Generated changes

assets/index.yaml

@@ -602,10 +602,10 @@ entries:
       catalog.cattle.io/ui-component: rancher-cis-benchmark
     apiVersion: v1
     appVersion: v1.0.3
-    created: "2020-12-02T17:32:52.357792398Z"
+    created: "2020-12-02T18:05:01.035083426Z"
     description: The cis-operator enables running CIS benchmark security scans on
       a kubernetes cluster
-    digest: b4a3a389580d3a351ff06bf199794ce1de9cd19cfeb695c80a6b6fd8f0eafbee
+    digest: d4f53f96764898de5c096d085d53c2d831acb19fb0ff5f60f05e51db5a7bce66
     icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
     keywords:
     - security
@@ -661,9 +661,9 @@ entries:
       catalog.cattle.io/namespace: cis-operator-system
       catalog.cattle.io/release-name: rancher-cis-benchmark-crd
     apiVersion: v1
-    created: "2020-12-02T17:32:52.358042101Z"
+    created: "2020-12-02T18:05:01.035385226Z"
     description: Installs the CRDs for rancher-cis-benchmark.
-    digest: bb3546b52282fbd22011e6e00aac1f499796101cb2611cc12db9acf7e4d0109b
+    digest: ad963b68fe45ab3b5417f1833e5bd5c26e4431d1d59fb0690b0a48d9acf9d284
     name: rancher-cis-benchmark-crd
     type: application
     urls:
@@ -2043,4 +2043,4 @@ entries:
     urls:
     - assets/rio/rio-0.8.000.tgz
     version: 0.8.000
-generated: "2020-12-02T17:32:52.356910489Z"
+generated: "2020-12-02T18:05:01.034150423Z"

charts/rancher-cis-benchmark/charts-crd/templates/clusterscan.yaml

@@ -19,12 +19,18 @@ spec:
   - JSONPath: .status.summary.skip
     name: Skip
     type: string
+  - JSONPath: .status.summary.warn
+    name: Warn
+    type: string
   - JSONPath: .status.summary.notApplicable
     name: Not Applicable
     type: string
   - JSONPath: .status.lastRunTimestamp
     name: LastRunTimestamp
     type: string
+  - JSONPath: .spec.cronSchedule
+    name: CronSchedule
+    type: string
   group: cis.cattle.io
   names:
     kind: ClusterScan
@@ -40,9 +46,38 @@ spec:
             scanProfileName:
               nullable: true
               type: string
+            scheduledScanConfig:
+              nullable: true
+              properties:
+                cronSchedule:
+                  nullable: true
+                  type: string
+                retentionCount:
+                  type: integer
+                scanAlertRule:
+                  nullable: true
+                  properties:
+                    alertOnComplete:
+                      type: boolean
+                    alertOnFailure:
+                      type: boolean
+                  type: object
+              type: object
+            scoreWarning:
+              enum:
+              - pass
+              - fail
+              nullable: true
+              type: string
           type: object
         status:
           properties:
+            NextScanAt:
+              nullable: true
+              type: string
+            ScanAlertingRuleName:
+              nullable: true
+              type: string
             conditions:
               items:
                 properties:
@@ -102,6 +137,8 @@ spec:
                   type: integer
                 total:
                   type: integer
+                warn:
+                  type: integer
               type: object
           type: object
       type: object

charts/rancher-cis-benchmark/templates/benchmark-cis-1.6.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.6
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.16.0"

charts/rancher-cis-benchmark/templates/benchmark-rke-cis-1.6-hardened.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"

charts/rancher-cis-benchmark/templates/benchmark-rke-cis-1.6-permissive.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"

charts/rancher-cis-benchmark/templates/configmap.yaml

@@ -5,8 +5,8 @@ metadata:
   namespace: {{ template "cis.namespace" . }}
 data:
   # Default ClusterScanProfiles per cluster provider type
-  rke: "rke-profile-permissive"
+  rke: "rke-profile-permissive-1.6"
   rke2: "rke2-cis-1.5-profile-permissive"
   eks: "eks-profile"
   gke: "gke-profile"
-  default: "cis-1.5-profile"
+  default: "cis-1.6-profile"

charts/rancher-cis-benchmark/templates/scanprofile-cis-1.6.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.6-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.6

charts/rancher-cis-benchmark/templates/scanprofile-rke-1.6-hardened.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-hardened

charts/rancher-cis-benchmark/templates/scanprofile-rke-1.6-permissive.yaml

@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-permissive

index.yaml

@@ -602,10 +602,10 @@ entries:
       catalog.cattle.io/ui-component: rancher-cis-benchmark
     apiVersion: v1
     appVersion: v1.0.3
-    created: "2020-12-02T17:32:52.357792398Z"
+    created: "2020-12-02T18:05:01.035083426Z"
     description: The cis-operator enables running CIS benchmark security scans on
       a kubernetes cluster
-    digest: b4a3a389580d3a351ff06bf199794ce1de9cd19cfeb695c80a6b6fd8f0eafbee
+    digest: d4f53f96764898de5c096d085d53c2d831acb19fb0ff5f60f05e51db5a7bce66
     icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
     keywords:
     - security
@@ -661,9 +661,9 @@ entries:
       catalog.cattle.io/namespace: cis-operator-system
       catalog.cattle.io/release-name: rancher-cis-benchmark-crd
     apiVersion: v1
-    created: "2020-12-02T17:32:52.358042101Z"
+    created: "2020-12-02T18:05:01.035385226Z"
     description: Installs the CRDs for rancher-cis-benchmark.
-    digest: bb3546b52282fbd22011e6e00aac1f499796101cb2611cc12db9acf7e4d0109b
+    digest: ad963b68fe45ab3b5417f1833e5bd5c26e4431d1d59fb0690b0a48d9acf9d284
     name: rancher-cis-benchmark-crd
     type: application
     urls:
@@ -2043,4 +2043,4 @@ entries:
     urls:
     - assets/rio/rio-0.8.000.tgz
     version: 0.8.000
-generated: "2020-12-02T17:32:52.356910489Z"
+generated: "2020-12-02T18:05:01.034150423Z"

sha256sum/rancher-cis-benchmark/rancher-cis-benchmark.sum

@@ -1,25 +1,31 @@
 09f57ab0d8519e96543b2d0424db4db5025a14514a9b19a474a373122f7c1e0f  packages/rancher-cis-benchmark/charts/Chart.yaml
 9baf24b59311c30d10bf55b49011eac6b9831cc65b7f27663a34e54654100c54  packages/rancher-cis-benchmark/charts/README.md
 ace091a954095a89b2d4fc2ef0e0f1fafe655b1b945cd09e53cb956fa5d615ac  packages/rancher-cis-benchmark/charts/app-readme.md
-9ad8e48444b777c30f8c8ae5cecb1044bbc84cba0c5e4cbb2bf8cf71a45a3928  packages/rancher-cis-benchmark/charts/crds/clusterscan.yaml
+035482fa4b1066fb19e726c730a3e9751c60157e6cf52544552239a7f84b4b34  packages/rancher-cis-benchmark/charts/crds/clusterscan.yaml
 d14def7b96eff2404a3a33dc16adca5e3032ad4bffe20e844c77f14e3e0059b1  packages/rancher-cis-benchmark/charts/crds/clusterscanbenchmark.yaml
 872edcfd839a8f4916282bf61f9b6c78ee13a26273ed3a0fabdbb3185c06ef2a  packages/rancher-cis-benchmark/charts/crds/clusterscanprofile.yaml
 b7237cad8a73b0b748c99b6f372fde95b6d460cdb750d455d9e04321c4715854  packages/rancher-cis-benchmark/charts/crds/clusterscanreport.yaml
 893e8e37425e74a45834a7533353d15f84e65815a826af217ce3b39f98dc2b8c  packages/rancher-cis-benchmark/charts/templates/_helpers.tpl
 becca0471d85c022ecf824348b21c3a11d38bba0acced43ce993b021a1874390  packages/rancher-cis-benchmark/charts/templates/benchmark-cis-1.5.yaml
+3f9b55b8a5e160fb96100bf70f09450b36bfa3728aff80fe8f61e6d69851eb43  packages/rancher-cis-benchmark/charts/templates/benchmark-cis-1.6.yaml
 813b990fd85cd1328934c9627900e9eeea07c194afa0b709dfcf0eb7fc61cb45  packages/rancher-cis-benchmark/charts/templates/benchmark-eks-1.0.yaml
 21d443b5fbdcf02f911ab7f8114c1eb45c4dffc8fa9c848645d3dbc7a71c70f5  packages/rancher-cis-benchmark/charts/templates/benchmark-gke-1.0.yaml
 3915880e4245d9628c83c7fef64d4341bca2694ddb93628c0551bc4828b6c096  packages/rancher-cis-benchmark/charts/templates/benchmark-rke-cis-1.5-hardened.yaml
 14c91263219b5eb53350c0b2e062915b1c43d5f30b55a5572049ba20fd80804d  packages/rancher-cis-benchmark/charts/templates/benchmark-rke-cis-1.5-permissive.yaml
+53c0f75ac5acc70f97325b1cb6c61e1fe5c11bae0e8342a13022f36d66862955  packages/rancher-cis-benchmark/charts/templates/benchmark-rke-cis-1.6-hardened.yaml
+aa45fee12fe295d93ac0890c08bc1de55bf4097fcc8f5676873dcd020fbc94ba  packages/rancher-cis-benchmark/charts/templates/benchmark-rke-cis-1.6-permissive.yaml
 0c40aef91ce41c01a8256b55125371cdc13f79f0d7fd06db0efaf5d9e5207b83  packages/rancher-cis-benchmark/charts/templates/benchmark-rke2-cis-1.5-hardened.yaml
 e720b2e7a687e597c7bd334658c33013b9d1bcf212e4dbd1e1fc4f6e9c4d6d10  packages/rancher-cis-benchmark/charts/templates/benchmark-rke2-cis-1.5-permissive.yaml
 0393b0ab137aaa765fc6476a7c1a7692f4a20227ccecb75c19cdff3114ccedb3  packages/rancher-cis-benchmark/charts/templates/cis-roles.yaml
-8320218cf4cc9b36ccc0b9be8699ba51ae2ab2c297925fffe377435239f97768  packages/rancher-cis-benchmark/charts/templates/configmap.yaml
+b9ec2ff220f9d538ac4e7a4bdb2c3ab3415d8db378de13c41fd1aff504d96b0e  packages/rancher-cis-benchmark/charts/templates/configmap.yaml
 e3576671c34e9876aaee9e4bf18f5cd2fde9402626b29df81ba81e7d5aef425b  packages/rancher-cis-benchmark/charts/templates/deployment.yaml
 77fcc6ff5d342c3f170058b0bb6f6aa4810aa620138c7fb669b749f0a9755642  packages/rancher-cis-benchmark/charts/templates/network_policy_allow_all.yaml
 94c6519bf22bd835372d73de3ba63c9c62c99167b00bab409cd493e1899732bc  packages/rancher-cis-benchmark/charts/templates/patch_default_serviceaccount.yaml
 b0d928117df2de06bc4469dd0d8abfdb87db4e9547614181efbdc6cc164ae2d5  packages/rancher-cis-benchmark/charts/templates/rbac.yaml
 7dd7c461e68ff8dd98fcee215b5d0951386d127eaa2ebcd56d0f5cd6ccac9dfa  packages/rancher-cis-benchmark/charts/templates/scanprofile-cis-1.5.yml
+818f216c3c1a74ce7b7341b3cec427c91ed37fbd17b0f91fea596f66d42579af  packages/rancher-cis-benchmark/charts/templates/scanprofile-cis-1.6.yaml
+c02efa78e78d0cbe8df54b2089531bbad7e07bc2ee1e17e6232187015b1995b0  packages/rancher-cis-benchmark/charts/templates/scanprofile-rke-1.6-hardened.yaml
+b1b686333bcb9941cb83e2007dbe90810fe2dadc845a4d3271abf7ec566f89de  packages/rancher-cis-benchmark/charts/templates/scanprofile-rke-1.6-permissive.yaml
 c7c40d70234820340f93b5b046055dc21bf9cf98242637dc98472fbf6300909f  packages/rancher-cis-benchmark/charts/templates/scanprofile-rke-hardened.yml
 b689137c836ccdb48ee1bd38b8c925c4e57b5ae123054e1aa8a3ff47c5d24a0a  packages/rancher-cis-benchmark/charts/templates/scanprofile-rke-permissive.yml
 3406a8e64fd8e98b87660030a017f5760c5402948b3098c454e7950c7323236e  packages/rancher-cis-benchmark/charts/templates/scanprofile-rke2-cis-1.5-hardened.yml