arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-01 12:59:01 +00:00
Code Issues Releases Wiki Activity
54 Commits 7 Branches 81 Tags 157 MiB
e6479afd01
Commit Graph

54 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Abubakr-Sadik Nii Nai Davis
e6479afd01 Reset audit commands to ps -ef ... closer to benchmark. 2017-07-04 15:19:09 +00:00
Abubakr-Sadik Nii Nai Davis
e61dcabdfb Remove extraneous debug commands. 2017-06-30 14:56:23 +00:00
Abubakr-Sadik Nii Nai Davis
d0d9900b29 Resolve issue #7 wait: error running audit command exit status 1. 
This is caused by a command in the audit pipeline (for example
ps -ef | grep kube-apiserver) failing. The causes of this failure
in my testing is usually a missing config file.

Extensive refactor and correction in verification code to check for
config files and binaries.

Replace joncalhoun/pipes with implementation using exec.Cmds so errors
are visible and can be handled when audit pipeline commands fail.

Change some audit commands
from: ps -ef | grep <cmd> | grep -v
to:   ps -C <something> -o comm,args --no-headers

which is simpler to work with.
 2017-06-30 14:19:38 +00:00
Liz Rice
e8df4aa512 Add test to validate the YAML files 2017-06-23 12:05:07 +01:00
Liz Rice
b4237ccb73 Better error handling when reading YAML files 2017-06-23 12:04:46 +01:00
Liz Rice
f920d61a6a Merge pull request #9 from aquasecurity/json 
If output format is JSON, don't also output human-readable warnings
 2017-06-23 11:10:08 +01:00
Liz Rice
1b3144af37 Hopefully this adds go tests to the travis job 2017-06-23 10:52:08 +01:00
Liz Rice
07750ea43a Don't output message about config file if output format is JSON 2017-06-23 10:48:49 +01:00
Liz Rice
6340ee44c5 Don’t output warnings as text if we’re generating JSON output. Add error handling in a few missing cases. Some comment tidying. 2017-06-23 10:41:40 +01:00
Liz Rice
f6509b804e Typo 2017-06-23 10:28:58 +01:00
Liz Rice
b36832e40c Correct block-copy error in flanneld config directory 2017-06-23 09:58:46 +01:00
Liz Rice
1be52fb304 Add missing error output if JSON output can't be emitted 2017-06-23 09:40:53 +01:00
Liz Rice
44136fa080 Add image and commit badges to README 2017-06-22 16:36:50 +01:00
Liz Rice
e69ccba8c7 Docker build hook to add label info 2017-06-22 16:22:54 +01:00
Liz Rice
74ca02298e Add image labels 2017-06-22 16:15:42 +01:00
Liz Rice
3b93167c07 And now correct the flag and put it in the right place 2017-06-22 16:02:36 +01:00
Liz Rice
0c30f24b59 Travis build name got updated so the badges need updating too 2017-06-22 15:51:29 +01:00
Liz Rice
903f232dc1 Correct bad yaml indentation 2017-06-22 15:46:47 +01:00
Liz Rice
0d6d3a03ef Allow config file to be specified on the command line 2017-06-22 15:34:21 +01:00
Liz Rice
96364e3f29 Error if the config file can’t be found 2017-06-22 15:34:01 +01:00
Liz Rice
c07a8e2c81 Minor language improvement 2017-06-22 15:19:57 +01:00
jerbia
432651e85f Added test 1.4.11 (#8) 2017-06-21 22:45:50 +03:00
jerbia
d3bbf2698e Removed extra '\' sign (#6) 
There was an extra '\' sign in the docker pull command
 2017-06-21 14:46:23 +03:00
Amir Jerbi
61d840e37d Add screenshot 2017-06-20 13:48:19 +03:00
jerbia
8fcc4e3cba Delete output.png 2017-06-20 13:47:37 +03:00
Amir Jerbi
96b757414a changed screenshot 2017-06-20 13:45:26 +03:00
Amir Jerbi
d96918fb08 Merge branch 'master' of github.com:aquasecurity/kubernetes-bench-security 2017-06-20 13:43:23 +03:00
Amir Jerbi
9a471ef1a4 Added screenshot 2017-06-20 13:43:03 +03:00
Amir Jerbi
eefa0dfb61 Change check 1.15 
Check is successful in case --kubelet-https is set to true OR missing
 2017-06-20 13:29:58 +03:00
Liz Rice
f2d49848f4 Travis build failing, let's see if this works 2017-06-20 11:23:01 +01:00
Liz Rice
1ad63cb4e6 Correct a block-copy mistake in one of the test configs 2017-06-20 11:12:36 +01:00
Liz Rice
c3d67e0fee Use colorPrint for config file info too 2017-06-20 11:10:11 +01:00
Liz Rice
b7a92799b9 Blue for info messages 2017-06-20 11:09:44 +01:00
Liz Rice
ed4ded7b3f Use a single-stage build for now since Docker Hub doesn't support multi-stage builds. Also updated base image to current version of Go, 1.8 2017-06-20 10:53:28 +01:00
Liz Rice
9dd393da99 Change the exe name in the Dockerfile 2017-06-20 10:00:17 +01:00
Liz Rice
800c18ccf3 colorPrint for the output 
Use the same format output for warnings even if they aren’t related to
a specific test ID
 2017-06-20 09:54:17 +01:00
Liz Rice
dcd416a521 Executable name changes 
Updates to travis file, readme and help text
 2017-06-20 09:52:53 +01:00
Liz Rice
f123db14a9 Update import names and makefile for name change 2017-06-20 09:38:15 +01:00
Amir Jerbi
e03f5c846f Changed Dockerfile with new Github project name. 
The Github project name was changed to "kube-bench" so there was a need to modify
Dockerfile references.
Also modified the text output of the entrypoint to be friendlier.
 2017-06-20 10:42:37 +03:00
jerbia
3bafeac47c Update README.md 2017-06-20 10:32:11 +03:00
Amir Jerbi
4f98c691b9 Typo in the usage 2017-06-20 10:10:36 +03:00
Amir Jerbi
6966245e56 Merge branch 'master' of github.com:aquasecurity/kubernetes-bench-security 2017-06-20 09:54:47 +03:00
Amir Jerbi
ebc58dcb58 Add Dockerfile build 2017-06-20 09:53:34 +03:00
jerbia
5e4baae23e Update README.md 2017-06-20 00:29:58 +03:00
Amir Jerbi
f9592f15bb added language to travis 2017-06-20 00:17:52 +03:00
Amir Jerbi
7dca4c8c32 Merge branch 'master' of github.com:aquasecurity/kubernetes-bench-security 2017-06-20 00:14:50 +03:00
Amir Jerbi
b215ad184f added travis build 2017-06-20 00:14:29 +03:00
jerbia
1d44458e93 Update README.md 2017-06-20 00:07:58 +03:00
jerbia
c53a0ac6f4 Update README.md 2017-06-20 00:06:30 +03:00
Amir Jerbi
55fd838191 No need to run install.sh. 
Simply clone the project, compile the go app and run ./cis_kubernetes
 2017-06-20 00:03:46 +03:00