- Dec 09, 2021
-
-
Huang Huang authored
* Support CIS Google Kubernetes Engine (GKE) Benchmark v1.2.0 * restore gke-1.0 Co-authored-by:Yoav Rotem <yoavrotems97@gmail.com>
-
- Nov 18, 2021
-
-
Huang Huang authored
* Update eks-1.0 to support CIS EKS Benchmark v1.0.1 * add "No remediation" * rename eks-1.0 to eks-1.0.1 Co-authored-by:
-
- Nov 14, 2021
-
-
Huang Huang authored
* Update aks-1.0 to match official CIS Azure Kubernetes Service (AKS) Benchmark v1.0.0 * fix typo * fix empty remediation Co-authored-by:
-
- Nov 08, 2021
-
-
Huang Huang authored
-
- Oct 27, 2021
-
-
tonyqui authored
Co-authored-by:
-
- Oct 04, 2021
-
-
Lennard Klein authored
Implements #1008
-
- Oct 03, 2021
-
-
Lennard Klein authored
This transplants #687 to cis-1.6 and cis-1.20. Fixes #686 for cis-1.6 and cis-1.20.
-
Huang Huang authored
* fix status of cis-1.20 1.2.25 should be Manual * Fix tests Co-authored-by:
-
- Aug 30, 2021
-
-
brainfair authored
In kubespray tool we have another path for kubelet config, add them to kube-bench config on top Co-authored-by: -
Nick Keenan authored
Co-authored-by:
-
- Jul 07, 2021
-
-
Hacks4Snacks authored
Co-authored-by:
-
- Jun 20, 2021
-
-
Huang Huang authored
-
- Jun 16, 2021
-
-
Yoav Rotem authored
* Add files via upload * Add new cis support v1.20! * Fix issue with 1.1.9 and 1.1.10 tests Tests in some cases stat empty path which will return error. * Add tests for kubernetes 1.20 and retire 1.15 tests kubernetes 1.15 is not supported anymore and we shouldn't keep testing it. * Kubernetes 1.15 is not supported anymore * Tests for kubernetes 1.20 * Fix yamllint errors Removed trailing spaces (trailing-spaces) * Add tests for v1.20 * Remove extra spaces * Change cis test functions names
-
Yoav Rotem authored
Issue https://github.com/aquasecurity/kube-bench/issues/909
-
- Jun 08, 2021
-
-
Ed Robinson authored
-
- Jun 07, 2021
-
-
tonyqui authored
-
- May 23, 2021
-
-
Dave Hay authored
Mitigating "No such file or directory" related to CNI config directory Signed-off by: Dave Hay <david_hay@uk.ibm.com>
-
- May 18, 2021
-
-
Yoav Rotem authored
* Test 1.2.24 should be manual * Test 1.2.26 should be manual * Test 1.2.26 should be manual * Change test 1.2.26 * Change test 1.2.26 * Change test 1.2.26 * Change test 1.2.26 * Change test 1.2.26
-
Yoav Rotem authored
* Create controlplane.yaml * Update and tidy yaml * Update and tidy yaml * Update and tidy yaml
-
- May 11, 2021
-
-
hbc authored
* cfg: add `/etc/default/kubeletconfig.json` * fix(cfg): search kubeletconfig.json first * feat: mount `/etc/default` from host for AKS cluster Co-authored-by: -
Huang Huang authored
* Support CIS ACK 1.0.0 benchmark * fix yaml lint * Fix TestMakeSubsitutions may failed when order of map changed * Support auto-detect platform when running on ACK * Apply suggestions from code review Co-authored-by:
-
- May 09, 2021
-
-
Yoav Rotem authored
* Add detected kubernetes version to controls * Refactore NewControls function Now new Control function is expecting detected version argument. * Refactore NewControls function Now new Control function is expecting detected version argument. * Refactore NewControls function New Control function is expecting detected version argument. * Add detected kube version * add detecetedKubeVersion * Add detecetedKubeVersion * Add detectedKubeVersion * Add detecetedKubeVersion * Fix missing version * Change version Change version from 3.10 to rh-0.7 * fix version: "cis-1.5" * fix version: "cis-1.5" * fix version: "cis-1.5" * Fix version: "cis-1.5" * Fix version: "cis-1.5" * Fix version: "cis-1.6" * Fix version: "cis-1.6" * Fix version: "cis-1.6" * Fix version: "cis-1.6" * Fix version: "cis-1.6"
-
- May 02, 2021
-
-
- Apr 29, 2021
-
-
- Apr 08, 2021
-
-
Dmytro Oboznyi authored
* Fix file permissions false positive Signed-off-by:
Dmytro Oboznyi <dmytro.oboznyi@syncier.com> * Added kops files to config path list Signed-off-by:
-
- Mar 24, 2021
-
-
Yoav Rotem authored
* Add OCP auto-detection * Add test for openshift * update and fix bugs update file to match with new kube-bench features and fix bugs * Update file and fix bugs update file to match with new kube-bench features and fix bugs * Remove specific configs Those configs could be set in main config.yaml * Update to include openshift files * fix typos * fix typo * Remove trailing spaces * Update util.go * Add tests for getOcpValidVersion
-
- Mar 22, 2021
-
-
Yoav Rotem authored
* Add more logging The old logging could was lacking and in some cases misleading * Add Logging Add more logs and change some old messages, the important part is make each test log more readable by adding ------ test id ------ section in logs * Fix typos * more info add more info in comment about the function and it use cases Co-authored-by:Liz Rice <liz@lizrice.com> * Use switch case Change the logic from if to switch and tidy up the code
-
- Feb 11, 2021
-
-
Dmytro Oboznyi authored
* Automated testing 1.2.34 Signed-off-by:
-
- Feb 10, 2021
-
-
Felipe Augusto de Castro authored
-
Giuseppe Ingoglia authored
Solving issue raised in #819
-
- Jan 20, 2021
-
-
Dmytro Oboznyi authored
Signed-off-by:
-
- Jan 13, 2021
-
-
Dmytro Oboznyi authored
-
- Dec 21, 2020
-
-
Liz Rice authored
* Add example IAM policy * Pass RotateKubeletServerCertificate related checks if it's not found (#767) * Allow for environment variables to be checked in tests (#755) * Initial commit for checking environment variables for etcd * Revert config changes * Remove redundant struct data * Fix issues with failing tests * Initial changes based on code review * Add option to disable envTesting + Update docs * Initial tests * Finished testing * Fix broken tests * Add a total summary and always show all tests. (#759) Whether the total summary is shown can be specified with an option. Fixes #528 Signed-off-by:
Christian Zunker <christian.zunker@codecentric.cloud> * Update Readme.md file with link to Contribution guide (#754) * Update License with the year and the owner name Please add this to make your license agreement strong * Updated Readme.md file with license and proper documentation links I have added a proper license agreement to the documentation. Also shortened the links to the issues so that it does not break in any on the forks. * Update LICENSE * Update README.md * Update README.md * Remove erroneous license info Co-authored-by:
Huang Huang <mozillazg101@gmail.com> Co-authored-by:
Wicked <jason_attwood@hotmail.co.uk> Co-authored-by:
Christian Zunker <827818+czunker@users.noreply.github.com> Co-authored-by:
Kaiwalya Koparkar <kaiwalyakoparkar@gmail.com> Co-authored-by:
-
- Nov 23, 2020
-
-
Brian Terry authored
* add aasf * add AASF format * credentials provider * add finding publisher * add finding publisher * add write AASF path * add testing * read config from file * update docker file * refactor * remove sample * add comments * Add comment in EKS config.yaml * Fix comment typo * Fix spelling of ASFF * Fix typo and other small code review suggestions * Limit length of Actual result field Avoids this message seen in testing: Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters. * Add comment for ASFF schema * Add Security Hub documentation * go mod tidy * remove dupe lines in docs * support integration in any region * fix README link * fix README links Co-authored-by:
-
- Nov 16, 2020
-
-
Huang Huang authored
-
Borko authored
* First draft of AKS configuration checks. * Updated Azure Configurations. Added more policy checks. * Finalized cfg components for AKS. * Fixed targets for aks-1.0 in common_test.go * Fixed yaml linting issues. * Fixed white space yaml linkting issues in policies.yaml * Fixed white space yaml linting issues in policies.yaml
-
- Nov 02, 2020
-
-
bjrara authored
Co-authored-by:mengyzhou <mengyzhou@ebay.com>
-
- Oct 29, 2020
-
-
Sinith authored
-
bjrara authored
Fix defaultkubeconfig in config.yaml to resolve variable exposure in remediation when conf is missing (#758) Co-authored-by:
-
- Oct 18, 2020
-
-
bjrara authored
-
