From e15544dfe000aa6d055b5d8bc0fadfc8f0ef5648 Mon Sep 17 00:00:00 2001
From: Pawel Wieczorek
Date: Tue, 8 Oct 2019 14:43:47 +0200
Subject: k8s: Drop process name trimming from etcd on RKE
Information for etcd extracted from container on a RKE-based cluster
does not include process name.
Issue-ID: SECCOM-235
Change-Id: Ie6aee550868431d5f4d27c3b3d262e17e1aa6156
Signed-off-by: Pawel Wieczorek
---
test/security/k8s/src/check/raw/raw.go | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
(limited to 'test/security/k8s/src')
diff --git a/test/security/k8s/src/check/raw/raw.go b/test/security/k8s/src/check/raw/raw.go
index eea5c01d2..91237ba82 100644
--- a/test/security/k8s/src/check/raw/raw.go
+++ b/test/security/k8s/src/check/raw/raw.go
@@ -49,7 +49,7 @@ func (r *Raw) GetControllerManagerParams() ([]string, error) {
// GetEtcdParams returns parameters of running etcd.
// It queries only cluster nodes with "controlplane" role.
func (r *Raw) GetEtcdParams() ([]string, error) {
- return []string{}, check.ErrNotImplemented
+ return getProcessParams(check.EtcdProcess)
}
func getProcessParams(process check.Command) ([]string, error) {
@@ -67,6 +67,10 @@ func getProcessParams(process check.Command) ([]string, error) {
cmd = trimOutput(cmd) // TODO: improve `docker inspect` query format.
if len(cmd) > 0 {
+ if process == check.EtcdProcess { // etcd process name is not included in its argument list.
+ return btos(cmd), nil
+ }
+
i := bytes.Index(cmd, []byte(process.String()))
if i == -1 {
return []string{}, fmt.Errorf("missing %s command", process)
--
cgit 1.2.3-korg