Closed dereknola closed 6 days ago
@chen-keinan can I get a review/merge on this when you have time.
@chen-keinan can I get a review/merge on this when you have time.
@dereknola Unfortunately, Chen is no longer working on aquasecurity. We are waiting for a new aquasecurity team member who has permission to review/merge PRs. That may take more than one week.
Hi @itaysk can you help merging this PR. Thanks cc @sm171190
@dereknola we need to rebase this branch. Please do it, so it can be merged
@afdesk can you please look at this and merge?
yes, sure. I took a look at this PR.
Background
Changes
Automated
andManual
correctly, identifiying what K3s by default will handle, and when user action in needed.Verification
k3s-cis-1.24
Tested on v1.24.17+k3s1 with the following config.yaml (standard hardening config from docs)
k3s-cis-1.7
Tested on v1.25+k3s4 with the following config.yaml (standard hardening config from docs)
k3s-cis-1.8
Tested on v1.28.11+k3s1 with the same config as k3s-cis-1.7
Note: CIS-1.9 scans are on the TODO for RKE2 and K3s, they should be incoming within the next month or two.