causes kube-bench to fail. This issue occurs when it attempts to access AWS Security Hub.
Addressed issue: https://github.com/aquasecurity/kube-bench/issues/1595
Supersedes bot PR: https://github.com/aquasecurity/kube-bench/pull/1689
Besides upgrading to latest SDK version, some variable types need to be adapted.
2024-09-28 13:36:44 +06:00
Andy Pitcher
2751f87034
Fix audit and remediation for CIS-1.9 master 1.1.13/1.1.14 ( #1649 )
...
* Fix audit and remediation for CIS-1.9 master 1.1.13/1.1.14
* Fix loop syntax for file paths
---------
Co-authored-by: afdesk <work@afdesk.com>
2024-09-26 10:45:48 +06:00