1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-25 17:38:21 +00:00
Commit Graph

12 Commits

Author SHA1 Message Date
dependabot[bot]
f20539930e
Bump gorm.io/gorm from 1.21.12 to 1.21.13 (#966)
Bumps [gorm.io/gorm](https://github.com/go-gorm/gorm) from 1.21.12 to 1.21.13.
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](https://github.com/go-gorm/gorm/compare/v1.21.12...v1.21.13)

---
updated-dependencies:
- dependency-name: gorm.io/gorm
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-30 11:38:07 +03:00
dependabot[bot]
e2e1566a35
Bump github.com/aws/aws-sdk-go from 1.40.14 to 1.40.18 (#957)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.14 to 1.40.18.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.14...v1.40.18)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-08-11 12:45:13 +03:00
Matthieu MOREL
b1119f588e
chore(ci) update k8s.io/client-go and github.com/spf13/cobra to latest (#955)
* Update github.com/spf13/cobra

* chore(ci) update k8s.io/client-go and github.com/spf13/cobra to latest
2021-08-09 17:40:21 +03:00
Matthieu MOREL
c91a9434c0
Update Gorm (#950)
* Migrate from github.com/jinzhu/gorm to gorm.io/gorm

* apply gofmt

* github.com/aws/aws-sdk-go

* fix
2021-08-09 11:40:01 +03:00
dependabot[bot]
42da8c681c
Bump github.com/aws/aws-sdk-go from 1.40.13 to 1.40.14 (#949)
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.13 to 1.40.14.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.13...v1.40.14)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-04 17:07:56 +03:00
Matthieu MOREL
8ac8ebfc2a
Update Dependencies (#941)
* Create dependabot.yml

* Bump crazy-max/ghaction-docker-meta from 1 to 3.4.0 (#1)

Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta) from 1 to 3.4.0.
- [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v1...v3.4.0)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-docker-meta
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update .yamllint.yaml

* Update .yamllint.yaml

* Update dependabot.yml

* Update dependabot.yml

* Bump github.com/onsi/ginkgo from 1.10.1 to 1.16.4 (#2)

Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.10.1 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.10.1...v1.16.4)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/stretchr/testify from 1.4.0 to 1.7.0 (#4)

Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.7.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/fatih/color from 1.5.0 to 1.12.0 (#6)

Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.5.0 to 1.12.0.
- [Release notes](https://github.com/fatih/color/releases)
- [Commits](https://github.com/fatih/color/compare/v1.5.0...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/fatih/color
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/magiconair/properties from 1.8.0 to 1.8.5 (#3)

Bumps [github.com/magiconair/properties](https://github.com/magiconair/properties) from 1.8.0 to 1.8.5.
- [Release notes](https://github.com/magiconair/properties/releases)
- [Changelog](https://github.com/magiconair/properties/blob/main/CHANGELOG.md)
- [Commits](https://github.com/magiconair/properties/compare/v1.8.0...v1.8.5)

---
updated-dependencies:
- dependency-name: github.com/magiconair/properties
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.35.28 to 1.39.6 (#7)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.35.28 to 1.39.6.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.35.28...v1.39.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump gopkg.in/yaml.v2 from 2.3.0 to 2.4.0 (#8)

Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/go-yaml/yaml/releases)
- [Commits](https://github.com/go-yaml/yaml/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: gopkg.in/yaml.v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/viper from 1.4.0 to 1.8.1 (#9)

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.4.0 to 1.8.1.
- [Release notes](https://github.com/spf13/viper/releases)
- [Commits](https://github.com/spf13/viper/compare/v1.4.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/viper
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/spf13/cobra from 0.0.3 to 0.0.7 (#10)

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.3 to 0.0.7.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v0.0.3...0.0.7)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.39.6 to 1.40.0 (#11)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.39.6 to 1.40.0.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.39.6...v1.40.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump crazy-max/ghaction-docker-meta from 3.4.0 to 3.4.1 (#12)

Bumps [crazy-max/ghaction-docker-meta](https://github.com/crazy-max/ghaction-docker-meta) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/crazy-max/ghaction-docker-meta/releases)
- [Commits](https://github.com/crazy-max/ghaction-docker-meta/compare/v3.4.0...v3.4.1)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-docker-meta
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.40.0 to 1.40.1 (#13)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.0 to 1.40.1.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.0...v1.40.1)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.40.1 to 1.40.7 (#21)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.1 to 1.40.7.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.1...v1.40.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump codecov/codecov-action from 1 to 2.0.2 (#20)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 2.0.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v1...v2.0.2)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update build.yml

* Update mkdocs-deploy.yaml

* Update publish.yml

* Update mkdocs-deploy.yaml

* Bump github.com/aws/aws-sdk-go from 1.40.7 to 1.40.9 (#23)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.7 to 1.40.9.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.7...v1.40.9)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update .github/workflows/publish.yml

* Update .github/workflows/build.yml

* Update mkdocs-deploy.yaml

* Update build.yml

* Update dependabot.yml

* Update dependabot.yml

* Bump alpine from 3.13 to 3.14.0 (#27)

Bumps alpine from 3.13 to 3.14.0.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/aws/aws-sdk-go from 1.40.9 to 1.40.13 (#28)

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.9 to 1.40.13.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.9...v1.40.13)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-04 11:38:18 +03:00
Yoav Rotem
6ca3ce6754
Update go modules 1.16 (#910)
* Update to go 1.16

* Update go modules to 1.16
2021-06-16 17:26:51 +03:00
Brian Terry
c3f94dd89f
Aws asff (#770)
* add aasf

* add AASF format

* credentials provider

* add finding publisher

* add finding publisher

* add write AASF path

* add testing

* read config from file

* update docker file

* refactor

* remove sample

* add comments

* Add comment in EKS config.yaml

* Fix comment typo

* Fix spelling of ASFF

* Fix typo and other small code review suggestions

* Limit length of Actual result field

Avoids this message seen in testing:
  Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters.

* Add comment for ASFF schema

* Add Security Hub documentation

* go mod tidy

* remove dupe lines in docs

* support integration in any region

* fix README link

* fix README links

Co-authored-by: Liz Rice <liz@lizrice.com>
2020-11-23 19:43:53 +00:00
Roberto Rojas
47c5661034
Fixes issue #439: Adds integration testing using KIND (#520)
* Fixes issue #439: Adds integration testing using KIND

* try integration tests

* started using ticker and timeouts

* trying built container image

* adds load image into KIND

* adds comparison

* fixes as per PR review
2019-11-16 09:39:47 -05:00
John Schnake
6ffd382711 Add option to output in JUnit format (#516)
If running these checks in a CI system it may be beneficial
to output in a more standardized format such as JUnit for
parsing by other tools in a consistent manner.

Fixes #460

Signed-off-by: John Schnake <jschnake@vmware.com>
2019-11-13 08:03:04 -05:00
Simarpreet Singh
d12a45bba9 Properly initialize viper library when checking for master components (#434)
* common_test: Add a failing test to show the SISEGV

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common: Go green by fixing isMaster() to instantiate viper

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common: Inject a seam for getBinariesFunc to be patched-in.

Also adds additional tests to showcase unhappy behaviors.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common_test: Rename TestIsMaster()

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common: init viper with master config

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common: Add a pre-check if valid yaml is passed but doesn't include master.

Also adds additional tests to showcase unhappy behaviors.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* mod: Upgrade viper to v1.4.0

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common: Refactor node only yaml to a file

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common: Log  when master components are not found

Signed-off-by: Simarpreet Singh <simar@linux.com>

* common_test: Refactor subtests into a table

Signed-off-by: Simarpreet Singh <simar@linux.com>
2019-10-14 11:15:08 -04:00
Manuel Rüger
f7e3257e3c Go modules / Alpine 3.10 update / Remove binary (#322)
* Remove binary that was accidentally added

911e9051dc

* Dockerfile: Update to alpine 3.10

* Switch to go 1.12 and go modules
2019-06-26 11:58:51 +01:00