Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve: Allow kube-bench to scan Bottlerocket OS #809

Merged
merged 1 commit into from
Feb 10, 2021
Merged

Improve: Allow kube-bench to scan Bottlerocket OS #809

merged 1 commit into from
Feb 10, 2021

Conversation

felipeac
Copy link
Contributor

@felipeac felipeac commented Jan 28, 2021
edited
Loading

Summary

Issue #808

This PR update kube-bench configs to support Bottlerocket OS scanning.

These were my results:

Before applying the changes requested

== Summary node ==
1 checks PASS
13 checks FAIL
1 checks WARN
0 checks INFO

== Summary total ==
1 checks PASS
13 checks FAIL
1 checks WARN
0 checks INFO

After applying the changes requested

== Summary node ==
12 checks PASS
2 checks FAIL
1 checks WARN
0 checks INFO

== Summary total ==
12 checks PASS
2 checks FAIL
1 checks WARN
0 checks INFO

After building a new Bottlerocket AMI that fixes those failed items reported by kube-bench

== Summary node ==
14 checks PASS
0 checks FAIL
1 checks WARN
0 checks INFO

== Summary total ==
14 checks PASS
0 checks FAIL
1 checks WARN
0 checks INFO

Thanks for reviewing! :)

PS: Thanks to @gregdek for the support

@codecov
Copy link

codecov bot commented Jan 28, 2021

Codecov Report

Merging #809 (8772ffe) into main (5ae42eb) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #809   +/-   ##
=======================================
  Coverage   66.58%   66.58%           
=======================================
  Files          14       14           
  Lines        1257     1257           
=======================================
  Hits          837      837           
  Misses        364      364           
  Partials       56       56

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 95905fb...8772ffe. Read the comment docs.

@gregdek
Copy link
Contributor

gregdek commented Feb 9, 2021

Thanks @felipeac for this; the supporting PR to fix the full scan at bottlerocket-os/bottlerocket#1295.

yoavrotems
yoavrotems approved these changes Feb 10, 2021
View reviewed changes
Copy link
Contributor

@yoavrotems yoavrotems left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
Thank you for contributing :)

@yoavrotems yoavrotems merged commit ed53e56 into aquasecurity:main Feb 10, 2021
caruccio pushed a commit to getupcloud/kube-bench that referenced this pull request Feb 19, 2021
@felipeac @caruccio
Allow kube-bench to scan Bottlerocket OS (aquasecurity#809)
9e2be58
@errm errm mentioned this pull request Jun 4, 2021
Closed
tengqm pushed a commit to tengqm/kube-bench that referenced this pull request Aug 24, 2022
@felipeac @tengqm
Allow kube-bench to scan Bottlerocket OS (aquasecurity#809)
0b07e3c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yoavrotems yoavrotems yoavrotems approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@felipeac @gregdek @yoavrotems