From 80e08a215f475d1e5b062968f74ce5bc54b2fe2a Mon Sep 17 00:00:00 2001
From: dhruvmewada15 <dhruvmewada@outlook.com>
Date: Mon, 11 Jul 2022 16:38:53 +0530
Subject: [PATCH] make charts

---
 .../rancher-cis-benchmark-crd-2.0.5-rc4.tgz   | Bin 0 -> 1466 bytes
 .../rancher-cis-benchmark-2.0.5-rc4.tgz       | Bin 0 -> 6158 bytes
 .../2.0.5-rc4/Chart.yaml                      |  10 ++
 .../2.0.5-rc4/README.md                       |   2 +
 .../2.0.5-rc4/templates/clusterscan.yaml      | 148 ++++++++++++++++++
 .../templates/clusterscanbenchmark.yaml       |  54 +++++++
 .../templates/clusterscanprofile.yaml         |  36 +++++
 .../templates/clusterscanreport.yaml          |  39 +++++
 .../2.0.5-rc4/Chart.yaml                      |  22 +++
 .../rancher-cis-benchmark/2.0.5-rc4/README.md |   9 ++
 .../2.0.5-rc4/app-readme.md                   |  15 ++
 .../2.0.5-rc4/templates/_helpers.tpl          |  27 ++++
 .../2.0.5-rc4/templates/alertingrule.yaml     |  14 ++
 .../templates/benchmark-aks-1.0.yaml          |   8 +
 .../templates/benchmark-cis-1.20.yaml         |   8 +
 .../templates/benchmark-cis-1.23.yaml         |   8 +
 .../templates/benchmark-cis-1.5.yaml          |   8 +
 .../templates/benchmark-cis-1.6.yaml          |   8 +
 .../templates/benchmark-eks-1.0.1.yaml        |   8 +
 .../templates/benchmark-gke-1.0.yaml          |   8 +
 .../benchmark-k3s-cis-1.20-hardened.yaml      |   8 +
 .../benchmark-k3s-cis-1.20-permissive.yaml    |   8 +
 .../benchmark-k3s-cis-1.23-hardened.yaml      |   8 +
 .../benchmark-k3s-cis-1.23-permissive.yaml    |   8 +
 .../benchmark-k3s-cis-1.6-hardened.yaml       |   8 +
 .../benchmark-k3s-cis-1.6-permissive.yaml     |   8 +
 .../benchmark-rke-cis-1.20-hardened.yaml      |   8 +
 .../benchmark-rke-cis-1.20-permissive.yaml    |   8 +
 .../benchmark-rke-cis-1.23-hardened.yaml      |   8 +
 .../benchmark-rke-cis-1.23-permissive.yaml    |   8 +
 .../benchmark-rke-cis-1.5-hardened.yaml       |   8 +
 .../benchmark-rke-cis-1.5-permissive.yaml     |   8 +
 .../benchmark-rke-cis-1.6-hardened.yaml       |   8 +
 .../benchmark-rke-cis-1.6-permissive.yaml     |   8 +
 .../benchmark-rke2-cis-1.20-hardened.yaml     |   8 +
 .../benchmark-rke2-cis-1.20-permissive.yaml   |   8 +
 .../benchmark-rke2-cis-1.23-hardened.yaml     |   8 +
 .../benchmark-rke2-cis-1.23-permissive.yaml   |   8 +
 .../benchmark-rke2-cis-1.5-hardened.yaml      |   8 +
 .../benchmark-rke2-cis-1.5-permissive.yaml    |   8 +
 .../benchmark-rke2-cis-1.6-hardened.yaml      |   8 +
 .../benchmark-rke2-cis-1.6-permissive.yaml    |   8 +
 .../2.0.5-rc4/templates/cis-roles.yaml        |  49 ++++++
 .../2.0.5-rc4/templates/configmap.yaml        |  18 +++
 .../2.0.5-rc4/templates/deployment.yaml       |  55 +++++++
 .../templates/network_policy_allow_all.yaml   |  15 ++
 .../patch_default_serviceaccount.yaml         |  29 ++++
 .../2.0.5-rc4/templates/rbac.yaml             |  43 +++++
 .../templates/scanprofile-cis-1.20.yaml       |   9 ++
 .../templates/scanprofile-cis-1.23.yaml       |   9 ++
 .../templates/scanprofile-cis-1.5.yml         |   9 ++
 .../templates/scanprofile-cis-1.6.yaml        |   9 ++
 .../scanprofile-k3s-cis-1.20-hardened.yml     |   9 ++
 .../scanprofile-k3s-cis-1.20-permissive.yml   |   9 ++
 .../scanprofile-k3s-cis-1.23-hardened.yml     |   9 ++
 .../scanprofile-k3s-cis-1.23-permissive.yml   |   9 ++
 .../scanprofile-k3s-cis-1.6-hardened.yml      |   9 ++
 .../scanprofile-k3s-cis-1.6-permissive.yml    |   9 ++
 .../scanprofile-rke-1.20-hardened.yaml        |   9 ++
 .../scanprofile-rke-1.20-permissive.yaml      |   9 ++
 .../scanprofile-rke-1.23-hardened.yaml        |   9 ++
 .../scanprofile-rke-1.23-permissive.yaml      |   9 ++
 .../scanprofile-rke-1.5-hardened.yml          |   9 ++
 .../scanprofile-rke-1.5-permissive.yml        |   9 ++
 .../scanprofile-rke-1.6-hardened.yaml         |   9 ++
 .../scanprofile-rke-1.6-permissive.yaml       |   9 ++
 .../scanprofile-rke2-cis-1.20-hardened.yml    |   9 ++
 .../scanprofile-rke2-cis-1.20-permissive.yml  |   9 ++
 .../scanprofile-rke2-cis-1.23-hardened.yml    |   9 ++
 .../scanprofile-rke2-cis-1.23-permissive.yml  |   9 ++
 .../scanprofile-rke2-cis-1.5-hardened.yml     |   9 ++
 .../scanprofile-rke2-cis-1.5-permissive.yml   |   9 ++
 .../scanprofile-rke2-cis-1.6-hardened.yml     |   9 ++
 .../scanprofile-rke2-cis-1.6-permissive.yml   |   9 ++
 .../2.0.5-rc4/templates/scanprofileaks.yml    |   9 ++
 .../2.0.5-rc4/templates/scanprofileeks.yml    |   9 ++
 .../2.0.5-rc4/templates/scanprofilegke.yml    |   9 ++
 .../2.0.5-rc4/templates/serviceaccount.yaml   |  14 ++
 .../templates/validate-install-crd.yaml       |  17 ++
 .../2.0.5-rc4/values.yaml                     |  49 ++++++
 index.yaml                                    |  40 +++++
 release.yaml                                  |  66 ++++----
 82 files changed, 1230 insertions(+), 34 deletions(-)
 create mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-2.0.5-rc4.tgz
 create mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-2.0.5-rc4.tgz
 create mode 100644 charts/rancher-cis-benchmark-crd/2.0.5-rc4/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/2.0.5-rc4/README.md
 create mode 100644 charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscan.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanbenchmark.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanprofile.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanreport.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/README.md
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/app-readme.md
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/_helpers.tpl
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/alertingrule.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-aks-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.20.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.23.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.5.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.6.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-eks-1.0.1.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-gke-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/cis-roles.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/configmap.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/deployment.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/network_policy_allow_all.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/rbac.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.20.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.23.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.5.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.6.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileaks.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileeks.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofilegke.yml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-cis-benchmark/2.0.5-rc4/values.yaml

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-2.0.5-rc4.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-2.0.5-rc4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..d0d625c0de7373fa868dc6b6b657dce1563c753c
GIT binary patch
literal 1466
zcmV;r1x5NFiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI>(bK*7-&NIJ4bA85V10fyWa@@6ZZ7-K0>GgS$H=v6xd8BoE
zOsD_7BijkKu`vciu5;`QgCu_|+24LEt*t@wCF(vGrawo?mm%oKKG*)+=@K+KD+q&&
z1I=|^cRU&;zpm?+f8EQ$=)xNf#zWWju7>V~>y6#<;DWh_I^M-%L!d9*gMF13_dhX^
zQW20)(oA}caUclP!r?#^pd-{<j+(@SK!3tAu2c?N3g1ULVQ)ys_@;7*gb+;x94E}O
zO+~1Il<u3AAq*=o(HI~Y?AuFU{BLr#2a))K+6W~l?8)o-Xt)*;CI3H4Ll6Xp(GuBo
z_TI1urK_==UXvqQML1y)MS<YSUF$tP`yDv0bJ^E?)O+n`+Q#bRpD>I9AT)1z5F0{m
zILN*9V0-*~?!fbk@jvi}!>e=rpThEy1ChXQgwp;q&g0L<hTxOedlb^2uxV^ag)=lN
z)*RpCgODPLfDj3MAh7z8#!rqg#^J)OBf4iI<aXdft2j!8AlI2*p9m3Snb#ERj)P2E
zqafB06kYTfGhErg%trSZ%fd3j>Sxn>@)8Jx`pL?fRjRasl!gW7TEO>{wLx&Jg(TEd
z6~v*;X4Yq4jgq%O%L#J~0ma4%z|bs~cAmFdJ%|8rAWXrY?@Ded*^sO|6%|8T$VIIK
z6Ne$_l|zakDB#}bT3SIxU`zq&cHPhl=mA7=O24cdS^=3y5fy;$)(x$I{st`zK!2?p
zS^-H#*QwgigW}`7QN%X7cEZlMaxX$O1YvQ-e^hri07u9j!<XpC0s59<Qzak7!r@xU
zyR5xP#?6im7bc$TEZj5Z+gPznn6Q8TO^5I$hVa~}B9zy+AHNLm3eAi~+GcwaYn<fb
zObgalJuY=r2&{59V=@i``yg^roVSg|<)Jt3TWk3GiCfD*g{uBW_=Xi&(?}?-W=&Nr
zsoF~lVFhiGh-BI9O}-9L)9jFmZoe1S!20+srz(sBq#94_3D1=Z5af0+D><<~2rC_-
z=3kLh4S^~<4ObeizzA8v9F%dm+1h70_02cuv~+FzlDlToSrG3SdN=ruY-n6puxkIP
zyL;xEkPAz<uA`bOnda~c77D_!lAKM{waR_3L7D{FYIGgnc8HV4kWT&m8TmkXd|x3N
zV|PJEb)pfBlE?K?#qO?sBm<7<VXGAF6cnH}tV(^pFi`-jj<XwTt@O5pQ?I#OId^zY
zv`jb}IKAjVrR=lD<!^b$)u)Lr<*~d6?Gjtf(<9ceC{ZU>l1=n&Taj$<-7!sVV%=|B
zR5%0d2Vs-_o_n%KQSoqgxiUE^?sus@KJ9a5Eu||v3XQK_2>C&+W&LkmDs52+Y^eVa
zu14ch{ckuJy65`eDeTzwzZb%ESO|RgjG1&-R0P*fU$-<EA$PKA-D>qD{1?eAR0K<X
zJCu4tA%BnOs3j7b?D-XtKh+P|1s=XNz}FAh0iGvJdU=Xz$>kG78x_+X1|H}xc^|d2
z&;01`x>{BuU8m>jE%)bCe$uyy9XhKbe5d#o;n*GiA)Bj~`9DfeBkf)THspWraxg6A
z|H0K@e9r%;uw&={j4&N$|NOhNiroL~u=~vaJqi3vs2)MA?1}Rp4YetpHkMPi7E|^t
zXf^8|+hfC4zO{wj!Mp0t!s=c-q+3}_{nr?&)?bA+>HqlhvaJ7O_x%0GN$lAApAx1+
z`JW|#b?TqFd;MeIk>2qiEKckPN@T~Zai>K4?e6o<3HR|wi2r*1pMAJ~|LKDh`Um@H
z`u^7&4NBktUXHwT{qH39)0U52uh}f^V|)pk7%hRA*!Y|_Ht4hYs_v88*Iwb-&UUu5
Uovq6L3jhHB|2LBzzyLG=0PY&$<^TWy

literal 0
HcmV?d00001

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-2.0.5-rc4.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-2.0.5-rc4.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..2436bea25c5daeb287fec8755530733b20576b16
GIT binary patch
literal 6158
zcmX|_cRbZ^`2UHFh>Qqji&SLqjO5rOq>Lmh8HbNq=-7KkwvJIo;zV@pW6Mr<#xXJ?
z^H|3j_xJdIe~;h&=li-I_jTQ`>wdhi=Y8?S)3B1AFK~<Oww?B)d-mD}vih$TWL`);
zzUN>n<6>#5AZzsav8;iG+bcT{hu3B%P!(-QH+Qms!CUWUWxsn6xmCJFUmMOC%9J-L
z7U$@j_wGooN_}71Ja!OW)v4qAPp3or;ytqIIKSTA8n~nCj93V}2{J=F-YqZ;@u)h7
zlD!JuNXE-YgK-kMo~-MfFqk_OTkqbI#Z)*alueD!Bir_CQu%i>gxdBC#Gr@2&J#+;
zb{PV<{nneOh$ZtJhl=yig5bD8M!t7(G0@-e{3)l^R^}@`_55-F-Gp2wOBP|?E8k-J
zbiwBqG*#OxTC!aGO2YGXPcP*qn5uAp?socOp|Ov~=m<ADd$3fJ{>Lvnha`c3{Y}od
z+EUZmL|M*a?`Vxj!&-ZX2=s&AZNItiV^OFLI0XUocNpT!CMn3Bq-GHjEfTZbk*Zhj
z*@|HjgIqCYBYekr#Jn(k?^9#uOxGXOn$l!S_ZAYIK744H#r$Qb;n@|PNR2lUeUmoM
z>lhc|FXpXV3~7!2^B96T`!(LwtlER&ojGitWmIF`@-Kxr%yZ|O7)5S)bRM56t}88t
zn4W>J8soLAKl`@zeLhs6`E4iUFD<92H-SJu_2yDas#gfJX4f@GQz`43>uN>pw4XDc
z=P=1rTzFGY6LrY|-gWfS*hmk4>uSGA#i~oC@chSdr#-z`-R~Ffuhx8`drp<#_v5|)
zSkGNCcI(ss#yxBFxfo^KCmk!|?u!BcEuh4#DPrVE#;^fA5L2_`AUt#e)Gg9BchSaP
zxabA%jEJANpK@0YJ&_U()#cs8bmvYDN5m_bTnf(mN#+}txp7gGcaBNjK1!6qKEhb4
zkGh{VS}2)PBrlrWL}Xqoe7KJ_@u*PJv7X4H_WXyCx%C|>jk<$3ZGw*+K3|QU^#gMu
z2~ktrcDTro<<~3u{(JP>V~Q}$^vp<aIU!k~bxz#TFmmxiu&_Z6;R%bvwZ`?tD78L;
zrNZm&gi@+DmQ!I3K>=n;y(=60*z4Jh3Ag8+BsG%_GZuwg(o`--U=`Iv{xGQjW#DUk
zpgjB$@>($QCA6nJx<qP1-#NS^F)*3(9fjkEpH6CFasq?#;A;PdX{A`|yh;1a_3U?F
z3tmx?Plzu37>@goO7g%-5hs^!Qpsr(ATvs!yB~eg&Q+#Qg{`{&dq1m3M|g<1NG|7J
zaz{nleQ-m^8&)Ote4{X3^UjDq;o@*Zxk?y&>~mUsb^Td=)=L46uQp3P_|0<HQ?Zv9
zBS&czw~v*vfl1zDmH9jV(3g+8Z3WVM?~eu?P%iw(!^dk+|Kd{Q95ugCeva1ott!tN
zNtxTO4%R$7eHl9f&YUJZRtdNbZTg>MYlw+}gO7#cHo3R0v&cU_Y%O_24i9OijWeFN
ziVI&3Eurp^vSAc8?m&OTx5?{vt|tn<-^VX@iYHQK>x&e>;)sV+1?h)%37e7k+=)^7
zsOf0El&<?}ws1z;pXJ-x<TW*KgQ+po_P3XWXeVRl+?z-xrW9G`j!A4$4Wp$M<V->r
z-V?I9(!QK31raI}Mtc=%?b+a(js>_T5tL2au#$W$IVpM#)?em!E*6W%_^GX9xqkrr
zI`HK->_$Bb8cdg|uXTZsF1|K4^O~!(&KgY)bfBC5Vh6I)2+nzOlJs3aoln{q|4wCw
zay?DfLoqb)YA@%`tp3h!wu<WxP4jZ}QSt99n`l>#?pP0IS~>pF`xT`dlymSGBQlfE
zT%OmMx;iFDhDpkVu7UTJPPfRfX%7-#dQ812)~bYZfrR2tGrNv3D)KAnk(^!;Z+mTh
zc^BzsW!DWsd-_xUhP<&Q%YE_s`pfeBLIKK`d>*AN&=W+|R;0=}GP5$Lr#B6}$0Vpk
zgq5q(D3E3EgYSz@>MjH%75{k}OfJlFI8Hha*7qH%H4p3evl%bLukH=AU612qsbJ5v
zoA<0LI%xjbyEZ-*@!$;o#IC=D|I$}C<p4E+#I5K16437OlaWdyf`aRflwadq*Gk;e
zU3phiS?}RmM##+gQN5a&P4bA9e}2zhM<UIF7cj^xl7Ku6DvCK?`Y!xXV@E0W%b&NB
zLjExL!)U9??nsiPibdBr<nHZ9C!V~#$!p8SsN71nW$Ie_{%nSZ@4*f#wxw5ZE!w(i
z)G~~s(Cem(D9gI!m?TipUAqD-(whG~R#f~URz=CMk81i0e3j<aXAe*eZZ(1Vk{lJb
zT}l0Qkm*;C-{zwGuJv8ZIhEU8riI!uZ#+q?F;~lRoc~v!A3EznEH&P$Xxqn6-O_h^
z_Jllr5r%MHhq<=9VBtxrgiCFMm$ugd{4UsfXh%GGwG7%wA<R0!v!_IVr3`RXBm$`4
zpMn;5fP!LesXs4*f?6zc2R1L#5A1C4$YT_nSv#<EAu`?tu08wsUI!w=^a;iFHQ<>B
z2uZ83yYhFzH;Ecsih_J{{5wx&P>OuAf`_4p!Bp7TfhvapZbr4`;Q&#bwig4w3xAU#
zbJmJTrY98FwyP6Q<QBl+<0$t5VCiW|+`TS<t7~`PwX<!jqB2W*hnEvq*3sEbnql?H
z0=dU1^!79XURR(&MD)Z=klEhR-A7r36Ly~xr$YNr(YPQS)PkY{qC>Rs08KXrfTA%U
zFnSIusmeGVPgU<Y5tA3e8WAiMxNgJlmc@ZimMrjH>FXcFwbfJGA9$X2FmwdomO{_1
zNucx|cuZlIxPle;sP4gn!v8y|KS|R=cIw9z+y87=MfyPh3h>4ep?AwtK(9R6V+v(S
zQc_VQ_jzDTC%OV8Fo1d*>I^=gr{xX;-T$An@Yny{T@ue@rV5}_z*WN>&y&ZCN9KlB
zKop1;_y6ysFJATGDO5&nLZlOLPJ(E6E|RLBPho>+fbVz~`M<tX&w)GMmhSTkxb+V;
zL1tcj1vIV7lCi?UR{qI0j?|F;;L#FV+<#zGRY2ut{{bq7+LNRw8f=_I`4JIpW_>_F
zg{*>{n~9`@8-*GN4vGRcjHC@yxyZO3P&S}~(-CXiKtS%2qKjf-mvE$%>O{Ih7#CUG
z2sny*&;*cdW<5Yaj!gL<9_HL<E1`P;x^RGM76<;}ZO`Qqrai9&+ow}o&+`y4j}>5P
z%mI?;$o9TsplDFZDTK9cAt3ij>i>W5=u-rOj=SJa;OVX%>Ar3cVS!(76_^S)AjV7V
zTQiq)upgoZm(V-g{{Ll))i0CpC|rm*_3r27zjRMQJ2T=C8V0fRlSF*0dO2tw`VP|3
z8B`>H`!7?*Wy6Lo50TRds(Q@AaQuY_VrD^G4BbzX79WhUXtT<W6mUeoJs9XETe0Oc
zS@`mLGOy?tOl(=Tki)n<2lcN~*hFw~ti?By(SSMX7tIqJImp^ppb|D)aJb**i{=`A
z#{AIGOoZXO;2=`Z@8mDi2+0tBzt6Lwxc>AKWPr!*`oByttvFbu%<vodh?qG8rS0Rj
zGx#y>7XpGJHc7Sx9~I%+PpJC#zz!$RXHt+izghc3f>=H$yeFBFoh-Q^B*~|l`sxKu
zT0Qx=WEa)Oh8-nJNlS+y^z3%R39qnFe<bgIb(i9jElM@7hMjJAC;bC@srKm5j}3cq
z)TVF$aZ*7nQnICT;=pX`i-OHnV_U(SLQjoe&yKNAsWvyhPc+Q(nfu|>W2wRQoZ#i9
z4RF_}f)pSn{ahgwXDI*s({bSJ7?*s+i`cCL4F|KfPAaHg_jSHYMfD<O$K)3zdw9L%
zrq**GrE+n69D^`Z93Hx3HmsWp5#BXP=~Pe2Sri(6yHL9FC$n8jVH?A1c|lZ~_msIM
zj{GV{^90FbSw60=>ofHm|H<3Wzs!A3LXbV5%AwUqqIqb+O`_Ifx~@=$*A^Nbj$@(a
zPp^7CeN?93-Kf}~YUWiPVFcG=ylL)m34UM2M!c^{gl1ts<jnw+H6>k5`b;p({mL9^
ziwXr%^%nDfYk}q!jcoGw8KhR6?vn;N+zwFdR`WyVcOI?A!>n800L;))d^}PPv0#ng
zmdu>U&uEfxim!ufiZh$ttsALX2<c^AT_bd({n*w+^_NS~8N`)Y9@uGbvZ{p%WcXBm
zdEmj3)$R6bb3Mo1^2vCMDLHn8IAXyT-P{laJKF3%8fxM}EI{?%zImCa9ISnOv}%;u
z2<5)x#s7Hu#^!>&@!SBCUA4J2=yigogTwU#MpUUGr?jwO%5(&JX)5OST=v8k%o>Gi
zZhRfM?*#E*&$Z{=lc0TcBSU`7QmC@7e^NQ5htNV12lUs}Z{F3TMo|<GLP`q8Y~H7M
z@gPheR^HajX4ky0AyshaY-sc(-z;s53CWDf&nWu#G3`!MbN%VDQ|RO)JVS0x3bvx-
z7Wd1`S_)}_0~vbW^#KiCO?sI|o&}y~9bunmUIpmiOs`C=J?t;5o>$EkviYR_-;5(*
z#KPz&!s2Ihe{LLcF;fN=0^2Sw<yzv@>;ZVA(gaZ4ZiX8-2?jGhuKXwNLASr}F%Hsa
zNfZIwpA!1>r71WCLSe6jqiLvQ_6=DJPmG50eYAL|4>Q&rpMVYK073u06PdkYfYYde
zH|u2nq`hxj;StJjJ!lIDNKNi}8nB;7-yR0A`wQ(pQX<!NILRU;s+hxH-7)lzYM*=m
zZ88BfyGElS_WnV(nIO&ZGOEZ^G$whrFF&AqD7J6zdT4`)z{rEcQPpq>!+Nz|YuR|;
z^l$pmFA!fiPr_43$rk|u<22n*)r(f!_jnRKhdkp_yXuA>N$4$aFKF2xntfF*o7ZOV
z<ryL{Z66nN=^Pj~_O5#u(H<6NJET~tN3ER&#Ajw3)EycLj{_754m9INe8aZt_HiH3
z{5T75%9~oJ>31%0?i%Y4Ddu<PI8$$Lld!WbD*zcJ`PyLJEV01e;1AE`=zplEi{hw5
zXU~^}-5_sZyWVV%1{Ku8zXwy{QbKkwYhN|z8mWG8W0;c}KUTK8PF2!L6-v$=o0L)Q
zeKzA}q=!s)bMuLjt8^Q5|H%Gr`)=v<?*j_Q`;KGcpG|snvJZD}=WT?2ti-4tagxmj
zx1g3BrHOKH`fG#nbB%SDfj$ExqRc#-48Lc0ASZL3t{mm1aYawMj|1O5e3i9TM%~EU
zn&DQX^jVK*5%3Y<R_Kw8miXV{;TTmboT}3L`9G!Ll(_5Q+{4YkihTI*5+f3sSiki&
zNq|$NU+bqCe}@y>ykoeO?RbDiuRU^UDuEflJJA8d5&iF$g@BefSQ4BAde(K&X2X_1
z#fX7n@TG?655SDka0IAV9`ZanhOxzAU{3-R%P2v#jS?`WBU$V!@jRA9l4Va7*{2N1
zH%5p=dj#@`fb{D<K(Xb$1FkCqH>77Qct1~2DfO02T&6b30a$UhptTd8K&y4sG0x_^
zIrn2x$5p28oV=M^_Q<`=#CP~zb9b<fg&q~~6HmBDi6>tOs@$Kjw$+5)84UcD`YIkq
zk3)Yu22avgz}Fb8Y6o#w9`x;is*4kQu+xAw*vm>7Q~D~590Q9WK%v3F>p6kcI%NP)
zJD#!fNR|8HDG5<dmy#hfzyP48cr0<YbcTHZf0F)-@7-Jfa@|dYVSb%AcxVy_x|3jH
zQeeu(ig?ZuD8g#pZ|RUa;zi>y(9Hn5<4VdDQCGl#Lsujd{B}^hB${Esk-(5{vl`UB
zB69_F1@eG8a*c>mhywFNyQss);3j}z8-EU{>r!Dd(mYL1QJm>Zu+#<s?XLuvxAC?r
zW!=Q7a`G=n;t|Vu@qp766Fk})Y#ou_uSR#v+KG&=_9z>ic!DHe{2DRyD<JqykrW?)
z0k+1;CW-7C>O}v6X0m`3FpGmJQs9Ur<dgvZd5LCY3~lq_W1ArqA|qhMnVbOw8z3?c
zlQ>oV2#;{5UTj@*@ol3J836p^WEnN!n1Hr4z6xAn<en#swR5T=2YAFZ@mz^bED$+H
z?_7{)CNaoMmbN7<>IM$><s9Lb!6MTTXtM+>q;gNR0@V%rJ77!gylNPzKlyc1fyEEW
zLmnNYNjaN!f#0fRU%lNdcX%{i&Vg^6NQ$Wdcshx*He`@uGSF9f2mcoq{s6!Gfl(F(
z=KoG(QI?*%#5Aj?V@Q;*;f<3Dmp|gyE}kY&?87hwxM8U)soEq5dv|<q7VucF&fTqm
zkQ0rd$w6pm7RP@m6;Q!Vx}IYbM06ZhRYqwPm7_%r^GX4(>)9Dfv}acUwbd5L-)RUY
z)#*<IygGQLVAi07CopeYg8GlgCVVV&iOJAzp=`zeWdDJD7ip?t3>VR7)bdmIIt+x}
zV%S5CaUIH@qPH2&75OlSR#FqbXTEnwjcVk=Ftqqe4&#lY`3R>Shs~SPN3aq21Fk&M
z)5u6|06!K18H^r1Su{0T_0Tr^JG54U9PP()7-XfWy@(ZtY4>`)W{OQSeb#n0%DQZO
z{i2;I<;g|bzAP#;lk}bLCW}~NT0^?e1u1@zG$4&~j<db3KEpb<uG0v<nS87h{2klh
z_h4<8a9eBw?lHV*bjtN!ck`{DL)H5Y4q}dwgt^u2*fv`M(Vx+4=4V^o6MD3oyjg#r
z$oekjo8+Wyuoz2GCewvV{#g_8C(r~)@v|m)bv(>4Lz_y8uH;s6_)%A6;#R85j~~83
z5>buK0ob))`S3L*&S*U9t-n11ImUDBj<=xu&}OcDVX?cy^@p@@^Uv$9(hIJBYjbjH
zT0P{tSD5Uhz96bB_Bpf<`PC<weNu!&rFg#{eE3Ckg$836ryoE52Odp6!F`pcSX!uz
z!(@?(%AOJ~{-iB7xpnrXa;QbM*gdN9(bLm?d;6$%<*}Pe(NgtyJ+B)T9NSA$GhP3_
zlr8qDqahVL-SUXX4+D=V6i7MsR*qzlZv$_gF*u|A_68MD$^CB$H9l@+;I4Hh^M>mT
zqvO`b@&fX^tCRZf<_w*~*{=w?fKM<9GtYdQfYx6e2bs=NpEML+)v?7#ZjDN_WX8L=
z$_QG#`gk<wE=}ZNzn7dJPRs6H%vjr+y?;@JAyw1#D=qU?T4jn*7S=O{WXhnuhRgxE
zrI4-t*Lr9j@!Fln9q3($yDVcai6sbnePY9;j!$xe)F1UW_QtEV&sONO-xX_hhBCgk
z`PLt(J8_3I_sf_yh87-9VWk+Lm4#>$;AO%%r5k{Cl<y>u4@<Y;!Yw$SGqu*ss-kv8
z-HW?R(Lz)I0y&3CWFyoUB04_I?OgIE0Vi^l|H-2l1ugeu7rWUwWlvBoOz59^s;qe+
zqx~K=?4}2H%>jcoS2crm7JbO(dR^1$Kl|Y$;;C}R;!1>M`qwPJF%<-5zF}JEhnZ6R
z#toL(w{Ilg{*Lzf%q;e6`EQck_b%!eq7`YSs}gnUSJ~xa`Ini6!;V=MbsC=@Pb)dG
zC?;wu_sGBxCu-T8zh;?0OS(4)ZWsG!MzPY~s2vq@qdgzFm1X*TS>}bh(4==OIA5@y
zmg%9@_biNu6sfgWafYz#bg%OoA7}?OQk3P8$75(mlcfv?+<&{@hrpR5+aI00{@A3x
z?+}DI)06w#|KMq)zGt<~w#rbRN^3>oRB*Og%5n}{>?^BLs+fq2RG~x*RkxeEvS*@#
zVS^@xDLTktLtIr{>qJMRo!A9dUG{xZSAXG&ZKKsFe@Mr@f@ju0$lj0p$kqvRa14gX
zGUOdPZ9vFBWb+C7N<Z{*qWyMY=0B8|O@T-V3%O{gi?nr9{Z+~;*VPlUP{_cPn4Xwm
z%GoC+5M!szpVFuOd@hCO@%z9|4)eLLmc|$tQ`Vn*82zvZ?@C#0P?L|%G(>6|?p2ay
zLEnJRt8dD-1cpA{=Dv03h28NQO18k#XmCiu&f#;gtoLpMEn>{aODWrMIaN1Dc{_s+
zU24fd8@BqUQ`c-y!cbX~g__4cGGy=kdGNoZ*PQBhOZnl8noDL^U;?s$Lg6PHY1!T)
R%8^F@0GHeWCDSG+`yZ3R#Ge2F

literal 0
HcmV?d00001

diff --git a/charts/rancher-cis-benchmark-crd/2.0.5-rc4/Chart.yaml b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/Chart.yaml
new file mode 100644
index 000000000..b4b6d56d8
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-cis-benchmark.
+name: rancher-cis-benchmark-crd
+type: application
+version: 2.0.5-rc4
diff --git a/charts/rancher-cis-benchmark-crd/2.0.5-rc4/README.md b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/README.md
new file mode 100644
index 000000000..f6d9ef621
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/README.md
@@ -0,0 +1,2 @@
+# rancher-cis-benchmark-crd
+A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscan.yaml
new file mode 100644
index 000000000..3cbb0ffcd
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscan.yaml
@@ -0,0 +1,148 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscans.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScan
+    plural: clusterscans
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .status.lastRunScanProfileName
+      name: ClusterScanProfile
+      type: string
+    - jsonPath: .status.summary.total
+      name: Total
+      type: string
+    - jsonPath: .status.summary.pass
+      name: Pass
+      type: string
+    - jsonPath: .status.summary.fail
+      name: Fail
+      type: string
+    - jsonPath: .status.summary.skip
+      name: Skip
+      type: string
+    - jsonPath: .status.summary.warn
+      name: Warn
+      type: string
+    - jsonPath: .status.summary.notApplicable
+      name: Not Applicable
+      type: string
+    - jsonPath: .status.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.scheduledScanConfig.cronSchedule
+      name: CronSchedule
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              scanProfileName:
+                nullable: true
+                type: string
+              scheduledScanConfig:
+                nullable: true
+                properties:
+                  cronSchedule:
+                    nullable: true
+                    type: string
+                  retentionCount:
+                    type: integer
+                  scanAlertRule:
+                    nullable: true
+                    properties:
+                      alertOnComplete:
+                        type: boolean
+                      alertOnFailure:
+                        type: boolean
+                    type: object
+                type: object
+              scoreWarning:
+                enum:
+                - pass
+                - fail
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              NextScanAt:
+                nullable: true
+                type: string
+              ScanAlertingRuleName:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              display:
+                nullable: true
+                properties:
+                  error:
+                    type: boolean
+                  message:
+                    nullable: true
+                    type: string
+                  state:
+                    nullable: true
+                    type: string
+                  transitioning:
+                    type: boolean
+                type: object
+              lastRunScanProfileName:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              summary:
+                nullable: true
+                properties:
+                  fail:
+                    type: integer
+                  notApplicable:
+                    type: integer
+                  pass:
+                    type: integer
+                  skip:
+                    type: integer
+                  total:
+                    type: integer
+                  warn:
+                    type: integer
+                type: object
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanbenchmark.yaml
new file mode 100644
index 000000000..fd291f8c3
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanbenchmark.yaml
@@ -0,0 +1,54 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.clusterProvider
+      name: ClusterProvider
+      type: string
+    - jsonPath: .spec.minKubernetesVersion
+      name: MinKubernetesVersion
+      type: string
+    - jsonPath: .spec.maxKubernetesVersion
+      name: MaxKubernetesVersion
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapName
+      name: customBenchmarkConfigMapName
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapNamespace
+      name: customBenchmarkConfigMapNamespace
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              clusterProvider:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapName:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapNamespace:
+                nullable: true
+                type: string
+              maxKubernetesVersion:
+                nullable: true
+                type: string
+              minKubernetesVersion:
+                nullable: true
+                type: string
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanprofile.yaml
new file mode 100644
index 000000000..1e75501b7
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanprofile.yaml
@@ -0,0 +1,36 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanprofiles.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanProfile
+    plural: clusterscanprofiles
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              skipTests:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+            type: object
+        type: object
+    additionalPrinterColumns:
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
diff --git a/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanreport.yaml
new file mode 100644
index 000000000..6e8c0b7de
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/2.0.5-rc4/templates/clusterscanreport.yaml
@@ -0,0 +1,39 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanreports.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanReport
+    plural: clusterscanreports
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              reportJSON:
+                nullable: true
+                type: string
+            type: object
+        type: object
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/Chart.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/Chart.yaml
new file mode 100644
index 000000000..dc75f1b53
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: CIS Benchmark
+  catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.25.0-0'
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+  catalog.cattle.io/rancher-version: '>= 2.6.0-0 < 2.7.0-0'
+  catalog.cattle.io/release-name: rancher-cis-benchmark
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: rancher-cis-benchmark
+apiVersion: v1
+appVersion: v2.0.5-rc4
+description: The cis-operator enables running CIS benchmark security scans on a kubernetes
+  cluster
+icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+keywords:
+- security
+name: rancher-cis-benchmark
+version: 2.0.5-rc4
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/README.md b/charts/rancher-cis-benchmark/2.0.5-rc4/README.md
new file mode 100644
index 000000000..50beab58b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/README.md
@@ -0,0 +1,9 @@
+# Rancher CIS Benchmark Chart
+
+The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
+
+# Installation
+
+```
+helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
+```
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/app-readme.md b/charts/rancher-cis-benchmark/2.0.5-rc4/app-readme.md
new file mode 100644
index 000000000..5e495d605
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/app-readme.md
@@ -0,0 +1,15 @@
+# Rancher CIS Benchmarks
+
+This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/cis-scans/v2.5/).
+
+This chart installs the following components:
+
+- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
+- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
+- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
+- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
+- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
+    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
+    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/_helpers.tpl b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/_helpers.tpl
new file mode 100644
index 000000000..b7bb00042
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/_helpers.tpl
@@ -0,0 +1,27 @@
+{{/* Ensure namespace is set the same everywhere */}}
+{{- define "cis.namespace" -}}
+  {{- .Release.Namespace | default "cis-operator-system" -}}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/alertingrule.yaml
new file mode 100644
index 000000000..1787c88a0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/alertingrule.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.alerts.enabled -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: rancher-cis-pod-monitor
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  podMetricsEndpoints:
+  - port: cismetrics
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-aks-1.0.yaml
new file mode 100644
index 000000000..1ac866253
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-aks-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: aks-1.0
+spec:
+  clusterProvider: aks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.20.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.20.yaml
new file mode 100644
index 000000000..898976581
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.20.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.20
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.23.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.23.yaml
new file mode 100644
index 000000000..a4c6d1ff2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.23.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.23
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.5.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.5.yaml
new file mode 100644
index 000000000..39e8b834a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.5.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.5
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.6.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.6.yaml
new file mode 100644
index 000000000..93ba064f4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-cis-1.6.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.6
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.16.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-eks-1.0.1.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-eks-1.0.1.yaml
new file mode 100644
index 000000000..d1ba9d295
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-eks-1.0.1.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.0.1
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-gke-1.0.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-gke-1.0.yaml
new file mode 100644
index 000000000..72122e8c5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-gke-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-hardened.yaml
new file mode 100644
index 000000000..872bb9b3b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.20-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-permissive.yaml
new file mode 100644
index 000000000..58ec00f23
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.20-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.20-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-hardened.yaml
new file mode 100644
index 000000000..bd6ce6188
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.23-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-permissive.yaml
new file mode 100644
index 000000000..dd6dee3bb
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.23-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.23-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-hardened.yaml
new file mode 100644
index 000000000..3ca9b6009
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.6-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.20.5"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-permissive.yaml
new file mode 100644
index 000000000..6d4253c6e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-k3s-cis-1.6-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.6-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.20.5"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-hardened.yaml
new file mode 100644
index 000000000..0555922ad
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.20-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-permissive.yaml
new file mode 100644
index 000000000..d09e9e1ed
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.20-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.20-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-hardened.yaml
new file mode 100644
index 000000000..bc6ad77a6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.23-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-permissive.yaml
new file mode 100644
index 000000000..f63b45590
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.23-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.23-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-hardened.yaml
new file mode 100644
index 000000000..b5627f966
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-permissive.yaml
new file mode 100644
index 000000000..95f80c0f0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.5-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-hardened.yaml
new file mode 100644
index 000000000..d75de8154
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-permissive.yaml
new file mode 100644
index 000000000..52428f4a7
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke-cis-1.6-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-hardened.yaml
new file mode 100644
index 000000000..95375fbea
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.20-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-permissive.yaml
new file mode 100644
index 000000000..51da408b9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.20-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.20-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.19.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-hardened.yaml
new file mode 100644
index 000000000..1e2cb2a3a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.23-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-permissive.yaml
new file mode 100644
index 000000000..eef970c0e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.23-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.23-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.21.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-hardened.yaml
new file mode 100644
index 000000000..3d83e9bd8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.18.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-permissive.yaml
new file mode 100644
index 000000000..f66aa8f6e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.5-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.18.0"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-hardened.yaml
new file mode 100644
index 000000000..3593bf371
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.6-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.20.5"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-permissive.yaml
new file mode 100644
index 000000000..522f846ae
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/benchmark-rke2-cis-1.6-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.6-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.20.5"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/cis-roles.yaml
new file mode 100644
index 000000000..23c93dc65
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/cis-roles.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-admin
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-view
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/configmap.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/configmap.yaml
new file mode 100644
index 000000000..1a9cd1809
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/configmap.yaml
@@ -0,0 +1,18 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: default-clusterscanprofiles
+  namespace: {{ template "cis.namespace" . }}
+data:
+  # Default ClusterScanProfiles per cluster provider type
+  rke: |-
+    <1.21.0: rke-profile-permissive-1.20
+    >=1.21.0: rke-profile-permissive-1.23
+  rke2: |-
+    <1.21.0: rke2-cis-1.20-profile-permissive
+    >=1.21.0: rke2-cis-1.23-profile-permissive
+  eks: "eks-profile"
+  gke: "gke-profile"
+  aks: "aks-profile"
+  k3s: "k3s-cis-1.23-profile-permissive"
+  default: "cis-1.23-profile"
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/deployment.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/deployment.yaml
new file mode 100644
index 000000000..ab0bb3e24
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/deployment.yaml
@@ -0,0 +1,55 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cis-operator
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    cis.cattle.io/operator: cis-operator
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  template:
+    metadata:
+      labels:
+        cis.cattle.io/operator: cis-operator
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      containers:
+      - name: cis-operator
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
+        imagePullPolicy: Always
+        ports:
+        - name: cismetrics
+          containerPort: {{ .Values.alerts.metricsPort }}
+        env:
+        - name: SECURITY_SCAN_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
+        - name: SECURITY_SCAN_IMAGE_TAG
+          value: {{ .Values.image.securityScan.tag }}
+        - name: SONOBUOY_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
+        - name: SONOBUOY_IMAGE_TAG
+          value: {{ .Values.image.sonobuoy.tag }}
+        - name: CIS_ALERTS_METRICS_PORT
+          value: '{{ .Values.alerts.metricsPort }}'
+        - name: CIS_ALERTS_SEVERITY
+          value: {{ .Values.alerts.severity }}
+        - name: CIS_ALERTS_ENABLED
+          value: {{ .Values.alerts.enabled | default "false" | quote }}
+        - name: CLUSTER_NAME
+          value: '{{ .Values.global.cattle.clusterName }}'
+        resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/network_policy_allow_all.yaml
new file mode 100644
index 000000000..6ed5d645e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 000000000..e78a6bd08
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,29 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ template "cis.namespace" . }}]
+
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/rbac.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/rbac.yaml
new file mode 100644
index 000000000..4ff88ea5f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/rbac.yaml
@@ -0,0 +1,43 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-role
+rules:
+- apiGroups:
+  - '*'
+  resources:
+  - '*'
+  verbs:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-operator-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: cis-operator-installer
+subjects:
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  kind: ClusterRole
+  name: cluster-admin
+  apiGroup: rbac.authorization.k8s.io
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.20.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.20.yaml
new file mode 100644
index 000000000..05263ce7d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.20.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.20-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.20
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.23.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.23.yaml
new file mode 100644
index 000000000..c59d8f51f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.23.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.23-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.23
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.5.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.5.yml
new file mode 100644
index 000000000..d69ae9dd5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.5.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.5-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.5
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.6.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.6.yaml
new file mode 100644
index 000000000..8a8d8bf88
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-cis-1.6.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.6-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.6
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-hardened.yml
new file mode 100644
index 000000000..a0b6cb6f6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.20-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-permissive.yml
new file mode 100644
index 000000000..89885548d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.20-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.20-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-hardened.yml
new file mode 100644
index 000000000..724412d3a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.23-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-permissive.yml
new file mode 100644
index 000000000..9f9213de1
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.23-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.23-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-hardened.yml
new file mode 100644
index 000000000..095e977ab
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.6-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-permissive.yml
new file mode 100644
index 000000000..3b22a80c8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-k3s-cis-1.6-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.6-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-hardened.yaml
new file mode 100644
index 000000000..c36cf38c9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.20
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-permissive.yaml
new file mode 100644
index 000000000..cfeb4b34c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.20
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-hardened.yaml
new file mode 100644
index 000000000..007331149
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.23
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-permissive.yaml
new file mode 100644
index 000000000..085b60dfa
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.23-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.23
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-hardened.yml
new file mode 100644
index 000000000..4eabe158a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.5
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.5-hardened
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-permissive.yml
new file mode 100644
index 000000000..1f78751d1
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.5-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.5
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.5-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-hardened.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-hardened.yaml
new file mode 100644
index 000000000..d38febd80
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-permissive.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-permissive.yaml
new file mode 100644
index 000000000..d31b5b0d2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-hardened.yml
new file mode 100644
index 000000000..decc9b651
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.20-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-permissive.yml
new file mode 100644
index 000000000..74c96ffc4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.20-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.20-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-hardened.yml
new file mode 100644
index 000000000..abc1c2a21
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.23-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-permissive.yml
new file mode 100644
index 000000000..51cc519ac
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.23-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.23-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-hardened.yml
new file mode 100644
index 000000000..83eb3131e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.5-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.5-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-permissive.yml
new file mode 100644
index 000000000..40dc44bdf
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.5-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.5-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.5-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-hardened.yml
new file mode 100644
index 000000000..c7ac7f949
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.6-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-permissive.yml
new file mode 100644
index 000000000..96ca1345a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofile-rke2-cis-1.6-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.6-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileaks.yml
new file mode 100644
index 000000000..ea7b25b40
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileaks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: aks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: aks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileeks.yml
new file mode 100644
index 000000000..3b4e34437
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofileeks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: eks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: eks-1.0.1
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofilegke.yml
new file mode 100644
index 000000000..2ddd0686f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/scanprofilegke.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/serviceaccount.yaml
new file mode 100644
index 000000000..ec48ec622
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  name: cis-operator-serviceaccount
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/validate-install-crd.yaml
new file mode 100644
index 000000000..562295791
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/templates/validate-install-crd.yaml
@@ -0,0 +1,17 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/2.0.5-rc4/values.yaml b/charts/rancher-cis-benchmark/2.0.5-rc4/values.yaml
new file mode 100644
index 000000000..c372275c0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/2.0.5-rc4/values.yaml
@@ -0,0 +1,49 @@
+# Default values for rancher-cis-benchmark.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  cisoperator:
+    repository: rancher/cis-operator
+    tag: v1.0.9
+  securityScan:
+    repository: rancher/security-scan
+    tag: v0.2.8-rc3
+  sonobuoy:
+    repository: rancher/mirrored-sonobuoy-sonobuoy
+    tag: v0.56.7
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+affinity: {}
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.20.2
+
+alerts:
+  enabled: false
+  severity: warning
+  metricsPort: 8080
diff --git a/index.yaml b/index.yaml
index d8a841e15..7793ffeff 100755
--- a/index.yaml
+++ b/index.yaml
@@ -2587,6 +2587,32 @@ entries:
     - assets/rancher-backup-crd/rancher-backup-crd-1.0.200.tgz
     version: 1.0.200
   rancher-cis-benchmark:
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: CIS Benchmark
+      catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.25.0-0'
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+      catalog.cattle.io/rancher-version: '>= 2.6.0-0 < 2.7.0-0'
+      catalog.cattle.io/release-name: rancher-cis-benchmark
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: rancher-cis-benchmark
+    apiVersion: v1
+    appVersion: v2.0.5-rc4
+    created: "2022-07-11T16:34:56.141449099+05:30"
+    description: The cis-operator enables running CIS benchmark security scans on
+      a kubernetes cluster
+    digest: 8bdc9d8c697480511327c8e9245af0567bcc9e99abb7933e8b6ff3f50504756a
+    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+    keywords:
+    - security
+    name: rancher-cis-benchmark
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-2.0.5-rc4.tgz
+    version: 2.0.5-rc4
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -2852,6 +2878,20 @@ entries:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.100.tgz
     version: 1.0.100
   rancher-cis-benchmark-crd:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+    apiVersion: v1
+    created: "2022-07-11T16:34:56.143793083+05:30"
+    description: Installs the CRDs for rancher-cis-benchmark.
+    digest: 6ca66a29d5caba799cbfdeac791127172b8c360c604c63647381fcc2488a8bc0
+    name: rancher-cis-benchmark-crd
+    type: application
+    urls:
+    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-2.0.5-rc4.tgz
+    version: 2.0.5-rc4
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"
diff --git a/release.yaml b/release.yaml
index d4fd354b5..8d2d73549 100644
--- a/release.yaml
+++ b/release.yaml
@@ -1,3 +1,35 @@
+fleet:
+- 100.0.4+up0.3.10-rc1
+fleet-agent:
+- 100.0.4+up0.3.10-rc1
+fleet-crd:
+- 100.0.4+up0.3.10-rc1
+harvester-csi-driver:
+- 100.0.3+up0.1.14
+rancher-aks-operator:
+- 100.0.5+up1.0.6-rc4
+rancher-aks-operator-crd:
+- 100.0.5+up1.0.6-rc4
+rancher-csp-adapter:
+- 1.0.0+up1.0.0-rc2
+rancher-cis-benchmark:
+- 2.0.5-rc4
+rancher-cis-benchmark-crd:
+- 2.0.5-rc4
+rancher-eks-operator:
+- 100.0.3+up1.1.4-rc2
+rancher-eks-operator-crd:
+- 100.0.3+up1.1.4-rc2
+rancher-gatekeeper:
+- 100.2.0+up3.8.1
+rancher-gatekeeper-crd:
+- 100.2.0+up3.8.1
+rancher-gke-operator:
+- 100.0.3+up1.1.4-rc2
+rancher-gke-operator-crd:
+- 100.0.3+up1.1.4-rc2
+rancher-istio:
+- 100.4.0+up1.14.1
 rancher-monitoring:
 - 100.1.3+up19.0.3
 rancher-monitoring-crd:
@@ -8,37 +40,3 @@ rancher-webhook:
 - 1.0.5+up0.2.6-rc5
 system-upgrade-controller:
 - 100.0.3+up0.3.2
-rancher-gatekeeper:
-- 100.1.1+up3.7.1
-- 100.2.0+up3.8.1
-rancher-gatekeeper-crd:
-- 100.1.1+up3.7.1
-- 100.2.0+up3.8.1
-rancher-aks-operator:
-- 100.0.5+up1.0.6-rc4
-rancher-aks-operator-crd:
-- 100.0.5+up1.0.6-rc4
-rancher-csp-adapter:
-- 1.0.0+up1.0.0-rc2
-rancher-cis-benchmark:
-- 2.0.5-rc3
-rancher-cis-benchmark-crd:
-- 2.0.5-rc3
-rancher-eks-operator:
-- 100.0.3+up1.1.4-rc2
-rancher-eks-operator-crd:
-- 100.0.3+up1.1.4-rc2
-rancher-gke-operator:
-- 100.0.3+up1.1.4-rc2
-rancher-gke-operator-crd:
-- 100.0.3+up1.1.4-rc2
-harvester-csi-driver:
-- 100.0.3+up0.1.14
-fleet:
-- 100.0.4+up0.3.10-rc1
-fleet-agent:
-- 100.0.4+up0.3.10-rc1
-fleet-crd:
-- 100.0.4+up0.3.10-rc1
-rancher-istio:
-- 100.4.0+up1.14.1