Releases: aquasecurity/kube-bench
v0.1.0
Major changes in this release:
- Support for configuration by JSON or executable parameters
- Renaming YAML files to reflect the benchmark numbering rather than Kubernetes version (back-compatible)
Changelog
d7b5422 Fix detection of encryption-provider-config (#513)
7ca438b Fixes Issue 269 - Numbering to use CIS Versions (#511)
13fe1cd Fixes issue #501: specifying absolute path for both ps and cat (#508)
d5a02f7 Fixes Issue #331: Changes the Error Message When Programs are Missing (#497)
56fa231 Remove redundant nil check (#493)
b9be7da Directly convert buffer to string (#492)
09fb3c4 Check error before deferring db.Close() (#491)
51aa10e Update EKS Config & Create EKS Guide (#489)
bf383ec Added .DS_Store and thumbs.db to .gitignore (#463)
01ee110 Fix repetitive flags in some ocp-3.11 tests (#462)
2657c2f Use newer kind load docker-image command (#459)
146de15 removed deprecated field in Travis config (#452)
8276e52 Change 1.3.3 to pass for --use-service-account-credentials=true and --use-service-account-credentials (#442)
d77eab2 master.yaml: Add --audit-policy-file check for 1.1.37. (#440)
37f626d cfg: Make proxy checks optional (#436)
89afda1 Add [Manual test] to remediation in all the manual tests (#435)
d12a45b Properly initialize viper library when checking for master components (#434)
c22f816 Fixes issue #257: removes federated option (#431)
a6ee61f Fixes issue #289: removed versions prior to 1.11 (#429)
91dfeb7 Fixes issue #391: passes KUBEBENCH_VERSION down to Dockerfile (#428)
3aa41db Issue #353: Merges JSON and Exec Params files (#426)
39d9ef9 usr-bin volume mount not required (#424)
04946a4 add snap component paths to default config (#414)
27261d1 Change Kind version (#411)
v0.0.34
Changelog
ea9089b update the yaml according (#410)
ec3b107 Fixes issue #407 (#409)
13dfa15 Fixes Issue #396 - Replaces $kubeletconf for $kubeletsvc (#399)
a2466da Correct 1.1.13 to match CIS spec (#406)
d0d4e95 Updated version support (#385)
7a53806 fixes issue #346 by explicitly only checking read-only property (#404)
4b5a877 Remove some tests from been manual (#398)
f343d36 hyperkube v1.15 renamed "proxy" to "kube-proxy" (#400)
3e5d02e fixes issue #386 (#397)
92df9cb Read kubernetes version from environment (#390)
a3b8ba5 Fix error converting from string to integer (#392)
0d81ef1 Update config.yaml to add Azure AKS file locations for kubelet (#383)
3fba5f4 Fix version command failing because of missing config file it does not need. (#377)
787bf6c Updated check to pass if flag isn't set (#379)
f8b2f6c Correct 1.4.21 text (#356)
136e9cd Remove federated from ocp (#381)
2e27d68 Remove duplicate documentation. (#373)
b8a463f Correction to 1.13 and 1.13-json test 2.1.5 (#380)
22b971a fixes-according-kube-cis1.4.1 (#376)
0422368 issue #369: fixes RotateKubeletServerCertificate tests in 1.13-json (#371)
893aa35 Updated check to pass if flag isn't set (#375)
937bfc7 issue #344: Adds support for array comparison. Every element in the s… (#367)
dab5e92 Issue #363: Adds Unit Tests for Test Comparisons (#366)
7c97f6a Add codecov (#336)
86e3456 issue #243: Changes condition so that score: false tests are performed (#357)
b86dd92 Issue #348: Refactor getFiles into getFiles (#359)
c87c5cf Fixes bugs on tests 2.1.4 and 2.1.5 - 1.13-json (#365)
v0.0.33
Please ignore
Remove Darwin build from go-releaser (#361) Should fix #360
Please ignore
This release failed to complete go-releaser, please ignore
kube-controller-manager detection and other fixes
add glog flush to write the output to a file (#329) * add glog flush to write the output to a file * add glog flush before exit on error and fix code comment
v0.0.29
Changelog
c379df1 Merge pull request #316 from cpt-redbeard/master
2275eea Adding OCP 3.11
ec9779f Merge pull request #313 from simar7/add-kube-bench-version
3b7438e kube-bench: add version subcommand
1d7449d Merge pull request #309 from simar7/fix-ocp-3.10-yaml
5df39ee ocp-3.10: Fix malformed yaml and improve TestControls_RunChecks
46baf8f Merge pull request #296 from aquasecurity/Config-doc
4f79d62 Merge branch 'master' into Config-doc
268fafd Merge pull request #300 from danielsagi/add_kubelet_config_path
bab1237 Merge branch 'master' into add_kubelet_config_path
d44f865 Merge pull request #256 from aquasecurity/fix-235
e3da299 Merge branch 'master' into fix-235
81f0d9c Merge branch 'master' into Config-doc
312cdb1 Merge pull request #297 from aquasecurity/Openshift-executables
0f12dca Merge branch 'master' into Openshift-executables
87820b9 Remove duplicate versions section
85849a3 Add detailed kube-bench config documentation.
43caaab added another kubelet config file to paths, in the main config yaml file. default location for gke cluster
5efb3e3 Merge pull request #298 from 030/191-master-node-doc
27df1f6 Clarification about worker nodes in managed k8s
9d0e349 [GH-191] explained that master nodes cannot be inspected in managed k8s
9d577d9 Update openshift executables
df35775 Document version-specific config files
e64f61f Add --outputfile flag for writing json results to output file (#295)
5e80f41 Merge pull request #292 from aquasecurity/config-improvements
a8c69b5 Merge branch 'master' into config-improvements
ff6443e Merge pull request #284 from yoavAqua/expected-result
ddb677b Generate expected result by strings join
d1c3e31 Genereate expected result automatically for each test
53ef773 Merge pull request #281 from yoavAqua/bugfix-no-actual-result
31019c4 Merge branch 'master' into bugfix-no-actual-result
ff427f8 Merge pull request #282 from yoavAqua/print-actual-result-of-failed-tests
91da82a Merge branch 'master' into print-actual-result-of-failed-tests
c4be2ee Merge pull request #293 from yoavAqua/save-audit-command-in-json
e7a8c14 Save the audit command when requesting json output under the "audit" key
9f9514d Merge branch 'master' into print-actual-result-of-failed-tests
e33e44b Correct debug messages
12e4829 Config file improvements
240c8ad The check's actual result property is now set to be the audit command's output
74fd7cd Merge pull request #290 from aquasecurity/config-improvements
3aa28c4 Printing the actual test result of failed tests - when a flag is raised
02d5654 Correct 1.1.14 in 1.13/master.yaml
caf3fbd Moving more config into master config file
c152088 Merge pull request #279 from leodotcloud/issue_278_remediation
c361b9b Merge branch 'master' into issue_278_remediation
b9b4d47 Merge pull request #286 from CognotektGmbH/dln/kops-paths
22e835f Reverted kubelet conf to original value
7ec1021 Added KOPS-specific paths
7c6b968 add remediation field
v0.0.27
Changelog
573136a Merge pull request #238 from Kuqd/features/autodetect-nodetype
9246be9 Merge branch 'master' into features/autodetect-nodetype
5baf81a Adds master node detection and a root command that automatically detect checks to run. The root command will run node checks and if possible master checks. I've also added some Makefile targets to improve local testing and improve the documentation.
v0.0.28
Changelog
331d64b Merge pull request #267 from aquasecurity/lizrice-patch-1
ceb4458 Tidy up a couple of things
f9d0f4a Add OCP info into the README
ab2001e Merge pull request #261 from aquasecurity/yoavrotems-patch-3
7e8dfbc Fix invalid YAML
b4419e8 Tiny typo
d05d715 Tiny typo
e70f50b update files
d30786d Merge pull request #258 from aquasecurity/fix-241
c03e958 Merge branch 'master' into fix-241
241972c Merge pull request #249 from aquasecurity/document-output
d93ed0a Merge branch 'master' into fix-241
b5f3299 Merge branch 'master' into document-output
588d75d Merge pull request #251 from aquasecurity/version-mapping
4b8a7ff Add ":" as a valid flag-value separator for tests
651b72f Merge branch 'master' into document-output
0c40532 Merge branch 'master' into version-mapping
54502c5 Merge pull request #247 from aquasecurity/yoavrotems-patch-2
df556c2 Add CIS & Kubernetes version mapping to README
488f522 Document output states
b1ce0a9 Merge branch 'master' into yoavrotems-patch-2
0f86bfc Merge pull request #246 from aquasecurity/yoavrotems-patch-1
d059196 Update master.yaml
a85e5a7 Update master.yaml