initial commit of tests/8_docker_enterprise_configuration.sh v1.3.1

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
This commit is contained in:
Thomas Sjögren 2021-05-25 20:49:46 +02:00
parent 4e379bbaf9
commit 32c5e5f1fb

View file

@ -1,4 +1,4 @@
#!/bin/sh #!/bin/bash
check_8() { check_8() {
logit "" logit ""
@ -34,7 +34,7 @@ check_8_1_1() {
fi fi
local id="8.1.1" local id="8.1.1"
local desc="Configure the LDAP authentication service (Scored)" local desc="Configure the LDAP authentication service (Automated)"
local remediation="You can configure LDAP integration via the UCP Admin Settings UI. LDAP integration can also be enabled via a configuration file" local remediation="You can configure LDAP integration via the UCP Admin Settings UI. LDAP integration can also be enabled via a configuration file"
local remediationImpact="None." local remediationImpact="None."
local check="$id - $desc" local check="$id - $desc"
@ -50,7 +50,7 @@ check_8_1_2() {
fi fi
local id="8.1.2" local id="8.1.2"
local desc="Use external certificates (Scored)" local desc="Use external certificates (Automated)"
local remediation="You can configure your own certificates for UCP either during installation or after installation via the UCP Admin Settings user interface." local remediation="You can configure your own certificates for UCP either during installation or after installation via the UCP Admin Settings user interface."
local remediationImpact="None." local remediationImpact="None."
local check="$id - $desc" local check="$id - $desc"
@ -98,7 +98,7 @@ check_8_1_5() {
fi fi
local id="8.1.5" local id="8.1.5"
local desc="Enable signed image enforcement (Scored)" local desc="Enable signed image enforcement (Automated)"
local check="$id - $desc" local check="$id - $desc"
starttestjson "$id" "$desc" starttestjson "$id" "$desc"
@ -112,7 +112,7 @@ check_8_1_6() {
fi fi
local id="8.1.6" local id="8.1.6"
local desc="Set the Per-User Session Limit to a value of '3' or lower (Scored)" local desc="Set the Per-User Session Limit to a value of '3' or lower (Automated)"
local remediation="Retrieve a UCP API token. Retrieve and save UCP config. Open the ucp-config.toml file, set the per_user_limit entry under the [auth.sessions] section to a value of 3 or lower, but greater than 0. Update UCP with the new configuration." local remediation="Retrieve a UCP API token. Retrieve and save UCP config. Open the ucp-config.toml file, set the per_user_limit entry under the [auth.sessions] section to a value of 3 or lower, but greater than 0. Update UCP with the new configuration."
local remediationImpact="None." local remediationImpact="None."
local check="$id - $desc" local check="$id - $desc"
@ -128,7 +128,7 @@ check_8_1_7() {
fi fi
local id="8.1.7" local id="8.1.7"
local desc="Set the 'Lifetime Minutes' and 'Renewal Threshold Minutes' values to '15' or lower and '0' respectively (Scored)" local desc="Set the 'Lifetime Minutes' and 'Renewal Threshold Minutes' values to '15' or lower and '0' respectively (Automated)"
local remediation="Retrieve a UCP API token. Retrieve and save UCP config. Open the ucp-config.toml file, set the lifetime_minutes and renewal_threshold_minutes entries under the [auth.sessions] section to values of 15 or lower and 0 respectively. Update UCP with the new configuration." local remediation="Retrieve a UCP API token. Retrieve and save UCP config. Open the ucp-config.toml file, set the lifetime_minutes and renewal_threshold_minutes entries under the [auth.sessions] section to values of 15 or lower and 0 respectively. Update UCP with the new configuration."
local remediationImpact="Setting the Lifetime Minutes setting to a value that is too lower would result in users having to constantly re-authenticate to their Docker Enterprise cluster." local remediationImpact="Setting the Lifetime Minutes setting to a value that is too lower would result in users having to constantly re-authenticate to their Docker Enterprise cluster."
local check="$id - $desc" local check="$id - $desc"
@ -155,7 +155,7 @@ check_8_2_1() {
fi fi
local id="8.2.1" local id="8.2.1"
local desc="Enable image vulnerability scanning (Scored)" local desc="Enable image vulnerability scanning (Automated)"
local remediation="You can navigate to DTR Settings UI and select the Security tab to access the image scanning configuration. Select the Enable Scanning slider to enable this functionality." local remediation="You can navigate to DTR Settings UI and select the Security tab to access the image scanning configuration. Select the Enable Scanning slider to enable this functionality."
local remediationImpact="None." local remediationImpact="None."
local check="$id - $desc" local check="$id - $desc"