Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport] [v2.8] Update security scan profiles for cis chart #351

Closed
vardhaman22 opened this issue Sep 4, 2024 · 3 comments
Closed

[Backport] [v2.8] Update security scan profiles for cis chart #351

vardhaman22 opened this issue Sep 4, 2024 · 3 comments
Assignees
@rishabhmsra @vivek-shilimkar
Labels
team/infracloud team/security

Comments

@vardhaman22
Copy link
Contributor

backport for issue: #350
This was referenced Sep 4, 2024
Merged
Merged
@rishabhmsra
Copy link

RKE2 scan failures tracking issue - rancher/rancher#46812
K3s scan failures tracking issue - rancher/rancher#46663

@vardhaman22 vardhaman22 mentioned this issue Sep 10, 2024
Merged
@rishabhmsra
Copy link

Validated on rancher v2.8-head :

  • Created v1.25 and v1.28, RKE1, KRE2 and k3s node driver as well as hardened clusters(1-cp, 1-e, 1-w)
  • Created v1.26 RKE1, RKE2 and K3s node driver clusters.
  • Created v1.26 RKE2 hardened cluster.
  • Installed CIS chart 5.4.0-rc.2
  • Ran v1.7 and v1.8 permissive and hardened profile scans on respective clusters and all scans passed, except on RKE1 hardened cluster 4.1.7 fails, which is expected.

@vivek-shilimkar vivek-shilimkar self-assigned this Sep 13, 2024
@rishabhmsra rishabhmsra self-assigned this Sep 13, 2024
@vivek-shilimkar
Copy link

Tested CIS chart v5.4.0-rc.1 on rancher v2.8-head with singlenode (RKE1, RKE2, K3S) k8s v1.25 and v1.28.

@vardhaman22 vardhaman22 mentioned this issue Sep 16, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rishabhmsra rishabhmsra

@vivek-shilimkar vivek-shilimkar

Labels
team/infracloud team/security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rishabhmsra @vivek-shilimkar @vardhaman22