Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / rancher/security-scan issues and pull requests

#154 - Fix rke1 cis 1.7 check errors

Pull Request - State: open - Opened by JonCrowther over 1 year ago

#153 - Fix rke2 cis 1.7 check errors

Pull Request - State: open - Opened by JonCrowther over 1 year ago

#152 - Fix k3s cis 1.7 check errors

Pull Request - State: open - Opened by JonCrowther over 1 year ago

#151 - Update GKE 1.2.0 target_mapping

Pull Request - State: closed - Opened by rayandas over 1 year ago

#150 - Fix rke2-cis-1.7 controlplane.yaml 3.2.1 --audit-policy-file

Pull Request - State: closed - Opened by andypitcher over 1 year ago

#149 - chore(deps): update module github.com/aquasecurity/kube-bench to v0.6.17

Pull Request - State: open - Opened by renovate-rancher[bot] over 1 year ago
Labels: dependencies

#148 - Fix regression: missing upstream tests

Pull Request - State: closed - Opened by pjbgf over 1 year ago

#147 - build: Set ARCH environment var

Pull Request - State: closed - Opened by pjbgf over 1 year ago

#145 - Bump dependencies

Pull Request - State: closed - Opened by pjbgf over 1 year ago
Labels: dependencies

#144 - Fix rke-cis-1.7 permissive/hardened node.yaml 4.2.11

Pull Request - State: closed - Opened by andypitcher over 1 year ago

#143 - Simplify the release pipeline

Pull Request - State: closed - Opened by macedogm over 1 year ago

#142 - Use Drone's plugin for GitHub releases

Pull Request - State: closed - Opened by macedogm over 1 year ago - 1 comment

#141 - Use Drone's plugin for GitHub releases

Pull Request - State: closed - Opened by macedogm over 1 year ago - 1 comment

#140 - Removed vendored files and debug binary

Pull Request - State: closed - Opened by macedogm over 1 year ago

#139 - Bump BCI version to 15.5

Pull Request - State: closed - Opened by macedogm over 1 year ago

#138 - Combine 1.7 branches

Pull Request - State: closed - Opened by JonCrowther over 1 year ago

#137 - CIS-1.7 (1.25) - Add rke1/rke2/k3s ConfigMap

Pull Request - State: closed - Opened by andypitcher over 1 year ago

#136 - CIS-1.7 (1.25) - Add RKE2 profiles

Pull Request - State: closed - Opened by andypitcher over 1 year ago

#135 - CIS-1.7 (1.25) - Add K3S profiles

Pull Request - State: closed - Opened by andypitcher over 1 year ago - 1 comment

#134 - CIS-1.7 (1.25) - Add RKE1 profiles

Pull Request - State: closed - Opened by andypitcher over 1 year ago

#133 - Fixes around CIS 1.24 RKE profile

Pull Request - State: closed - Opened by rayandas over 1 year ago

#132 - Set `SKIP` to `State` instead of `NA` when `Type` is `SKIP`

Pull Request - State: closed - Opened by masap over 1 year ago

#131 - Set `SKIP` to `State` instead of `NA` when `Type` is `SKIP`

Pull Request - State: closed - Opened by masap over 1 year ago - 1 comment

#130 - chore(deps): update module gopkg.in/yaml.v2 to v3

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago - 2 comments
Labels: dependencies

#129 - chore(deps): update module github.com/urfave/cli to v2

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago - 2 comments
Labels: dependencies

#128 - chore(deps): update plugins/manifest docker tag to v1.4.0

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago
Labels: dependencies

#127 - chore(deps): update module github.com/spf13/viper to v1.16.0

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago - 2 comments
Labels: dependencies

#126 - chore(deps): update module github.com/urfave/cli to v1.22.14

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago - 2 comments
Labels: dependencies

#125 - chore(deps): update module github.com/sirupsen/logrus to v1.9.3

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago - 2 comments
Labels: dependencies

#124 - chore(deps): update module github.com/aquasecurity/kube-bench to v0.6.15

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago - 2 comments
Labels: dependencies

#123 - Add initial Renovate configuration

Pull Request - State: closed - Opened by renovate-rancher[bot] over 1 year ago

#122 - removed rke2.yaml filepath from configuration

Pull Request - State: closed - Opened by vardhaman22 over 1 year ago

#121 - Fix CIS test 1.2.14 for K3s Hardened profile

Pull Request - State: closed - Opened by rayandas over 1 year ago

#120 - Add GKE 1.2.0

Pull Request - State: closed - Opened by rayandas over 1 year ago - 1 comment

#119 - Add K3s CIS 1.24 Configs

Pull Request - State: closed - Opened by rayandas almost 2 years ago

#118 - Add RKE2 CIS 1.24 Configs

Pull Request - State: closed - Opened by rayandas almost 2 years ago

#117 - Add RKE1 CIS 1.24 Configs

Pull Request - State: closed - Opened by rayandas almost 2 years ago - 1 comment

#116 - add kb-summarizer to release

Pull Request - State: closed - Opened by leodotcloud almost 2 years ago - 2 comments

#115 - Add initial Renovate configuration

Pull Request - State: closed - Opened by renovate-rancher[bot] almost 2 years ago - 2 comments

#114 - Fix RKE1 and RKE2 hardened 5.1.5 test failure.

Pull Request - State: closed - Opened by rayandas almost 2 years ago

#112 - Add a E2E smoke test to confirm the scan works

Pull Request - State: closed - Opened by pjbgf almost 2 years ago - 8 comments

#111 - Bump versions for external tools

Pull Request - State: closed - Opened by pjbgf almost 2 years ago - 7 comments

#110 - Bump golang.org/x/text from 0.3.7 to 0.3.8

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 2 comments
Labels: dependencies

#109 - Bump dependencies

Pull Request - State: closed - Opened by pjbgf almost 2 years ago - 15 comments

#108 - Bump rancher/dapper images used by Drone

Pull Request - State: closed - Opened by superseb almost 2 years ago

#107 - Add ARM64 Dockerfile

Pull Request - State: open - Opened by dgiebert about 2 years ago - 6 comments

#106 - Fix audit commands for rke-1.23-hardened profile.

Pull Request - State: closed - Opened by doflamingo721 about 2 years ago

#105 - Change to BCI and bump to 15.4

Pull Request - State: closed - Opened by superseb about 2 years ago - 14 comments

#103 - Use bitmask in wherever possible instead of multiple comparison with 'or'

Pull Request - State: closed - Opened by rayandas about 2 years ago - 2 comments

#102 - fixed test items for rke2 cis-1.6-premissive profile 4.1.6 test

Pull Request - State: closed - Opened by vardhaman22 about 2 years ago - 1 comment

#100 - fix config scan permissions

Pull Request - State: closed - Opened by mitulshah-suse over 2 years ago

#99 - Fix rke2 kubeconfig permission test

Pull Request - State: closed - Opened by galal-hussein over 2 years ago - 1 comment

#98 - Fix for custom scans readonly dirs

Pull Request - State: closed - Opened by galal-hussein over 2 years ago

#97 - Revert "move psp hardened tests to psa (#94)"

Pull Request - State: closed - Opened by galal-hussein over 2 years ago

#96 - Fix for K3s hardened profile test failures.

Pull Request - State: closed - Opened by rayandas over 2 years ago - 3 comments

#95 - change pgrep to fix issue for kube-apiserver

Pull Request - State: closed - Opened by mitulshah-suse over 2 years ago - 3 comments

#94 - move psp hardened rke2 tests to psa

Pull Request - State: closed - Opened by galal-hussein over 2 years ago - 13 comments

#93 - Fixing false positives / warnings

Pull Request - State: closed - Opened by dgiebert over 2 years ago - 4 comments

#92 - Fix v1.24 Cluster Scan Failures

Pull Request - State: closed - Opened by rayandas over 2 years ago - 6 comments

#91 - Fix for 5.3.1 scans failing for calico, cilium CNI

Pull Request - State: closed - Opened by mitul777 over 2 years ago

#90 - Fix K8s 1.24 cluster specific test failures on RKE1 and K3s hardened cluster

Pull Request - State: closed - Opened by rayandas over 2 years ago - 3 comments

#89 - Ignore FOSSA failures

Pull Request - State: closed - Opened by oxr463 over 2 years ago

#88 - Fix scan failures after updating kube-bench to v0.6.8 and Go version to 1.17

Pull Request - State: closed - Opened by rayandas over 2 years ago - 8 comments

#87 - Fix security-scan pod log errors.

Pull Request - State: closed - Opened by doflamingo721 over 2 years ago

#86 - Fix for failing tests for rke1 scan profiles in multi node clusters

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 3 comments

#85 - Update to kube-bench upstream.

Pull Request - State: closed - Opened by rayandas over 2 years ago - 7 comments

#84 - Update Sonobuoy to v0.56.7

Pull Request - State: closed - Opened by doflamingo721 over 2 years ago - 2 comments

#83 - Fix EKS version

Pull Request - State: closed - Opened by doflamingo721 over 2 years ago - 1 comment

#82 - Add cis-1.23 profiles for k3s

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 2 comments

#81 - Add cis-1.23 profiles for rke2

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 1 comment

#80 - Add cis-1.23 profiles for rke1

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 1 comment

#79 - Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.8

Pull Request - State: closed - Opened by dependabot[bot] over 2 years ago - 1 comment
Labels: dependencies

#78 - Add cis-1.20 profiles for k3s

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 4 comments

#77 - Add cis-1.20 profiles for rke2

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 2 comments

#76 - Add cis-1.20 profiles for rke1

Pull Request - State: closed - Opened by dhruvmewada15 over 2 years ago - 5 comments

#75 - Add new kube-bench binary

Pull Request - State: closed - Opened by rayandas almost 3 years ago - 7 comments

#74 - Update to using upstream kube-bench since all fixes are merged upstream

Pull Request - State: closed - Opened by prachidamle almost 3 years ago - 5 comments

#73 - Fix for failing tests for rke2 scan profiles

Pull Request - State: closed - Opened by dhruvmewada15 almost 3 years ago - 3 comments

#72 - enable fossa scanning

Pull Request - State: closed - Opened by paraglade almost 3 years ago

#71 - Add set flag for rke-cis-1.6-hardened profile

Pull Request - State: closed - Opened by dhruvmewada15 almost 3 years ago

#70 - switch "ps -ef | grep <procname> | grep -v grep" to "pgrep -a <procname>"

Pull Request - State: closed - Opened by AshleyDumaine almost 3 years ago - 1 comment

#69 - adding STIG checking to security-scan for use with cis-operator

Pull Request - State: closed - Opened by jonmosco almost 3 years ago

#68 - Skip non-applicable check for rke2 permissive scans

Pull Request - State: closed - Opened by rancher-max about 3 years ago

#67 - Stig rke2 check

Pull Request - State: closed - Opened by jonmosco about 3 years ago

#66 - [2.6.4] Add AKS as an option to run CIS Scan

Pull Request - State: closed - Opened by dhruvmewada15 about 3 years ago - 5 comments

#65 - [2.6.4] Add SLE BCI base image for security-scan

Pull Request - State: closed - Opened by dhruvmewada15 about 3 years ago - 1 comment

#61 - Fix etcd checks for k3s clusters

Pull Request - State: closed - Opened by rancher-max about 3 years ago - 4 comments

#60 - Allow RKE2 benchmarks to work with older `procps` versions

Pull Request - State: open - Opened by Cerebus over 3 years ago - 1 comment

#58 - [2.6] fixed k3s check for etcd

Pull Request - State: closed - Opened by paynejacob over 3 years ago - 4 comments

#56 - Add -D flag back to journalctl for etcd check

Pull Request - State: closed - Opened by dereknola over 3 years ago

#55 - fixed test for k3s etcd returning false positives

Pull Request - State: closed - Opened by paynejacob over 3 years ago

#53 - Update sonobuoy to 0.53.2

Pull Request - State: closed - Opened by jakefhyde over 3 years ago - 10 comments

#52 - Fix kubeletcafile ownership remediation message

Pull Request - State: closed - Opened by AshleyDumaine over 3 years ago

#51 - switch to sonobouy 0.52.0

Pull Request - State: closed - Opened by paynejacob over 3 years ago

#50 - Fix to K3s checks on non-etcd cluster

Pull Request - State: closed - Opened by dereknola over 3 years ago - 2 comments