diff options
author | 2019-09-27 19:00:46 +0200 | |
---|---|---|
committer | 2019-09-27 19:51:05 +0200 | |
commit | bd12bfbc6fbe4ecfc2152467ea6785c9e5163763 (patch) | |
tree | b109d44444a139cd49a57c41416e445fe24079cd /test/security/k8s/src/check/validators/master/master.go | |
parent | 5a61d615fe1c05487c26c32b2e8e4416f6cbb421 (diff) |
k8s: Validate controller manager address flag
This patch verifies if CIS Kubernetes Benchmark v1.3.0 section
regarding master node configuration is satisfied (1.3.7).
Issue-ID: SECCOM-235
Change-Id: Id3f4bcb9a506dae3c7c0a884ad6c704dfae2a6d8
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
Diffstat (limited to 'test/security/k8s/src/check/validators/master/master.go')
-rw-r--r-- | test/security/k8s/src/check/validators/master/master.go | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/test/security/k8s/src/check/validators/master/master.go b/test/security/k8s/src/check/validators/master/master.go index bc019a67a..79d6612a6 100644 --- a/test/security/k8s/src/check/validators/master/master.go +++ b/test/security/k8s/src/check/validators/master/master.go @@ -4,6 +4,7 @@ import ( "log" "check/validators/master/api" + "check/validators/master/controllermanager" "check/validators/master/scheduler" ) @@ -64,3 +65,9 @@ func CheckScheduler(params []string) { log.Printf("IsProfilingDisabled: %t\n", scheduler.IsProfilingDisabled(params)) log.Printf("IsInsecureBindAddressAbsentOrLoopback: %t\n", scheduler.IsInsecureBindAddressAbsentOrLoopback(params)) } + +// CheckControllerManager validates controller manager complies with CIS guideliness. +func CheckControllerManager(params []string) { + log.Println("==> Controller Manager:") + log.Printf("IsInsecureBindAddressAbsentOrLoopback: %t\n", controllermanager.IsInsecureBindAddressAbsentOrLoopback(params)) +} |