From f90dd925b8ef80f5ef6b4df009fa728e7aff1098 Mon Sep 17 00:00:00 2001
From: Abubakr-Sadik Nii Nai Davis <dwa2pac@gmail.com>
Date: Fri, 3 Nov 2017 12:59:35 +0000
Subject: [PATCH] Exit kube-bench if we can't get valid kubernetes server
 version and improve error messages.

---
 cmd/common.go    |  2 +-
 cmd/util.go      | 34 ++++++++++++----------------------
 cmd/util_test.go | 13 +++----------
 3 files changed, 16 insertions(+), 33 deletions(-)

diff --git a/cmd/common.go b/cmd/common.go
index 3e01f2a..2bcf30e 100644
--- a/cmd/common.go
+++ b/cmd/common.go
@@ -62,7 +62,7 @@ func runChecks(t check.NodeType) {
 	}
 
 	ver := getKubeVersion()
-	path := fmt.Sprintf("%s/%s/%s", cfgDir, ver.Server, file)
+	path := fmt.Sprintf("%s/%s/%s", cfgDir, ver, file)
 	in, err := ioutil.ReadFile(path)
 	if err != nil {
 		exitWithError(fmt.Errorf("error opening %s controls file: %v", t, err))
diff --git a/cmd/util.go b/cmd/util.go
index dfd8b23..97b5544 100644
--- a/cmd/util.go
+++ b/cmd/util.go
@@ -213,37 +213,27 @@ func multiWordReplace(s string, subname string, sub string) string {
 	return strings.Replace(s, subname, sub, -1)
 }
 
-type version struct {
-	Server string
-	Client string
-}
-
-func getKubeVersion() *version {
-	ver := new(version)
+func getKubeVersion() string {
+	failmsg := "kubernetes version check failed"
 	// These executables might not be on the user's path.
 	_, err := exec.LookPath("kubectl")
 	if err != nil {
-		s := fmt.Sprintf("Kubernetes version check skipped with error %v", err)
-		continueWithError(err, sprintlnWarn(s))
-		return nil
+		exitWithError(fmt.Errorf("%s: %s", failmsg, err))
 	}
 
-	cmd := exec.Command("kubectl", "version")
-	out, err := cmd.Output()
+	cmd := exec.Command("kubectl", "version", "--short")
+	out, err := cmd.CombinedOutput()
 	if err != nil {
-		s := fmt.Sprintf("Kubernetes version check skipped, with error getting kubectl version")
-		continueWithError(err, sprintlnWarn(s))
-		return nil
+		exitWithError(fmt.Errorf("%s, %s", failmsg, out))
 	}
 
-	clientVerRe := regexp.MustCompile(`Client.*Major:"(\d+)".*Minor:"(\d+)"`)
-	svrVerRe := regexp.MustCompile(`Server.*Major:"(\d+)".*Minor:"(\d+)"`)
+	validVersionPttn := `\d.\d`
+	serverVersionRe := regexp.MustCompile(`Server Version: v(\d+.\d+)`)
+	ver := serverVersionRe.FindStringSubmatch(string(out))[1]
 
-	sub := clientVerRe.FindStringSubmatch(string(out))
-	ver.Client = sub[1] + "." + sub[2]
-
-	sub = svrVerRe.FindStringSubmatch(string(out))
-	ver.Server = sub[1] + "." + sub[2]
+	if matched, _ := regexp.MatchString(validVersionPttn, ver); !matched {
+		exitWithError(fmt.Errorf("%s: invalid server version ", failmsg, ver))
+	}
 
 	return ver
 }
diff --git a/cmd/util_test.go b/cmd/util_test.go
index 50044cf..646a75e 100644
--- a/cmd/util_test.go
+++ b/cmd/util_test.go
@@ -184,18 +184,11 @@ func TestMultiWordReplace(t *testing.T) {
 
 func TestGetKubeVersion(t *testing.T) {
 	ver := getKubeVersion()
-	if ver == nil {
-		t.Log("Expected non nil version info.")
-	} else {
-		if ok, err := regexp.MatchString(`\d+.\d+`, ver.Client); !ok && err != nil {
-			t.Logf("Expected:%v got %v\n", "n.m", ver.Client)
-		}
-
-		if ok, err := regexp.MatchString(`\d+.\d+`, ver.Server); !ok && err != nil {
-			t.Logf("Expected:%v got %v\n", "n.m", ver.Server)
-		}
 
+	if ok, err := regexp.MatchString(`\d+.\d+`, ver); !ok && err != nil {
+		t.Logf("Expected:%v got %v\n", "n.m", ver)
 	}
+
 }
 
 func TestFindConfigFile(t *testing.T) {
-- 
GitLab