New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CIS: Add OCIL to kubelet_configure_tls_cipher_suites #6835
Conversation
@@ -21,10 +21,18 @@ severity: medium | |||
references: | |||
cis@ocp4: 4.2.13 | |||
|
|||
ocil_clause: "TLS cipher suite configuration is not configured" | |||
ocil_clause: "TLS cipher suite configuration is not configured or contains insecure ciphers" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now that you're here, could you also add a description that indicates how to remediate this? in the description
section.
@jhrozek: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
The rule contained just a placeholder text
On Wed, Apr 14, 2021 at 03:49:26AM -0700, Juan Osorio Robles wrote:
@JAORMX commented on this pull request.
> @@ -21,10 +21,18 @@ severity: medium
references:
***@***.***: 4.2.13
-ocil_clause: "TLS cipher suite configuration is not configured"
+ocil_clause: "TLS cipher suite configuration is not configured or contains insecure ciphers"
Now that you're here, could you also add a description that indicates how to remediate this? in the `description` section.
Sure!
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
I'm going to merge right away since the patch just adds OCIL and the test that builds the content already passed. |
Description:
Adds an OCIL to kubelet_configure_tls_cipher_suites
Rationale:
The rule contained just a placeholder text