Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var KubeBenchVersion string
View Source
var RootCmd = &cobra.Command{ Use: os.Args[0], Short: "Run CIS Benchmarks checks against a Kubernetes deployment", Long: `This tool runs the CIS Kubernetes Benchmark (https://www.cisecurity.org/benchmark/kubernetes/)`, Run: func(cmd *cobra.Command, args []string) { benchmarkVersion, err := getBenchmarkVersion(kubeVersion, benchmarkVersion, viper.GetViper()) if err != nil { exitWithError(fmt.Errorf("unable to determine benchmark version: %v", err)) } if isMaster() { glog.V(1).Info("== Running master checks ==\n") runChecks(check.MASTER, loadConfig(check.MASTER)) if validTargets(benchmarkVersion, []string{string(check.CONTROLPLANE)}) { glog.V(1).Info("== Running control plane checks ==\n") runChecks(check.CONTROLPLANE, loadConfig(check.CONTROLPLANE)) } } if validTargets(benchmarkVersion, []string{string(check.ETCD)}) && isEtcd() { glog.V(1).Info("== Running etcd checks ==\n") runChecks(check.ETCD, loadConfig(check.ETCD)) } glog.V(1).Info("== Running node checks ==\n") runChecks(check.NODE, loadConfig(check.NODE)) if validTargets(benchmarkVersion, []string{string(check.POLICIES)}) { glog.V(1).Info("== Running policies checks ==\n") runChecks(check.POLICIES, loadConfig(check.POLICIES)) } }, }
RootCmd represents the base command when called without any subcommands
Functions ¶
func Execute ¶
func Execute()
Execute adds all child commands to the root command sets flags appropriately. This is called by main.main(). It only needs to happen once to the rootCmd.
func NewRunFilter ¶ added in v0.0.27
func NewRunFilter(opts FilterOpts) (check.Predicate, error)
NewRunFilter constructs a Predicate based on FilterOpts which determines whether tested Checks should be run or not.
func PrintOutput ¶ added in v0.0.29
Types ¶
Source Files
Click to show internal directories.
Click to hide internal directories.