mirror of https://git.rancher.io/charts
[dev-v2.9] rancher-cis-benchmark 6.5.1 update (#4823)
Vardhaman Surana
GitHub
parent
218afc64ff
commit
5396fa0ad8
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
|
@ -7,4 +7,4 @@ apiVersion: v1
|
||||||
description: Installs the CRDs for rancher-cis-benchmark.
|
description: Installs the CRDs for rancher-cis-benchmark.
|
||||||
name: rancher-cis-benchmark-crd
|
name: rancher-cis-benchmark-crd
|
||||||
type: application
|
type: application
|
||||||
version: 6.5.0
|
version: 6.5.1
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanBenchmark
|
|
||||||
metadata:
|
|
||||||
name: cis-1.9
|
|
||||||
spec:
|
|
||||||
clusterProvider: ""
|
|
||||||
minKubernetesVersion: "1.27.0"
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanBenchmark
|
|
||||||
metadata:
|
|
||||||
name: k3s-cis-1.9
|
|
||||||
spec:
|
|
||||||
clusterProvider: k3s
|
|
||||||
minKubernetesVersion: "1.27.0"
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanProfile
|
|
||||||
metadata:
|
|
||||||
name: cis-1.9-profile
|
|
||||||
annotations:
|
|
||||||
clusterscanprofile.cis.cattle.io/builtin: "true"
|
|
||||||
spec:
|
|
||||||
benchmarkVersion: cis-1.9
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanProfile
|
|
||||||
metadata:
|
|
||||||
name: k3s-cis-1.9-profile
|
|
||||||
annotations:
|
|
||||||
clusterscanprofile.cis.cattle.io/builtin: "true"
|
|
||||||
spec:
|
|
||||||
benchmarkVersion: k3s-cis-1.9
|
|
||||||
|
|
@ -12,11 +12,11 @@ annotations:
|
||||||
catalog.cattle.io/type: cluster-tool
|
catalog.cattle.io/type: cluster-tool
|
||||||
catalog.cattle.io/ui-component: rancher-cis-benchmark
|
catalog.cattle.io/ui-component: rancher-cis-benchmark
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
appVersion: v6.5.0
|
appVersion: v6.5.1
|
||||||
description: The cis-operator enables running CIS benchmark security scans on a kubernetes
|
description: The cis-operator enables running CIS benchmark security scans on a kubernetes
|
||||||
cluster
|
cluster
|
||||||
icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
|
icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
|
||||||
keywords:
|
keywords:
|
||||||
- security
|
- security
|
||||||
name: rancher-cis-benchmark
|
name: rancher-cis-benchmark
|
||||||
version: 6.5.0
|
version: 6.5.1
|
||||||
|
|
@ -18,15 +18,13 @@ This chart installs the following components:
|
||||||
|
|
||||||
| Source | Kubernetes distribution | scan profile | Kubernetes versions |
|
| Source | Kubernetes distribution | scan profile | Kubernetes versions |
|
||||||
|--------|-------------------------|--------------------------------------------------------------------------------------------------------------------|---------------------|
|
|--------|-------------------------|--------------------------------------------------------------------------------------------------------------------|---------------------|
|
||||||
| CIS | any | [cis-1.9](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.9) | v1.27+ |
|
| CIS | any | [cis-1.8](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.8) | v1.26+ |
|
||||||
| CIS | any | [cis-1.8](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.8) | v1.26 |
|
|
||||||
| CIS | rke | [rke-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-permissive) | rke1-v1.26+ |
|
| CIS | rke | [rke-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-permissive) | rke1-v1.26+ |
|
||||||
| CIS | rke | [rke-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-hardened) | rke1-v1.26+ |
|
| CIS | rke | [rke-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-hardened) | rke1-v1.26+ |
|
||||||
| CIS | rke2 | [rke2-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-permissive) | rke2-v1.26+ |
|
| CIS | rke2 | [rke2-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-permissive) | rke2-v1.26+ |
|
||||||
| CIS | rke2 | [rke2-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-hardened) | rke2-v1.26+ |
|
| CIS | rke2 | [rke2-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-hardened) | rke2-v1.26+ |
|
||||||
| CIS | k3s | [k3s-cis-1.9](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.9) | k3s-v1.27+ |
|
| CIS | k3s | [k3s-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-permissive) | k3s-v1.26+ |
|
||||||
| CIS | k3s | [k3s-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-permissive) | k3s-v1.26 |
|
| CIS | k3s | [k3s-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-hardened) | k3s-v1.26+ |
|
||||||
| CIS | k3s | [k3s-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-hardened) | k3s-v1.26 |
|
|
||||||
| CIS | eks | [eks-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/eks-1.2.0) | eks |
|
| CIS | eks | [eks-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/eks-1.2.0) | eks |
|
||||||
| CIS | aks | [aks-1.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/aks-1.0) | aks |
|
| CIS | aks | [aks-1.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/aks-1.0) | aks |
|
||||||
| CIS | gke | [gke-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/gke-1.2.0) | gke-1.20 |
|
| CIS | gke | [gke-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/gke-1.2.0) | gke-1.20 |
|
||||||
|
|
@ -6,4 +6,3 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
clusterProvider: ""
|
clusterProvider: ""
|
||||||
minKubernetesVersion: "1.26.0"
|
minKubernetesVersion: "1.26.0"
|
||||||
maxKubernetesVersion: "1.26.x"
|
|
||||||
|
|
@ -6,4 +6,3 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
clusterProvider: k3s
|
clusterProvider: k3s
|
||||||
minKubernetesVersion: "1.26.0"
|
minKubernetesVersion: "1.26.0"
|
||||||
maxKubernetesVersion: "1.26.x"
|
|
||||||
|
|
@ -6,4 +6,3 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
clusterProvider: k3s
|
clusterProvider: k3s
|
||||||
minKubernetesVersion: "1.26.0"
|
minKubernetesVersion: "1.26.0"
|
||||||
maxKubernetesVersion: "1.26.x"
|
|
||||||
|
|
@ -14,5 +14,5 @@ data:
|
||||||
eks: "eks-profile"
|
eks: "eks-profile"
|
||||||
gke: "gke-profile-1.6.0"
|
gke: "gke-profile-1.6.0"
|
||||||
aks: "aks-profile"
|
aks: "aks-profile"
|
||||||
k3s: "k3s-cis-1.9-profile"
|
k3s: "k3s-cis-1.8-profile-permissive"
|
||||||
default: "cis-1.9-profile"
|
default: "cis-1.8-profile"
|
||||||
|
|
@ -5,7 +5,7 @@
|
||||||
image:
|
image:
|
||||||
cisoperator:
|
cisoperator:
|
||||||
repository: rancher/cis-operator
|
repository: rancher/cis-operator
|
||||||
tag: v1.2.2
|
tag: v1.2.3
|
||||||
securityScan:
|
securityScan:
|
||||||
repository: rancher/security-scan
|
repository: rancher/security-scan
|
||||||
tag: v0.4.1
|
tag: v0.4.1
|
||||||
18
index.yaml
18
index.yaml
|
|
@ -13235,18 +13235,18 @@ entries:
|
||||||
catalog.cattle.io/type: cluster-tool
|
catalog.cattle.io/type: cluster-tool
|
||||||
catalog.cattle.io/ui-component: rancher-cis-benchmark
|
catalog.cattle.io/ui-component: rancher-cis-benchmark
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
appVersion: v6.5.0
|
appVersion: v6.5.1
|
||||||
created: "2024-12-04T21:45:04.741442282+05:30"
|
created: "2024-12-09T22:10:56.601973555+05:30"
|
||||||
description: The cis-operator enables running CIS benchmark security scans on
|
description: The cis-operator enables running CIS benchmark security scans on
|
||||||
a kubernetes cluster
|
a kubernetes cluster
|
||||||
digest: 8f62d01264603f504323c8c23586616fe18c66563452da0c9470342dab010deb
|
digest: e7343dc707f0a6942e2a8536ec78b813d5f590cc28d2be6d750e9f2b4b7ce859
|
||||||
icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
|
icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
|
||||||
keywords:
|
keywords:
|
||||||
- security
|
- security
|
||||||
name: rancher-cis-benchmark
|
name: rancher-cis-benchmark
|
||||||
urls:
|
urls:
|
||||||
- assets/rancher-cis-benchmark/rancher-cis-benchmark-6.5.0.tgz
|
- assets/rancher-cis-benchmark/rancher-cis-benchmark-6.5.1.tgz
|
||||||
version: 6.5.0
|
version: 6.5.1
|
||||||
- annotations:
|
- annotations:
|
||||||
catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
|
catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
|
||||||
catalog.cattle.io/certified: rancher
|
catalog.cattle.io/certified: rancher
|
||||||
|
|
@ -14113,14 +14113,14 @@ entries:
|
||||||
catalog.cattle.io/namespace: cis-operator-system
|
catalog.cattle.io/namespace: cis-operator-system
|
||||||
catalog.cattle.io/release-name: rancher-cis-benchmark-crd
|
catalog.cattle.io/release-name: rancher-cis-benchmark-crd
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
created: "2024-12-04T21:45:04.748032795+05:30"
|
created: "2024-12-09T22:10:56.614422175+05:30"
|
||||||
description: Installs the CRDs for rancher-cis-benchmark.
|
description: Installs the CRDs for rancher-cis-benchmark.
|
||||||
digest: e21d7c115d2e5041a5498489056e83e3c45d946ea723199c3893d9f05bee94b5
|
digest: d87dbd94c69cc58d71378543f23b55a948561fec145312e1177ca0f439ed2579
|
||||||
name: rancher-cis-benchmark-crd
|
name: rancher-cis-benchmark-crd
|
||||||
type: application
|
type: application
|
||||||
urls:
|
urls:
|
||||||
- assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.5.0.tgz
|
- assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-6.5.1.tgz
|
||||||
version: 6.5.0
|
version: 6.5.1
|
||||||
- annotations:
|
- annotations:
|
||||||
catalog.cattle.io/certified: rancher
|
catalog.cattle.io/certified: rancher
|
||||||
catalog.cattle.io/hidden: "true"
|
catalog.cattle.io/hidden: "true"
|
||||||
|
|
|
||||||
|
|
@ -12,11 +12,11 @@ annotations:
|
||||||
catalog.cattle.io/type: cluster-tool
|
catalog.cattle.io/type: cluster-tool
|
||||||
catalog.cattle.io/ui-component: rancher-cis-benchmark
|
catalog.cattle.io/ui-component: rancher-cis-benchmark
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
appVersion: v6.5.0
|
appVersion: v6.5.1
|
||||||
description: The cis-operator enables running CIS benchmark security scans on a kubernetes
|
description: The cis-operator enables running CIS benchmark security scans on a kubernetes
|
||||||
cluster
|
cluster
|
||||||
icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
|
icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
|
||||||
keywords:
|
keywords:
|
||||||
- security
|
- security
|
||||||
name: rancher-cis-benchmark
|
name: rancher-cis-benchmark
|
||||||
version: 6.5.0
|
version: 6.5.1
|
||||||
|
|
|
||||||
|
|
@ -18,15 +18,13 @@ This chart installs the following components:
|
||||||
|
|
||||||
| Source | Kubernetes distribution | scan profile | Kubernetes versions |
|
| Source | Kubernetes distribution | scan profile | Kubernetes versions |
|
||||||
|--------|-------------------------|--------------------------------------------------------------------------------------------------------------------|---------------------|
|
|--------|-------------------------|--------------------------------------------------------------------------------------------------------------------|---------------------|
|
||||||
| CIS | any | [cis-1.9](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.9) | v1.27+ |
|
| CIS | any | [cis-1.8](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.8) | v1.26+ |
|
||||||
| CIS | any | [cis-1.8](https://github.com/aquasecurity/kube-bench/tree/main/cfg/cis-1.8) | v1.26 |
|
|
||||||
| CIS | rke | [rke-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-permissive) | rke1-v1.26+ |
|
| CIS | rke | [rke-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-permissive) | rke1-v1.26+ |
|
||||||
| CIS | rke | [rke-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-hardened) | rke1-v1.26+ |
|
| CIS | rke | [rke-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke-cis-1.8-hardened) | rke1-v1.26+ |
|
||||||
| CIS | rke2 | [rke2-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-permissive) | rke2-v1.26+ |
|
| CIS | rke2 | [rke2-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-permissive) | rke2-v1.26+ |
|
||||||
| CIS | rke2 | [rke2-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-hardened) | rke2-v1.26+ |
|
| CIS | rke2 | [rke2-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/rke2-cis-1.8-hardened) | rke2-v1.26+ |
|
||||||
| CIS | k3s | [k3s-cis-1.9](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.9) | k3s-v1.27+ |
|
| CIS | k3s | [k3s-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-permissive) | k3s-v1.26+ |
|
||||||
| CIS | k3s | [k3s-cis-1.8-permissive](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-permissive) | k3s-v1.26 |
|
| CIS | k3s | [k3s-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-hardened) | k3s-v1.26+ |
|
||||||
| CIS | k3s | [k3s-cis-1.8-hardened](https://github.com/rancher/security-scan/tree/release/v0.4/package/cfg/k3s-cis-1.8-hardened) | k3s-v1.26 |
|
|
||||||
| CIS | eks | [eks-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/eks-1.2.0) | eks |
|
| CIS | eks | [eks-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/eks-1.2.0) | eks |
|
||||||
| CIS | aks | [aks-1.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/aks-1.0) | aks |
|
| CIS | aks | [aks-1.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/aks-1.0) | aks |
|
||||||
| CIS | gke | [gke-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/gke-1.2.0) | gke-1.20 |
|
| CIS | gke | [gke-1.2.0](https://github.com/aquasecurity/kube-bench/tree/main/cfg/gke-1.2.0) | gke-1.20 |
|
||||||
|
|
|
||||||
|
|
@ -6,4 +6,3 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
clusterProvider: ""
|
clusterProvider: ""
|
||||||
minKubernetesVersion: "1.26.0"
|
minKubernetesVersion: "1.26.0"
|
||||||
maxKubernetesVersion: "1.26.x"
|
|
||||||
|
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanBenchmark
|
|
||||||
metadata:
|
|
||||||
name: cis-1.9
|
|
||||||
spec:
|
|
||||||
clusterProvider: ""
|
|
||||||
minKubernetesVersion: "1.27.0"
|
|
||||||
|
|
@ -6,4 +6,3 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
clusterProvider: k3s
|
clusterProvider: k3s
|
||||||
minKubernetesVersion: "1.26.0"
|
minKubernetesVersion: "1.26.0"
|
||||||
maxKubernetesVersion: "1.26.x"
|
|
||||||
|
|
|
||||||
|
|
@ -6,4 +6,3 @@ metadata:
|
||||||
spec:
|
spec:
|
||||||
clusterProvider: k3s
|
clusterProvider: k3s
|
||||||
minKubernetesVersion: "1.26.0"
|
minKubernetesVersion: "1.26.0"
|
||||||
maxKubernetesVersion: "1.26.x"
|
|
||||||
|
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanBenchmark
|
|
||||||
metadata:
|
|
||||||
name: k3s-cis-1.9
|
|
||||||
spec:
|
|
||||||
clusterProvider: k3s
|
|
||||||
minKubernetesVersion: "1.27.0"
|
|
||||||
|
|
@ -14,5 +14,5 @@ data:
|
||||||
eks: "eks-profile"
|
eks: "eks-profile"
|
||||||
gke: "gke-profile-1.6.0"
|
gke: "gke-profile-1.6.0"
|
||||||
aks: "aks-profile"
|
aks: "aks-profile"
|
||||||
k3s: "k3s-cis-1.9-profile"
|
k3s: "k3s-cis-1.8-profile-permissive"
|
||||||
default: "cis-1.9-profile"
|
default: "cis-1.8-profile"
|
||||||
|
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanProfile
|
|
||||||
metadata:
|
|
||||||
name: cis-1.9-profile
|
|
||||||
annotations:
|
|
||||||
clusterscanprofile.cis.cattle.io/builtin: "true"
|
|
||||||
spec:
|
|
||||||
benchmarkVersion: cis-1.9
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
apiVersion: cis.cattle.io/v1
|
|
||||||
kind: ClusterScanProfile
|
|
||||||
metadata:
|
|
||||||
name: k3s-cis-1.9-profile
|
|
||||||
annotations:
|
|
||||||
clusterscanprofile.cis.cattle.io/builtin: "true"
|
|
||||||
spec:
|
|
||||||
benchmarkVersion: k3s-cis-1.9
|
|
||||||
|
|
@ -5,7 +5,7 @@
|
||||||
image:
|
image:
|
||||||
cisoperator:
|
cisoperator:
|
||||||
repository: rancher/cis-operator
|
repository: rancher/cis-operator
|
||||||
tag: v1.2.2
|
tag: v1.2.3
|
||||||
securityScan:
|
securityScan:
|
||||||
repository: rancher/security-scan
|
repository: rancher/security-scan
|
||||||
tag: v0.4.1
|
tag: v0.4.1
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
url: local
|
url: local
|
||||||
version: 6.5.0
|
version: 6.5.1
|
||||||
additionalCharts:
|
additionalCharts:
|
||||||
- workingDir: charts-crd
|
- workingDir: charts-crd
|
||||||
crdOptions:
|
crdOptions:
|
||||||
|
|
|
||||||
|
|
@ -30,6 +30,6 @@ fleet-crd:
|
||||||
rancher-provisioning-capi:
|
rancher-provisioning-capi:
|
||||||
- 104.1.0+up0.3.1
|
- 104.1.0+up0.3.1
|
||||||
rancher-cis-benchmark:
|
rancher-cis-benchmark:
|
||||||
- 6.5.0
|
- 6.5.1
|
||||||
rancher-cis-benchmark-crd:
|
rancher-cis-benchmark-crd:
|
||||||
- 6.5.0
|
- 6.5.1
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue