Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need a separate scan profile for 1.24 #158

Closed
rancher-max opened this issue Jul 15, 2022 · 1 comment
Closed

Need a separate scan profile for 1.24 #158

rancher-max opened this issue Jul 15, 2022 · 1 comment
Labels
area/scan-tool team/area3

Comments

@rancher-max
Copy link
Member

The insecure-port flag on the apiserver was removed in v1.24. Ref: kubernetes/kubernetes#106859

We currently check for this in most of the scan profiles as it is explicitly stated as one of the checks in CIS 1.2.19, however, this should not be valid in k8s v1.24+ as the flag itself has been removed there.

CIS 1.2.19 ref:
image
@rancher-max rancher-max mentioned this issue Jul 22, 2022
Merged
@rancher-max
Copy link
Member Author

Closing this as the profiles are based on the CIS Benchmark profiles themselves and should probably conform to those.

@rancher-max rancher-max closed this as not planned Won't fix, can't repro, duplicate, stale Jul 25, 2022
@zube zube bot closed this as completed Oct 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/scan-tool team/area3
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rancher-max