1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-19 05:08:07 +00:00
Commit Graph

10 Commits

Author SHA1 Message Date
Liz Rice
dd8e7ec874
Merge branch 'master' into fix-208 2019-03-03 09:45:16 +00:00
Abubakr-Sadik Nii Nai Davis
a88b0703d8 Add kubeconfig variable substitution for kubelet and proxy.
There are checks for the kubeconfig for both kubelet and proxy which
the current kube-bench implementation does not check for properly.
kube-bench checks the wrong files.

This PR adds support for variable substitution for all the config file
types are that should be checked in the CIS benchmarks.

This PR also fixes a buggy in CIS 1.3.0 check 2.2.9, which checks for
ownership of the kubelet config file /var/lib/kubelet/config.yaml but
recommends changing ownership of kubelet kubeconfig file
/etc/kubernetes/kubelet.conf as remediation.
2019-02-27 22:15:14 +00:00
Abubakr-Sadik Nii Nai Davis
3f98c1def2 Fix wrong reference to kubelet.config in node checks.
This fix applies to only checks for kubernetes versions 1.8 and 1.11.
See https://github.com/aquasecurity/kube-bench/pull/208.
2019-02-27 22:14:19 +00:00
Liz Rice
d712db47a2
Only find flags on the process we really want 2019-02-28 01:33:21 +08:00
Julien Garcia Gonzalez
2073e08363
update 2.2.4 rules 2018-06-18 13:44:25 +02:00
Julien Garcia Gonzalez
db096c9f51
Rule node 2.2.4 is not correct 2018-06-15 15:49:55 +02:00
Erwan Miran
182e9b5e01 Addition of missing audit field in 2.2.6 node item 2018-06-05 15:27:20 +02:00
Abubakr-Sadik Nii Nai Davis
04f044e3b9 Add support for merging general and kubernetes version specific config files.
This change unifies all config files, podspecs and unitfiles under
a single component configuration key; `config`.
2017-11-28 17:38:34 +00:00
Abubakr-Sadik Nii Nai Davis
82e325f96e Update 1.8 node definition. 2017-10-15 13:19:07 +00:00
Abubakr-Sadik Nii Nai Davis
7663dc87ee Copy 1.7 benchmark as 1.8. 2017-10-05 17:29:38 +00:00