From 9435963006b908fdc3ef415ababdb375f9cfdf03 Mon Sep 17 00:00:00 2001
From: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Date: Wed, 19 Oct 2022 18:01:43 +0200
Subject: [PATCH 1/3] make remove

---
 .../rancher-cis-benchmark-crd-3.0.0-rc8.tgz   | Bin 1466 -> 0 bytes
 .../rancher-cis-benchmark-3.0.0-rc8.tgz       | Bin 6622 -> 0 bytes
 .../3.0.0-rc8/Chart.yaml                      |  10 --
 .../3.0.0-rc8/README.md                       |   2 -
 .../3.0.0-rc8/templates/clusterscan.yaml      | 148 ----------------
 .../templates/clusterscanbenchmark.yaml       |  54 ------
 .../templates/clusterscanprofile.yaml         |  36 ----
 .../templates/clusterscanreport.yaml          |  39 -----
 .../3.0.0-rc8/Chart.yaml                      |  22 ---
 .../rancher-cis-benchmark/3.0.0-rc8/README.md |   9 -
 .../3.0.0-rc8/app-readme.md                   |  15 --
 .../3.0.0-rc8/templates/_helpers.tpl          |  27 ---
 .../3.0.0-rc8/templates/alertingrule.yaml     |  14 --
 .../templates/benchmark-aks-1.0.yaml          |   8 -
 .../templates/benchmark-cis-1.20.yaml         |   9 -
 .../templates/benchmark-cis-1.23.yaml         |   8 -
 .../templates/benchmark-cis-1.5.yaml          |   9 -
 .../templates/benchmark-cis-1.6.yaml          |   9 -
 .../templates/benchmark-eks-1.0.1.yaml        |   8 -
 .../templates/benchmark-gke-1.0.yaml          |   8 -
 .../benchmark-k3s-cis-1.20-hardened.yaml      |   9 -
 .../benchmark-k3s-cis-1.20-permissive.yaml    |   9 -
 .../benchmark-k3s-cis-1.23-hardened.yaml      |   8 -
 .../benchmark-k3s-cis-1.23-permissive.yaml    |   8 -
 .../benchmark-k3s-cis-1.6-hardened.yaml       |   9 -
 .../benchmark-k3s-cis-1.6-permissive.yaml     |   9 -
 .../benchmark-rke-cis-1.20-hardened.yaml      |   9 -
 .../benchmark-rke-cis-1.20-permissive.yaml    |   9 -
 .../benchmark-rke-cis-1.23-hardened.yaml      |   8 -
 .../benchmark-rke-cis-1.23-permissive.yaml    |   8 -
 .../benchmark-rke-cis-1.5-hardened.yaml       |   9 -
 .../benchmark-rke-cis-1.5-permissive.yaml     |   9 -
 .../benchmark-rke-cis-1.6-hardened.yaml       |   9 -
 .../benchmark-rke-cis-1.6-permissive.yaml     |   9 -
 .../benchmark-rke2-cis-1.20-hardened.yaml     |   9 -
 .../benchmark-rke2-cis-1.20-permissive.yaml   |   9 -
 .../benchmark-rke2-cis-1.23-hardened.yaml     |   8 -
 .../benchmark-rke2-cis-1.23-permissive.yaml   |   8 -
 .../benchmark-rke2-cis-1.5-hardened.yaml      |   9 -
 .../benchmark-rke2-cis-1.5-permissive.yaml    |   9 -
 .../benchmark-rke2-cis-1.6-hardened.yaml      |   9 -
 .../benchmark-rke2-cis-1.6-permissive.yaml    |   9 -
 .../3.0.0-rc8/templates/cis-roles.yaml        |  49 ------
 .../3.0.0-rc8/templates/configmap.yaml        |  18 --
 .../templates/delete_rolebindings.yaml        |  27 ---
 .../3.0.0-rc8/templates/deployment.yaml       |  55 ------
 .../templates/network_policy_allow_all.yaml   |  15 --
 .../patch_default_serviceaccount.yaml         |  29 ----
 .../3.0.0-rc8/templates/psp.yaml              |  57 -------
 .../3.0.0-rc8/templates/rbac.yaml             | 160 ------------------
 .../templates/scanprofile-cis-1.20.yaml       |   9 -
 .../templates/scanprofile-cis-1.23.yaml       |   9 -
 .../templates/scanprofile-cis-1.6.yaml        |   9 -
 .../scanprofile-k3s-cis-1.20-hardened.yml     |   9 -
 .../scanprofile-k3s-cis-1.20-permissive.yml   |   9 -
 .../scanprofile-k3s-cis-1.23-hardened.yml     |   9 -
 .../scanprofile-k3s-cis-1.23-permissive.yml   |   9 -
 .../scanprofile-k3s-cis-1.6-hardened.yml      |   9 -
 .../scanprofile-k3s-cis-1.6-permissive.yml    |   9 -
 .../scanprofile-rke-1.20-hardened.yaml        |   9 -
 .../scanprofile-rke-1.20-permissive.yaml      |   9 -
 .../scanprofile-rke-1.23-hardened.yaml        |   9 -
 .../scanprofile-rke-1.23-permissive.yaml      |   9 -
 .../scanprofile-rke-1.6-hardened.yaml         |   9 -
 .../scanprofile-rke-1.6-permissive.yaml       |   9 -
 .../scanprofile-rke2-cis-1.20-hardened.yml    |   9 -
 .../scanprofile-rke2-cis-1.20-permissive.yml  |   9 -
 .../scanprofile-rke2-cis-1.23-hardened.yml    |   9 -
 .../scanprofile-rke2-cis-1.23-permissive.yml  |   9 -
 .../scanprofile-rke2-cis-1.6-hardened.yml     |   9 -
 .../scanprofile-rke2-cis-1.6-permissive.yml   |   9 -
 .../3.0.0-rc8/templates/scanprofileaks.yml    |   9 -
 .../3.0.0-rc8/templates/scanprofileeks.yml    |   9 -
 .../3.0.0-rc8/templates/scanprofilegke.yml    |   9 -
 .../3.0.0-rc8/templates/serviceaccount.yaml   |  14 --
 .../templates/validate-install-crd.yaml       |  17 --
 .../3.0.0-rc8/values.yaml                     |  49 ------
 index.yaml                                    |  40 -----
 78 files changed, 1373 deletions(-)
 delete mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc8.tgz
 delete mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc8.tgz
 delete mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc8/Chart.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc8/README.md
 delete mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscan.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanbenchmark.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanprofile.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanreport.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/Chart.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/README.md
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/app-readme.md
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/_helpers.tpl
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/alertingrule.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-aks-1.0.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.20.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.23.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.5.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.6.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-eks-1.0.1.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-gke-1.0.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/cis-roles.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/configmap.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/delete_rolebindings.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/deployment.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/network_policy_allow_all.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/patch_default_serviceaccount.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/psp.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/rbac.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.20.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.23.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.6.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileaks.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileeks.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofilegke.yml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/serviceaccount.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/templates/validate-install-crd.yaml
 delete mode 100644 charts/rancher-cis-benchmark/3.0.0-rc8/values.yaml

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc8.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc8.tgz
deleted file mode 100644
index 0bbb18b8abd2d27293057541528d2badc2283ce3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1466
zcmV;r1x5NFiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI@PbDOvm&a?jtO@Gg(U^_|2Z>ihgP4BL0#>w@b*J5L<0f~{8
zTs=4UzuyQ*3>b{DvE7?`UlL2=TM54XR$9;?`2uyH3)7#W<ckpWQ=e=9?PLL(oF#<8
z#h&K6u6s2aC4XJlE&p{d2crvbG#m`CJnwqsUAW$rd+lB@cVEZbSZoONg}b+}^5Xs@
z22v^l5=xqJk1-AeftouUhyrwkddpFhcogW5S;m#hVGH5=D97v#=@{Qs4v`R|iGbsn
zS+=PNHIUMMvowTZ<s}*e1cQBh>8t;BuJ#}jUr`&O<d{8sJs%C%BBJE?Cus<Rz%W`M
zn@m3#_Na6<meXr;M9T=r45BCyJh^MV=NG?2$93Gk=I?r^ex_}#KK=>AC;&q9mItvR
z)P{rHNe?#1zvm7-uNeOWZ#cR<$Nw=bA2|>S{7xwCFXKGDGd2XDz21|M{+LZ-Ln@r2
zQL*Ou0Uw1FNd$yQ-~)lxk2HRAgfR{mW);yr6Ct+)=UT;4A_Te4^!h}I7|Xn-Q1={U
z(i#P^hM?%8$C%;D24*(8$5<AY306Ow*0YyD7}U>J&a6_U4Wu;8G1mgVpR5gnJ1r!k
zo~R%WWj3=u`(~8916qukV+bfVP5_3cv9$BN)9O(Kcne_)_HtKpOUZ_0-KnS;(n8K_
z9hf)_K`$Lr1VI7!A=lChDgt8)NO!A-RzQy+ic|Xks-YE-c@j|p=zi7E3g|D;vH<kw
zs-YE-RCJT7{VXUx&Ra!nt!pdnj4KZ!L_-i3SNwZ*X9IAA+%bHCejK2088%V!QOq5#
zmAuc|i)38ySaV_Gna;vJW4?_QyM!_O`=4|OUtkC?ohm|kbNA`%@V?N@Sfp*XC$Yjw
zF3z-IW!2+SM}@#DcQYpAAg~W27sYv7TU;J`?Y^~!ub;TJ{8OmvZ-j4Hfi;bU(rVU3
z#geMMq!3on=7~s_&EDjj05whbnds(wVGXR0FLI*7C_t+5w3_ftsQ^K42D6eA>%Fkj
z5o-1gIn@xTveR&-(F%-^70f{yhwH6<mQ&w+b52WFwkx@7CY=TGmZ5ix-^qr?O$DoV
zkGlI8t_eA}bn7~*xsquPuVA4d3@gdmL|v=g4;rLNkgZ17@okGZX$<Mq-ye|=gopPP
zqA_+CbWkT6!6<oHA64w`+D9_rfF3qV(N;kLTEnu`=L-`Bu<SUyq1H-oN;vhJyODGI
z=S0hdgMrhl4phoMYh3<@XIy=n=u#fbd(bYi)hs<?{elv8QYBeO-?SCU_TC-S)F#&5
zwnc?Az-|yW+3&a~dlD57XPYaNlj3fd+T+tMSJqOxvZK&=>O#m*YAx%3t5Ru;LSRGv
ze{emzD%Jn&|L6MOG3?OwzgNO^SO|Rof|+zzR0LN}Pg@#{kUQD5?zDOq{;OmbDuSiH
zElNG1kiW$<)Dj6z_WTOSpX&!~0}tOD;Ohr$0nZaAy*|aX<nkG!wTkH$1NU^7ypP)2
zXMXe#T`en-uG4e%hWm3YKj~Y<4xLpIzEk{)aO@6$pUqXv{2!&Kk#?^E8}h$*IT)7m
z|KNH!I_Ljm*rD@(Mwkw>fBxNBMecub*nQ^zkp%uVR1Y9l_Qd&shT0TP8_Ovhizz!6
zw3>B~?XY1h-`c|N;C*#xVRfet=~mWK|20Oc^;cm{`hRtKS=Rq6@BID8QS8wApAx1+
z`JX0$b?TqFJN>cmK=1hX7AN)-C9*@-xKpD2djIA2i2L{h#DBg1Pe0y#`25ic{k?rO
zegEr?2Bq(RFGt?F{&y7n--eG}Z`d^LV|)Rc7%hO9So@qdHt4h2vhI`GQ?KxBXFJ>3
U&Q@jr1^@v6|2qT`b^tU009w=3)&Kwi

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc8.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc8.tgz
deleted file mode 100644
index 1c8c7a5104a17bb4dd48cf4b136fcad931a84280..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6622
zcmXAuWmptU*MJw07HN=NBm@aTQ96}Y>5`BXP>`ilSh`E38|f}76_%0^Nl6iwP#Tu5
zjrn-qZ~mURPRupuo*8H?2_59W1@1uvtkiTxY}8(eJ@=J-Y%OXiVypM~jftM5n3kcT
z*b5`4w^q)!zWO>aS+&<r?;yM8J8laSX`{$#y@Hf^x5?MK-jYRGdHmk1xksAGUh`Xd
z+dn+o?;NT1WZ=(19GYixz31)cc^B|~sFig~`=UH1L+f-OD6b|Q=eoPx>3-nJ&?OW}
z;z&02Qt$y{=i4jG`+JXH`Hdw6IkzsbQAS?DS{Fued-0?FV}8AgaFPAf(TEQF#U%%k
zP5GybHny)K6x4p^d&*1KIsNOTvDC=yOBUh3D-^~m*f6l(5?XT7b+<Z{U`X&ucwe5l
zV)&}H<R7e8bV(E6^KQKRLvcabO2RkSX;%Dw-syY`BlQdL4eg8-<+}-IeBS+q_&!My
zt;f+UOlNHWe7AO58LpGg<>{+?+u-$`_q$y;Dq=*S5@~U!)<WEZ<V7M66xj>AVc}W<
z%g;E&Q^Tapska+b`EHHO%epEWAN$untM|2&e#OD<vSP_Eb>7i);mYe|&<V>|_Czhz
zc^Tz~5*sT_{Rm%td0VSCVA{lLOK>Q|=(Zq7T5p<Mk;1>)zYSV}anAygj#fw{hIP*T
z>w=r2M9zgS5?vou^XiGh;S@ozkHWn|cOicDZM7g;7tUEV@jKRZR>ex;dPxOnuIi_;
z68xv(DV-S}QVEkjJqa4sgcc-8pVk^AY1s@QLM~EVrhmpvz3X2+*pE>k)_C|%cBWe0
zdrQOQkMFeK+cSB8!)kzPU<{H-!{eI(*zWr5X;3sVw+ZeZuyzD9-I9s!ky91zkNr36
zEUOA-P~zaEQjyO^_&bi=wy?g}tt`44Om;xTO6jg}p7AlMB)RY&hegAXa+pTMjNr0b
z&*XXi4XaiY+vtsg8cOO1!_!(}5*N>@hAyP;81UARdvHW=XneTNyUchRRv4BjeyjAW
zUd+>%8V1G5+rI<QV+`IZ{5&f2k1Tf<D+Eb5;zAw2D}Icv;a0UlS5L2U7<aKz(ViSs
zgpa$QP$~qI)Nj;K6GsZAE0`-~>QnH(cNuhw|5F~DJV&BuM0fx}5+qj|)o;^B>a0*P
zkmP=Dvh2fKEOIMs#B+``kCN@CD!gUXqQGGvTtSQbrz>DsA|AX%JGx0zPUoQf7vEQD
z%Qx3cH${&d-@dRBuF9t)HK~#=Iz2S_+97<)@P+OKKJ$#>cF#!0Mgx7Jd+rz2a<Y&`
zIN=j{i^`jP5*#<ycl6BRx1N<cQVx=~wW{bPcrN_pcJXL@vrQ|lp+CPF-KjEo7)rYB
z`E_{noF?sysXx{TrKbPgf`AI$?;s0LSQ2GSiY!|WmpRIet*5fBWzh+5i<s|Uclw!p
z2G8J<s!Xi*RWRGsUJv2vB2b<0*4()~PW$3ngc7MGRO7i!BZ;27SrMsb{mJjyL+;En
z3H;6QO5zocapXr#(pg%+u&EB;9<DG^zSYD>j4Nf(GXwL-MsHU+q40#mR&n#Lvfmo>
zx{})Tt-Y2&=K0z4-!$9)m3av#UV40F_21V6XZKr8<_Or&6dX<$Nwci9g4Qo&UCbxx
z*B_<i@Th6Bx_)oVDKJ_zS`_Z;37qF^0nuLjf9`i32a}s#rJ4sf9wH0mf6jrXrls+@
z>-~2yeo17mP3@vERIirlgI8$H;6tjW^RB}LLVWUK<5$^CZ)iyzO<~aQx0vKUC$623
zjgI_50c;76chA+oAb3lw%|#B#xT?y35LNEf#Puk&>X5a{=*nap+eYj{pN>7&H#_Vq
z*0$oAc&}NWQ+NiC(fq25zf7tY`1!bbaH{<H#SV03Q)DL9L0N{<YW78z>W=HXrzbAD
z0^Y8_brnmO8w@<8OFC0WEgl4JJlG}sTi>Op_`!u?nTXxNTk(EIkVj078EiW;twpw?
zuUG2j=B<=Gt;Cqrz}dVt?wBg)E+?XdoPsldFWP@~&b*y$Z!Iv)mUSIp>-4@;eds11
zu74*gUUcN4p*2!bNBa88g2nR5hRi|1woknh@Q$?ac!x!z^5RugfOv4+(oL+8v|G!Q
z8Pl1Wl#yhef1T7)t!(|lqzhKVqXBiEs^!v(Mn3}>BOHVjtr?$H|7peaMU9yWXbAYR
zzZjC0;V$aU@obnV(-L}|k>Nlo;uhY#R?f?Te7hn2Ex4s@MvCS1Bh!<sYY$Qhj8mtX
zM+F9C3`fn-Eh_5E)abO!HNMP;IM`j^!`%8Q4zvr8c0UN50XyeccDOPo+xd<cnPJm)
zPgVc*cYBBm<ZpO$bCEvf0_*%a2kTNn%%#*{m}2j~Z1wko*?KR)>D~s=&*cODF!nTP
zHALf5p8fTu{B345k|bdm7^`>*KxFTH&IWKpj8O}wbrpim!)EJHsrGeapi^Do8y0$#
zI0C#VV8BsU9wCt8XNZ@qKY$J!4oILt;@C})t-ywX8i;`+nqwpj(=puaTI~81BfrCp
z6AzZUkgxp-T$z9c6AsFVK8Aj}L@aeP7yJQG`%C#<7J#5;O$X6&yE70=I|zb%cMM#z
zJ(2+OkB&k7avLVm)>a(7;cYnwc&y+!B!yBVk)@D`cW}tpbTPg)P#`^ca6R#|uonL*
z3#WWo{Jrda&?anYNbpuw8Mnij7shdpb|T~7fO}zKbExcdz^oXLK@LVuKr96L58*Cm
zXe9K^{R}ZHih<!bAHokV&ydwbGl?-6`ARH`vS|%iAz(BAvyu<NiZd5D>#u+dkz+(8
z$ZrB%y}(YJ5e%r_#$``;UFpOF;!GfWaV?Q;0<BC_1Hk4ch$kv%K_BNM6+@4KO)pS!
zF~c$b7<9fmPM%f}MH@-;A0hTH;UzRT0gJ+QYy)^A%*)X_(SYJ7$j>}QsA#i*^GqOY
zg~-HKLFq3o&M~0C{tSqRFkixNpka>`7R!5p4)z$V)n)?N4bMZkN7xF&m!&>Xe+|BO
z46vP<!12cEA-LTOFT&eap~s2W<K)F~aMAKufUXAV4ajQTbmChKtPA(Q0tH~?BmS2v
zYaa+~rhxpzjMV~)Q58D?=aP^D<hFlxaOWdeNWD+|fbtOX;}V{h4aAY)Es^IDT#K^H
zA&6J$F%H^-R}cp-PZ8ajmpE_H@<ib84Dm_9+F|RQ_5XnfdvJIL7B}nSV%G^KNVfli
z2fK&~$mu5<K=}vaa)CiwzPCFAVj;gT5F1261G(@foRK*H5g0^+<1^%YP{cGf2#Wq!
zUdGf5_%czD#u@Sg#21L+Q0;iju4mb&h%Y)H!07_~7^lTm{sE{q02P9%*oU|(bdE1a
zB|FY^6a)&}gRdPQn6Aqy2rlWQ#cur#aXpg1I)I_~Q~4$dXMcvWsRmhkt2@LJvnvsA
zS?6Qoo4T|#*PC1D<2#2H>w~0|ZqeECus)|<p;Oih7`5vQ?XeFRm%NA@KA4a_sK_Wt
zd>2WOHZG^U*X3O#z$imf_g*kp8U0z7xFWE&C%=4;`p$wps+u=#&gMARQyIE2cOI^3
z>23kdtjnW65+%z?LD$o4i5kabXHPI?3OD3Cr~lm=66bC2ElA|Ne}2QzqVO{&d#HQ=
zB;O>GNnf=Bo2XnUheqzKV}LWleg?2878iL6BYJUZZU_`TpA(~<#6ht^wI-!xzr5zT
zq#tc*Ci`nM<u{yApX%rj(0G<4GxYeAw<jWs2vZYvtTK#nJHkJyh^8chW2K>wf7t>d
zL@7x^i()LzTUtqp%^l<H;4q<M-S4~6yrS8cm}-(&mDRkFjbE8<9ND*U2Sv2Keimuu
zK3^WBGw{O0-ih$hS{d9TWebdBI}Dz7-7CCbc-*TR^7;xmO^s}VK)BO7oLO<EFrOdk
zy!H)<XEXeU@X#4*@TGWtN>P`+5hXKphX1WZh#{BI#(R(SNYXf1eq$~i<1V1_%bwkJ
zW{-4ITzOdna=)$2flRc&d$RRZB3{IgIU>tywWKuDW`*JzHFA2k3l&YUk<g3JkK`qw
zS|=Dtb`>BC>V@bC{xEC9qhuXw6LSocdbJ#K1b=goU6N<YNmk&rfQq8o#!uZ$ZFHxk
zWZ)FF1yLQ4uw2di@8h`9q{1DmREQ!c69scmCI-!iTB+u(SGA2LJt>UB^lfb(TM(Y`
zwSqyOI*)wKasM`Ac3HREsTtbK6;=ajF7Iv#+<3X#-WYA_9BxcbI=nFWdC@I{_Rgi0
zhX^}+^20G%vF~{S*UbGPuO`AhM6G{z^H<r>z6;IR^_bb)duT?O$2iLeeN1cni=pzz
zFppvJ)m*~Exjc)gZ#i^TCySro%bmq(-)Y#uo8{`f=e0lQbe1L<ol~%+Np4XK0upP|
z6<(j>DMaI-Iq`1C@ZQ3CfFzmx0!4SumE*+K$50t9(L5-HR_Gl{t?pPKM8^^pZ{`rk
z%t}KtMbZ7#3cqX($FZqK22OKnLYTl%2d!*G#e5CDduEBpsya_@IoHB1YS+fE)7Ekh
z<xE;$j{WYi@L5jZ+OjdR7g?3lG~B$ScWo=FYj3BUN-_9%mDCsUZM&Kv@H@sfT-*<@
zB6o%<<rkN}$-&|Nm-`qPV@378!55}X*=p<!2|Ql6n*QnqiZ(4BXZajZQ!kNdOCuH_
zcZx#7!6GFR=&Q0Zz5W$cGrZku5E4+uP}WgoQYQ>^9z(t|gSWK@cpt7@9i5KsO`p#~
zkM8BC3=Iw0yg`~_d<w7DCumfM$o}<Hy__Se;1*uWho7IVj>z4^|E@=AcH%Firn<*;
zcH{E|YI8P7o$u%N9;G<+ek}}{j}X}0|M<<3W~+X1M4SIjm4VxF7uk=J;S0EWTMF0w
z4ot)0&%et3#xD(=ZVl9l^Ks)s>anQjCYQLOG!I(NA0>mh^h-G1-<ZR%3od3}v9gIZ
zQy|hOv;-~hhC^CfE?pnD^M~*$WZ0-Xxi6|$wJ;oRYiB$hbp;d#M7;9fua}-gCfhvO
zU{(4oRgO|PQ{l^p&IEpo@?q+qm}Ok~r`LL#9`z8nqm1g)ne#F^pT>KQmjBZ62aS~d
zZ>qh)X_1HX9K31@d_L&oy!r^^`A1zr6m|Yx@?q*a_OnFzMbYT#<zavHJ74lLJkRE-
zl7CeIikt5bwtYswZ1*fszFxWjIB6xZbG?rd3wA&yjh)I-#I|TX+uIwfAt)uKz!mT{
zgH?C0z%V`}$ZP-|P5X22K?8O1JGg_F^m)fUHCBI!(GM2NvV1Q;oQBW)72Y)CL`bbf
zJ1_gsl_wH&zanfxxG6bqLG~SY*X|ugaW~8c9*wAz7iNz8Pd_2=CZN2#DOIqsnp0~^
zB9xJoZdCWNZwlq$)aZ%YJ{mbg`P`a(@(i<ZBVM(rn=c3Nu1Cn1w{+C$^DnI3QV%Kd
zFA^q6e5wTZYs-RB{`EKb8`78H>Eu3R-z+no!^xzDp!3#S<QBs0Y!ckDVz2F5C`~>T
ze{Mw6nNAqK5W1Pk#6v$6&->8x{U`66JlW5M=t#;<_E4Xudj=d4FZE=~sWXUYMSg{_
zJ?`cD_x4W8c6^T<RriU-vf5(3)!aJ*1iipU7Q60=>?CrJ0Gd3ZSM?w?hOY^jjLQGQ
z<7)s#O-p=^z~6oyjf!7Z%f9^OSUPupTF(Fe<um2PSGNRcn%N$lgy9)fMqb~VgGwg(
z49zM6Xr(C({T-=WbHz3HV80jo)fNYN_2~5Go4tIPw#F|u?4SW2Pbr2)t+)aN8t2Cp
zRq#&lqxrfI2vZMKPZBgPxc+>E((`>AO%G%y{$aRc;gluNRqKS+*Hl)PSQX&Z;xOpx
zp890n$`R1??8d{|ky6PCF19bfrwx?bxm8-#a;)zOrWS55o<zaho1a!}<)O`BE%gn*
z^fg=GWI0qAE<QSSoioaM@fqec_WSRniL^;KiNEyPg}7gJeDuXAYvYIfUfjnonF|M-
z;TrBA+12z}nTt=&E7YYOKD)5Oa2IT8M)mQYs~^yO_u-+TZEF<K2)ZSi5y<-mwM?Ch
zCfR;?#rfCd*}Pk9lxh25umd2aMUlXPC=w31{6t}qep(0yqt7xq@OR@&qi)PpS~OCM
z?}i8*c-?<QyOhQ<cTS&Ay}Ni^gb#@050F2>qY&l`d51JW&<n=8RxnT~8aozp4E)xD
zFL4%J5^`W5eiH692VP2qfr`YN#gq^<<`_ZLjsl+Oh-<*jz#x+ojUAHff@Z2H$X@^2
zjL_9zhhLEw<on}hMI1q7Z}8#u{NBSLuV!A@Fmt5t=(QfC$H!cwxic6+U&GE_9A(}(
zjxr95gr;6vG-07xSY&*G7fwDL3%!j-2v;7$-$z{{dvP0MfHmt}o<&g>1C`IcgtF|w
zNh*&3<eFr$V}Za`;x^MYj8BaKUJ+npgFPR(gW2#-%0(j`dFub*?6IKR#cB7N|L%fc
z$X^M{+_-(O+$p2Wtak9WybpwGg33o=_CMwi`ErpDjsk6%yNm&Wb}$INy9+WUK`Zqm
zD?mKbfc%MtMrr(yHIEV5ilS!-9SX}`fG3dyh}m%+jG*Zl9%?mK4IYOO?Si%kN7?Nl
zR3{t|X92Puc<+AK0fPFGHOQWV^j|^42riLzNB9c&!0`@T)*WXmD)A7IkM=t`5Gype
zFtcfgY-5mcVg*Uyeg^;Z7z4X;dW>jbgM97#wHc(UoeCnqL9~aisrMQ<%rP(wVUYF8
zqd&rmp14^jKyh7pECx=4h8g0WDJkQiC-@4N7>n*J<aG?BQ+=S{0>YQ_q8IaD&pJ>b
z{^z-T)^)GoWXJzm^y6U$ysh(Fu}6GsaNv}J#TnJXFxUA19JeMtG2V*M*OWz9z4<GA
zoA>~_y#_zS%)WwI{=dRg8%$&p@IqB&qpAk*F!{*6!&(@1<sAGNi?q9TFeZ+Mzg-7r
zC?)h;=1X#wdq5!fqBH&>F4656bl@_5K^=8*dw#vFyS8%L7MfkPVGNJ)CDtADQ0Ds`
z>jlsE+j4<7Ut<sh?5+)A7bNiE6@L^uQKttiSw0#(Kp>(2UCd<QKJ`?Yh3!hhG6kFA
z19RrfMQ1i;H=A{&J!N!Rnx_%z!a9sE^W~cJxKh{i?F0+%XT6U#TOFJtz<U@tH|ocd
zo030qYpk`7>iDa1LKQEyq~tVh8&SS%X5!d`T!O}5ycP=^M(H1Lv=vFV5e&u{wi(wz
zVeYRVa>gYaEmT%;TzbVd96zEpN{FWxF9igr^PROO@|VRqi?y)~CG7^E7!Mq2l#Je0
zakB<ekPtIA*R55}&cbf=uqNdtl(@5)zbT343<&v)pVTWsydoMPkrES<L%2@!!m8hg
zMql<LIcHB~3&YpR?UF#5$J3o^bUR=t_E;Qsf49UxMdk+vVI|*$TVP30wZqJk<Q45`
z<B#tQv!pm^o|w2+PhS<xWx64$v}H~eIM}r-hx~k-nDPrRsPv18eDNQ|i2U}^IwYa8
z+WsV|om$KZCeNde%Bf~G^f=nPXe2W}-Q!5FDIcgOuU&jAtD0VTf1Idd`s!c0g$emV
zTC~_bI(u91q}Sn*b0*QDQG!{A&u5?X=$2hhbxg9xTqXt}SA!OLSf3K79Kh#x?APJ`
zMWV;pbG!Ob@I*&mteJGHb+cw`%&rhGF^Y|kHc_s!_|-R}O6QT=s_EM?Axh#p_`>2+
zPcazlJ0-$*b4TAcH?q;#TZ_t}oRr*(RHTIW40jN>RfoqVGahtKT`6p36Pn%`(&kWL
zbRse)V%4OMWO6wTBV-Nm$o%+2d^KpV{<W%XG|XckeFkGI$i4WZRk$DLfvcE__DCcV
zwaptatfWtQWkXj^_t9|p3G~+&yN~BNgUTY)F9+I72|AS+erzohmey|Hq9mSrNhJjk
zz~CiZ{{>xgn@9l0F=(xS&#9+VDfxl$RJ%+8z7;n<r{ZbNwi@Y=c^iErt$c}^ylMk!
zoNU?ecOG(j9qikHsZdE!^C`9ZEQcYEzbOZYtiTC*6n$(SZy$wF(_6I13J0pUFCo6&
z)N`>?;UoEM0x^&kmdqUEQq<bjGw~}k4q`#xwE4=HSE;n&dZ<6(Xu8T-El?FQ@Nc3S
zkBLE?Svia+f#$c)CZ9vgZlU*cdt3Gc?SA_Fsl_&iGKXf4(I-4r&ak+p0GZ;b&4Rf5
zrH<U!kEd}GIs+OJeQbx+g;t~L_+tFYu5otty5D<)d3AIsl4wbW(z3ZeO~ecmezKC2
zYqRQiZTI{tl)g+O*lk)RN2xEa#xQhViqQY)ER!;lM4G!%)lroBaZ{P1V{f>RRK3)J
zx}t^R9TkHEVO|-oa?tM+_b(&4bstiiwx}<A?!UeDPRz)wA|%g)o*DG*6ff2ox8_I1
zc}E5yxipQ{D2uf{W}5p*nLaBx5^GA3yAV)nHj|J(&g$WBihB8`a=~x(=aY03#RB?L
z-DV31`BmfOH`bx5`-&9Qp8T0{Hq6m_xm4lWoIx=`Pv?@L;;H@vd>@`C`WsNMl}ae|
z3V);%Wc{Atfi*Ox4t}5aGyEQ*g83pETGx$d04;=>H!1YoVX(8unc`3T)<W+;`0oC%
zY0F;t^g!wsW6Q^VZid0~p*3eoZ}U%+-FdA`&c=8&SQ?_d&FD~zC*hDy)m=i4ajgy1
s5`Vv+X|HR)&hnU~m#ED#oQwE(S6A1vz;{4={gngoDq1!m8hDWZ1J68^Jpcdz

diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/Chart.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc8/Chart.yaml
deleted file mode 100644
index 0ba1da37b..000000000
--- a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/Chart.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-annotations:
-  catalog.cattle.io/certified: rancher
-  catalog.cattle.io/hidden: "true"
-  catalog.cattle.io/namespace: cis-operator-system
-  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
-apiVersion: v1
-description: Installs the CRDs for rancher-cis-benchmark.
-name: rancher-cis-benchmark-crd
-type: application
-version: 3.0.0-rc8
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/README.md b/charts/rancher-cis-benchmark-crd/3.0.0-rc8/README.md
deleted file mode 100644
index f6d9ef621..000000000
--- a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/README.md
+++ /dev/null
@@ -1,2 +0,0 @@
-# rancher-cis-benchmark-crd
-A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscan.yaml
deleted file mode 100644
index 3cbb0ffcd..000000000
--- a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscan.yaml
+++ /dev/null
@@ -1,148 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscans.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScan
-    plural: clusterscans
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    additionalPrinterColumns:
-    - jsonPath: .status.lastRunScanProfileName
-      name: ClusterScanProfile
-      type: string
-    - jsonPath: .status.summary.total
-      name: Total
-      type: string
-    - jsonPath: .status.summary.pass
-      name: Pass
-      type: string
-    - jsonPath: .status.summary.fail
-      name: Fail
-      type: string
-    - jsonPath: .status.summary.skip
-      name: Skip
-      type: string
-    - jsonPath: .status.summary.warn
-      name: Warn
-      type: string
-    - jsonPath: .status.summary.notApplicable
-      name: Not Applicable
-      type: string
-    - jsonPath: .status.lastRunTimestamp
-      name: LastRunTimestamp
-      type: string
-    - jsonPath: .spec.scheduledScanConfig.cronSchedule
-      name: CronSchedule
-      type: string
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              scanProfileName:
-                nullable: true
-                type: string
-              scheduledScanConfig:
-                nullable: true
-                properties:
-                  cronSchedule:
-                    nullable: true
-                    type: string
-                  retentionCount:
-                    type: integer
-                  scanAlertRule:
-                    nullable: true
-                    properties:
-                      alertOnComplete:
-                        type: boolean
-                      alertOnFailure:
-                        type: boolean
-                    type: object
-                type: object
-              scoreWarning:
-                enum:
-                - pass
-                - fail
-                nullable: true
-                type: string
-            type: object
-          status:
-            properties:
-              NextScanAt:
-                nullable: true
-                type: string
-              ScanAlertingRuleName:
-                nullable: true
-                type: string
-              conditions:
-                items:
-                  properties:
-                    lastTransitionTime:
-                      nullable: true
-                      type: string
-                    lastUpdateTime:
-                      nullable: true
-                      type: string
-                    message:
-                      nullable: true
-                      type: string
-                    reason:
-                      nullable: true
-                      type: string
-                    status:
-                      nullable: true
-                      type: string
-                    type:
-                      nullable: true
-                      type: string
-                  type: object
-                nullable: true
-                type: array
-              display:
-                nullable: true
-                properties:
-                  error:
-                    type: boolean
-                  message:
-                    nullable: true
-                    type: string
-                  state:
-                    nullable: true
-                    type: string
-                  transitioning:
-                    type: boolean
-                type: object
-              lastRunScanProfileName:
-                nullable: true
-                type: string
-              lastRunTimestamp:
-                nullable: true
-                type: string
-              observedGeneration:
-                type: integer
-              summary:
-                nullable: true
-                properties:
-                  fail:
-                    type: integer
-                  notApplicable:
-                    type: integer
-                  pass:
-                    type: integer
-                  skip:
-                    type: integer
-                  total:
-                    type: integer
-                  warn:
-                    type: integer
-                type: object
-            type: object
-        type: object
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanbenchmark.yaml
deleted file mode 100644
index fd291f8c3..000000000
--- a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanbenchmark.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscanbenchmarks.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScanBenchmark
-    plural: clusterscanbenchmarks
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    additionalPrinterColumns:
-    - jsonPath: .spec.clusterProvider
-      name: ClusterProvider
-      type: string
-    - jsonPath: .spec.minKubernetesVersion
-      name: MinKubernetesVersion
-      type: string
-    - jsonPath: .spec.maxKubernetesVersion
-      name: MaxKubernetesVersion
-      type: string
-    - jsonPath: .spec.customBenchmarkConfigMapName
-      name: customBenchmarkConfigMapName
-      type: string
-    - jsonPath: .spec.customBenchmarkConfigMapNamespace
-      name: customBenchmarkConfigMapNamespace
-      type: string
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              clusterProvider:
-                nullable: true
-                type: string
-              customBenchmarkConfigMapName:
-                nullable: true
-                type: string
-              customBenchmarkConfigMapNamespace:
-                nullable: true
-                type: string
-              maxKubernetesVersion:
-                nullable: true
-                type: string
-              minKubernetesVersion:
-                nullable: true
-                type: string
-            type: object
-        type: object
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanprofile.yaml
deleted file mode 100644
index 1e75501b7..000000000
--- a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanprofile.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscanprofiles.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScanProfile
-    plural: clusterscanprofiles
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              benchmarkVersion:
-                nullable: true
-                type: string
-              skipTests:
-                items:
-                  nullable: true
-                  type: string
-                nullable: true
-                type: array
-            type: object
-        type: object
-    additionalPrinterColumns:
-    - jsonPath: .spec.benchmarkVersion
-      name: BenchmarkVersion
-      type: string
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanreport.yaml
deleted file mode 100644
index 6e8c0b7de..000000000
--- a/charts/rancher-cis-benchmark-crd/3.0.0-rc8/templates/clusterscanreport.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscanreports.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScanReport
-    plural: clusterscanreports
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    additionalPrinterColumns:
-    - jsonPath: .spec.lastRunTimestamp
-      name: LastRunTimestamp
-      type: string
-    - jsonPath: .spec.benchmarkVersion
-      name: BenchmarkVersion
-      type: string
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              benchmarkVersion:
-                nullable: true
-                type: string
-              lastRunTimestamp:
-                nullable: true
-                type: string
-              reportJSON:
-                nullable: true
-                type: string
-            type: object
-        type: object
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/Chart.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/Chart.yaml
deleted file mode 100644
index 60311c338..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/Chart.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-annotations:
-  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
-  catalog.cattle.io/certified: rancher
-  catalog.cattle.io/display-name: CIS Benchmark
-  catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.25.0-0'
-  catalog.cattle.io/namespace: cis-operator-system
-  catalog.cattle.io/os: linux
-  catalog.cattle.io/permits-os: linux,windows
-  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
-  catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
-  catalog.cattle.io/release-name: rancher-cis-benchmark
-  catalog.cattle.io/type: cluster-tool
-  catalog.cattle.io/ui-component: rancher-cis-benchmark
-apiVersion: v1
-appVersion: v3.0.0
-description: The cis-operator enables running CIS benchmark security scans on a kubernetes
-  cluster
-icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
-keywords:
-- security
-name: rancher-cis-benchmark
-version: 3.0.0-rc8
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/README.md b/charts/rancher-cis-benchmark/3.0.0-rc8/README.md
deleted file mode 100644
index 50beab58b..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/README.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Rancher CIS Benchmark Chart
-
-The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
-
-# Installation
-
-```
-helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
-```
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/app-readme.md b/charts/rancher-cis-benchmark/3.0.0-rc8/app-readme.md
deleted file mode 100644
index 5e495d605..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/app-readme.md
+++ /dev/null
@@ -1,15 +0,0 @@
-# Rancher CIS Benchmarks
-
-This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
-
-For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/cis-scans/v2.5/).
-
-This chart installs the following components:
-
-- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
-- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
-- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
-- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
-- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
-    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
-    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/_helpers.tpl b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/_helpers.tpl
deleted file mode 100644
index b7bb00042..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/_helpers.tpl
+++ /dev/null
@@ -1,27 +0,0 @@
-{{/* Ensure namespace is set the same everywhere */}}
-{{- define "cis.namespace" -}}
-  {{- .Release.Namespace | default "cis-operator-system" -}}
-{{- end -}}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
-  value: "linux"
-  effect: "NoSchedule"
-  operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/alertingrule.yaml
deleted file mode 100644
index 1787c88a0..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/alertingrule.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{- if .Values.alerts.enabled -}}
----
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
-  name: rancher-cis-pod-monitor
-  namespace: {{ template "cis.namespace" . }}
-spec:
-  selector:
-    matchLabels:
-      cis.cattle.io/operator: cis-operator
-  podMetricsEndpoints:
-  - port: cismetrics
-{{- end }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-aks-1.0.yaml
deleted file mode 100644
index 1ac866253..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-aks-1.0.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: aks-1.0
-spec:
-  clusterProvider: aks
-  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.20.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.20.yaml
deleted file mode 100644
index 1203e5bcc..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.20.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.20
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.23.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.23.yaml
deleted file mode 100644
index 920b556ea..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.23.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.23
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.5.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.5.yaml
deleted file mode 100644
index c9e6075fb..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.5.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.5
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.6.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.6.yaml
deleted file mode 100644
index 4f5d66e92..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-cis-1.6.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.6
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-eks-1.0.1.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-eks-1.0.1.yaml
deleted file mode 100644
index d1ba9d295..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-eks-1.0.1.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: eks-1.0.1
-spec:
-  clusterProvider: eks
-  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-gke-1.0.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-gke-1.0.yaml
deleted file mode 100644
index 72122e8c5..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-gke-1.0.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: gke-1.0
-spec:
-  clusterProvider: gke
-  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-hardened.yaml
deleted file mode 100644
index 147cac390..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.20-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-permissive.yaml
deleted file mode 100644
index d9584f722..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.20-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-hardened.yaml
deleted file mode 100644
index ee153603b..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-hardened.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.23-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-permissive.yaml
deleted file mode 100644
index 51f2186f3..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.23-permissive.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.23-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-hardened.yaml
deleted file mode 100644
index 5160cf795..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.6-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-permissive.yaml
deleted file mode 100644
index 10c075985..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-k3s-cis-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.6-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-hardened.yaml
deleted file mode 100644
index 4924679cb..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.20-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-permissive.yaml
deleted file mode 100644
index 2db66d7c6..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.20-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-hardened.yaml
deleted file mode 100644
index f6a99698e..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-hardened.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.23-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-permissive.yaml
deleted file mode 100644
index a26bd63cf..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.23-permissive.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.23-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-hardened.yaml
deleted file mode 100644
index b9154f1ad..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.5-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-permissive.yaml
deleted file mode 100644
index 9da65d55d..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.5-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.5-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-hardened.yaml
deleted file mode 100644
index 77f8a31df..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.6-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-permissive.yaml
deleted file mode 100644
index 600b8df35..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke-cis-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.6-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-hardened.yaml
deleted file mode 100644
index b6cc88359..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.20-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-permissive.yaml
deleted file mode 100644
index fd898bfe8..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.20-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-hardened.yaml
deleted file mode 100644
index 90e356d72..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-hardened.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.23-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-permissive.yaml
deleted file mode 100644
index deafdbda6..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.23-permissive.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.23-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-hardened.yaml
deleted file mode 100644
index 20091ec2b..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.5-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-permissive.yaml
deleted file mode 100644
index 9a86906b0..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.5-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.5-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-hardened.yaml
deleted file mode 100644
index ea2549ef3..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.6-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-permissive.yaml
deleted file mode 100644
index 0afdaaa19..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/benchmark-rke2-cis-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.6-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/cis-roles.yaml
deleted file mode 100644
index 23c93dc65..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/cis-roles.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cis-admin
-rules:
-  - apiGroups:
-      - cis.cattle.io
-    resources:
-      - clusterscanbenchmarks
-      - clusterscanprofiles
-      - clusterscans
-      - clusterscanreports
-    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
-  - apiGroups:
-      - catalog.cattle.io
-    resources: ["apps"]
-    resourceNames: ["rancher-cis-benchmark"]
-    verbs: ["get", "watch", "list"]
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs:
-      - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cis-view
-rules:
-  - apiGroups:
-      - cis.cattle.io
-    resources:
-      - clusterscanbenchmarks
-      - clusterscanprofiles
-      - clusterscans
-      - clusterscanreports
-    verbs: ["get", "watch", "list"]
-  - apiGroups:
-      - catalog.cattle.io
-    resources: ["apps"]
-    resourceNames: ["rancher-cis-benchmark"]
-    verbs: ["get", "watch", "list"]
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/configmap.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/configmap.yaml
deleted file mode 100644
index 1a9cd1809..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/configmap.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-kind: ConfigMap
-apiVersion: v1
-metadata:
-  name: default-clusterscanprofiles
-  namespace: {{ template "cis.namespace" . }}
-data:
-  # Default ClusterScanProfiles per cluster provider type
-  rke: |-
-    <1.21.0: rke-profile-permissive-1.20
-    >=1.21.0: rke-profile-permissive-1.23
-  rke2: |-
-    <1.21.0: rke2-cis-1.20-profile-permissive
-    >=1.21.0: rke2-cis-1.23-profile-permissive
-  eks: "eks-profile"
-  gke: "gke-profile"
-  aks: "aks-profile"
-  k3s: "k3s-cis-1.23-profile-permissive"
-  default: "cis-1.23-profile"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/delete_rolebindings.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/delete_rolebindings.yaml
deleted file mode 100644
index 9c9946464..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/delete_rolebindings.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: delete-rolebinding
-  annotations:
-    "helm.sh/hook": pre-upgrade
-    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation, hook-failed
-spec:
-  template:
-    spec:
-      serviceAccountName: cis-operator-serviceaccount
-      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
-{{- end }}
-      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.tolerations }}
-{{ toYaml .Values.tolerations | indent 8 }}
-{{- end }}
-      restartPolicy: Never
-      containers:
-      - name: delete-binding
-        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
-        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
-        command: ["kubectl", "delete", "clusterrolebinding", "cis-operator-rolebinding", "cis-operator-installer"]
-  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/deployment.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/deployment.yaml
deleted file mode 100644
index ab0bb3e24..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/deployment.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cis-operator
-  namespace: {{ template "cis.namespace" . }}
-  labels:
-    cis.cattle.io/operator: cis-operator
-spec:
-  selector:
-    matchLabels:
-      cis.cattle.io/operator: cis-operator
-  template:
-    metadata:
-      labels:
-        cis.cattle.io/operator: cis-operator
-    spec:
-      serviceAccountName: cis-operator-serviceaccount
-      containers:
-      - name: cis-operator
-        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
-        imagePullPolicy: Always
-        ports:
-        - name: cismetrics
-          containerPort: {{ .Values.alerts.metricsPort }}
-        env:
-        - name: SECURITY_SCAN_IMAGE
-          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
-        - name: SECURITY_SCAN_IMAGE_TAG
-          value: {{ .Values.image.securityScan.tag }}
-        - name: SONOBUOY_IMAGE
-          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
-        - name: SONOBUOY_IMAGE_TAG
-          value: {{ .Values.image.sonobuoy.tag }}
-        - name: CIS_ALERTS_METRICS_PORT
-          value: '{{ .Values.alerts.metricsPort }}'
-        - name: CIS_ALERTS_SEVERITY
-          value: {{ .Values.alerts.severity }}
-        - name: CIS_ALERTS_ENABLED
-          value: {{ .Values.alerts.enabled | default "false" | quote }}
-        - name: CLUSTER_NAME
-          value: '{{ .Values.global.cattle.clusterName }}'
-        resources:
-          {{- toYaml .Values.resources | nindent 12 }}
-      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
-{{- end }}
-      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.tolerations }}
-{{ toYaml .Values.tolerations | indent 8 }}
-{{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-      {{- toYaml . | nindent 8 }}
-      {{- end }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/network_policy_allow_all.yaml
deleted file mode 100644
index 6ed5d645e..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/network_policy_allow_all.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: default-allow-all
-  namespace: {{ template "cis.namespace" . }}
-spec:
-  podSelector: {}
-  ingress:
-  - {}
-  egress:
-  - {}
-  policyTypes:
-  - Ingress
-  - Egress
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/patch_default_serviceaccount.yaml
deleted file mode 100644
index e78a6bd08..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/patch_default_serviceaccount.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: patch-sa
-  annotations:
-    "helm.sh/hook": post-install, post-upgrade
-    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
-spec:
-  template:
-    spec:
-      serviceAccountName: cis-operator-serviceaccount
-      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
-{{- end }}
-      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.tolerations }}
-{{ toYaml .Values.tolerations | indent 8 }}
-{{- end }}
-      restartPolicy: Never
-      containers:
-      - name: sa
-        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
-        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
-        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
-        args: ["-n", {{ template "cis.namespace" . }}]
-
-  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/psp.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/psp.yaml
deleted file mode 100644
index c012e7a43..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/psp.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  name: cis-psp
-spec:
-  allowPrivilegeEscalation: true
-  allowedCapabilities:
-  - '*'
-  fsGroup:
-    rule: RunAsAny
-  hostIPC: true
-  hostNetwork: true
-  hostPID: true
-  hostPorts:
-  - max: 65535
-    min: 0
-  privileged: true
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes:
-  - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cis-psp-role
-  namespace: {{ template "cis.namespace" . }}
-rules:
-- apiGroups:
-  - policy
-  resourceNames:
-  - cis-psp
-  resources:
-  - podsecuritypolicies
-  verbs:
-  - use
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: cis-psp-rolebinding
-  namespace: {{ template "cis.namespace" . }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cis-psp-role
-subjects:
-- kind: ServiceAccount
-  name: cis-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
-- kind: ServiceAccount
-  name: cis-operator-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/rbac.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/rbac.yaml
deleted file mode 100644
index 36dc55b29..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/rbac.yaml
+++ /dev/null
@@ -1,160 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-operator-clusterrole
-rules:
-- apiGroups:
-  - "cis.cattle.io"
-  resources:
-  - "*"
-  verbs:
-  - "*"
-- apiGroups:
-  - ""
-  resources:
-  - "pods"
-  - "services"
-  - "configmaps"
-  - "nodes"
-  - "serviceaccounts"
-  verbs:
-  - "get"
-  - "list"
-  - "create"
-  - "update"
-  - "watch"
-  - "patch"
-- apiGroups:
-  - "batch"
-  resources:
-  - "jobs"
-  verbs:
-  - "list"
-  - "create"
-  - "patch"
-  - "update"
-  - "watch"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-scan-ns
-rules:
-- apiGroups:
-  - "*"
-  resources:
-  - "podsecuritypolicies"
-  verbs: 
-  - "get"
-  - "list"
-  - "watch"
-- apiGroups:
-  - ""
-  resources:
-  - "namespaces"
-  - "nodes"
-  - "pods"
-  verbs:
-  - "get"
-  - "list"
-  - "watch"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cis-operator-role
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  namespace: {{ template "cis.namespace" . }}
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - "services"
-  verbs:
-  - "watch"
-  - "list"
-  - "get"
-  - "patch"
-- apiGroups:
-  - "batch"
-  resources:
-  - "jobs"
-  verbs:
-  - "watch"
-  - "list"
-  - "get"
-  - "delete"
-- apiGroups:
-  - ""
-  resources:
-  - "configmaps"
-  - "pods"
-  - "secrets"
-  verbs:
-  - "*"
-- apiGroups:
-  - "apps"
-  resources:
-  - "daemonsets"
-  verbs:
-  - "*"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-operator-rolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cis-operator-clusterrole
-subjects:
-- kind: ServiceAccount
-  name: cis-operator-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cis-scan-ns
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cis-scan-ns
-subjects:
-- kind: ServiceAccount
-  name: cis-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-operator-rolebinding
-  namespace: {{ template "cis.namespace" . }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cis-operator-role
-subjects:
-- kind: ServiceAccount
-  name: cis-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
-- kind: ServiceAccount
-  name: cis-operator-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.20.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.20.yaml
deleted file mode 100644
index 05263ce7d..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.20.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.20-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.20
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.23.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.23.yaml
deleted file mode 100644
index c59d8f51f..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.23.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.23-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.23
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.6.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.6.yaml
deleted file mode 100644
index 8a8d8bf88..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-cis-1.6.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.6-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.6
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-hardened.yml
deleted file mode 100644
index a0b6cb6f6..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.20-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-permissive.yml
deleted file mode 100644
index 89885548d..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.20-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.20-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-hardened.yml
deleted file mode 100644
index 724412d3a..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.23-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-permissive.yml
deleted file mode 100644
index 9f9213de1..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.23-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.23-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-hardened.yml
deleted file mode 100644
index 095e977ab..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.6-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-permissive.yml
deleted file mode 100644
index 3b22a80c8..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-k3s-cis-1.6-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.6-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-hardened.yaml
deleted file mode 100644
index c36cf38c9..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.20
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-permissive.yaml
deleted file mode 100644
index cfeb4b34c..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.20
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-hardened.yaml
deleted file mode 100644
index 007331149..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.23
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-permissive.yaml
deleted file mode 100644
index 085b60dfa..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.23-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.23
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-hardened.yaml
deleted file mode 100644
index d38febd80..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.6
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-permissive.yaml
deleted file mode 100644
index d31b5b0d2..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.6
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-hardened.yml
deleted file mode 100644
index decc9b651..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.20-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-permissive.yml
deleted file mode 100644
index 74c96ffc4..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.20-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.20-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-hardened.yml
deleted file mode 100644
index abc1c2a21..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.23-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-permissive.yml
deleted file mode 100644
index 51cc519ac..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.23-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.23-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-hardened.yml
deleted file mode 100644
index c7ac7f949..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.6-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-permissive.yml
deleted file mode 100644
index 96ca1345a..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofile-rke2-cis-1.6-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.6-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileaks.yml
deleted file mode 100644
index ea7b25b40..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileaks.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: aks-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: aks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileeks.yml
deleted file mode 100644
index 3b4e34437..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofileeks.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: eks-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: eks-1.0.1
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofilegke.yml
deleted file mode 100644
index 2ddd0686f..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/scanprofilegke.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: gke-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: gke-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/serviceaccount.yaml
deleted file mode 100644
index ec48ec622..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  namespace: {{ template "cis.namespace" . }}
-  name: cis-operator-serviceaccount
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  namespace: {{ template "cis.namespace" . }}
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/templates/validate-install-crd.yaml
deleted file mode 100644
index 562295791..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# 	{{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc8/values.yaml b/charts/rancher-cis-benchmark/3.0.0-rc8/values.yaml
deleted file mode 100644
index 852711030..000000000
--- a/charts/rancher-cis-benchmark/3.0.0-rc8/values.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-# Default values for rancher-cis-benchmark.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-image:
-  cisoperator:
-    repository: rancher/cis-operator
-    tag: v1.0.10-rc2
-  securityScan:
-    repository: rancher/security-scan
-    tag: v0.2.9-rc5
-  sonobuoy:
-    repository: rancher/mirrored-sonobuoy-sonobuoy
-    tag: v0.56.7
-
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
-
-## Node labels for pod assignment
-## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-##
-nodeSelector: {}
-
-## List of node taints to tolerate (requires Kubernetes >= 1.6)
-tolerations: []
-
-affinity: {}
-
-global:
-  cattle:
-    systemDefaultRegistry: ""
-    clusterName: ""
-  kubectl:
-    repository: rancher/kubectl
-    tag: v1.20.2
-
-alerts:
-  enabled: false
-  severity: warning
-  metricsPort: 8080
diff --git a/index.yaml b/index.yaml
index 0a427270e..800eb520e 100755
--- a/index.yaml
+++ b/index.yaml
@@ -3421,32 +3421,6 @@ entries:
     - assets/rancher-backup-crd/rancher-backup-crd-1.0.200.tgz
     version: 1.0.200
   rancher-cis-benchmark:
-  - annotations:
-      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
-      catalog.cattle.io/certified: rancher
-      catalog.cattle.io/display-name: CIS Benchmark
-      catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.25.0-0'
-      catalog.cattle.io/namespace: cis-operator-system
-      catalog.cattle.io/os: linux
-      catalog.cattle.io/permits-os: linux,windows
-      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
-      catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
-      catalog.cattle.io/release-name: rancher-cis-benchmark
-      catalog.cattle.io/type: cluster-tool
-      catalog.cattle.io/ui-component: rancher-cis-benchmark
-    apiVersion: v1
-    appVersion: v3.0.0
-    created: "2022-10-18T23:00:17.259715427+02:00"
-    description: The cis-operator enables running CIS benchmark security scans on
-      a kubernetes cluster
-    digest: 22d1116483cc01cbceba2f3733b120261af5279ed2b15d4a28d869a17a838720
-    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
-    keywords:
-    - security
-    name: rancher-cis-benchmark
-    urls:
-    - assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc8.tgz
-    version: 3.0.0-rc8
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -3761,20 +3735,6 @@ entries:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.100.tgz
     version: 1.0.100
   rancher-cis-benchmark-crd:
-  - annotations:
-      catalog.cattle.io/certified: rancher
-      catalog.cattle.io/hidden: "true"
-      catalog.cattle.io/namespace: cis-operator-system
-      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
-    apiVersion: v1
-    created: "2022-10-18T23:00:17.261637441+02:00"
-    description: Installs the CRDs for rancher-cis-benchmark.
-    digest: 25225ec34aac875d216fe72dd81788384dad7f6f2479c3ecbb814b8b7f1af5b3
-    name: rancher-cis-benchmark-crd
-    type: application
-    urls:
-    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc8.tgz
-    version: 3.0.0-rc8
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"

From 5f2f0ba3dc0799c9d277aacd67fddb1dc4e72bf3 Mon Sep 17 00:00:00 2001
From: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Date: Wed, 19 Oct 2022 18:02:30 +0200
Subject: [PATCH 2/3] update security-scan image

---
 packages/rancher-cis-benchmark/charts/values.yaml | 2 +-
 packages/rancher-cis-benchmark/package.yaml       | 2 +-
 release.yaml                                      | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/packages/rancher-cis-benchmark/charts/values.yaml b/packages/rancher-cis-benchmark/charts/values.yaml
index 852711030..a95ef3ba3 100644
--- a/packages/rancher-cis-benchmark/charts/values.yaml
+++ b/packages/rancher-cis-benchmark/charts/values.yaml
@@ -8,7 +8,7 @@ image:
     tag: v1.0.10-rc2
   securityScan:
     repository: rancher/security-scan
-    tag: v0.2.9-rc5
+    tag: v0.2.9-rc6
   sonobuoy:
     repository: rancher/mirrored-sonobuoy-sonobuoy
     tag: v0.56.7
diff --git a/packages/rancher-cis-benchmark/package.yaml b/packages/rancher-cis-benchmark/package.yaml
index 1b4ec27e6..312ba137c 100644
--- a/packages/rancher-cis-benchmark/package.yaml
+++ b/packages/rancher-cis-benchmark/package.yaml
@@ -1,5 +1,5 @@
 url: local
-version: 3.0.0-rc8
+version: 3.0.0-rc9
 additionalCharts:
   - workingDir: charts-crd
     crdOptions:
diff --git a/release.yaml b/release.yaml
index fb186b3c1..07165414b 100644
--- a/release.yaml
+++ b/release.yaml
@@ -19,9 +19,9 @@ rancher-aks-operator-crd:
 rancher-alerting-drivers:
   - 101.0.0
 rancher-cis-benchmark:
-  - 3.0.0-rc8
+  - 3.0.0-rc9
 rancher-cis-benchmark-crd:
-  - 3.0.0-rc8
+  - 3.0.0-rc9
 rancher-csp-adapter:
   - 2.0.0+up2.0.0-rc1
 rancher-backup:

From 4e26de21397de5b091c847fc8398348a7ea0154d Mon Sep 17 00:00:00 2001
From: galal-hussein <hussein.galal.ahmed.11@gmail.com>
Date: Wed, 19 Oct 2022 18:07:00 +0200
Subject: [PATCH 3/3] make charts

---
 .../rancher-cis-benchmark-crd-3.0.0-rc9.tgz   | Bin 0 -> 1468 bytes
 .../rancher-cis-benchmark-3.0.0-rc9.tgz       | Bin 0 -> 6621 bytes
 .../3.0.0-rc9/Chart.yaml                      |  10 ++
 .../3.0.0-rc9/README.md                       |   2 +
 .../3.0.0-rc9/templates/clusterscan.yaml      | 148 ++++++++++++++++
 .../templates/clusterscanbenchmark.yaml       |  54 ++++++
 .../templates/clusterscanprofile.yaml         |  36 ++++
 .../templates/clusterscanreport.yaml          |  39 +++++
 .../3.0.0-rc9/Chart.yaml                      |  22 +++
 .../rancher-cis-benchmark/3.0.0-rc9/README.md |   9 +
 .../3.0.0-rc9/app-readme.md                   |  15 ++
 .../3.0.0-rc9/templates/_helpers.tpl          |  27 +++
 .../3.0.0-rc9/templates/alertingrule.yaml     |  14 ++
 .../templates/benchmark-aks-1.0.yaml          |   8 +
 .../templates/benchmark-cis-1.20.yaml         |   9 +
 .../templates/benchmark-cis-1.23.yaml         |   8 +
 .../templates/benchmark-cis-1.5.yaml          |   9 +
 .../templates/benchmark-cis-1.6.yaml          |   9 +
 .../templates/benchmark-eks-1.0.1.yaml        |   8 +
 .../templates/benchmark-gke-1.0.yaml          |   8 +
 .../benchmark-k3s-cis-1.20-hardened.yaml      |   9 +
 .../benchmark-k3s-cis-1.20-permissive.yaml    |   9 +
 .../benchmark-k3s-cis-1.23-hardened.yaml      |   8 +
 .../benchmark-k3s-cis-1.23-permissive.yaml    |   8 +
 .../benchmark-k3s-cis-1.6-hardened.yaml       |   9 +
 .../benchmark-k3s-cis-1.6-permissive.yaml     |   9 +
 .../benchmark-rke-cis-1.20-hardened.yaml      |   9 +
 .../benchmark-rke-cis-1.20-permissive.yaml    |   9 +
 .../benchmark-rke-cis-1.23-hardened.yaml      |   8 +
 .../benchmark-rke-cis-1.23-permissive.yaml    |   8 +
 .../benchmark-rke-cis-1.5-hardened.yaml       |   9 +
 .../benchmark-rke-cis-1.5-permissive.yaml     |   9 +
 .../benchmark-rke-cis-1.6-hardened.yaml       |   9 +
 .../benchmark-rke-cis-1.6-permissive.yaml     |   9 +
 .../benchmark-rke2-cis-1.20-hardened.yaml     |   9 +
 .../benchmark-rke2-cis-1.20-permissive.yaml   |   9 +
 .../benchmark-rke2-cis-1.23-hardened.yaml     |   8 +
 .../benchmark-rke2-cis-1.23-permissive.yaml   |   8 +
 .../benchmark-rke2-cis-1.5-hardened.yaml      |   9 +
 .../benchmark-rke2-cis-1.5-permissive.yaml    |   9 +
 .../benchmark-rke2-cis-1.6-hardened.yaml      |   9 +
 .../benchmark-rke2-cis-1.6-permissive.yaml    |   9 +
 .../3.0.0-rc9/templates/cis-roles.yaml        |  49 ++++++
 .../3.0.0-rc9/templates/configmap.yaml        |  18 ++
 .../templates/delete_rolebindings.yaml        |  27 +++
 .../3.0.0-rc9/templates/deployment.yaml       |  55 ++++++
 .../templates/network_policy_allow_all.yaml   |  15 ++
 .../patch_default_serviceaccount.yaml         |  29 ++++
 .../3.0.0-rc9/templates/psp.yaml              |  57 +++++++
 .../3.0.0-rc9/templates/rbac.yaml             | 160 ++++++++++++++++++
 .../templates/scanprofile-cis-1.20.yaml       |   9 +
 .../templates/scanprofile-cis-1.23.yaml       |   9 +
 .../templates/scanprofile-cis-1.6.yaml        |   9 +
 .../scanprofile-k3s-cis-1.20-hardened.yml     |   9 +
 .../scanprofile-k3s-cis-1.20-permissive.yml   |   9 +
 .../scanprofile-k3s-cis-1.23-hardened.yml     |   9 +
 .../scanprofile-k3s-cis-1.23-permissive.yml   |   9 +
 .../scanprofile-k3s-cis-1.6-hardened.yml      |   9 +
 .../scanprofile-k3s-cis-1.6-permissive.yml    |   9 +
 .../scanprofile-rke-1.20-hardened.yaml        |   9 +
 .../scanprofile-rke-1.20-permissive.yaml      |   9 +
 .../scanprofile-rke-1.23-hardened.yaml        |   9 +
 .../scanprofile-rke-1.23-permissive.yaml      |   9 +
 .../scanprofile-rke-1.6-hardened.yaml         |   9 +
 .../scanprofile-rke-1.6-permissive.yaml       |   9 +
 .../scanprofile-rke2-cis-1.20-hardened.yml    |   9 +
 .../scanprofile-rke2-cis-1.20-permissive.yml  |   9 +
 .../scanprofile-rke2-cis-1.23-hardened.yml    |   9 +
 .../scanprofile-rke2-cis-1.23-permissive.yml  |   9 +
 .../scanprofile-rke2-cis-1.6-hardened.yml     |   9 +
 .../scanprofile-rke2-cis-1.6-permissive.yml   |   9 +
 .../3.0.0-rc9/templates/scanprofileaks.yml    |   9 +
 .../3.0.0-rc9/templates/scanprofileeks.yml    |   9 +
 .../3.0.0-rc9/templates/scanprofilegke.yml    |   9 +
 .../3.0.0-rc9/templates/serviceaccount.yaml   |  14 ++
 .../templates/validate-install-crd.yaml       |  17 ++
 .../3.0.0-rc9/values.yaml                     |  49 ++++++
 index.yaml                                    |  40 +++++
 78 files changed, 1373 insertions(+)
 create mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc9.tgz
 create mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc9.tgz
 create mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc9/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc9/README.md
 create mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscan.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanbenchmark.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanprofile.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanreport.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/README.md
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/app-readme.md
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/_helpers.tpl
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/alertingrule.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-aks-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.20.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.23.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.5.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.6.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-eks-1.0.1.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-gke-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/cis-roles.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/configmap.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/delete_rolebindings.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/deployment.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/network_policy_allow_all.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/psp.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/rbac.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.20.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.23.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.6.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileaks.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileeks.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofilegke.yml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-cis-benchmark/3.0.0-rc9/values.yaml

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc9.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..733b794e725e61994f119779e2460379fee4bfcd
GIT binary patch
literal 1468
zcmV;t1w;BDiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI>%bKABP^;w?+liyhk_1C}Z<|t_=ZR2=kH$AVwwS<@iIKa}4
zrql1<0ZCgVMT(+CN$Es;(Fg$F0_5Abz>*pyU!v}EVY+jad>Md#>T>P9oi0I>vx30C
zI?!C#b;rYD{Oh`I@z)*ohgZGfpg(kb*W=On%I%Ha>+uzH4|TkYMTS6Mxd;0yF77{K
zAf+N8p`@8~7~??TtA)dX$VW%0w;VNzM}gjirCcc;wiKR+a>Cw_j_^(C5D5XA5I9bl
zWt$3711a4#D?=ERUZT-QFxa)1zWU$fY6n8`1+@`MPS|s=<DubNgcSe(C=G${8%9fH
z)7g8&9+fV~ayoU6XcgjwK^Xdi$9Jvs{Ni`uxQ^S^{HM;jpJ@}Tj(@@+^nuX4<$h!c
zwc#N5(u3{s-*fxDUOxW&y}@X3iT_hrHgX^o_>EB7f5v(Gzp)|s-0M6E=}p))GNghT
z8Wm}d@9|Mc5l29P1RfAr{Yc^`Lm1<5Vb&4dF(Gn0aG_Nc#zK(kOs<cGh_Tdb0(H+p
z#;u_rY4GzdI*b{vY+$CNJB+1a8Dn+RX+8I12!s0B%9&NFq=A%%1!h{n^WwFEf2V~c
z)Kle0flO!CWnYbwcR<Sta|{7R#__?>ERuGfcUnCPA8#Q@z+Uc3W+~~Av^x<MLt4m1
zr2`WM0qB)Oionm|K4e-NL4{yU4(V>)&<N-eM1D#?uNxWxnI{qEfbQ1~je!0FEptGB
zt{WNwNkun_+Ry#`<GfYGHoA7gPPy_R0yG3ce#O6+ch&%h$Q{F%=tVwymSIyRAH~Aq
zTFLvgJx|8Xjtv(kn(H*&Q|8-Pu}he+zyC>w@FfQD(y2m}H+LVu4DNHyjD^}}dlGA$
z_~KLx)>b|)ag+<JVmD(l@_qXtGEtnhjm2f5H||?w`09yU%RYs&{#y8&6<E_qD6M8q
zRV1n0O9Ej9Z4rxP(d<pW@ln(4kcn=;7uLY~_$;R?2z{gqPwNTKmGTkfb}%bBkv<43
z8KLH1ky8bMN;?f#8m+(xS;8EYQLx$CWf}F&HfOYSZTphDV$x|4?-+Ww_>F96+?23t
z|ERlv;hK;OOSiV8nk$*)@DdgZ!l0C#b=0-W{h&db7};uc72kG<liH9@{QVJnKzMv#
z0UBd>K}U6>5sZ?@^-;#|wtd6{j_6^l6zvogpf#)teV#C(538258)~iewuDoyxm!7R
zcuurTI2t&;>OiUNv)bivdB)|Zi8kf2xCd<$Tg{Ur)-Nbg$5oO|^le*_bno3VO>JV`
zZ(Ec*1MCN3ll`81vL{jUaCW&eJ}K^ZsXadJb7du^OFMFn=Prc&pw_Vdw=R`7C<NBj
z|NGa&aiRV<=nsdN`rj$+*!90x!n9ZjeD{JGcb8NI*G|t{8Vr#;>9p>&dKTWRWacV@
zg}xn1J%NzFMRU{=2~GO^a>$>m2kZh5-)i8i2kZdPV<x>m#iZo&3Brwv=?()AbQiym
z+SzAz^mkn?E0C_$bM=<{b1FZ{Tf`Qfl@Y#G{E~2N5C4$ORm1!rCZ~~RuK{cFe{a+u
z6!L%ndf30@|5Mnp^M6X17PEi$-C0TQe{tA;=Kr1q{xwvOAXfIo`GAI+6i#c)DO-yv
zdlt0nb&u__VJqI+-0t9Ad1r2Q=ML#c)=>X7hN|&bVRiaH9*v6nKki??|2T;qTmKWn
zv?%|x7_dtHQ+MY-_8sXR|H0zKexO8l%o=w>v|sN(-=1(Ee}wq2*8kauoA;kSIDvPt
zkGk)Fd&7R=``^*9f2seS#QwMCW7iutOZpgJf+j{wASO0Gr;QAHY`&`cr1sn^yx7Gq
WcCm|<*}nk*0RR7AMRw%?Gynh_)#(}l

literal 0
HcmV?d00001

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc9.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc9.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..2b1ccd4a2e22fd08d8d93f9af2d9d0a08e9ed64a
GIT binary patch
literal 6621
zcmYM3cRZE<|NoB_60$QwM)rtg&+JWBB-y<)4%xyXBr-}Vd**HQw)g7TWG5M+BilLl
z!ND1?-|6%H<9GdY{c%07=k4)&T<iXLUOaE8m?3{RAOaC{*0+>))i=3k9HuDeB5Nb<
z_CW3*`v;2m%xrA#nb>+ibM|!$v$BAy>braUKz1D?p^FOH2k<R3&DIzC%CFZ$JZI-0
z^8VOlZSzsqoX#33R34t1cFp0;nt5yW$mw6ihT3RkJy`|YXgb$IWocsruIQ;-;wlRL
z;<2#ddZrT1%E$Y0aui7MkC}*|#}d+?&N!sHJoPkM7WYyU?&FC&4{)aIx#rpRr%-+O
zY+|tFsKFO{_eO9*(f*yQQulcUHYeK)9BrEYov5Wtja>|Gu)Js0qWd`S8nD=78UBQ6
zwkO7owMfflGN(|>zm97^s-=JWA@k-6<dd6jw~4Qm@h0P+7ok2DopIFRL1D39(`bZ^
zVQj`d?Ua&KB}{?Ga|h;=`<UJ8pE@v$1pc5<%g`^PTIcgI)Rwf)YJTGEE&cZTcC5d9
z`^m%NuJF**Ty}rbzA9!A)Xq2KE@qLN-SA@dW$h;B(cF`O@!(Dk{gvJxtHAvi@tC35
z+MnlNBUzieps<dP9WIq_(&ERGTob+6^<TDKEVC2o$zk!|NL>`YcVw?x?T>I{*UMTr
zF<q=@`0>e@<)#h^wz$4Tsna$L%{+%7IkTDS_1Bai7?tLV)7MkU6-b1hrv$R`=`!dV
zS}9OahpY77YkXbu+)01ujX~L(aEj1w`Jnw_JVZo^J4g1r1<Mp^8BP5FzB7mt#j;kN
z+4$e*sae<M>}#KVKM&-ox8!HzC-YfQ;KeQlZ>l@Q@C4>0f=wpyq$KD9`IxP3xiP;L
z1Ljo4>^qOe;lU`ya5yh1LyYw01#XYiYw(=Wh*~n6f!^xn+)8LBS^H3KoOs4H6OxN0
z6G=WRnMMy1J;sk;69lO`e)1WqQ2Io^e*LgIim$)N^QHda9Cd}#KaPb=1}e5m{rkUE
z2P&gz1S2~ArI+&_<c?TY@?}`h?JvTbTV-t&?~MFQ;&3qGZlK`F^+?P#o6Fl>kz>)b
zij}g5bU!+?Fu_bBF24i@xvCwl3QbW^@NOeV@{N2(D*TDP@8Pwsd;h~yigb`QDgB`;
zZ-p+!7YqLzEOgE>QxBDCbh)PZMcFEEtOP5>%`;tNK>E4UkUwY5RQls2+2mp!&a|!i
zCs{JaFvdn(@~z&7{JAh8YegMCKi10gmN>>zexE?a2eHYIUfE>&HVFhdX!Ok*I<~Q+
zRhsz%s{=4p)&{lM8jWp~ku`*ZGOjx!vT||K`CA~0M3DqD`*fskKPQVk)%2cYq>Emb
zD5vW8Au7cvY0WO*5O)0IUQ2qf8nEZUD0kEX>Hiwin6IvPkV!M#_ux>A`(jMTj!I@O
zuiWxcpSNqkJr4t{`WVAaIo(+mUdce=fF8z`n3CNmWv93>qrCR-o;T)5Ki5axkJI*k
zHKQYN$D%}#J$>u}7s-iMQ>@?h?E`}_{TD`SpQ?m2g27aRlf8sW4uj#k(pc1foyZyA
zka_s^dfveId|m#u0eqj43Be9dDZ40TAL>)ZpQd`@9U{zv^DY5!FN}l4E(yIJZ{y`Y
z`FO36MgWexwR-1j0EgiOqkvFqtIH$Psg`AEhf{PszTUzcFzqe1IYw`hu{EEFb&$Fr
zAqv&U=0QV46k;CSK0KVdxZ-He;HP0=_u05J+WZbpC;8{{=EoAzWS9S<cOIbr^jPX9
znrry5zy(5@-<=vP$YpeYrE{glI;I~SB#L;kkw5-3j<j(n`*~!e>0G=hoZ!GMl0WX~
z_G-64Yf{eYk^d9R^4j#p2-EW1qBB^MX@}*N6>9ycMs(G1V>#Lc#p4`!17+CAm!D9J
zy1iU-+S+_eDR*YXF}K+&T_n_-CC{`1T8g$!Muc7KAXOAUw6YY)rD%<z{N?zT<~DDh
ztC)QDWpSyGnJBu}gteWlbnAyj-Sok)fLv`%C6jbc48Kr0K6P1p<I9gkXu>ZxIK{lz
z0XND@PTTFUSIK*E%)}~xVy8m!RIbPvc##=z=TdT8rBE83z(PW27iR%}e<AeA35;oY
zdwdE}&+jSb*5&SFvLMcGz0X+`u;|Q{S$ng2cL`%364%ZYIIz^>oHWZQ5M0+k5;<y?
zd_LAx+*yqJ{$Z)_KI6^J|K6miMLw%|;!>>IJ<KwjT9O|fQIdCXNd7C|9_2k_c02AQ
z3wtk+OR5|tyP^4oOMKl+efk#Pu^5vCddNb?9fvSJUR8Fk;Klk0nh%1gS%AV^dJxLk
z-4?n`vf_T$Xz6VX_5{j`6>NnF@KfLC2b-d~hnq?<SAS3~_ZJ&{-^*X-Tv$HiiMMy6
zINO377WEy+vS^5ap%QUG$?pm{d;BkWMu&YV3Wef=(O@zOjC_QNn@$}p@T9y{;G^3F
zg;xk$d*I28EDlQAbO<xg0Qj$UV0_h_kcK=2Lty}TyPYG*kt?9Q{(>hX6Z{^|1Z#f}
z=d6PHLpb$J5Ab&<q>Y|~sz1QLP95CJ2B@3=k&NJh|3}albM!wE1;fL>v=EOgheo{w
zTmeEe77h4i0fH)Z6zJ;)H^8DOU*Vk?&$hs_hQK7`KZ;FBb3e@V6?Ys@ASFA2eo(c6
z@P&cv6Ns0oci>#2<;GBq{fPc$@eW+Z3*8#VtG#(Sa#0XTkl&>r!@^PubqP?n{-@DW
ztQqI(3f1@ndTbaL=0RM?vo)}S-h+p6*r|&igYq-D`q&`oBXp|(FLJqKKy`+A8r^OY
z57zp|05<_PK}fp>ax@)rJUq8>@@8ZxJvjo88v(OIJc1d!M0l9<fHVdIC#|{s*_Jvy
z_R1ERy!O8ZI|=i5>`WTvU&&s8|J4~Z3FyN;@Miqw?*LW-qD!W7NAw6zxBv~+VT3s<
zqAoQw5Zsk-fSs1`0aQNVIT^bIy5{^K?FmS^QqF08u3iZvz?NjuAf-@}kd}I#kkdl)
zSJ0dqK=5Q<z;*w>n94(V%ocE61M;!$=kQ51kU7gKBX;HhoV8#R|9_><|LaS61b6Zw
z(NF{pli-Rce**!|z?BCmWR8UacJl)9pjZ^pA3;VgU>|dUJOVts5_AkRqwjtiEu>BK
zq8U<{3@)}{v9f6V!CyBpk06J_*l{$x-68`FH3Gcz8P=)Kc`gE!FwA@duJf=G5~PkG
zfu|L+a(Dsnc{ukU@F8zHf=yCD(v-pGh0}8RFyOBNlM5i`f}kf$^h=NWuTr**bJz-L
zwBZ@zoan$k!a*Bk#s4g43l>B)%&P@Nq6z<VSFaA}lFhu4A$&pShVfSV5*#K#l$0mv
z=&DNuoSGj&MAA)8%I7@_7d%}TEs>Zi;c1GwvDljq(N97Qp1z^v*5=%CDZr&Pbejcl
zHZ`-PsEumYMk~KHWo8xRGG_Y2tYaHF;n5%4>lH7gc%D3ZIIVhEky%LZlR)-yN=;|4
zJEVl4O@%5gLOf3g+o(!e5mnt=P`<}-YZ1QdEkpz|be@k6&#!q*{KS)h$Iz^rYL;VJ
z!`vBcEys?kT~bHRclIo)x`O>r>&S2NLT%%PX?&6xavP_jMqJLfo_$<_eFD3cUIji)
zr$`NpKyBh+U4pOc04?wI_wWx07no5S0&|tQnMRf?bXwG=EWvw?XA8^KMTa)lW4E=)
zAExB?a#`2&CrkI@vDeq3XFBO9&6sgIu`Kj$y`orYAxci&B4|SmE*-;0G&95C(wLL0
zWlPH!eAD#WZ_@knG7Il5C7#z?jt2a!KZ|&v8N`VC5URYftdX}wIDA%pBSV^_HIX~H
zD(-gFB}ONUK);M|U?DZ74x-NE;imq$0~##kO8^!xD+_*5)zjgvE`m9?@bHDksVl-o
zwU$~%jZCG+$m_hv0*f?<ADit0S(BHWgod}CP!Mum*^cL`gv|=V`X9Ck=@&4^tU+2=
z@{2{rZcrK(%=&XUpWHQ;>+3f%ksa#goaIydk`{wtqMW#yKw<UOi1hj<*-*N_m|=7u
z`FF<;ZGL3j3hDknvs6Ky-4q*OdZnba+JVoo(0lRVH6xNVW81-fi<?_q+hdqO{epx_
zInOba-QZ02arl5pl-@#TbURY|zg)Nc%8vb0#~`Cpk($S%{{DN@)P|x%n(vGr@7&2N
z4Dq8^X<wHXy;Icvz<KDSpAWeh`NP$=`a}occsm;E(Z%7$<>#49w=R?drMbD&l_pj1
z4dh1>q5EBaRj;C^z?#>|&JVW`rNpi6A7y93H>*h}-#C1L%e{B|!B+WgRM6)0<y7j`
z`Fy9>ow>|kP8J#?)PhsYZ`Ey)%rPLCl|#Jmy}18T+teId7B4jiz7EYA71oDC%!>h~
zXUP%{;pa9B<X<-K4}F!oR|$e-j+OuQarve^wWs%&nD~A})uFE&#+a|84(-0ZYLU#S
z2!B7~HMvyJ%D1dU0TmnVl2v_Gu~5Yl5MLU&Y9N?b4sE{4x9T18WgueOTsD7qHhJs!
z)f%1Wj%Ecu?RS4x3hJBYnv7TpJ-Q>=5-5HaZRD)iQa<_*{_2UEQ}6h|7oHj^1c-Qn
zM&g$DHWtxv$InUawih05XSD>T74qESrlf~0%6<ivOJCK2gL4qKh`{b;#J+kb_79c^
zcHWkHPv$T6erke#xq`hXG4VpL;j!cIrF?i>YZNR1d$x){-T0ET_=Tq$u@#^u^8Wq%
zq2sS@=Q~;{<0W#b^(-SPx9V%@EgwGaR0f3c0aWC3@}x5E)@_V}zTO`D8F}OPgYA}R
z17UIGc$)lyR5cWl2bZ|9|Gv|Uai?~8++6gZFSgIo-B(9SN6%pf?H~9TP|#;jmo_T*
z>y_&Gp4Ty?EhJA#7`&M@w!b*~HcMnf(b8eUrwbVKdeTwHqO@ekK>m;o65Q|XnLg!F
z1W;+|1DIT_H;yMoz6iY(+ZpnwbgEZfM)p5<Z9J^d^+t!8TEK(L``_*q1<>(@E0s@b
zoM{Ue9Lz=Gt{=&C>hU<mC73PGIq{90*YJc3rS>-eXs@9Yb^zb^HhzPBc7lAYAsS{c
zEFOc&K6TX^3}7nzQ?q7DnjHq0ns`@n_n>S*q@O3KdNPg8)O*xHfwnxSlup744-O~q
z(Fr(IlFK_BWAm3u@SZPT1|}bh*pnA`-B+7K-4*|(CehRaZ=}n-efK=Jc!uz1^5F$T
zaRlCTkbs$JcSYlebl*1Pix&2lF#q!U?~*(cfvV(2{o1(@`*RduVCQm^<dOe#GnLG~
zc)!{*+97fSZjD^XlI{G^gH;9tmm2(f4l&!x7R^=0v%aL{Hl7O7m>f`aY`JbPeM_q5
zv0zpO!os^gXdiiedUg;>H?3ua^M5&5^8E?(1cXUR(~(7|KPdRUa+~P69!Z3r4|%5r
zYslQsZj7oOX~w)!4SZCv)AMnyF-9vs<71k5-AQ~65BJR*={j#@WJf8h^eycdf|9D9
zR{YEQYAiXu{acEV%qd>G=7u3_mc8(G^QHxao*4}f6u+6Zs+rfV()uckb+??8yTX>H
zXyz$%Y7EuCfK(5eO8di?^Sr9#dG*dMYXm=7Ry({!q1wbDTmD)GTeE?ay&27jRaZi#
z)Stl-atIidT+e>2Aj%^t(n-(y&!|1}Y<r`Y&tlO(Az!-C@YL@RLQ`wSJ&+{U<m*z_
z^9-um@3WQi0Go5xe8*Dgc!7DjV%J_-B{}dZE}$V*O{u8&*!Y(|BFXzG;H`yL*NEDP
zbcCiLj-jiBkw7)KuE%mU4c$~Qm{@Oe&X%(&TKmOL-P+QECG|XMm`OjwPr9jmUP2$S
z%NUdF)v#lFG8|nUOlxf+lK5SMvCQtOk$d^2wCbvpZ<YD8@O8Dh9EsiCyBR+svv1p1
z+R8gda-C(cGF5RdHpnTOG?q4U(S=c1m4g#8LyC)z8y}OCZZ1T8)D?cdS1`TwnJh7>
zNYfsXk=+<u9KRNd9^$F(eCgwTJxxW|AJ2JhHI<DKCej&}4T)IP&l1Kha347#@zv{1
zW%t+qK1XdBU=4Y?3cu}lj!`d`M+cW<PQ3he(h|@$w7(X0OvzRaw1mnf!XSHYriu&`
zf!2L3m-+4Va1W~$P{=^YxhT*zCj*q@$FL{ofL$RMthvI$!&=}3Rk@2GQsdATXtlUZ
zqs6MzBpj-rzKc1z@}vL`=6Er9_<r{xk*3}QhhqjBlVg^t@FvY7Z;oa2q!FAMjN~K$
z12{bPfS<x$0*t>r4>%y&|1l=}Y#52;Ce#y|G4>acQ~{h}rXTb${Q@y{09zshP|d&t
zAM&@}%o$J)5)R%xBjTwG0aFVu@anpo_(@%JdN5?>Nf;Wu<at?%Q}4zdID-ZRjEin?
z5J1U;(13aj%-aFHKNYyR>9$3{gfrUtf(8P366&!F<5##1ejt9N>Ie|_gY#x=H?rHn
zv+{lr8w@J%f;klN#qqNJyZ{_WxpH*d0W$L#5UaZjUjQu(cZrI|>kwmjp4WyrXfJ`2
zSW4_z!qGhs$ov!l{Sxkl6v1-~T<OdIi@hARU~O<1x=EndWg+l9C5Wj2&S1({M80Fd
zB0gV{o&~&I!yqby4Ptmv03*!FV&QVJ{Al<S=-4Y82s2IDcM`$!34phSd_b#vf+5vD
zA~LH3P6v`&Bb5}oP;%=F*f0$wW0&Y-8N<u~7<7UNvzqqd8LhTp<7Wus<(ZiTLUmwM
zq&uI;ow1K0!UbSdotVRj+^=DRgW@QnwHEG<N$I!~=CB0BFp*=~XC^?I^xso{D@22H
z(_M746Sq6=pdh6l0g$xGe`C!zScDMA<=H3E3Qw3^9*$xSLbxA^o7@M#P_!xkSMW3$
zTt7zas|H~rPl<id9jd=iCA3(u(63<eTIx4&K}-wdxB^thQzsK4SdZ`qtn?<L#bOXx
z_!8jq+u6jMM>88sy(r6R?UwcRAeb5J?f34d`cO^Z18=_O<-s!UwIO1te6h>GX7sw{
zu!ZX@rXAc6#2wJ;#$NjiV8nFra*Ljxl~4BWr|o!3=B~pV9W)U$QQn`5?ma7O)_Ydc
ze2F<0MDn42l+6ZwKF0k>rkK%rfAH3bE32JXV~}m}A++TEvFxuugfo_XoZ81V<U?&!
z)6;9!J)Vy?54JKVNEUYTYWC1yM)g6Wm7&ai8gT+0s<o3XeOcdhn`=R;BoMr-n6_cu
z&@MeDL+;~PW|3wsW!q+l@2Es(T6MyFe{NIYJ_>v{S*)Z^K#=zK=<K1+w||~`#Yj_r
zE_2;k(zUh!r&zy$w+*r`J)wDS45cge)tn#=Nc>mYRmGsP`WpqqA03A`j{l%7)$_BT
zISC}4g42NuR14eLw5lPyI{{H!5Jp(!OdYyS@FJi59wbb%{d0rX@UBpJslx2DF56w>
zHYk;FemL)Sdf}gLU7ZX4p2EM$St@wVc!?85&I6HD2*baU*<{uaMUSN-(}dHm`d8hh
zNT(5h7b}uY`g|cN{94D#ud3OAKz1al&s+N{Cm6n|2?EV}`d-UlH<<FFO>1IRhQjON
zV)n^E2?6n-d^1(i@uEyHkCC98ckI0rs6h=9x}rP?E%HjT#IL{=<#Q?KQ`ZMMZ=>G)
z&L()XavZ*%kC8drjvYY`h!rAdlKlfKQib&cncNSbm&o=@NwHd9x=io<XCt<F%m3EB
zHS~n8fc&%1=xN_3!W;j_Yk9HkYerS{AHF`UWl6tAK^i#V5$)dnhuJ@q#MaiX`#a?)
z#fs<rbn|o$!7~}>+FM_tuwBSrKQ`)WkjLjyvs2U0FSPA=iQ_xVuEG<J5{=T#Mtj!F
zx3h9N^;_DKFDoRKB<1oB1?$aCDW#-?e)@$f6i&RHx&ZhZ(aTt5@!S6Ri!}r(SBS6Y
z`!hk}sJCchgM@{OpW!<7Gw+`ohUOF8CGBD1L;nQ1S6v<*DE{;<L1%HCnuAFyK^K3H
zB>i@Zx?|h;jT2yc3N7NytBRipB6(eo&FDB^o%?{oqei7E**xN2YJ8zEmpe{>f1$#7
z(yvxp8j?iOdi3qkmu=ud#<ogzK1ZmJ(WAH^SL@?ewRSn)KBTUNw%wX=$<2(^bPp7F
z_)wtkCJDX!qa%a76bJt#8=6&dt7hcM;P&#+Egfx2_rN=j{C{Vs{fSp>WCZqKr%}-w
znab2!yi0by8=FzdO{bEWWFMWYq2IjZ&5%MIjb5i6J?f#QNkvs*ecH%BJ)!<>pAuI1
zO0!=7tNdDNd*E7;x7O{zeCS!Kuc@yTa@)u0_JqES&KvzEpQo|48e)ekr?$)g2^q?`
zZn&m?;*ELpbY86tCT~4?T8qpKpl`LZ?liqzP71;%4u^)!V^mk;GEOwE>Ub_2=DyXW
zX$)S8Yk<ffu2{W!YyO?tCSGUE@WJwIfCp>)%vI7V>5NLCg=IhpX5GFQy3TF&x;)?;
zGuIFOTx7Cv93zPpIahBguJ)fL2i-(BrG0Db<c?JcE!_BdtzTfsXH?5&64g4|P10Bd
zf<%4?ezbJuXH=2MYzjuYI%(xm1Y`L`K%{@7NWNHsiPMXUK9qvvyjl2LJKhq>w1kbN
zpu`c%7r(<hTq*QVyfQ<Jh3KMaSx5^DYT2SS)C=H|B{xt$@oUK?-30-=9xiAYKjp9P
X?(P+_0YFLolLJ^pFUlZ>B#{3HXvw4Y

literal 0
HcmV?d00001

diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc9/Chart.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/Chart.yaml
new file mode 100644
index 000000000..d816dfbbb
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-cis-benchmark.
+name: rancher-cis-benchmark-crd
+type: application
+version: 3.0.0-rc9
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc9/README.md b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/README.md
new file mode 100644
index 000000000..f6d9ef621
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/README.md
@@ -0,0 +1,2 @@
+# rancher-cis-benchmark-crd
+A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscan.yaml
new file mode 100644
index 000000000..3cbb0ffcd
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscan.yaml
@@ -0,0 +1,148 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscans.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScan
+    plural: clusterscans
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .status.lastRunScanProfileName
+      name: ClusterScanProfile
+      type: string
+    - jsonPath: .status.summary.total
+      name: Total
+      type: string
+    - jsonPath: .status.summary.pass
+      name: Pass
+      type: string
+    - jsonPath: .status.summary.fail
+      name: Fail
+      type: string
+    - jsonPath: .status.summary.skip
+      name: Skip
+      type: string
+    - jsonPath: .status.summary.warn
+      name: Warn
+      type: string
+    - jsonPath: .status.summary.notApplicable
+      name: Not Applicable
+      type: string
+    - jsonPath: .status.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.scheduledScanConfig.cronSchedule
+      name: CronSchedule
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              scanProfileName:
+                nullable: true
+                type: string
+              scheduledScanConfig:
+                nullable: true
+                properties:
+                  cronSchedule:
+                    nullable: true
+                    type: string
+                  retentionCount:
+                    type: integer
+                  scanAlertRule:
+                    nullable: true
+                    properties:
+                      alertOnComplete:
+                        type: boolean
+                      alertOnFailure:
+                        type: boolean
+                    type: object
+                type: object
+              scoreWarning:
+                enum:
+                - pass
+                - fail
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              NextScanAt:
+                nullable: true
+                type: string
+              ScanAlertingRuleName:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              display:
+                nullable: true
+                properties:
+                  error:
+                    type: boolean
+                  message:
+                    nullable: true
+                    type: string
+                  state:
+                    nullable: true
+                    type: string
+                  transitioning:
+                    type: boolean
+                type: object
+              lastRunScanProfileName:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              summary:
+                nullable: true
+                properties:
+                  fail:
+                    type: integer
+                  notApplicable:
+                    type: integer
+                  pass:
+                    type: integer
+                  skip:
+                    type: integer
+                  total:
+                    type: integer
+                  warn:
+                    type: integer
+                type: object
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanbenchmark.yaml
new file mode 100644
index 000000000..fd291f8c3
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanbenchmark.yaml
@@ -0,0 +1,54 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.clusterProvider
+      name: ClusterProvider
+      type: string
+    - jsonPath: .spec.minKubernetesVersion
+      name: MinKubernetesVersion
+      type: string
+    - jsonPath: .spec.maxKubernetesVersion
+      name: MaxKubernetesVersion
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapName
+      name: customBenchmarkConfigMapName
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapNamespace
+      name: customBenchmarkConfigMapNamespace
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              clusterProvider:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapName:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapNamespace:
+                nullable: true
+                type: string
+              maxKubernetesVersion:
+                nullable: true
+                type: string
+              minKubernetesVersion:
+                nullable: true
+                type: string
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanprofile.yaml
new file mode 100644
index 000000000..1e75501b7
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanprofile.yaml
@@ -0,0 +1,36 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanprofiles.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanProfile
+    plural: clusterscanprofiles
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              skipTests:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+            type: object
+        type: object
+    additionalPrinterColumns:
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
diff --git a/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanreport.yaml
new file mode 100644
index 000000000..6e8c0b7de
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/3.0.0-rc9/templates/clusterscanreport.yaml
@@ -0,0 +1,39 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanreports.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanReport
+    plural: clusterscanreports
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              reportJSON:
+                nullable: true
+                type: string
+            type: object
+        type: object
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/Chart.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/Chart.yaml
new file mode 100644
index 000000000..f60924657
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: CIS Benchmark
+  catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.25.0-0'
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+  catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+  catalog.cattle.io/release-name: rancher-cis-benchmark
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: rancher-cis-benchmark
+apiVersion: v1
+appVersion: v3.0.0
+description: The cis-operator enables running CIS benchmark security scans on a kubernetes
+  cluster
+icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+keywords:
+- security
+name: rancher-cis-benchmark
+version: 3.0.0-rc9
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/README.md b/charts/rancher-cis-benchmark/3.0.0-rc9/README.md
new file mode 100644
index 000000000..50beab58b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/README.md
@@ -0,0 +1,9 @@
+# Rancher CIS Benchmark Chart
+
+The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
+
+# Installation
+
+```
+helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
+```
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/app-readme.md b/charts/rancher-cis-benchmark/3.0.0-rc9/app-readme.md
new file mode 100644
index 000000000..5e495d605
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/app-readme.md
@@ -0,0 +1,15 @@
+# Rancher CIS Benchmarks
+
+This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/cis-scans/v2.5/).
+
+This chart installs the following components:
+
+- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
+- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
+- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
+- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
+- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
+    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
+    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/_helpers.tpl b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/_helpers.tpl
new file mode 100644
index 000000000..b7bb00042
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/_helpers.tpl
@@ -0,0 +1,27 @@
+{{/* Ensure namespace is set the same everywhere */}}
+{{- define "cis.namespace" -}}
+  {{- .Release.Namespace | default "cis-operator-system" -}}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/alertingrule.yaml
new file mode 100644
index 000000000..1787c88a0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/alertingrule.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.alerts.enabled -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: rancher-cis-pod-monitor
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  podMetricsEndpoints:
+  - port: cismetrics
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-aks-1.0.yaml
new file mode 100644
index 000000000..1ac866253
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-aks-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: aks-1.0
+spec:
+  clusterProvider: aks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.20.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.20.yaml
new file mode 100644
index 000000000..1203e5bcc
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.20.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.20
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.23.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.23.yaml
new file mode 100644
index 000000000..920b556ea
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.23.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.23
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.5.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.5.yaml
new file mode 100644
index 000000000..c9e6075fb
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.5.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.5
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.6.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.6.yaml
new file mode 100644
index 000000000..4f5d66e92
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-cis-1.6.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.6
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-eks-1.0.1.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-eks-1.0.1.yaml
new file mode 100644
index 000000000..d1ba9d295
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-eks-1.0.1.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.0.1
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-gke-1.0.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-gke-1.0.yaml
new file mode 100644
index 000000000..72122e8c5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-gke-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-hardened.yaml
new file mode 100644
index 000000000..147cac390
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.20-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-permissive.yaml
new file mode 100644
index 000000000..d9584f722
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.20-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-hardened.yaml
new file mode 100644
index 000000000..ee153603b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.23-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-permissive.yaml
new file mode 100644
index 000000000..51f2186f3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.23-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.23-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-hardened.yaml
new file mode 100644
index 000000000..5160cf795
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.6-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-permissive.yaml
new file mode 100644
index 000000000..10c075985
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-k3s-cis-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.6-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-hardened.yaml
new file mode 100644
index 000000000..4924679cb
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.20-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-permissive.yaml
new file mode 100644
index 000000000..2db66d7c6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.20-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-hardened.yaml
new file mode 100644
index 000000000..f6a99698e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.23-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-permissive.yaml
new file mode 100644
index 000000000..a26bd63cf
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.23-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.23-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-hardened.yaml
new file mode 100644
index 000000000..b9154f1ad
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-permissive.yaml
new file mode 100644
index 000000000..9da65d55d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.5-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-hardened.yaml
new file mode 100644
index 000000000..77f8a31df
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-permissive.yaml
new file mode 100644
index 000000000..600b8df35
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke-cis-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-hardened.yaml
new file mode 100644
index 000000000..b6cc88359
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.20-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-permissive.yaml
new file mode 100644
index 000000000..fd898bfe8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.20-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-hardened.yaml
new file mode 100644
index 000000000..90e356d72
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.23-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-permissive.yaml
new file mode 100644
index 000000000..deafdbda6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.23-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.23-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.22.0"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-hardened.yaml
new file mode 100644
index 000000000..20091ec2b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-permissive.yaml
new file mode 100644
index 000000000..9a86906b0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.5-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-hardened.yaml
new file mode 100644
index 000000000..ea2549ef3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.6-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-permissive.yaml
new file mode 100644
index 000000000..0afdaaa19
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/benchmark-rke2-cis-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.6-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/cis-roles.yaml
new file mode 100644
index 000000000..23c93dc65
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/cis-roles.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-admin
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-view
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/configmap.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/configmap.yaml
new file mode 100644
index 000000000..1a9cd1809
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/configmap.yaml
@@ -0,0 +1,18 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: default-clusterscanprofiles
+  namespace: {{ template "cis.namespace" . }}
+data:
+  # Default ClusterScanProfiles per cluster provider type
+  rke: |-
+    <1.21.0: rke-profile-permissive-1.20
+    >=1.21.0: rke-profile-permissive-1.23
+  rke2: |-
+    <1.21.0: rke2-cis-1.20-profile-permissive
+    >=1.21.0: rke2-cis-1.23-profile-permissive
+  eks: "eks-profile"
+  gke: "gke-profile"
+  aks: "aks-profile"
+  k3s: "k3s-cis-1.23-profile-permissive"
+  default: "cis-1.23-profile"
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/delete_rolebindings.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/delete_rolebindings.yaml
new file mode 100644
index 000000000..9c9946464
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/delete_rolebindings.yaml
@@ -0,0 +1,27 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: delete-rolebinding
+  annotations:
+    "helm.sh/hook": pre-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation, hook-failed
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      restartPolicy: Never
+      containers:
+      - name: delete-binding
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "delete", "clusterrolebinding", "cis-operator-rolebinding", "cis-operator-installer"]
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/deployment.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/deployment.yaml
new file mode 100644
index 000000000..ab0bb3e24
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/deployment.yaml
@@ -0,0 +1,55 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cis-operator
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    cis.cattle.io/operator: cis-operator
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  template:
+    metadata:
+      labels:
+        cis.cattle.io/operator: cis-operator
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      containers:
+      - name: cis-operator
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
+        imagePullPolicy: Always
+        ports:
+        - name: cismetrics
+          containerPort: {{ .Values.alerts.metricsPort }}
+        env:
+        - name: SECURITY_SCAN_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
+        - name: SECURITY_SCAN_IMAGE_TAG
+          value: {{ .Values.image.securityScan.tag }}
+        - name: SONOBUOY_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
+        - name: SONOBUOY_IMAGE_TAG
+          value: {{ .Values.image.sonobuoy.tag }}
+        - name: CIS_ALERTS_METRICS_PORT
+          value: '{{ .Values.alerts.metricsPort }}'
+        - name: CIS_ALERTS_SEVERITY
+          value: {{ .Values.alerts.severity }}
+        - name: CIS_ALERTS_ENABLED
+          value: {{ .Values.alerts.enabled | default "false" | quote }}
+        - name: CLUSTER_NAME
+          value: '{{ .Values.global.cattle.clusterName }}'
+        resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/network_policy_allow_all.yaml
new file mode 100644
index 000000000..6ed5d645e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 000000000..e78a6bd08
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,29 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ template "cis.namespace" . }}]
+
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/psp.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/psp.yaml
new file mode 100644
index 000000000..c012e7a43
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/psp.yaml
@@ -0,0 +1,57 @@
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: cis-psp
+spec:
+  allowPrivilegeEscalation: true
+  allowedCapabilities:
+  - '*'
+  fsGroup:
+    rule: RunAsAny
+  hostIPC: true
+  hostNetwork: true
+  hostPID: true
+  hostPorts:
+  - max: 65535
+    min: 0
+  privileged: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-psp-role
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - policy
+  resourceNames:
+  - cis-psp
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: cis-psp-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-psp-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/rbac.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/rbac.yaml
new file mode 100644
index 000000000..36dc55b29
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/rbac.yaml
@@ -0,0 +1,160 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrole
+rules:
+- apiGroups:
+  - "cis.cattle.io"
+  resources:
+  - "*"
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - "pods"
+  - "services"
+  - "configmaps"
+  - "nodes"
+  - "serviceaccounts"
+  verbs:
+  - "get"
+  - "list"
+  - "create"
+  - "update"
+  - "watch"
+  - "patch"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "list"
+  - "create"
+  - "patch"
+  - "update"
+  - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-scan-ns
+rules:
+- apiGroups:
+  - "*"
+  resources:
+  - "podsecuritypolicies"
+  verbs: 
+  - "get"
+  - "list"
+  - "watch"
+- apiGroups:
+  - ""
+  resources:
+  - "namespaces"
+  - "nodes"
+  - "pods"
+  verbs:
+  - "get"
+  - "list"
+  - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-operator-role
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - "services"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "patch"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "delete"
+- apiGroups:
+  - ""
+  resources:
+  - "configmaps"
+  - "pods"
+  - "secrets"
+  verbs:
+  - "*"
+- apiGroups:
+  - "apps"
+  resources:
+  - "daemonsets"
+  verbs:
+  - "*"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-operator-clusterrole
+subjects:
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cis-scan-ns
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-scan-ns
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-operator-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.20.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.20.yaml
new file mode 100644
index 000000000..05263ce7d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.20.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.20-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.20
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.23.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.23.yaml
new file mode 100644
index 000000000..c59d8f51f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.23.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.23-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.23
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.6.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.6.yaml
new file mode 100644
index 000000000..8a8d8bf88
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-cis-1.6.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.6-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.6
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-hardened.yml
new file mode 100644
index 000000000..a0b6cb6f6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.20-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-permissive.yml
new file mode 100644
index 000000000..89885548d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.20-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.20-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-hardened.yml
new file mode 100644
index 000000000..724412d3a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.23-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-permissive.yml
new file mode 100644
index 000000000..9f9213de1
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.23-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.23-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-hardened.yml
new file mode 100644
index 000000000..095e977ab
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.6-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-permissive.yml
new file mode 100644
index 000000000..3b22a80c8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-k3s-cis-1.6-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.6-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-hardened.yaml
new file mode 100644
index 000000000..c36cf38c9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.20
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-permissive.yaml
new file mode 100644
index 000000000..cfeb4b34c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.20
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-hardened.yaml
new file mode 100644
index 000000000..007331149
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.23
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-permissive.yaml
new file mode 100644
index 000000000..085b60dfa
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.23-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.23
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-hardened.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-hardened.yaml
new file mode 100644
index 000000000..d38febd80
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-permissive.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-permissive.yaml
new file mode 100644
index 000000000..d31b5b0d2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-hardened.yml
new file mode 100644
index 000000000..decc9b651
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.20-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-permissive.yml
new file mode 100644
index 000000000..74c96ffc4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.20-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.20-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-hardened.yml
new file mode 100644
index 000000000..abc1c2a21
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.23-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-permissive.yml
new file mode 100644
index 000000000..51cc519ac
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.23-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.23-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-hardened.yml
new file mode 100644
index 000000000..c7ac7f949
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.6-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-permissive.yml
new file mode 100644
index 000000000..96ca1345a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofile-rke2-cis-1.6-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.6-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileaks.yml
new file mode 100644
index 000000000..ea7b25b40
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileaks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: aks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: aks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileeks.yml
new file mode 100644
index 000000000..3b4e34437
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofileeks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: eks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: eks-1.0.1
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofilegke.yml
new file mode 100644
index 000000000..2ddd0686f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/scanprofilegke.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/serviceaccount.yaml
new file mode 100644
index 000000000..ec48ec622
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  name: cis-operator-serviceaccount
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/validate-install-crd.yaml
new file mode 100644
index 000000000..562295791
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/templates/validate-install-crd.yaml
@@ -0,0 +1,17 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/3.0.0-rc9/values.yaml b/charts/rancher-cis-benchmark/3.0.0-rc9/values.yaml
new file mode 100644
index 000000000..a95ef3ba3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/3.0.0-rc9/values.yaml
@@ -0,0 +1,49 @@
+# Default values for rancher-cis-benchmark.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  cisoperator:
+    repository: rancher/cis-operator
+    tag: v1.0.10-rc2
+  securityScan:
+    repository: rancher/security-scan
+    tag: v0.2.9-rc6
+  sonobuoy:
+    repository: rancher/mirrored-sonobuoy-sonobuoy
+    tag: v0.56.7
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+affinity: {}
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.20.2
+
+alerts:
+  enabled: false
+  severity: warning
+  metricsPort: 8080
diff --git a/index.yaml b/index.yaml
index 800eb520e..adb617d67 100755
--- a/index.yaml
+++ b/index.yaml
@@ -3421,6 +3421,32 @@ entries:
     - assets/rancher-backup-crd/rancher-backup-crd-1.0.200.tgz
     version: 1.0.200
   rancher-cis-benchmark:
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: CIS Benchmark
+      catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.25.0-0'
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+      catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+      catalog.cattle.io/release-name: rancher-cis-benchmark
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: rancher-cis-benchmark
+    apiVersion: v1
+    appVersion: v3.0.0
+    created: "2022-10-19T18:02:54.367675137+02:00"
+    description: The cis-operator enables running CIS benchmark security scans on
+      a kubernetes cluster
+    digest: b14e6d786bfacf4564a887f9eff7756baa026137af6aa023c9ee861cda60e307
+    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+    keywords:
+    - security
+    name: rancher-cis-benchmark
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-3.0.0-rc9.tgz
+    version: 3.0.0-rc9
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -3735,6 +3761,20 @@ entries:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.100.tgz
     version: 1.0.100
   rancher-cis-benchmark-crd:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+    apiVersion: v1
+    created: "2022-10-19T18:02:54.370026036+02:00"
+    description: Installs the CRDs for rancher-cis-benchmark.
+    digest: 7371a4517a08946470fafb5c8eae1d0d80a700ce0fe08ceae26836c490e1d9e5
+    name: rancher-cis-benchmark-crd
+    type: application
+    urls:
+    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-3.0.0-rc9.tgz
+    version: 3.0.0-rc9
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"