From e15544dfe000aa6d055b5d8bc0fadfc8f0ef5648 Mon Sep 17 00:00:00 2001 From: Pawel Wieczorek Date: Tue, 8 Oct 2019 14:43:47 +0200 Subject: k8s: Drop process name trimming from etcd on RKE Information for etcd extracted from container on a RKE-based cluster does not include process name. Issue-ID: SECCOM-235 Change-Id: Ie6aee550868431d5f4d27c3b3d262e17e1aa6156 Signed-off-by: Pawel Wieczorek --- test/security/k8s/src/check/raw/raw.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'test/security/k8s/src') diff --git a/test/security/k8s/src/check/raw/raw.go b/test/security/k8s/src/check/raw/raw.go index eea5c01d2..91237ba82 100644 --- a/test/security/k8s/src/check/raw/raw.go +++ b/test/security/k8s/src/check/raw/raw.go @@ -49,7 +49,7 @@ func (r *Raw) GetControllerManagerParams() ([]string, error) { // GetEtcdParams returns parameters of running etcd. // It queries only cluster nodes with "controlplane" role. func (r *Raw) GetEtcdParams() ([]string, error) { - return []string{}, check.ErrNotImplemented + return getProcessParams(check.EtcdProcess) } func getProcessParams(process check.Command) ([]string, error) { @@ -67,6 +67,10 @@ func getProcessParams(process check.Command) ([]string, error) { cmd = trimOutput(cmd) // TODO: improve `docker inspect` query format. if len(cmd) > 0 { + if process == check.EtcdProcess { // etcd process name is not included in its argument list. + return btos(cmd), nil + } + i := bytes.Index(cmd, []byte(process.String())) if i == -1 { return []string{}, fmt.Errorf("missing %s command", process) -- cgit 1.2.3-korg