Document expected failures for file permission issues on RKE and RKE2 Clusters when running CIS Scan #42971
Labels
feature/charts-cis-benchmark
kind/bug
Issues that are defects reported by users or that we know have reached a real release
release-note
Note this issue in the milestone's release notes
status/release-note-added
team/security
Milestone
Issue Description:
Currently, there are CIS checks related to file permissions that are failing on RKE and RKE2 clusters with CIS v1.7 profiles. These failures are expected as of now but will need to be addressed in Q4 release with GH-42012 for RKE and rancher/rke2#4473 for RKE2. However, if these are not addressed in RKE and RKE2, it is important to document these expected failures in the hardening guides for Q4 release.
With CIS v1.7 profile (K8s v1.27.5):
CC @andypitcher @JonCrowther @macedogm @rayandas
The text was updated successfully, but these errors were encountered: