[BUG] Default CIS Scan Profile should be based on the K8s version running in the cluster

[Priyashetty17]

Rancher Server Setup

• Rancher version: v2.7-cb4726f13c9b403d85b29b7b7aabc61dd12c03df-head
• Dashboard: master 9462c5a81
• Installation option (Docker install/Helm Chart): Helm Chart
• Browser type & version: Chrome

Information about the Cluster

• Kubernetes version: v1.24.15
• Cluster Type (Local/Downstream): Local/Downstream RKE/RKE2/K3s

User Information

• What is the role of the user logged in? (Admin/Cluster Owner/Cluster Member/Project Owner/Project Member/Custom)
  • If custom, define the set of permissions: Admin

Describe the bug When creating a new CIS scan in the Rancher UI, the default profile chosen from the drop-down menu is always "CIS 1.7 Permissive" and does not align with the K8s version running in the cluster.

Steps to Recreate:

1. Create a Rancher server v2.7-head.
2. Create a downstream cluster with K8s version v1.24.15.
3. Install the "rancher-cis-benchmark" on the downstream cluster (Chart version "4.2.0-rc3")
4. Navigate to: CIS Benchmark > Scans > Click on "Create"

Issue/Actual Result: The default CIS scan profile is always "CIS 1.7 Permissive," irrespective of the Kubernetes version of the cluster leading to confusion.

Expected Result: The default CIS scan profile should align with the Kubernetes version of the cluster. For example:

• If the K8s version of the cluster is v1.23, the default CIS scan profile should be CIS 1.23 profile.
• If the K8s version of the cluster is v1.24, the default CIS scan profile should be CIS 1.24 profile.
• If the K8s version of the cluster is v1.25, the default CIS scan profile should be CIS 1.7 profile.

Screenshots Here's a screenshot from a K3s cluster running K8s v1.24.15:

[gaktive]

Pushing to Q4 since this doesn't look like a blocker and Q3 is approaching code freeze. @Priyashetty17 let me know if this is more urgent.