aboutsummaryrefslogtreecommitdiffstats
path: root/test/security/k8s/src/check/cmd/check/check.go
diff options
context:
space:
mode:
authorPawel Wieczorek <p.wieczorek2@samsung.com>2019-09-19 16:06:13 +0200
committerPawel Wieczorek <p.wieczorek2@samsung.com>2019-09-19 18:34:12 +0200
commit4e74a1e24e15b3db2216fb269a58cfc08e598f63 (patch)
tree7ecd79d0f80a4c32c19ad1f9db4aee062748a14a /test/security/k8s/src/check/cmd/check/check.go
parent3e602597b036d29f77485f35c1f81a8cdb6f350b (diff)
k8s: Validate API server certificates and keys
This patch verifies if CIS Kubernetes Benchmark v1.3.0 sections regarding master node configuration are satisfied (1.1.22, 1.1.25 - 1.1.26 and 1.1.28). Issue-ID: SECCOM-235 Change-Id: Ic61a796653dc868d20fe69c3ed508e7fa8ba52db Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'test/security/k8s/src/check/cmd/check/check.go')
-rw-r--r--test/security/k8s/src/check/cmd/check/check.go5
1 files changed, 5 insertions, 0 deletions
diff --git a/test/security/k8s/src/check/cmd/check/check.go b/test/security/k8s/src/check/cmd/check/check.go
index d124b8708..028843734 100644
--- a/test/security/k8s/src/check/cmd/check/check.go
+++ b/test/security/k8s/src/check/cmd/check/check.go
@@ -74,4 +74,9 @@ func main() {
log.Printf("IsKubeletCertificateAuthoritySet: %t\n", master.IsKubeletCertificateAuthoritySet(k8sParams))
log.Printf("IsClientCertificateAuthoritySet: %t\n", master.IsClientCertificateAuthoritySet(k8sParams))
log.Printf("IsEtcdCertificateAuthoritySet: %t\n", master.IsEtcdCertificateAuthoritySet(k8sParams))
+
+ log.Printf("IsServiceAccountKeySet: %t\n", master.IsServiceAccountKeySet(k8sParams))
+ log.Printf("IsKubeletClientCertificateAndKeySet: %t\n", master.IsKubeletClientCertificateAndKeySet(k8sParams))
+ log.Printf("IsEtcdCertificateAndKeySet: %t\n", master.IsEtcdCertificateAndKeySet(k8sParams))
+ log.Printf("IsTLSCertificateAndKeySet: %t\n", master.IsTLSCertificateAndKeySet(k8sParams))
}