From 5f7fb350a763ad5b28510ac5e0e1aac50850922c Mon Sep 17 00:00:00 2001
From: Lennard Klein <1254068+lennardk@users.noreply.github.com>
Date: Sun, 3 Oct 2021 12:08:28 +0200
Subject: [PATCH] Add a trailing slash to find directory path (#1006)

This transplants #687 to cis-1.6 and cis-1.20. Fixes #686 for cis-1.6 and cis-1.20.
---
 cfg/cis-1.20/master.yaml | 4 ++--
 cfg/cis-1.6/master.yaml  | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/cfg/cis-1.20/master.yaml b/cfg/cis-1.20/master.yaml
index 032f858..fcbfcd4 100644
--- a/cfg/cis-1.20/master.yaml
+++ b/cfg/cis-1.20/master.yaml
@@ -278,7 +278,7 @@ groups:
 
       - id: 1.1.20
         text: "Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictive (Manual)"
-        audit: "find /etc/kubernetes/pki -name '*.crt' | xargs stat -c permissions=%a"
+        audit: "find /etc/kubernetes/pki/ -name '*.crt' | xargs stat -c permissions=%a"
         use_multiple_values: true
         tests:
           test_items:
@@ -294,7 +294,7 @@ groups:
 
       - id: 1.1.21
         text: "Ensure that the Kubernetes PKI key file permissions are set to 600 (Manual)"
-        audit: "find /etc/kubernetes/pki -name '*.key' | xargs stat -c permissions=%a"
+        audit: "find /etc/kubernetes/pki/ -name '*.key' | xargs stat -c permissions=%a"
         use_multiple_values: true
         tests:
           test_items:
diff --git a/cfg/cis-1.6/master.yaml b/cfg/cis-1.6/master.yaml
index bdd3f99..59d5e0b 100644
--- a/cfg/cis-1.6/master.yaml
+++ b/cfg/cis-1.6/master.yaml
@@ -278,7 +278,7 @@ groups:
 
       - id: 1.1.20
         text: "Ensure that the Kubernetes PKI certificate file permissions are set to 644 or more restrictive (Manual)"
-        audit: "find /etc/kubernetes/pki -name '*.crt' | xargs stat -c permissions=%a"
+        audit: "find /etc/kubernetes/pki/ -name '*.crt' | xargs stat -c permissions=%a"
         use_multiple_values: true
         tests:
           test_items:
@@ -294,7 +294,7 @@ groups:
 
       - id: 1.1.21
         text: "Ensure that the Kubernetes PKI key file permissions are set to 600 (Manual)"
-        audit: "find /etc/kubernetes/pki -name '*.key' | xargs stat -c permissions=%a"
+        audit: "find /etc/kubernetes/pki/ -name '*.key' | xargs stat -c permissions=%a"
         use_multiple_values: true
         tests:
           test_items:
-- 
GitLab