yoavrotems
7280438eb5
Add cis 1.6 ( #678 )
...
* Add new cis version yamls
Add new cis version yamls
* Add new cis version yamls
* Add cis-1.6 to versions table
* support version mapping cis-1.6
* support version mapping cis-1.6
* Update controlplane.yaml
* Update etcd.yaml
* Update node.yaml
* Update policies.yaml
* Create job.data
* Create job-node.data
* Create job-master.data
* Create add-tls-kind.yaml
* Change node version to 1.15.0
* Add tests for cis-1.6
* Delete node_only.yaml
* Change tests 1.1.19-1.1.21
Change 1.1.19-1.1.21 because failing tests
* Update job.data
* Update job-master.data
* Update job-master.data
* Update job.data
* fix 1.2.35 remediation
tabs instead of spaces
* Update job-master.data
* Remove extra space
* Update job.data
* Create node_only.yaml
* Add tests for cis-1.6
Add tests for cis-1.6 and change some from 1,5 to 1.6
* Fix typo
* Add mapping for cis-1.6
* Remove extra space in 1.2.35 remediation
* Update job.data
* Update job-master.data
* Fix type 1.2.35
* Remove trailing spaces
* Remove trailing spaces
* Remove trailing spaces
* Remove trailing spaces
* Add version 1.19 kubernetes support
* Add version 1.19 kubernetes support
* Add version 1.19 kubernetes support
2020-09-17 16:54:43 +01:00
Liz Rice
772839fc92
move target mapping to config.yaml - updated version ( #682 )
...
* move target mapping to config.yaml
* Update config.yaml
* Update common.go
* Add support for eks-1.0
Add also eks-1.0 to map
* chore: merge correction
* Move file only used for testing
* Tidier logs
* Add target mapping for GKE and EKS
* fingers cross this finishes target mapping
Co-authored-by: Murali Paluru <leodotcloud@gmail.com>
Co-authored-by: Roberto Rojas <robertojrojas@gmail.com>
Co-authored-by: yoavrotems <yoavrotems97@gmail.com>
2020-08-30 10:16:21 +03:00
Liz Rice
b0d175bf5c
Update default Kubernetes to 1.18 ( #657 )
...
* Update default Kubernetes to 1.18
* Add missing mapping
* Show pod logs on failure
2020-08-04 16:40:12 +03:00
Matthieu ANTOINE
ea4eaa6fd5
Fix supported targets for EKS benchmark ( #648 )
...
* Fix supported targets for EKS benchmark
* docs: heading at wrong level in README
* docs: remove duplicate TOC heading
* Fix invalid argument for gem install
Co-authored-by: Liz Rice <liz@lizrice.com>
2020-07-29 14:40:59 +01:00
Huang Huang
52ebfa5b5a
Fix invalid JSON output ( #629 )
...
* Fix invalid JSON output
Fixes #622
* Apply suggestions from code review
Co-authored-by: Liz Rice <liz@lizrice.com>
* Add tests
Co-authored-by: Liz Rice <liz@lizrice.com>
2020-06-24 10:13:10 +01:00
Abubakr-Sadik Nii Nai Davis
d988b81540
CIS GKE 1.0.0 benchmark ( #570 )
...
* Add initial commit for CIS GKE 1.0 benchmark
* Update README with GKE instructions
* Fix YAML linter issues
* Set GKE benchmark k8s version to gke-1.0
* Add tests for gke-1.0
Co-authored-by: Roberto Rojas <robertojrojas@gmail.com>
2020-03-03 09:51:48 -05:00
Roberto Rojas
13193d75b0
Fixes Issue #535 ( #537 )
...
* isEtcd should not run on openshift 3.10/3.11
* adds openssl
* fixed tests
* fixes bugs
* adds isEtcd tests
2019-12-13 10:09:30 -05:00
Roberto Rojas
af976e6f50
Fixes Issue #494 - add tests for CIS 1.5 ( #530 )
...
* Initial commit.
* Add master and node config.
* Add section 5 of CIS 1.5.1.
* Split sections into section files
* Fix YAML issues.
* adds target translation
* adds target translation
* adds cis-1.5 mapping
* fixed tests
* fixes are per PR
* fixed intergration test
* integration kind test file to appropriate ks8 version
* fixed etcd text
* fixed README
* fixed text
* etcd: fixed grep path
* etcd: fixes
* fixed error message bug
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* fixes as per PR review
2019-12-05 15:55:44 -05:00
Roberto Rojas
b92d30bd11
Fixes issue #517 : Determines Kubernetes version using the REST API ( #518 )
...
* Fixes issue #517 : Determines Kubernetes version using the REST API
* fixes
* fixes
* adds tests
* fixes
* added more tests
* kubernetes_version_test: Add a missing case for invalid certs
Signed-off-by: Simarpreet Singh <simar@linux.com>
* kubernetes_version_test: Remove un-needed casts
Signed-off-by: Simarpreet Singh <simar@linux.com>
* fixes as per PR review
* fixes as per PR review
2019-11-12 13:47:42 -08:00
Roberto Rojas
7ca438b618
Fixes Issue 269 - Numbering to use CIS Versions ( #511 )
...
* starting benchmark flag
* Revert "starting benchmark flag"
This reverts commit 58fc948626
.
* fixes issue #269
* add more unit tests
* fix bug
* Update cmd/common.go
Co-Authored-By: Liz Rice <liz@lizrice.com>
* fixes as per PR review
* fixes as per PR review
* adds more tests
* fixed tests
* changes as per PR Review
* changes as per PR Review
* updated README
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update README.md
Co-Authored-By: Liz Rice <liz@lizrice.com>
* changes are per PR review
2019-11-05 16:31:27 -05:00
Roberto Rojas
d5a02f7cb4
Fixes Issue #331 : Changes the Error Message When Programs are Missing ( #497 )
...
* changed error description for missing kubectl/kubelet execs
* adds function to generate error message for missing components
* adds function to generate error message for missing components
* adds function to generate error message for missing components
* Update cmd/util.go
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update cmd/util.go
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update cmd/util.go
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update cmd/util.go
Co-Authored-By: Liz Rice <liz@lizrice.com>
* Update cmd/util.go
Co-Authored-By: Liz Rice <liz@lizrice.com>
* fixed error message
* changes are per PR review
2019-11-05 10:44:57 -05:00
Simarpreet Singh
d12a45bba9
Properly initialize viper library when checking for master components ( #434 )
...
* common_test: Add a failing test to show the SISEGV
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common: Go green by fixing isMaster() to instantiate viper
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common: Inject a seam for getBinariesFunc to be patched-in.
Also adds additional tests to showcase unhappy behaviors.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common_test: Rename TestIsMaster()
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common: init viper with master config
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common: Add a pre-check if valid yaml is passed but doesn't include master.
Also adds additional tests to showcase unhappy behaviors.
Signed-off-by: Simarpreet Singh <simar@linux.com>
* mod: Upgrade viper to v1.4.0
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common: Refactor node only yaml to a file
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common: Log when master components are not found
Signed-off-by: Simarpreet Singh <simar@linux.com>
* common_test: Refactor subtests into a table
Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-10-14 11:15:08 -04:00
Liz Rice
aebd35a5ab
Update copyright date
2019-05-02 18:15:31 -07:00
Daniel Pacak
5fb133cd02
Adjust the semantics of scored and unscored flags
2019-05-01 22:52:56 +02:00
Daniel Pacak
306e1960af
Add flags to further filter CIS checks to run
2019-05-01 22:52:56 +02:00