├── .github ├── renovate.json └── workflows │ ├── release.yml │ ├── renovate-vault.yml │ └── tests.yml ├── .gitignore ├── .golangci.yaml ├── .yamllint.yaml ├── CODEOWNERS ├── LICENSE ├── Makefile ├── README.md ├── cmd └── kb-summarizer │ └── main.go ├── go.mod ├── go.sum ├── hack ├── e2e ├── make │ ├── build.mk │ ├── deps.mk │ └── tools.mk └── validate-yaml ├── package ├── Dockerfile ├── cfg │ ├── config.yaml │ ├── k3s-cis-1.10 │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.11 │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.23-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.23-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.24-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.24-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.7-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.7-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.8-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.8-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── k3s-cis-1.9 │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.23-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.23-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.24-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.24-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.7-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.7-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.8-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke-cis-1.8-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.10 │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.11 │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.23-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.23-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.24-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.24-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.7-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.7-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.8-hardened │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.8-permissive │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ ├── rke2-cis-1.9 │ │ ├── config.yaml │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ ├── node.yaml │ │ └── policies.yaml │ └── test-1 │ │ ├── controlplane.yaml │ │ ├── etcd.yaml │ │ ├── master.yaml │ │ └── node.yaml ├── helper_scripts │ ├── check_cafile_ownership.sh │ ├── check_cafile_permissions.sh │ ├── check_encryption_provider_config.sh │ ├── check_files_owner_in_dir.sh │ ├── check_files_permissions.sh │ ├── check_for_default_ns.sh │ ├── check_for_default_sa.sh │ ├── check_for_k3s_network_policies.sh │ ├── check_for_network_policies.sh │ ├── check_for_rke2_cni_net_policy_support.sh │ └── check_for_rke2_network_policies.sh ├── run.sh └── run_sonobuoy_plugin.sh ├── pkg └── kb-summarizer │ ├── report │ └── report.go │ └── summarizer │ ├── summarizer.go │ └── summarizer_test.go └── tests └── deploy.yaml /.github/renovate.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.github/renovate.json -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.github/workflows/release.yml -------------------------------------------------------------------------------- /.github/workflows/renovate-vault.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.github/workflows/renovate-vault.yml -------------------------------------------------------------------------------- /.github/workflows/tests.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.github/workflows/tests.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.gitignore -------------------------------------------------------------------------------- /.golangci.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.golangci.yaml -------------------------------------------------------------------------------- /.yamllint.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/.yamllint.yaml -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/CODEOWNERS -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/README.md -------------------------------------------------------------------------------- /cmd/kb-summarizer/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/cmd/kb-summarizer/main.go -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/go.sum -------------------------------------------------------------------------------- /hack/e2e: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/hack/e2e -------------------------------------------------------------------------------- /hack/make/build.mk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/hack/make/build.mk -------------------------------------------------------------------------------- /hack/make/deps.mk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/hack/make/deps.mk -------------------------------------------------------------------------------- /hack/make/tools.mk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/hack/make/tools.mk -------------------------------------------------------------------------------- /hack/validate-yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/hack/validate-yaml -------------------------------------------------------------------------------- /package/Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/Dockerfile -------------------------------------------------------------------------------- /package/cfg/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.10/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.10/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.10/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.10/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.10/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.10/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.10/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.10/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.10/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.10/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.10/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.10/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.11/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.11/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.11/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.11/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.11/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.11/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.11/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.11/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.11/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.11/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.11/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.11/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.23-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.23-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.24-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.24-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.7-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.7-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.8-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.8-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.9/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.9/config.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.9/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.9/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.9/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.9/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.9/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.9/master.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.9/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.9/node.yaml -------------------------------------------------------------------------------- /package/cfg/k3s-cis-1.9/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/k3s-cis-1.9/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.23-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.23-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.24-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.24-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.7-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.7-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke-cis-1.8-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke-cis-1.8-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.10/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.10/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.10/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.10/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.10/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.10/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.10/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.10/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.10/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.10/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.10/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.10/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.11/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.11/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.11/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.11/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.11/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.11/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.11/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.11/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.11/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.11/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.11/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.11/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.23-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.23-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.24-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.24-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.7-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.7-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-hardened/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-hardened/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-hardened/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-hardened/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-hardened/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-hardened/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-hardened/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-hardened/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-hardened/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-hardened/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-hardened/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-hardened/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-permissive/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-permissive/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-permissive/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-permissive/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-permissive/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-permissive/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-permissive/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-permissive/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-permissive/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-permissive/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.8-permissive/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.8-permissive/policies.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.9/config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.9/config.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.9/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.9/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.9/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.9/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.9/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.9/master.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.9/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.9/node.yaml -------------------------------------------------------------------------------- /package/cfg/rke2-cis-1.9/policies.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/rke2-cis-1.9/policies.yaml -------------------------------------------------------------------------------- /package/cfg/test-1/controlplane.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/test-1/controlplane.yaml -------------------------------------------------------------------------------- /package/cfg/test-1/etcd.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/test-1/etcd.yaml -------------------------------------------------------------------------------- /package/cfg/test-1/master.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/test-1/master.yaml -------------------------------------------------------------------------------- /package/cfg/test-1/node.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/cfg/test-1/node.yaml -------------------------------------------------------------------------------- /package/helper_scripts/check_cafile_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_cafile_ownership.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_cafile_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_cafile_permissions.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_encryption_provider_config.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_encryption_provider_config.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_files_owner_in_dir.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_files_owner_in_dir.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_files_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_files_permissions.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_for_default_ns.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_for_default_ns.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_for_default_sa.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_for_default_sa.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_for_k3s_network_policies.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_for_k3s_network_policies.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_for_network_policies.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_for_network_policies.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_for_rke2_cni_net_policy_support.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_for_rke2_cni_net_policy_support.sh -------------------------------------------------------------------------------- /package/helper_scripts/check_for_rke2_network_policies.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/helper_scripts/check_for_rke2_network_policies.sh -------------------------------------------------------------------------------- /package/run.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/run.sh -------------------------------------------------------------------------------- /package/run_sonobuoy_plugin.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/package/run_sonobuoy_plugin.sh -------------------------------------------------------------------------------- /pkg/kb-summarizer/report/report.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/pkg/kb-summarizer/report/report.go -------------------------------------------------------------------------------- /pkg/kb-summarizer/summarizer/summarizer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/pkg/kb-summarizer/summarizer/summarizer.go -------------------------------------------------------------------------------- /pkg/kb-summarizer/summarizer/summarizer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/pkg/kb-summarizer/summarizer/summarizer_test.go -------------------------------------------------------------------------------- /tests/deploy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rancher/security-scan/HEAD/tests/deploy.yaml --------------------------------------------------------------------------------