arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-21 23:58:06 +00:00
Code Issues Releases Wiki Activity

Commit Graph

  • aee271052d Add gke-1.6.0 policy recommendations Abubakr-Sadik Nii Nai Davis 2024-08-16 05:41:09 +0000
  • 75ead54480 NDEV-20011 : adding CIS GKE-1.6.0 benchmarks deboshree-b 2024-08-16 05:41:31 +0530
  • 5c27cb212b Add gke-1.6.0 worker node recommendations Abubakr-Sadik Nii Nai Davis 2024-08-15 05:00:57 +0000
  • 2e3281a63e
         build(deps): bump golang from 1.22.4 to 1.22.6 dependabot[bot] 2024-08-12 19:55:34 +0000
  • d4827447c9
         Fix K3s 1.1.10 check Derek Nola 2024-08-12 10:28:56 -0700
  • 98ab862a86
         Add K3s cis-1.8 scan Derek Nola 2024-08-09 10:22:06 -0700
  • c867122aa5
         Overhaul K3s 5.X checks Derek Nola 2024-08-09 10:18:49 -0700
  • e233d841ff
         Overhaul K3s 4.X checks Derek Nola 2024-08-09 10:17:10 -0700
  • dd459fcbef
         Overhaul K3s 2.X Checks Derek Nola 2024-08-09 10:15:57 -0700
  • 473d3ed2fc
         Overhaul K3s 1.X checks Derek Nola 2024-08-09 10:14:39 -0700
  • 7794be3d65 Add gke1.6 control plane recommendations Abubakr-Sadik Nii Nai Davis 2024-08-09 07:11:01 +0000
  • 50f4779267 Add config entries for GKE 1.6 controls Abubakr-Sadik Nii Nai Davis 2024-08-09 07:08:53 +0000
  • f419b32f86 Fix CIS-1.9 policies 5.1.1 typo Andy Pitcher 2024-08-06 08:12:18 -0400
  • b6175bd58a update dockerfile to add package findutils WKharsun 2024-08-05 20:40:06 +0530
  • 27833ae299 update audit script for cis-1.9 kubernetes policies id 5.1.6 WKharsun 2024-08-05 20:29:43 +0530
  • cf0c87bbbe
         feat: use CIS EKS 1.5.0 by default Peter Balogh 2024-08-05 15:16:57 +0200
  • 489865ce3d
         fix: target mapping Peter Balogh 2024-08-02 14:31:08 +0200
  • aca0ae528f
         fix: update eks job Peter Balogh 2024-08-02 14:27:22 +0200
  • 43aba407bd
         fix(cfg): target map Peter Balogh 2024-08-02 14:25:11 +0200
  • 7981c07e0f
         feat(cfg): add EKS 1.5.0 Peter Balogh 2024-08-01 17:00:40 +0200
  • be8b91c8f1
         build(deps): bump alpine from 3.20.0 to 3.20.2 dependabot[bot] 2024-07-29 19:32:58 +0000
  • e82243a7d2 fix: rh-1.0 check 4.1.3 typo Arano-kai 2024-07-29 12:59:43 +0300
  • b9c6e9ee83 Fix loop syntax for file paths Andy Pitcher 2024-07-26 10:14:02 -0400
  • 6bfb8327cb Fix audit and remediation for CIS-1.9 master 1.1.13/1.1.14 Andy Pitcher 2024-07-26 09:37:42 -0400
  • fc78bf1ef0 Update command to build docker to run in EKS cluster za 2024-07-25 11:49:32 +0700
  • b4a5d9316d
         build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.30.3 dependabot[bot] 2024-07-22 19:15:01 +0000
  • 53689ba6e1
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-07-15 19:41:55 +0000
  • ec1425e747
         build(deps): bump golang from 1.22.4 to 1.22.5 dependabot[bot] 2024-07-08 19:13:58 +0000
  • ded8d404be
         build(deps): bump alpine from 3.20.0 to 3.20.1 dependabot[bot] 2024-07-04 05:47:55 +0000
  • 5a3fd1d896
         build(deps): bump golang from 1.22.2 to 1.22.4 (#1629) dependabot[bot] 2024-07-04 08:46:34 +0300
  • 4461e6712e
         build(deps): bump golang from 1.22.2 to 1.22.4 dependabot[bot] 2024-07-02 07:35:54 +0000
  • 366e79ddda
         release: prepare v0.8.0 (#1639) v0.8.0 chenk 2024-07-02 10:35:09 +0300
  • 9c5f19577a release: prepare v0.8.0 chenk 2024-07-02 10:23:38 +0300
  • f659f9d93c
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-07-01 19:22:15 +0000
  • f906c9c43f
         build(deps): bump docker/build-push-action from 5 to 6 dependabot[bot] 2024-06-29 12:54:35 +0000
  • 871027447f
         build(deps): bump goreleaser/goreleaser-action from 5 to 6 (#1628) dependabot[bot] 2024-06-29 15:53:49 +0300
  • a42fe975fd Extend default kubelet configlist to fit AWS EKS Matthias Muth 2024-06-27 15:22:47 +0200
  • 17325fe428
         build(deps): bump goreleaser/goreleaser-action from 5 to 6 dependabot[bot] 2024-06-26 12:55:04 +0000
  • 7027b6b2ec
         Add CIS kubernetes CIS-1.9 for k8s v1.27 - v1.29 (#1617) Andy Pitcher 2024-06-26 08:53:57 -0400
  • 2e05ad3f1f Add kubectl dependency and update publish - Download kubectl (build stage) based on version and architecture - Add binary checksum verification - Use go env GOARCH for ARCH Andy Pitcher 2024-06-18 16:24:57 -0400
  • cc05e0f716
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-06-24 19:43:15 +0000
  • a225f497c5
         build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.30.2 dependabot[bot] 2024-06-17 19:21:15 +0000
  • e8b1a2ad0e
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-06-17 19:21:02 +0000
  • 85cecda50f Adjust policies 5.1.3 and 5.1.6 Andy Pitcher 2024-06-14 14:51:30 -0400
  • bc4d98e6ca Append node.yaml - Create 4.3 kube-config group - Create 4.3.1 Ensure that the kube-proxy metrics service is bound to localhost (Automated) Andy Pitcher 2024-05-28 23:59:36 -0400
  • 788c0f1e1c Adjust policies.yaml - Check 5.2.3 to 5.2.9 Title Automated to Manual Andy Pitcher 2024-05-28 21:05:38 -0400
  • b987f086f6 Adapt master.yaml - Expand 1.1.13/1.1.14 checks by adding super-admin.conf to the permission and ownership verification - Remove 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used (Manual) - Adjust numbering from 1.2.12 to 1.2.29 Andy Pitcher 2024-05-28 20:05:27 -0400
  • b1c5463156 Create cis-1.9 yamls and Update info - policies.yaml - 5.1.1 to 5.1.6 were adapted from Manual to Automated - 5.1.3 got broken down into 5.1.3.1 and 5.1.3.2 - 5.1.6 got broken down into 5.1.6.1 and 5.1.6.2 - version was set to cis-1.9 - node.yaml master.yaml controlplane.yaml etcd.yaml - version was set to cis-1.9 Andy Pitcher 2024-05-17 17:49:01 -0400
  • 01ea8f8892
         Merge pull request #4 from nirmata/add-oke-support Rishabh Soni 2024-06-13 12:35:58 +0530
  • 45dfc51674
         Merge pull request #3 from nirmata/error-testing-oke Rishabh Soni 2024-06-11 17:16:21 +0530
  • 6ed1721538
         changes made Rishabh Soni 2024-06-11 16:55:08 +0530
  • 5414877908
         Update config.yaml Rishabh Soni 2024-06-11 16:10:06 +0530
  • b8e833ebfb
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-06-10 19:54:16 +0000
  • a70243f7a3
         Fixed typos Rishabh Soni 2024-06-10 20:19:34 +0530
  • 21484093ec Crawl paths from ENVs rootxrishabh 2024-06-10 18:17:39 +0530
  • a5a45c7ef0
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-06-03 19:23:37 +0000
  • 5d1d92d345
         build(deps): bump golang from 1.22.2 to 1.22.3 dependabot[bot] 2024-05-31 14:29:43 +0000
  • d8fc37649a
         build(deps): bump alpine from 3.19.1 to 3.20.0 (#1621) dependabot[bot] 2024-05-31 17:28:56 +0300
  • 3fe55f30b5
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-05-27 19:32:55 +0000
  • 5aa424bc70
         build(deps): bump alpine from 3.19.1 to 3.20.0 dependabot[bot] 2024-05-27 19:24:50 +0000
  • 0f8dfaf115
         Statically link binaries and remove debug information (#1615) Paulo Gomes 2024-05-22 05:37:36 +0000
  • 9332cb2b35
         --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/service/securityhub dependency-type: direct:production update-type: version-update:semver-minor ... dependabot[bot] 2024-05-20 19:31:17 +0000
  • 78a9870ae9
         --- updated-dependencies: - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-minor ... dependabot[bot] 2024-05-20 19:30:18 +0000
  • 7db91224ef
         Statically link binaries and remove debug information Paulo Gomes 2024-05-15 18:12:01 +0100
  • ed51191d7c
         Replace custom k3s etcd script checks with vanilla grep checks (#1601) Derek Nola 2024-05-20 03:47:15 -0700
  • a717453da6
         Use etcddatadir variable Derek Nola 2024-05-16 09:26:05 -0700
  • 157baee9d2
         Align correct cis benchmarks with k8s versions Derek Nola 2024-05-15 10:08:17 -0700
  • 86a42b56b3 chore: update go-linter version chenk 2024-05-15 09:27:21 +0300
  • 93e1b9fc01
         build(deps): bump k8s.io/apimachinery from 0.29.3 to 0.30.0 dependabot[bot] 2024-05-13 19:05:31 +0000
  • 70e60d7eb4
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-05-13 19:05:14 +0000
  • a8dda720d7
         Merge pull request #2 from nirmata/add-oke-support Rishabh Soni 2024-05-10 16:44:10 +0530
  • 2ad0aa1380 Added yamls for OKE rootxrishabh 2024-05-10 16:39:31 +0530
  • 90d2f2f4b2
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-05-06 19:24:42 +0000
  • 687c0e18eb
         Merge branch 'main' into fix_k3s_no_helpers Derek Nola 2024-05-06 12:08:20 -0700
  • df52f48b4a
         Rework etcd grep, remove etcd ENV checks (no-op), add correct k3s etcddatadir Derek Nola 2024-05-06 12:00:30 -0700
  • ca58788c6c
         Merge branch 'main' into dependabot/go_modules/golang.org/x/net-0.23.0 chenk 2024-05-05 09:25:50 +0300
  • 9a0271b4d7
         Merge branch 'main' into dependabot/go_modules/github.com/stretchr/testify-1.9.0 chenk 2024-05-04 20:25:15 +0300
  • 338d014198
         Merge branch 'main' into dependabot/github_actions/golangci/golangci-lint-action-5 chenk 2024-05-04 20:22:32 +0300
  • 2a8615befd
         build(deps): bump golang from 1.22.1 to 1.22.2 (#1596) dependabot[bot] 2024-05-03 19:35:58 +0300
  • ab59794153
         build(deps): bump golangci/golangci-lint-action from 4 to 5 dependabot[bot] 2024-04-29 19:25:13 +0000
  • 205268868b
         Replace custom k3s etcd script checks with vanilla grep checks Derek Nola 2024-04-22 12:00:40 -0700
  • 947ac102ad
         build(deps): bump golang.org/x/net from 0.19.0 to 0.23.0 dependabot[bot] 2024-04-19 12:47:02 +0000
  • b4286f06ed
         build(deps): bump golang from 1.22.1 to 1.22.2 dependabot[bot] 2024-04-18 06:59:38 +0000
  • ff9341a5d0
         release: prepare-v0.7.3 (#1599) v0.7.3 chenk 2024-04-18 09:58:44 +0300
  • 608427f836 release: prepare-v0.7.3 chenk 2024-04-18 09:57:22 +0300
  • 75c1fe9653
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-04-18 06:55:48 +0000
  • 65c484e85a
         build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.3 (#1587) dependabot[bot] 2024-04-18 09:54:55 +0300
  • 7cc338de41
         Merge branch 'main' into dependabot/go_modules/k8s.io/client-go-0.29.3 chenk 2024-04-18 09:30:09 +0300
  • d2d3e72271
         Currently, certain commands involve retrieving all node names or pods and then executing additional commands in a loop, resulting in a time complexity linearly proportional to the number of nodes. (#1597) mjshastha 2024-04-18 11:31:17 +0530
  • 7996876cde Currently, certain commands involve retrieving all node names or pods and then executing additional commands in a loop, resulting in a time complexity linearly proportional to the number of nodes. This approach becomes time-consuming for larger clusters. mjshastha 2024-04-12 15:32:14 +0530
  • 572f34c485
         build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 dependabot[bot] 2024-04-06 06:00:40 +0000
  • 1521e7fba0
         build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 dependabot[bot] 2024-04-06 06:00:38 +0000
  • 5668558bfb
         build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.3 dependabot[bot] 2024-04-06 06:00:36 +0000
  • 73e1377ce0
         build(deps): bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 (#1586) dependabot[bot] 2024-04-06 08:59:45 +0300
  • 7270a4b70b
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-03-30 09:45:38 +0000
  • 53170222a0
         build(deps): bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 dependabot[bot] 2024-03-30 09:43:10 +0000
  • dc8f4d37f0
         build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.25.2 to 1.26.0 (#1589) dependabot[bot] 2024-03-30 12:41:07 +0300
  • d8e7ed1c50
         Merge branch 'main' into dependabot/go_modules/github.com/aws/aws-sdk-go-v2-1.26.0 chenk 2024-03-30 12:14:14 +0300
  • dc7441620f
         build(deps): bump golang from 1.22.0 to 1.22.1 (#1583) dependabot[bot] 2024-03-29 14:10:34 +0300
  • 246205a0fb
         build(deps): bump github.com/aws/aws-sdk-go-v2/service/securityhub dependabot[bot] 2024-03-25 19:11:39 +0000