* Fix K3s 4.X checks to automated
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Fix audits and remediations for K3s 2.X checks
- Simplify the check_for_k3s_etch.sh script
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Remove extra period and the
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Follow standard yaml list indentation
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Fix typo
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Corrected file name in K3s 4.2.3
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Convert automated (hardened) checks to scored.
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Fix typos
Signed-off-by: Derek Nola <derek.nola@suse.com>
* Remove check_for_k3s_etcd.sh
Signed-off-by: Derek Nola <derek.nola@suse.com>
---------
Signed-off-by: Derek Nola <derek.nola@suse.com>
On running the scan for CIS 1.6, the scan got stuck in Error state with the following error:
```
level=fatal msg=\"error summarizing: \\nfailed to check if command: \\\"CAFILE=$(ps\\\" is valid exit status 2
```
It looks like the command isn't getting parsed. Moving the audit commands to scripts and running the
scripts seems to resolve this issue.
other than default and kube-system. Also check for rolebindings and
clusterrolebindings using default serviceaccounts.
Also added the check for test 5.6.4 to ensure no resource is found in
default namespace other than the kubernetes service
Derek Nola