New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add CIS Benchmark plugin blog post #1002

Merged

johnSchnake merged 1 commit into vmware-tanzu:master from jonasrosland:cis-benchmark

Nov 18, 2019

Contributor

jonasrosland commented Nov 18, 2019

This adds the CIS Benchmark plugin blog post.

Signed-off-by: Jonas Rosland [email protected]


          Add CIS Benchmark plugin blog post

Signed-off-by: Jonas Rosland <[email protected]>

codecov-io commented Nov 18, 2019

Codecov Report

Merging #1002 into master will decrease coverage by 0.09%.
The diff coverage is n/a.

@@            Coverage Diff            @@
##           master    #1002     +/-   ##
=========================================
- Coverage   48.39%   48.29%   -0.1%     
=========================================
  Files          76       76             
  Lines        5377     5377             
=========================================
- Hits         2602     2597      -5     
- Misses       2619     2622      +3     
- Partials      156      158      +2

Impacted Files	Coverage Δ
pkg/plugin/aggregation/aggregator.go	`72.67% <0%> (-3.11%)`	⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update cda71c3...0484790. Read the comment docs.

johnSchnake approved these changes

View reviewed changes

Contributor

johnSchnake left a comment

💯 Thanks @jonasrosland !

johnSchnake merged commit 7ce6965 into vmware-tanzu:master

zubron reviewed

View reviewed changes

site/_posts/2019-11-18-cis-benchmark-plugin.md

+              $ sonobuoy gen plugin \
+                  --name kube-bench-worker \
+                  --image=schnake/kube-bench:v0.2.0-demo \
+                  --cmd=/bin/sh

Contributor

zubron Nov 18, 2019

Suggested change

      
                --cmd=/bin/sh
          
                --cmd=/bin/sh \

site/_posts/2019-11-18-cis-benchmark-plugin.md

+                  --name kube-bench-worker \
+                  --image=schnake/kube-bench:v0.2.0-demo \
+                  --cmd=/bin/sh
+                  --args=-c

Contributor

zubron Nov 18, 2019

Suggested change

      
                --args=-c
          
                --arg=-c \

site/_posts/2019-11-18-cis-benchmark-plugin.md

+                  --image=schnake/kube-bench:v0.2.0-demo \
+                  --cmd=/bin/sh
+                  --args=-c
+                  --args=”kube-bench --version 1.13 --outputfile /tmp/results/output.xml --junit ; echo -n /tmp/results/output.xml > /tmp/results/done” \

Contributor

zubron Nov 18, 2019

Suggested change

      
                --args=”kube-bench --version 1.13 --outputfile /tmp/results/output.xml --junit ; echo -n /tmp/results/output.xml > /tmp/results/done” \
          
                --arg="kube-bench --version 1.13 --outputfile /tmp/results/output.xml --junit ; echo -n /tmp/results/output.xml > /tmp/results/done" \

site/_posts/2019-11-18-cis-benchmark-plugin.md

+              Each of these things can be done manually, or with the following command:
+              ```
+              $ cat kub-bench-worker.yaml | \

Contributor

zubron Nov 18, 2019

Suggested change

      
            $ cat kub-bench-worker.yaml | \
          
            $ cat kube-bench-worker.yaml | \

site/_posts/2019-11-18-cis-benchmark-plugin.md

+              ```
+              $ cat kub-bench-worker.yaml | \
+                sed ‘/kube-bench-worker/kube-bench-master/’ | \

Contributor

zubron Nov 18, 2019

Hmm, I tried this out but these sed commands don't work for me. I think they should be:

Suggested change

      
              sed ‘/kube-bench-worker/kube-bench-master/’ | \
          
              sed 's/kube-bench-worker/kube-bench-master/g' | \

site/_posts/2019-11-18-cis-benchmark-plugin.md

+              ```
+              $ cat kub-bench-worker.yaml | \
+                sed ‘/kube-bench-worker/kube-bench-master/’ | \
+                sed ‘/- kube-bench/- kube-bench master/’ | \

Contributor

zubron Nov 18, 2019

Suggested change

      
              sed ‘/- kube-bench/- kube-bench master/’ | \
          
              sed 's/- kube-bench/- kube-bench master/g' | \

site/_posts/2019-11-18-cis-benchmark-plugin.md

+              $ cat kub-bench-worker.yaml | \
+                sed ‘/kube-bench-worker/kube-bench-master/’ | \
+                sed ‘/- kube-bench/- kube-bench master/’ | \
+                sed ‘/Exists/DoesNotExist/’ > kube-bench-master.yaml

Contributor

zubron Nov 18, 2019

Suggested change

      
              sed ‘/Exists/DoesNotExist/’ > kube-bench-master.yaml
          
              sed 's/Exists/DoesNotExist/g' > kube-bench-master.yaml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet