mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-18 12:48:08 +00:00
a88b0703d8
There are checks for the kubeconfig for both kubelet and proxy which the current kube-bench implementation does not check for properly. kube-bench checks the wrong files. This PR adds support for variable substitution for all the config file types are that should be checked in the CIS benchmarks. This PR also fixes a buggy in CIS 1.3.0 check 2.2.9, which checks for ownership of the kubelet config file /var/lib/kubelet/config.yaml but recommends changing ownership of kubelet kubeconfig file /etc/kubernetes/kubelet.conf as remediation. |
||
---|---|---|
.. | ||
common.go | ||
database.go | ||
federated.go | ||
master.go | ||
node.go | ||
root.go | ||
util_test.go | ||
util.go |