zilard
d8528a1ec8
issue #234 : implement test 2.2.8 ( #343 )
...
* implement test 2.2.8
* Nit: correct indentation
The indentation looked a bit wonky due to spaces vs tabs; hopefully this corrects it
5 years ago
Liz Rice
12e48297a6
Config file improvements
...
Correct defaults in main config.yaml file
Remove unnecessary overrides in version-specific config.yaml
5 years ago
Liz Rice
caf3fbd0a0
Moving more config into master config file
5 years ago
Liz Rice
dd8e7ec874
Merge branch 'master' into fix-208
6 years ago
Abubakr-Sadik Nii Nai Davis
d255b49d4b
Revert 1.8 config file.
6 years ago
Abubakr-Sadik Nii Nai Davis
a88b0703d8
Add kubeconfig variable substitution for kubelet and proxy.
...
There are checks for the kubeconfig for both kubelet and proxy which
the current kube-bench implementation does not check for properly.
kube-bench checks the wrong files.
This PR adds support for variable substitution for all the config file
types are that should be checked in the CIS benchmarks.
This PR also fixes a buggy in CIS 1.3.0 check 2.2.9, which checks for
ownership of the kubelet config file /var/lib/kubelet/config.yaml but
recommends changing ownership of kubelet kubeconfig file
/etc/kubernetes/kubelet.conf as remediation.
6 years ago
Abubakr-Sadik Nii Nai Davis
3f98c1def2
Fix wrong reference to kubelet.config in node checks.
...
This fix applies to only checks for kubernetes versions 1.8 and 1.11.
See https://github.com/aquasecurity/kube-bench/pull/208 .
6 years ago
Liz Rice
d712db47a2
Only find flags on the process we really want
6 years ago
Liz Rice
c44e0db97b
Inlcude .manifest extension config files for kops & kubespray
6 years ago
Liz Rice
024b7ed396
Merge branch 'master' into master
6 years ago
Julien Garcia Gonzalez
2073e08363
update 2.2.4 rules
6 years ago
Julien Garcia Gonzalez
db096c9f51
Rule node 2.2.4 is not correct
6 years ago
hutr
d736d10f90
fix sed string for 1.4.12
6 years ago
hutr
50a3725ff2
Merge branch 'master' into master
6 years ago
hutr
468f5fac6e
changes for 1.4.11 and 1.4.2
...
added tests: for 1.4.11 and removed grep -v grep for both
6 years ago
Erwan Miran
182e9b5e01
Addition of missing audit field in 2.2.6 node item
6 years ago
hutr
e4100a4435
fixed grep string for 1.4.11 and 1.4.22
...
check 1.4.11 and 1.4.22 FAIL even when permissions is correct.
6 years ago
Abubakr-Sadik Nii Nai Davis
b10b2bd22e
Merge branch 'master' into fix-typo
6 years ago
Abubakr-Sadik Nii Nai Davis
aa9da13226
Fix a bunch of typos.
6 years ago
Liz Rice
1935c952d6
--request-timeout is a duration
6 years ago
Lee Briggs
d464ab5639
Wrong configuration file
7 years ago
Lee Briggs
165444df60
Test fixes for 1.8
7 years ago
Liz Rice
4b1b2b8762
Merge branch 'master' into master
7 years ago
Liz Rice
fc4fe38bc2
Merge branch 'master' into unnecessary-warning
7 years ago
Konstantin Semenov
961dbeb2b5
Correct sed regex
7 years ago
Konstantinos Karampogias
8fc6904093
Improve etcd data directory extraction
...
- If data-dir is not the last argument, the remaining arguments
are captured preventing the correct checking.
Signed-off-by: Konstantin Semenov <ksemenov@pivotal.io>
7 years ago
Abubakr-Sadik Nii Nai Davis
7fcfb0cf30
Fix issue with etcd checks failing because of using " " instead of "=" to specify value.
...
This issue affects master checks 1.4.11 and 1.4.12.
7 years ago
Abubakr-Sadik Nii Nai Davis
53eb720952
Merge branch 'master' into unnecessary-warning
7 years ago
Abubakr-Sadik Nii Nai Davis
04f044e3b9
Add support for merging general and kubernetes version specific config files.
...
This change unifies all config files, podspecs and unitfiles under
a single component configuration key; `config`.
7 years ago
Liz Rice
d52e326147
Correct test config file typo
7 years ago
Liz Rice
2eb261b94f
Remove odd spacing and line breaks from test config files
7 years ago
Abubakr-Sadik Nii Nai Davis
8e758bb5e0
Update federated definitions.
7 years ago
Abubakr-Sadik Nii Nai Davis
82e325f96e
Update 1.8 node definition.
7 years ago
Abubakr-Sadik Nii Nai Davis
04f21d1887
Update 1.8 master definition.
7 years ago
Abubakr-Sadik Nii Nai Davis
7663dc87ee
Copy 1.7 benchmark as 1.8.
7 years ago