From 92df9cb36c87d5c692de2459d97cc7f966d64538 Mon Sep 17 00:00:00 2001
From: Abubakr-Sadik Nii Nai Davis <dwa2pac@gmail.com>
Date: Tue, 27 Aug 2019 08:04:11 +0000
Subject: [PATCH] Read kubernetes version from environment (#390)

* Read kubernetes version from environment

Set kubernetes version to the value of the environment variable `KUBE_BENCH_VERSION` if it is defined and the flag `--version` is not specified on the kube-bench command line.

The command line flag `--version` takes precedence of the environment variable `KUBE_BENCH_VERSION` if both are defined.

* Add info about KUBE_BENCH_VERSION to README
---
 README.md   |  5 ++++-
 cmd/root.go | 10 +++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index dfb0aa8..3c61a58 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,10 @@ You can choose to
 kube-bench automatically selects which `controls` to use based on the detected
 node type and the version of kubernetes a cluster is running. This behaviour
 can be overridden by specifying the `master` or `node` subcommand and the
-`--version` flag on the command line.
+`--version` flag on the command line. 
+
+The kubernetes version can also be set with the KUBE_BENCH_VERSION environment variable.
+The value of `--version` takes precedence over the value of KUBE_BENCH_VERSION.
 
 For example:
 run kube-bench against a master with version auto-detection:
diff --git a/cmd/root.go b/cmd/root.go
index ad11f82..2591e6a 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -130,8 +130,16 @@ func initConfig() {
 		viper.AddConfigPath(cfgDir)   // adding ./cfg as first search path
 	}
 
+	// Read flag values from environment variables.
+	// Precedence: Command line flags take precedence over environment variables.
 	viper.SetEnvPrefix(envVarsPrefix)
-	viper.AutomaticEnv() // read in environment variables that match
+	viper.AutomaticEnv()
+	
+	if kubeVersion == "" {
+		if env := viper.Get("version"); env != nil {
+			kubeVersion = env.(string)
+		}
+ 	}
 
 	// If a config file is found, read it in.
 	if err := viper.ReadInConfig(); err != nil {
-- 
GitLab