Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CIS: Add OCIL to kubelet_configure_tls_cipher_suites #6835

Merged
merged 1 commit into from Apr 14, 2021
Merged

CIS: Add OCIL to kubelet_configure_tls_cipher_suites #6835

merged 1 commit into from Apr 14, 2021

Conversation

jhrozek
Copy link
Collaborator

@jhrozek jhrozek commented Apr 14, 2021

Description:

Adds an OCIL to kubelet_configure_tls_cipher_suites

Rationale:

The rule contained just a placeholder text

JAORMX
JAORMX reviewed Apr 14, 2021
View reviewed changes
applications/openshift/kubelet/kubelet_configure_tls_cipher_suites/rule.yml
@@ -21,10 +21,18 @@ severity: medium
references:
cis@ocp4: 4.2.13

ocil_clause: "TLS cipher suite configuration is not configured"
ocil_clause: "TLS cipher suite configuration is not configured or contains insecure ciphers"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Now that you're here, could you also add a description that indicates how to remediate this? in the description section.

@openshift-ci
Copy link

openshift-ci bot commented Apr 14, 2021
edited

@jhrozek: The following tests failed, say /retest to rerun all failed tests:

Test name Commit Details Rerun command
ci/prow/e2e-aws-ocp4-e8 2155056 link /test e2e-aws-ocp4-e8
ci/prow/e2e-aws-ocp4-cis 2155056 link /test e2e-aws-ocp4-cis
ci/prow/e2e-aws-ocp4-cis-node 2155056 link /test e2e-aws-ocp4-cis-node
ci/prow/e2e-aws-rhcos4-moderate 2155056 link /test e2e-aws-rhcos4-moderate

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@jhrozek
CIS: Add OCIL to kubelet_configure_tls_cipher_suites
87f724e 
The rule contained just a placeholder text
@jhrozek
Copy link
Collaborator Author

jhrozek commented Apr 14, 2021 via email

JAORMX
JAORMX approved these changes Apr 14, 2021
View reviewed changes
Copy link
Contributor

@JAORMX JAORMX left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jhrozek
Copy link
Collaborator Author

jhrozek commented Apr 14, 2021

I'm going to merge right away since the patch just adds OCIL and the test that builds the content already passed.

@jhrozek jhrozek merged commit 438fa81 into ComplianceAsCode:master Apr 14, 2021
@yuumasato yuumasato added this to the 0.1.56 milestone Apr 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JAORMX JAORMX JAORMX approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.1.56
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jhrozek @JAORMX @yuumasato