Change global variable used only locally to local variable for simplification

2025-01-31 06:22:32 +01:00 · 2021-03-09 12:42:48 +02:00 · 2021-03-09 12:42:48 +02:00 · 94900eedb9
commit 94900eedb9
parent 4b4fdd9f77
10 changed files with 829 additions and 826 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1,2 @@
 *.log*
 *.swp*
--- a/tests/1_host_configuration.sh
+++ b/tests/1_host_configuration.sh
@ -2,40 +2,40 @@
 check_1() {
  logit ""
-  id_1="1"
+  local id="1"
-  desc_1="Host Configuration"
+  local desc="Host Configuration"
-  check_1="$id_1 - $desc_1"
+  local check="$id - $desc"
-  info "$check_1"
+  info "$check"
-  startsectionjson "$id_1" "$desc_1"
+  startsectionjson "$id" "$desc"
 }
 check_1_1() {
  logit ""
-  id_1_1="1.1"
+  local id="1.1"
-  desc_1_1="General Configuration"
+  local desc="General Configuration"
-  check_1_1="$id_1_1 - $desc_1_1"
+  local check="$id - $desc"
-  info "$check_1_1"
+  info "$check"
 }
 # 1.1.1
 check_1_1_1() {
-  id_1_1_1="1.1.1"
+  local id="1.1.1"
-  desc_1_1_1="Ensure the container host has been Hardened (Not Scored)"
+  local desc="Ensure the container host has been Hardened (Not Scored)"
-  check_1_1_1="$id_1_1_1  - $desc_1_1_1"
+  local check="$id  - $desc"
-  starttestjson "$id_1_1_1" "$desc_1_1_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_1_1_1"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
 # 1.1.2
 check_1_1_2() {
-  id_1_1_2="1.1.2"
+  local id="1.1.2"
-  desc_1_1_2="Ensure that the version of Docker is up to date (Not Scored)"
+  local desc="Ensure that the version of Docker is up to date (Not Scored)"
-  check_1_1_2="$id_1_1_2  - $desc_1_1_2"
+  local check="$id  - $desc"
-  starttestjson "$id_1_1_2" "$desc_1_1_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  docker_version=$(docker version | grep -i -A2 '^server' | grep ' Version:' \
@ -43,13 +43,13 @@ check_1_1_2() {
  docker_current_version="$(date +%y.%m.0 -d @$(( $(date +%s) - 2592000)))"
  do_version_check "$docker_current_version" "$docker_version"
  if [ $? -eq 11 ]; then
-    info "$check_1_1_2"
+    info "$check"
    info "       * Using $docker_version, verify is it up to date as deemed necessary"
    info "       * Your operating system vendor may provide support and security maintenance for Docker"
    resulttestjson "INFO" "Using $docker_version"
    currentScore=$((currentScore + 0))
  else
-    pass "$check_1_1_2"
+    pass "$check"
    info "       * Using $docker_version which is current"
    info "       * Check with your operating system vendor for support and security maintenance for Docker"
    resulttestjson "PASS" "Using $docker_version"
@ -59,18 +59,18 @@ check_1_1_2() {
 check_1_2() {
  logit ""
-  id_1_2="1.2"
+  local id="1.2"
-  desc_1_2="Linux Hosts Specific Configuration"
+  local desc="Linux Hosts Specific Configuration"
-  check_1_2="$id_1_2 - $desc_1_2"
+  local check="$id - $desc"
-  info "$check_1_2"
+  info "$check"
 }
 # 1.2.1
 check_1_2_1() {
-  id_1_2_1="1.2.1"
+  local id="1.2.1"
-  desc_1_2_1="Ensure a separate partition for containers has been created (Scored)"
+  local desc="Ensure a separate partition for containers has been created (Scored)"
-  check_1_2_1="$id_1_2_1 - $desc_1_2_1"
+  local check="$id - $desc"
-  starttestjson "$id_1_2_1" "$desc_1_2_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  docker_root_dir=$(docker info -f '{{ .DockerRootDir }}')
@ -79,11 +79,11 @@ check_1_2_1() {
  fi
  if mountpoint -q -- "$docker_root_dir" >/dev/null 2>&1; then
-    pass "$check_1_2_1"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_1_2_1"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -91,10 +91,10 @@ check_1_2_1() {
 # 1.2.2
 check_1_2_2() {
-  id_1_2_2="1.2.2"
+  local id="1.2.2"
-  desc_1_2_2="Ensure only trusted users are allowed to control Docker daemon (Scored)"
+  local desc="Ensure only trusted users are allowed to control Docker daemon (Scored)"
-  check_1_2_2="$id_1_2_2  - $desc_1_2_2"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_2" "$desc_1_2_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if command -v getent >/dev/null 2>&1; then
@ -102,7 +102,7 @@ check_1_2_2() {
  else
    docker_users=$(grep 'docker' /etc/group)
  fi
-  info "$check_1_2_2"
+  info "$check"
  for u in $docker_users; do
    info "       * $u"
  done
@ -112,29 +112,31 @@ check_1_2_2() {
 # 1.2.3
 check_1_2_3() {
-  id_1_2_3="1.2.3"
+  local id="1.2.3"
-  desc_1_2_3="Ensure auditing is configured for the Docker daemon (Scored)"
+  local desc="Ensure auditing is configured for the Docker daemon (Scored)"
-  check_1_2_3="$id_1_2_3  - $desc_1_2_3"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_3" "$desc_1_2_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/usr/bin/dockerd"
  if command -v auditctl >/dev/null 2>&1; then
    if auditctl -l | grep "$file" >/dev/null 2>&1; then
-      pass "$check_1_2_3"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_3"
+      warn "$check"
      warn "       * Install auditd"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-    pass "$check_1_2_3"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_1_2_3"
+    warn "$check"
    warn "       * Install auditd"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -142,35 +144,35 @@ check_1_2_3() {
 # 1.2.4
 check_1_2_4() {
-  id_1_2_4="1.2.4"
+  local id="1.2.4"
-  desc_1_2_4="Ensure auditing is configured for Docker files and directories - /var/lib/docker (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /var/lib/docker (Scored)"
-  check_1_2_4="$id_1_2_4  - $desc_1_2_4"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_4" "$desc_1_2_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  directory="/var/lib/docker"
  if [ -d "$directory" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $directory >/dev/null 2>&1; then
-        pass "$check_1_2_4"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_4"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$directory" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_4"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_4"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_4"
+    info "$check"
    info "       * Directory not found"
    resulttestjson "INFO" "Directory not found"
    currentScore=$((currentScore + 0))
@ -179,35 +181,35 @@ check_1_2_4() {
 # 1.2.5
 check_1_2_5() {
-  id_1_2_5="1.2.5"
+  local id="1.2.5"
-  desc_1_2_5="Ensure auditing is configured for Docker files and directories - /etc/docker (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /etc/docker (Scored)"
-  check_1_2_5="$id_1_2_5  - $desc_1_2_5"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_5" "$desc_1_2_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  directory="/etc/docker"
  if [ -d "$directory" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $directory >/dev/null 2>&1; then
-        pass "$check_1_2_5"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_5"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$directory" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_5"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_5"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_5"
+    info "$check"
    info "       * Directory not found"
    resulttestjson "INFO" "Directory not found"
    currentScore=$((currentScore + 0))
@ -216,35 +218,35 @@ fi
 # 1.2.6
 check_1_2_6() {
-  id_1_2_6="1.2.6"
+  local id="1.2.6"
-  desc_1_2_6="Ensure auditing is configured for Docker files and directories - docker.service (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - docker.service (Scored)"
-  check_1_2_6="$id_1_2_6  - $desc_1_2_6"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_6" "$desc_1_2_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="$(get_service_file docker.service)"
  if [ -f "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep "$file" >/dev/null 2>&1; then
-        pass "$check_1_2_6"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_6"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_6"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_6"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_6"
+    info "$check"
    info "       * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -253,35 +255,35 @@ check_1_2_6() {
 # 1.2.7
 check_1_2_7() {
-  id_1_2_7="1.2.7"
+  local id="1.2.7"
-  desc_1_2_7="Ensure auditing is configured for Docker files and directories - docker.socket (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - docker.socket (Scored)"
-  check_1_2_7="$id_1_2_7  - $desc_1_2_7"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_7" "$desc_1_2_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="$(get_service_file docker.socket)"
  if [ -e "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep "$file" >/dev/null 2>&1; then
-        pass "$check_1_2_7"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_7"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_7"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_7"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_7"
+    info "$check"
    info "       * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -290,35 +292,35 @@ check_1_2_7() {
 # 1.2.8
 check_1_2_8() {
-  id_1_2_8="1.2.8"
+  local id="1.2.8"
-  desc_1_2_8="Ensure auditing is configured for Docker files and directories - /etc/default/docker (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /etc/default/docker (Scored)"
-  check_1_2_8="$id_1_2_8  - $desc_1_2_8"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_8" "$desc_1_2_8"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/default/docker"
  if [ -f "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $file >/dev/null 2>&1; then
-        pass "$check_1_2_8"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_8"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_8"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_8"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_8"
+    info "$check"
    info "       * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -327,35 +329,35 @@ check_1_2_8() {
 # 1.2.9
 check_1_2_9() {
-  id_1_2_9="1.2.9"
+  local id="1.2.9"
-  desc_1_2_9="Ensure auditing is configured for Docker files and directories - /etc/sysconfig/docker (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /etc/sysconfig/docker (Scored)"
-  check_1_2_9="$id_1_2_9  - $desc_1_2_9"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_9" "$desc_1_2_9"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/sysconfig/docker"
  if [ -f "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $file >/dev/null 2>&1; then
-        pass "$check_1_2_9"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_9"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_9"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_9"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_9"
+    info "$check"
    info "       * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -364,35 +366,35 @@ check_1_2_9() {
 # 1.2.10
 check_1_2_10() {
-  id_1_2_10="1.2.10"
+  local id="1.2.10"
-  desc_1_2_10="Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json (Scored)"
-  check_1_2_10="$id_1_2_10  - $desc_1_2_10"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_10" "$desc_1_2_10"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/docker/daemon.json"
  if [ -f "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $file >/dev/null 2>&1; then
-        pass "$check_1_2_10"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_10"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_10"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_10"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_10"
+    info "$check"
    info "        * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -401,35 +403,35 @@ check_1_2_10() {
 # 1.2.11
 check_1_2_11() {
-  id_1_2_11="1.2.11"
+  local id="1.2.11"
-  desc_1_2_11="Ensure auditing is configured for Docker files and directories - /usr/bin/containerd (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /usr/bin/containerd (Scored)"
-  check_1_2_11="$id_1_2_11  - $desc_1_2_11"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_11" "$desc_1_2_11"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/usr/bin/containerd"
  if [ -f "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $file >/dev/null 2>&1; then
-        pass "$check_1_2_11"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_11"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_11"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_11"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_11"
+    info "$check"
    info "        * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -438,35 +440,35 @@ check_1_2_11() {
 # 1.2.12
 check_1_2_12() {
-  id_1_2_12="1.2.12"
+  local id="1.2.12"
-  desc_1_2_12="Ensure auditing is configured for Docker files and directories - /usr/sbin/runc (Scored)"
+  local desc="Ensure auditing is configured for Docker files and directories - /usr/sbin/runc (Scored)"
-  check_1_2_12="$id_1_2_12  - $desc_1_2_12"
+  local check="$id  - $desc"
-  starttestjson "$id_1_2_12" "$desc_1_2_12"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/usr/sbin/runc"
  if [ -f "$file" ]; then
    if command -v auditctl >/dev/null 2>&1; then
      if auditctl -l | grep $file >/dev/null 2>&1; then
-        pass "$check_1_2_12"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
      else
-        warn "$check_1_2_12"
+        warn "$check"
        resulttestjson "WARN"
        currentScore=$((currentScore - 1))
      fi
    elif grep -s "$file" "$auditrules" | grep "^[^#;]" 2>/dev/null 1>&2; then
-      pass "$check_1_2_12"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_1_2_12"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_1_2_12"
+    info "$check"
    info "        * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
--- a/tests/2_docker_daemon_configuration.sh
+++ b/tests/2_docker_daemon_configuration.sh
@ -2,31 +2,31 @@
 check_2() {
  logit "\n"
-  id_2="2"
+  local id="2"
-  desc_2="Docker daemon configuration"
+  local desc="Docker daemon configuration"
-  check_2="$id_2 - $desc_2"
+  local check="$id - $desc"
-  info "$check_2"
+  info "$check"
-  startsectionjson "$id_2" "$desc_2"
+  startsectionjson "$id" "$desc"
 }
 # 2.1
 check_2_1() {
-  id_2_1="2.1"
+  local id="2.1"
-  desc_2_1="Ensure network traffic is restricted between containers on the default bridge (Scored)"
+  local desc="Ensure network traffic is restricted between containers on the default bridge (Scored)"
-  check_2_1="$id_2_1  - $desc_2_1"
+  local check="$id  - $desc"
-  starttestjson "$id_2_1" "$desc_2_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_effective_command_line_args '--icc' | grep false >/dev/null 2>&1; then
-    pass "$check_2_1"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  elif get_docker_configuration_file_args 'icc' | grep "false" >/dev/null 2>&1; then
-    pass "$check_2_1"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_2_1"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -34,38 +34,38 @@ check_2_1() {
 # 2.2
 check_2_2() {
-  id_2_2="2.2"
+  local id="2.2"
-  desc_2_2="Ensure the logging level is set to 'info' (Scored)"
+  local desc="Ensure the logging level is set to 'info' (Scored)"
-  check_2_2="$id_2_2  - $desc_2_2"
+  local check="$id  - $desc"
-  starttestjson "$id_2_2" "$desc_2_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'log-level' >/dev/null 2>&1; then
    if get_docker_configuration_file_args 'log-level' | grep info >/dev/null 2>&1; then
-      pass "$check_2_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    elif [ -z "$(get_docker_configuration_file_args 'log-level')" ]; then
-      pass "$check_2_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_2_2"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  elif get_docker_effective_command_line_args '-l'; then
    if get_docker_effective_command_line_args '-l' | grep "info" >/dev/null 2>&1; then
-      pass "$check_2_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_2_2"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    pass "$check_2_2"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -73,22 +73,22 @@ check_2_2() {
 # 2.3
 check_2_3() {
-  id_2_3="2.3"
+  local id="2.3"
-  desc_2_3="Ensure Docker is allowed to make changes to iptables (Scored)"
+  local desc="Ensure Docker is allowed to make changes to iptables (Scored)"
-  check_2_3="$id_2_3  - $desc_2_3"
+  local check="$id  - $desc"
-  starttestjson "$id_2_3" "$desc_2_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_effective_command_line_args '--iptables' | grep "false" >/dev/null 2>&1; then
-    warn "$check_2_3"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  elif get_docker_configuration_file_args 'iptables' | grep "false" >/dev/null 2>&1; then
-    warn "$check_2_3"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  else
-    pass "$check_2_3"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -96,28 +96,28 @@ check_2_3() {
 # 2.4
 check_2_4() {
-  id_2_4="2.4"
+  local id="2.4"
-  desc_2_4="Ensure insecure registries are not used (Scored)"
+  local desc="Ensure insecure registries are not used (Scored)"
-  check_2_4="$id_2_4  - $desc_2_4"
+  local check="$id  - $desc"
-  starttestjson "$id_2_4" "$desc_2_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_effective_command_line_args '--insecure-registry' | grep "insecure-registry" >/dev/null 2>&1; then
-    warn "$check_2_4"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  elif ! [ -z "$(get_docker_configuration_file_args 'insecure-registries')" ]; then
    if get_docker_configuration_file_args 'insecure-registries' | grep '\[]' >/dev/null 2>&1; then
-      pass "$check_2_4"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_2_4"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    pass "$check_2_4"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -125,18 +125,18 @@ check_2_4() {
 # 2.5
 check_2_5() {
-  id_2_5="2.5"
+  local id="2.5"
-  desc_2_5="Ensure aufs storage driver is not used (Scored)"
+  local desc="Ensure aufs storage driver is not used (Scored)"
-  check_2_5="$id_2_5  - $desc_2_5"
+  local check="$id  - $desc"
-  starttestjson "$id_2_5" "$desc_2_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "^\sStorage Driver:\s*aufs\s*$" >/dev/null 2>&1; then
-    warn "$check_2_5"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  else
-    pass "$check_2_5"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -144,33 +144,33 @@ check_2_5() {
 # 2.6
 check_2_6() {
-  id_2_6="2.6"
+  local id="2.6"
-  desc_2_6="Ensure TLS authentication for Docker daemon is configured (Scored)"
+  local desc="Ensure TLS authentication for Docker daemon is configured (Scored)"
-  check_2_6="$id_2_6  - $desc_2_6"
+  local check="$id  - $desc"
-  starttestjson "$id_2_6" "$desc_2_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ $(get_docker_configuration_file_args 'tcp://') ] || \
    [ $(get_docker_cumulative_command_line_args '-H' | grep -vE '(unix|fd)://') >/dev/null 2>&1 ]; then
    if [ $(get_docker_configuration_file_args '"tlsverify":' | grep 'true') ] || \
        [ $(get_docker_cumulative_command_line_args '--tlsverify' | grep 'tlsverify') >/dev/null 2>&1 ]; then
-      pass "$check_2_6"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    elif [ $(get_docker_configuration_file_args '"tls":' | grep 'true') ] || \
        [ $(get_docker_cumulative_command_line_args '--tls' | grep 'tls$') >/dev/null 2>&1 ]; then
-      warn "$check_2_6"
+      warn "$check"
      warn "     * Docker daemon currently listening on TCP with TLS, but no verification"
      resulttestjson "WARN" "Docker daemon currently listening on TCP with TLS, but no verification"
      currentScore=$((currentScore - 1))
    else
-      warn "$check_2_6"
+      warn "$check"
      warn "     * Docker daemon currently listening on TCP without TLS"
      resulttestjson "WARN" "Docker daemon currently listening on TCP without TLS"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_2_6"
+    info "$check"
    info "     * Docker daemon not listening on TCP"
    resulttestjson "INFO" "Docker daemon not listening on TCP"
    currentScore=$((currentScore + 0))
@ -179,22 +179,22 @@ check_2_6() {
 # 2.7
 check_2_7() {
-  id_2_7="2.7"
+  local id="2.7"
-  desc_2_7="Ensure the default ulimit is configured appropriately (Not Scored)"
+  local desc="Ensure the default ulimit is configured appropriately (Not Scored)"
-  check_2_7="$id_2_7  - $desc_2_7"
+  local check="$id  - $desc"
-  starttestjson "$id_2_7" "$desc_2_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'default-ulimit' | grep -v '{}' >/dev/null 2>&1; then
-    pass "$check_2_7"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  elif get_docker_effective_command_line_args '--default-ulimit' | grep "default-ulimit" >/dev/null 2>&1; then
-    pass "$check_2_7"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    info "$check_2_7"
+    info "$check"
    info "     * Default ulimit doesn't appear to be set"
    resulttestjson "INFO" "Default ulimit doesn't appear to be set"
    currentScore=$((currentScore + 0))
@ -203,22 +203,22 @@ check_2_7() {
 # 2.8
 check_2_8() {
-  id_2_8="2.8"
+  local id="2.8"
-  desc_2_8="Enable user namespace support (Scored)"
+  local desc="Enable user namespace support (Scored)"
-  check_2_8="$id_2_8  - $desc_2_8"
+  local check="$id  - $desc"
-  starttestjson "$id_2_8" "$desc_2_8"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'userns-remap' | grep -v '""'; then
-    pass "$check_2_8"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  elif get_docker_effective_command_line_args '--userns-remap' | grep "userns-remap" >/dev/null 2>&1; then
-    pass "$check_2_8"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_2_8"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -226,24 +226,24 @@ check_2_8() {
 # 2.9
 check_2_9() {
-  id_2_9="2.9"
+  local id="2.9"
-  desc_2_9="Ensure the default cgroup usage has been confirmed (Scored)"
+  local desc="Ensure the default cgroup usage has been confirmed (Scored)"
-  check_2_9="$id_2_9  - $desc_2_9"
+  local check="$id  - $desc"
-  starttestjson "$id_2_9" "$desc_2_9"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'cgroup-parent' | grep -v ''; then
-    warn "$check_2_9"
+    warn "$check"
    info "     * Confirm cgroup usage"
    resulttestjson "WARN" "Confirm cgroup usage"
    currentScore=$((currentScore + 0))
  elif get_docker_effective_command_line_args '--cgroup-parent' | grep "cgroup-parent" >/dev/null 2>&1; then
-    warn "$check_2_9"
+    warn "$check"
    info "     * Confirm cgroup usage"
    resulttestjson "WARN" "Confirm cgroup usage"
    currentScore=$((currentScore + 0))
  else
-    pass "$check_2_9"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -251,22 +251,22 @@ check_2_9() {
 # 2.10
 check_2_10() {
-  id_2_10="2.10"
+  local id="2.10"
-  desc_2_10="Ensure base device size is not changed until needed (Scored)"
+  local desc="Ensure base device size is not changed until needed (Scored)"
-  check_2_10="$id_2_10  - $desc_2_10"
+  local check="$id  - $desc"
-  starttestjson "$id_2_10" "$desc_2_10"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'storage-opts' | grep "dm.basesize" >/dev/null 2>&1; then
-    warn "$check_2_10"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  elif get_docker_effective_command_line_args '--storage-opt' | grep "dm.basesize" >/dev/null 2>&1; then
-    warn "$check_2_10"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  else
-    pass "$check_2_10"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -274,22 +274,22 @@ check_2_10() {
 # 2.11
 check_2_11() {
-  id_2_11="2.11"
+  local id="2.11"
-  desc_2_11="Ensure that authorization for Docker client commands is enabled (Scored)"
+  local desc="Ensure that authorization for Docker client commands is enabled (Scored)"
-  check_2_11="$id_2_11  - $desc_2_11"
+  local check="$id  - $desc"
-  starttestjson "$id_2_11" "$desc_2_11"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'authorization-plugins' | grep -v '\[]'; then
-    pass "$check_2_11"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  elif get_docker_effective_command_line_args '--authorization-plugin' | grep "authorization-plugin" >/dev/null 2>&1; then
-    pass "$check_2_11"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_2_11"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -297,18 +297,18 @@ check_2_11() {
 # 2.12
 check_2_12() {
-  id_2_12="2.12"
+  local id="2.12"
-  desc_2_12="Ensure centralized and remote logging is configured (Scored)"
+  local desc="Ensure centralized and remote logging is configured (Scored)"
-  check_2_12="$id_2_12  - $desc_2_12"
+  local check="$id  - $desc"
-  starttestjson "$id_2_12" "$desc_2_12"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info --format '{{ .LoggingDriver }}' | grep 'json-file' >/dev/null 2>&1; then
-    warn "$check_2_12"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  else
-    pass "$check_2_12"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -316,27 +316,27 @@ check_2_12() {
 # 2.13
 check_2_13() {
-  id_2_13="2.13"
+  local id="2.13"
-  desc_2_13="Ensure live restore is enabled (Scored)"
+  local desc="Ensure live restore is enabled (Scored)"
-  check_2_13="$id_2_13  - $desc_2_13"
+  local check="$id  - $desc"
-  starttestjson "$id_2_13" "$desc_2_13"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Live Restore Enabled:\s*true\s*" >/dev/null 2>&1; then
-    pass "$check_2_13"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
    if docker info 2>/dev/null | grep -e "Swarm:*\sactive\s*" >/dev/null 2>&1; then
-      pass "$check_2_13 (Incompatible with swarm mode)"
+      pass "$check (Incompatible with swarm mode)"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    elif get_docker_effective_command_line_args '--live-restore' | grep "live-restore" >/dev/null 2>&1; then
-      pass "$check_2_13"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_2_13"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
@ -345,22 +345,22 @@ check_2_13() {
 # 2.14
 check_2_14() {
-  id_2_14="2.14"
+  local id="2.14"
-  desc_2_14="Ensure Userland Proxy is Disabled (Scored)"
+  local desc="Ensure Userland Proxy is Disabled (Scored)"
-  check_2_14="$id_2_14  - $desc_2_14"
+  local check="$id  - $desc"
-  starttestjson "$id_2_14" "$desc_2_14"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_configuration_file_args 'userland-proxy' | grep false >/dev/null 2>&1; then
-    pass "$check_2_14"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  elif get_docker_effective_command_line_args '--userland-proxy=false' 2>/dev/null | grep "userland-proxy=false" >/dev/null 2>&1; then
-    pass "$check_2_14"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_2_14"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -368,18 +368,18 @@ check_2_14() {
 # 2.15
 check_2_15() {
-  id_2_15="2.15"
+  local id="2.15"
-  desc_2_15="Ensure that a daemon-wide custom seccomp profile is applied if appropriate (Not Scored)"
+  local desc="Ensure that a daemon-wide custom seccomp profile is applied if appropriate (Not Scored)"
-  check_2_15="$id_2_15  - $desc_2_15"
+  local check="$id  - $desc"
-  starttestjson "$id_2_15" "$desc_2_15"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info --format '{{ .SecurityOptions }}' | grep 'name=seccomp,profile=default' 2>/dev/null 1>&2; then
-    pass "$check_2_15"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    info "$check_2_15"
+    info "$check"
    resulttestjson "INFO"
    currentScore=$((currentScore + 0))
  fi
@ -390,48 +390,48 @@ check_2_16() {
  docker_version=$(docker version | grep -i -A2 '^server' | grep ' Version:' \
    | awk '{print $NF; exit}' | tr -d '[:alpha:]-,.' | cut -c 1-4)
-  id_2_16="2.16"
+  local id="2.16"
-  desc_2_16="Ensure that experimental features are not implemented in production (Scored)"
+  local desc="Ensure that experimental features are not implemented in production (Scored)"
-  check_2_16="$id_2_16  - $desc_2_16"
+  local check="$id  - $desc"
-  starttestjson "$id_2_16" "$desc_2_16"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ "$docker_version" -le 1903 ]; then
    if docker version -f '{{.Server.Experimental}}' | grep false 2>/dev/null 1>&2; then
-      pass "$check_2_16"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_2_16"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    desc_2_16="$desc_2_16 (Deprecated)"
+    local desc="$desc (Deprecated)"
-    check_2_16="$id_2_16  - $desc_2_16"
+    local check="$id  - $desc"
-    info "$desc_2_16"
+    info "$desc"
    resulttestjson "INFO"
  fi
 }
 # 2.17
 check_2_17() {
-  id_2_17="2.17"
+  local id="2.17"
-  desc_2_17="Ensure containers are restricted from acquiring new privileges (Scored)"
+  local desc="Ensure containers are restricted from acquiring new privileges (Scored)"
-  check_2_17="$id_2_17  - $desc_2_17"
+  local check="$id  - $desc"
-  starttestjson "$id_2_17" "$desc_2_17"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if get_docker_effective_command_line_args '--no-new-privileges' | grep "no-new-privileges" >/dev/null 2>&1; then
-    pass "$check_2_17"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  elif get_docker_configuration_file_args 'no-new-privileges' | grep true >/dev/null 2>&1; then
-    pass "$check_2_17"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_2_17"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
--- a/tests/3_docker_daemon_configuration_files.sh
+++ b/tests/3_docker_daemon_configuration_files.sh
@ -2,35 +2,35 @@
 check_3() {
  logit "\n"
-  id_3="3"
+  local id="3"
-  desc_3="Docker daemon configuration files"
+  local desc="Docker daemon configuration files"
-  check_3="$id_3 - $desc_3"
+  local check="$id - $desc"
-  info "$check_3"
+  info "$check"
-  startsectionjson "$id_3" "$desc_3"
+  startsectionjson "$id" "$desc"
 }
 # 3.1
 check_3_1() {
-  id_3_1="3.1"
+  local id="3.1"
-  desc_3_1="Ensure that the docker.service file ownership is set to root:root (Scored)"
+  local desc="Ensure that the docker.service file ownership is set to root:root (Scored)"
-  check_3_1="$id_3_1  - $desc_3_1"
+  local check="$id  - $desc"
-  starttestjson "$id_3_1" "$desc_3_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="$(get_service_file docker.service)"
  if [ -f "$file" ]; then
    if [ "$(stat -c %u%g $file)" -eq 00 ]; then
-      pass "$check_3_1"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_1"
+      warn "$check"
      warn "     * Wrong ownership for $file"
      resulttestjson "WARN" "Wrong ownership for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_1"
+    info "$check"
    info "     * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -39,26 +39,26 @@ check_3_1() {
 # 3.2
 check_3_2() {
-  id_3_2="3.2"
+  local id="3.2"
-  desc_3_2="Ensure that docker.service file permissions are appropriately set (Scored)"
+  local desc="Ensure that docker.service file permissions are appropriately set (Scored)"
-  check_3_2="$id_3_2  - $desc_3_2"
+  local check="$id  - $desc"
-  starttestjson "$id_3_2" "$desc_3_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="$(get_service_file docker.service)"
  if [ -f "$file" ]; then
    if [ "$(stat -c %a $file)" -le 644 ]; then
-      pass "$check_3_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_2"
+      warn "$check"
      warn "     * Wrong permissions for $file"
      resulttestjson "WARN" "Wrong permissions for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_2"
+    info "$check"
    info "     * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -67,26 +67,26 @@ check_3_2() {
 # 3.3
 check_3_3() {
-  id_3_3="3.3"
+  local id="3.3"
-  desc_3_3="Ensure that docker.socket file ownership is set to root:root (Scored)"
+  local desc="Ensure that docker.socket file ownership is set to root:root (Scored)"
-  check_3_3="$id_3_3  - $desc_3_3"
+  local check="$id  - $desc"
-  starttestjson "$id_3_3" "$desc_3_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="$(get_service_file docker.socket)"
  if [ -f "$file" ]; then
    if [ "$(stat -c %u%g $file)" -eq 00 ]; then
-      pass "$check_3_3"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_3"
+      warn "$check"
      warn "     * Wrong ownership for $file"
      resulttestjson "WARN" "Wrong ownership for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_3"
+    info "$check"
    info "     * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -95,26 +95,26 @@ check_3_3() {
 # 3.4
 check_3_4() {
-  id_3_4="3.4"
+  local id="3.4"
-  desc_3_4="Ensure that docker.socket file permissions are set to 644 or more restrictive (Scored)"
+  local desc="Ensure that docker.socket file permissions are set to 644 or more restrictive (Scored)"
-  check_3_4="$id_3_4  - $desc_3_4"
+  local check="$id  - $desc"
-  starttestjson "$id_3_4" "$desc_3_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="$(get_service_file docker.socket)"
  if [ -f "$file" ]; then
    if [ "$(stat -c %a $file)" -le 644 ]; then
-      pass "$check_3_4"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_4"
+      warn "$check"
      warn "     * Wrong permissions for $file"
      resulttestjson "WARN" "Wrong permissions for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_4"
+    info "$check"
    info "     * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -123,26 +123,26 @@ check_3_4() {
 # 3.5
 check_3_5() {
-  id_3_5="3.5"
+  local id="3.5"
-  desc_3_5="Ensure that the /etc/docker directory ownership is set to root:root (Scored)"
+  local desc="Ensure that the /etc/docker directory ownership is set to root:root (Scored)"
-  check_3_5="$id_3_5  - $desc_3_5"
+  local check="$id  - $desc"
-  starttestjson "$id_3_5" "$desc_3_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  directory="/etc/docker"
  if [ -d "$directory" ]; then
    if [ "$(stat -c %u%g $directory)" -eq 00 ]; then
-      pass "$check_3_5"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_5"
+      warn "$check"
      warn "     * Wrong ownership for $directory"
      resulttestjson "WARN" "Wrong ownership for $directory"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_5"
+    info "$check"
    info "     * Directory not found"
    resulttestjson "INFO" "Directory not found"
    currentScore=$((currentScore + 0))
@ -151,26 +151,26 @@ check_3_5() {
 # 3.6
 check_3_6() {
-  id_3_6="3.6"
+  local id="3.6"
-  desc_3_6="Ensure that /etc/docker directory permissions are set to 755 or more restrictively (Scored)"
+  local desc="Ensure that /etc/docker directory permissions are set to 755 or more restrictively (Scored)"
-  check_3_6="$id_3_6  - $desc_3_6"
+  local check="$id  - $desc"
-  starttestjson "$id_3_6" "$desc_3_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  directory="/etc/docker"
  if [ -d "$directory" ]; then
    if [ "$(stat -c %a $directory)" -le 755 ]; then
-      pass "$check_3_6"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_6"
+      warn "$check"
      warn "     * Wrong permissions for $directory"
      resulttestjson "WARN" "Wrong permissions for $directory"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_6"
+    info "$check"
    info "     * Directory not found"
    resulttestjson "INFO" "Directory not found"
    currentScore=$((currentScore + 0))
@ -179,10 +179,10 @@ check_3_6() {
 # 3.7
 check_3_7() {
-  id_3_7="3.7"
+  local id="3.7"
-  desc_3_7="Ensure that registry certificate file ownership is set to root:root (Scored)"
+  local desc="Ensure that registry certificate file ownership is set to root:root (Scored)"
-  check_3_7="$id_3_7  - $desc_3_7"
+  local check="$id  - $desc"
-  starttestjson "$id_3_7" "$desc_3_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  directory="/etc/docker/certs.d/"
@ -195,17 +195,17 @@ check_3_7() {
      fi
    done
    if [ $fail -eq 1 ]; then
-      warn "$check_3_7"
+      warn "$check"
      warn "     * Wrong ownership for $directory"
      resulttestjson "WARN" "Wrong ownership for $directory"
      currentScore=$((currentScore - 1))
    else
-      pass "$check_3_7"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    fi
  else
-    info "$check_3_7"
+    info "$check"
    info "     * Directory not found"
    resulttestjson "INFO" "Directory not found"
    currentScore=$((currentScore + 0))
@ -214,10 +214,10 @@ check_3_7() {
 # 3.8
 check_3_8() {
-  id_3_8="3.8"
+  local id="3.8"
-  desc_3_8="Ensure that registry certificate file permissions are set to 444 or more restrictively (Scored)"
+  local desc="Ensure that registry certificate file permissions are set to 444 or more restrictively (Scored)"
-  check_3_8="$id_3_8  - $desc_3_8"
+  local check="$id  - $desc"
-  starttestjson "$id_3_8" "$desc_3_8"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  directory="/etc/docker/certs.d/"
@ -230,17 +230,17 @@ check_3_8() {
      fi
    done
    if [ $fail -eq 1 ]; then
-      warn "$check_3_8"
+      warn "$check"
      warn "     * Wrong permissions for $directory"
      resulttestjson "WARN" "Wrong permissions for $directory"
      currentScore=$((currentScore - 1))
    else
-      pass "$check_3_8"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    fi
  else
-    info "$check_3_8"
+    info "$check"
    info "     * Directory not found"
    resulttestjson "INFO" "Directory not found"
    currentScore=$((currentScore + 0))
@ -249,10 +249,10 @@ check_3_8() {
 # 3.9
 check_3_9() {
-  id_3_9="3.9"
+  local id="3.9"
-  desc_3_9="Ensure that TLS CA certificate file ownership is set to root:root (Scored)"
+  local desc="Ensure that TLS CA certificate file ownership is set to root:root (Scored)"
-  check_3_9="$id_3_9  - $desc_3_9"
+  local check="$id  - $desc"
-  starttestjson "$id_3_9" "$desc_3_9"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ -n "$(get_docker_configuration_file_args 'tlscacert')" ]; then
@ -262,17 +262,17 @@ check_3_9() {
  fi
  if [ -f "$tlscacert" ]; then
    if [ "$(stat -c %u%g "$tlscacert")" -eq 00 ]; then
-      pass "$check_3_9"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_9"
+      warn "$check"
      warn "     * Wrong ownership for $tlscacert"
      resulttestjson "WARN" "Wrong ownership for $tlscacert"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_9"
+    info "$check"
    info "     * No TLS CA certificate found"
    resulttestjson "INFO" "No TLS CA certificate found"
    currentScore=$((currentScore + 0))
@ -281,10 +281,10 @@ check_3_9() {
 # 3.10
 check_3_10() {
-  id_3_10="3.10"
+  local id="3.10"
-  desc_3_10="Ensure that TLS CA certificate file permissions are set to 444 or more restrictively (Scored)"
+  local desc="Ensure that TLS CA certificate file permissions are set to 444 or more restrictively (Scored)"
-  check_3_10="$id_3_10  - $desc_3_10"
+  local check="$id  - $desc"
-  starttestjson "$id_3_10" "$desc_3_10"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ -n "$(get_docker_configuration_file_args 'tlscacert')" ]; then
@ -294,17 +294,17 @@ check_3_10() {
  fi
  if [ -f "$tlscacert" ]; then
    if [ "$(stat -c %a $tlscacert)" -le 444 ]; then
-      pass "$check_3_10"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_10"
+      warn "$check"
      warn "      * Wrong permissions for $tlscacert"
      resulttestjson "WARN" "Wrong permissions for $tlscacert"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_10"
+    info "$check"
    info "      * No TLS CA certificate found"
    resulttestjson "INFO" "No TLS CA certificate found"
    currentScore=$((currentScore + 0))
@ -313,10 +313,10 @@ check_3_10() {
 # 3.11
 check_3_11() {
-  id_3_11="3.11"
+  local id="3.11"
-  desc_3_11="Ensure that Docker server certificate file ownership is set to root:root (Scored)"
+  local desc="Ensure that Docker server certificate file ownership is set to root:root (Scored)"
-  check_3_11="$id_3_11  - $desc_3_11"
+  local check="$id  - $desc"
-  starttestjson "$id_3_11" "$desc_3_11"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ -n "$(get_docker_configuration_file_args 'tlscert')" ]; then
@ -326,17 +326,17 @@ check_3_11() {
  fi
  if [ -f "$tlscert" ]; then
    if [ "$(stat -c %u%g "$tlscert")" -eq 00 ]; then
-      pass "$check_3_11"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_11"
+      warn "$check"
      warn "      * Wrong ownership for $tlscert"
      resulttestjson "WARN" "Wrong ownership for $tlscert"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_11"
+    info "$check"
    info "      * No TLS Server certificate found"
    resulttestjson "INFO" "No TLS Server certificate found"
    currentScore=$((currentScore + 0))
@ -345,10 +345,10 @@ check_3_11() {
 # 3.12
 check_3_12() {
-  id_3_12="3.12"
+  local id="3.12"
-  desc_3_12="Ensure that the Docker server certificate file permissions are set to 444 or more restrictively (Scored)"
+  local desc="Ensure that the Docker server certificate file permissions are set to 444 or more restrictively (Scored)"
-  check_3_12="$id_3_12  - $desc_3_12"
+  local check="$id  - $desc"
-  starttestjson "$id_3_12" "$desc_3_12"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ -n "$(get_docker_configuration_file_args 'tlscert')" ]; then
@ -358,17 +358,17 @@ check_3_12() {
  fi
  if [ -f "$tlscert" ]; then
    if [ "$(stat -c %a $tlscert)" -le 444 ]; then
-      pass "$check_3_12"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_12"
+      warn "$check"
      warn "      * Wrong permissions for $tlscert"
      resulttestjson "WARN" "Wrong permissions for $tlscert"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_12"
+    info "$check"
    info "      * No TLS Server certificate found"
    resulttestjson "INFO" "No TLS Server certificate found"
    currentScore=$((currentScore + 0))
@ -377,10 +377,10 @@ check_3_12() {
 # 3.13
 check_3_13() {
-  id_3_13="3.13"
+  local id="3.13"
-  desc_3_13="Ensure that the Docker server certificate key file ownership is set to root:root (Scored)"
+  local desc="Ensure that the Docker server certificate key file ownership is set to root:root (Scored)"
-  check_3_13="$id_3_13  - $desc_3_13"
+  local check="$id  - $desc"
-  starttestjson "$id_3_13" "$desc_3_13"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ -n "$(get_docker_configuration_file_args 'tlskey')" ]; then
@ -390,17 +390,17 @@ check_3_13() {
  fi
  if [ -f "$tlskey" ]; then
    if [ "$(stat -c %u%g "$tlskey")" -eq 00 ]; then
-      pass "$check_3_13"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_13"
+      warn "$check"
      warn "      * Wrong ownership for $tlskey"
      resulttestjson "WARN" "Wrong ownership for $tlskey"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_13"
+    info "$check"
    info "      * No TLS Key found"
    resulttestjson "INFO" "No TLS Key found"
    currentScore=$((currentScore + 0))
@ -409,10 +409,10 @@ check_3_13() {
 # 3.14
 check_3_14() {
-  id_3_14="3.14"
+  local id="3.14"
-  desc_3_14="Ensure that the Docker server certificate key file permissions are set to 400 (Scored)"
+  local desc="Ensure that the Docker server certificate key file permissions are set to 400 (Scored)"
-  check_3_14="$id_3_14  - $desc_3_14"
+  local check="$id  - $desc"
-  starttestjson "$id_3_14" "$desc_3_14"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ -n "$(get_docker_configuration_file_args 'tlskey')" ]; then
@ -422,17 +422,17 @@ check_3_14() {
  fi
  if [ -f "$tlskey" ]; then
    if [ "$(stat -c %a $tlskey)" -eq 400 ]; then
-      pass "$check_3_14"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_14"
+      warn "$check"
      warn "      * Wrong permissions for $tlskey"
      resulttestjson "WARN" "Wrong permissions for $tlskey"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_14"
+    info "$check"
    info "      * No TLS Key found"
    resulttestjson "INFO" "No TLS Key found"
    currentScore=$((currentScore + 0))
@ -441,26 +441,26 @@ check_3_14() {
 # 3.15
 check_3_15() {
-  id_3_15="3.15"
+  local id="3.15"
-  desc_3_15="Ensure that the Docker socket file ownership is set to root:docker (Scored)"
+  local desc="Ensure that the Docker socket file ownership is set to root:docker (Scored)"
-  check_3_15="$id_3_15  - $desc_3_15"
+  local check="$id  - $desc"
-  starttestjson "$id_3_15" "$desc_3_15"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/var/run/docker.sock"
  if [ -S "$file" ]; then
    if [ "$(stat -c %U:%G $file)" = 'root:docker' ]; then
-      pass "$check_3_15"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_15"
+      warn "$check"
      warn "      * Wrong ownership for $file"
      resulttestjson "WARN" "Wrong ownership for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_15"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -469,26 +469,26 @@ check_3_15() {
 # 3.16
 check_3_16() {
-  id_3_16="3.16"
+  local id="3.16"
-  desc_3_16="Ensure that the Docker socket file permissions are set to 660 or more restrictively (Scored)"
+  local desc="Ensure that the Docker socket file permissions are set to 660 or more restrictively (Scored)"
-  check_3_16="$id_3_16  - $desc_3_16"
+  local check="$id  - $desc"
-  starttestjson "$id_3_16" "$desc_3_16"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/var/run/docker.sock"
  if [ -S "$file" ]; then
    if [ "$(stat -c %a $file)" -le 660 ]; then
-      pass "$check_3_16"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_16"
+      warn "$check"
      warn "      * Wrong permissions for $file"
      resulttestjson "WARN" "Wrong permissions for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_16"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -497,26 +497,26 @@ check_3_16() {
 # 3.17
 check_3_17() {
-  id_3_17="3.17"
+  local id="3.17"
-  desc_3_17="Ensure that the daemon.json file ownership is set to root:root (Scored)"
+  local desc="Ensure that the daemon.json file ownership is set to root:root (Scored)"
-  check_3_17="$id_3_17  - $desc_3_17"
+  local check="$id  - $desc"
-  starttestjson "$id_3_17" "$desc_3_17"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/docker/daemon.json"
  if [ -f "$file" ]; then
    if [ "$(stat -c %U:%G $file)" = 'root:root' ]; then
-      pass "$check_3_17"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_17"
+      warn "$check"
      warn "      * Wrong ownership for $file"
      resulttestjson "WARN" "Wrong ownership for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_17"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -525,26 +525,26 @@ check_3_17() {
 # 3.18
 check_3_18() {
-  id_3_18="3.18"
+  local id="3.18"
-  desc_3_18="Ensure that daemon.json file permissions are set to 644 or more restrictive (Scored)"
+  local desc="Ensure that daemon.json file permissions are set to 644 or more restrictive (Scored)"
-  check_3_18="$id_3_18  - $desc_3_18"
+  local check="$id  - $desc"
-  starttestjson "$id_3_18" "$desc_3_18"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/docker/daemon.json"
  if [ -f "$file" ]; then
    if [ "$(stat -c %a $file)" -le 644 ]; then
-      pass "$check_3_18"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_18"
+      warn "$check"
      warn "      * Wrong permissions for $file"
      resulttestjson "WARN" "Wrong permissions for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_18"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -553,26 +553,26 @@ check_3_18() {
 # 3.19
 check_3_19() {
-  id_3_19="3.19"
+  local id="3.19"
-  desc_3_19="Ensure that the /etc/default/docker file ownership is set to root:root (Scored)"
+  local desc="Ensure that the /etc/default/docker file ownership is set to root:root (Scored)"
-  check_3_19="$id_3_19  - $desc_3_19"
+  local check="$id  - $desc"
-  starttestjson "$id_3_19" "$desc_3_19"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/default/docker"
  if [ -f "$file" ]; then
    if [ "$(stat -c %U:%G $file)" = 'root:root' ]; then
-      pass "$check_3_19"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_19"
+      warn "$check"
      warn "      * Wrong ownership for $file"
      resulttestjson "WARN" "Wrong ownership for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_19"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -581,26 +581,26 @@ check_3_19() {
 # 3.20
 check_3_20() {
-  id_3_20="3.20"
+  local id="3.20"
-  desc_3_20="Ensure that the /etc/sysconfig/docker file ownership is set to root:root (Scored)"
+  local desc="Ensure that the /etc/sysconfig/docker file ownership is set to root:root (Scored)"
-  check_3_20="$id_3_20  - $desc_3_20"
+  local check="$id  - $desc"
-  starttestjson "$id_3_20" "$desc_3_20"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/sysconfig/docker"
  if [ -f "$file" ]; then
    if [ "$(stat -c %U:%G $file)" = 'root:root' ]; then
-      pass "$check_3_20"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_20"
+      warn "$check"
      warn "      * Wrong ownership for $file"
      resulttestjson "WARN" "Wrong ownership for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_20"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -609,26 +609,26 @@ check_3_20() {
 # 3.21
 check_3_21() {
-  id_3_21="3.21"
+  local id="3.21"
-  desc_3_21="Ensure that the /etc/sysconfig/docker file permissions are set to 644 or more restrictively (Scored)"
+  local desc="Ensure that the /etc/sysconfig/docker file permissions are set to 644 or more restrictively (Scored)"
-  check_3_21="$id_3_21  - $desc_3_21"
+  local check="$id  - $desc"
-  starttestjson "$id_3_21" "$desc_3_21"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/sysconfig/docker"
  if [ -f "$file" ]; then
    if [ "$(stat -c %a $file)" -le 644 ]; then
-      pass "$check_3_21"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_21"
+      warn "$check"
      warn "      * Wrong permissions for $file"
      resulttestjson "WARN" "Wrong permissions for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_21"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
@ -637,26 +637,26 @@ check_3_21() {
 # 3.22
 check_3_22() {
-  id_3_22="3.22"
+  local id="3.22"
-  desc_3_22="Ensure that the /etc/default/docker file permissions are set to 644 or more restrictively (Scored)"
+  local desc="Ensure that the /etc/default/docker file permissions are set to 644 or more restrictively (Scored)"
-  check_3_22="$id_3_22  - $desc_3_22"
+  local check="$id  - $desc"
-  starttestjson "$id_3_22" "$desc_3_22"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  file="/etc/default/docker"
  if [ -f "$file" ]; then
    if [ "$(stat -c %a $file)" -le 644 ]; then
-      pass "$check_3_22"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_3_22"
+      warn "$check"
      warn "      * Wrong permissions for $file"
      resulttestjson "WARN" "Wrong permissions for $file"
      currentScore=$((currentScore - 1))
    fi
  else
-    info "$check_3_22"
+    info "$check"
    info "      * File not found"
    resulttestjson "INFO" "File not found"
    currentScore=$((currentScore + 0))
--- a/tests/4_container_images.sh
+++ b/tests/4_container_images.sh
@ -2,25 +2,25 @@
 check_4() {
  logit "\n"
-  id_4="4"
+  local id="4"
-  desc_4="Container Images and Build File"
+  local desc="Container Images and Build File"
-  check_4="$id_4 - $desc_4"
+  local check="$id - $desc"
-  info "$check_4"
+  info "$check"
-  startsectionjson "$id_4" "$desc_4"
+  startsectionjson "$id" "$desc"
 }
 # 4.1
 check_4_1() {
-  id_4_1="4.1"
+  local id="4.1"
-  desc_4_1="Ensure that a user for the container has been created (Scored)"
+  local desc="Ensure that a user for the container has been created (Scored)"
-  check_4_1="$id_4_1  - $desc_4_1"
+  local check="$id  - $desc"
-  starttestjson "$id_4_1" "$desc_4_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  # If container_users is empty, there are no running containers
  if [ -z "$containers" ]; then
-    info "$check_4_1"
+    info "$check"
    info "     * No containers running"
    resulttestjson "INFO" "No containers running"
    currentScore=$((currentScore + 0))
@ -37,7 +37,7 @@ check_4_1() {
      if [ "$user" = "User=0" ] || [ "$user" = "User=root" ] || [ "$user" = "User=" ] || [ "$user" = "User=[]" ] || [ "$user" = "User=<no value>" ]; then
        # If it's the first container, fail the test
        if [ $fail -eq 0 ]; then
-          warn "$check_4_1"
+          warn "$check"
          warn "     * Running as root: $c"
          root_containers="$root_containers $c"
          fail=1
@ -49,7 +49,7 @@ check_4_1() {
    done
    # We went through all the containers and found none running as root
    if [ $fail -eq 0 ]; then
-        pass "$check_4_1"
+        pass "$check"
        resulttestjson "PASS"
        currentScore=$((currentScore + 1))
    else
@ -63,57 +63,57 @@ check_4_1() {
 # 4.2
 check_4_2() {
-  id_4_2="4.2"
+  local id="4.2"
-  desc_4_2="Ensure that containers use only trusted base images (Not Scored)"
+  local desc="Ensure that containers use only trusted base images (Not Scored)"
-  check_4_2="$id_4_2  - $desc_4_2"
+  local check="$id  - $desc"
-  starttestjson "$id_4_2" "$desc_4_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_4_2"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
 # 4.3
 check_4_3() {
-  id_4_3="4.3"
+  local id="4.3"
-  desc_4_3="Ensure that unnecessary packages are not installed in the container (Not Scored)"
+  local desc="Ensure that unnecessary packages are not installed in the container (Not Scored)"
-  check_4_3="$id_4_3  - $desc_4_3"
+  local check="$id  - $desc"
-  starttestjson "$id_4_3" "$desc_4_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_4_3"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
 # 4.4
 check_4_4() {
-  id_4_4="4.4"
+  local id="4.4"
-  desc_4_4="Ensure images are scanned and rebuilt to include security patches (Not Scored)"
+  local desc="Ensure images are scanned and rebuilt to include security patches (Not Scored)"
-  check_4_4="$id_4_4  - $desc_4_4"
+  local check="$id  - $desc"
-  starttestjson "$id_4_4" "$desc_4_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_4_4"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
 # 4.5
 check_4_5() {
-  id_4_5="4.5"
+  local id="4.5"
-  desc_4_5="Ensure Content trust for Docker is Enabled (Scored)"
+  local desc="Ensure Content trust for Docker is Enabled (Scored)"
-  check_4_5="$id_4_5  - $desc_4_5"
+  local check="$id  - $desc"
-  starttestjson "$id_4_5" "$desc_4_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if [ "x$DOCKER_CONTENT_TRUST" = "x1" ]; then
-    pass "$check_4_5"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_4_5"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -121,10 +121,10 @@ check_4_5() {
 # 4.6
 check_4_6() {
-  id_4_6="4.6"
+  local id="4.6"
-  desc_4_6="Ensure that HEALTHCHECK instructions have been added to container images (Scored)"
+  local desc="Ensure that HEALTHCHECK instructions have been added to container images (Scored)"
-  check_4_6="$id_4_6  - $desc_4_6"
+  local check="$id  - $desc"
-  starttestjson "$id_4_6" "$desc_4_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  fail=0
@ -133,7 +133,7 @@ check_4_6() {
    if docker inspect --format='{{.Config.Healthcheck}}' "$img" 2>/dev/null | grep -e "<nil>" >/dev/null 2>&1; then
      if [ $fail -eq 0 ]; then
        fail=1
-        warn "$check_4_6"
+        warn "$check"
      fi
      imgName=$(docker inspect --format='{{.RepoTags}}' "$img" 2>/dev/null)
      if ! [ "$imgName" = '[]' ]; then
@ -146,7 +146,7 @@ check_4_6() {
    fi
  done
  if [ $fail -eq 0 ]; then
-    pass "$check_4_6"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
@ -157,10 +157,10 @@ check_4_6() {
 # 4.7
 check_4_7() {
-  id_4_7="4.7"
+  local id="4.7"
-  desc_4_7="Ensure update instructions are not used alone in the Dockerfile (Not Scored)"
+  local desc="Ensure update instructions are not used alone in the Dockerfile (Not Scored)"
-  check_4_7="$id_4_7  - $desc_4_7"
+  local check="$id  - $desc"
-  starttestjson "$id_4_7" "$desc_4_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  fail=0
@ -169,7 +169,7 @@ check_4_7() {
    if docker history "$img" 2>/dev/null | grep -e "update" >/dev/null 2>&1; then
      if [ $fail -eq 0 ]; then
        fail=1
-        info "$check_4_7"
+        info "$check"
      fi
      imgName=$(docker inspect --format='{{.RepoTags}}' "$img" 2>/dev/null)
      if ! [ "$imgName" = '[]' ]; then
@ -179,7 +179,7 @@ check_4_7() {
    fi
  done
  if [ $fail -eq 0 ]; then
-    pass "$check_4_7"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 0))
  else
@ -190,23 +190,23 @@ check_4_7() {
 # 4.8
 check_4_8() {
-  id_4_8="4.8"
+  local id="4.8"
-  desc_4_8="Ensure setuid and setgid permissions are removed (Not Scored)"
+  local desc="Ensure setuid and setgid permissions are removed (Not Scored)"
-  check_4_8="$id_4_8  - $desc_4_8"
+  local check="$id  - $desc"
-  starttestjson "$id_4_8" "$desc_4_8"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_4_8"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
 # 4.9
 check_4_9() {
-  id_4_9="4.9"
+  local id="4.9"
-  desc_4_9="Ensure that COPY is used instead of ADD in Dockerfiles (Not Scored)"
+  local desc="Ensure that COPY is used instead of ADD in Dockerfiles (Not Scored)"
-  check_4_9="$id_4_9  - $desc_4_9"
+  local check="$id  - $desc"
-  starttestjson "$id_4_9" "$desc_4_9"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  fail=0
@ -216,7 +216,7 @@ check_4_9() {
      sed '$d' | grep -q 'ADD'; then
      if [ $fail -eq 0 ]; then
        fail=1
-        info "$check_4_9"
+        info "$check"
      fi
      imgName=$(docker inspect --format='{{.RepoTags}}' "$img" 2>/dev/null)
      if ! [ "$imgName" = '[]' ]; then
@ -227,7 +227,7 @@ check_4_9() {
    fi
  done
  if [ $fail -eq 0 ]; then
-    pass "$check_4_9"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 0))
  else
@ -237,26 +237,26 @@ check_4_9() {
 # 4.10
 check_4_10() {
-  id_4_10="4.10"
+  local id="4.10"
-  desc_4_10="Ensure secrets are not stored in Dockerfiles (Not Scored)"
+  local desc="Ensure secrets are not stored in Dockerfiles (Not Scored)"
-  check_4_10="$id_4_10  - $desc_4_10"
+  local check="$id  - $desc"
-  starttestjson "$id_4_10" "$desc_4_10"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_4_10"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
 # 4.11
 check_4_11() {
-  id_4_11="4.11"
+  local id="4.11"
-  desc_4_11="Ensure only verified packages are are installed (Not Scored)"
+  local desc="Ensure only verified packages are are installed (Not Scored)"
-  check_4_11="$id_4_11  - $desc_4_11"
+  local check="$id  - $desc"
-  starttestjson "$id_4_11" "$desc_4_11"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_4_11"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
--- a/tests/5_container_runtime.sh
+++ b/tests/5_container_runtime.sh
@ -2,11 +2,11 @@
 check_5() {
  logit "\n"
-  id_5="5"
+  local id="5"
-  desc_5="Container Runtime"
+  local desc="Container Runtime"
-  check_5="$id_5 - $desc_5"
+  local check="$id - $desc"
-  info "$check_5"
+  info "$check"
-  startsectionjson "$id_5" "$desc_5"
+  startsectionjson "$id" "$desc"
 }
 check_running_containers() {
@ -28,10 +28,10 @@ check_5_1() {
    return
  fi
-  id_5_1="5.1"
+  local id="5.1"
-  desc_5_1="Ensure that, if applicable, an AppArmor Profile is enabled (Scored)"
+  local desc="Ensure that, if applicable, an AppArmor Profile is enabled (Scored)"
-  check_5_1="$id_5_1  - $desc_5_1"
+  local check="$id  - $desc"
-  starttestjson "$id_5_1" "$desc_5_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -43,7 +43,7 @@ check_5_1() {
    if [ "$policy" = "AppArmorProfile=" ] || [ "$policy" = "AppArmorProfile=[]" ] || [ "$policy" = "AppArmorProfile=<no value>" ] || [ "$policy" = "AppArmorProfile=unconfined" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_1"
+        warn "$check"
        warn "     * No AppArmorProfile Found: $c"
 	no_apparmor_containers="$no_apparmor_containers $c"
        fail=1
@ -55,7 +55,7 @@ check_5_1() {
  done
  # We went through all the containers and found none without AppArmor
  if [ $fail -eq 0 ]; then
-      pass "$check_5_1"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -70,10 +70,10 @@ check_5_2() {
    return
  fi
-  id_5_2="5.2"
+  local id="5.2"
-  desc_5_2="Ensure that, if applicable, SELinux security options are set (Scored)"
+  local desc="Ensure that, if applicable, SELinux security options are set (Scored)"
-  check_5_2="$id_5_2  - $desc_5_2"
+  local check="$id  - $desc"
-  starttestjson "$id_5_2" "$desc_5_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -85,7 +85,7 @@ check_5_2() {
    if [ "$policy" = "SecurityOpt=" ] || [ "$policy" = "SecurityOpt=[]" ] || [ "$policy" = "SecurityOpt=<no value>" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_2"
+        warn "$check"
        warn "     * No SecurityOptions Found: $c"
 	no_securityoptions_containers="$no_securityoptions_containers $c"
        fail=1
@ -97,7 +97,7 @@ check_5_2() {
  done
  # We went through all the containers and found none without SELinux
  if [ $fail -eq 0 ]; then
-      pass "$check_5_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -112,10 +112,10 @@ check_5_3() {
    return
  fi
-  id_5_3="5.3"
+  local id="5.3"
-  desc_5_3="Ensure that Linux kernel capabilities are restricted within containers (Scored)"
+  local desc="Ensure that Linux kernel capabilities are restricted within containers (Scored)"
-  check_5_3="$id_5_3  - $desc_5_3"
+  local check="$id  - $desc"
-  starttestjson "$id_5_3" "$desc_5_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -130,7 +130,7 @@ check_5_3() {
    if [ "$caps" != 'CapAdd=' ] && [ "$caps" != 'CapAdd=[]' ] && [ "$caps" != 'CapAdd=<no value>' ] && [ "$caps" != 'CapAdd=<nil>' ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_3"
+        warn "$check"
        warn "     * Capabilities added: $caps to $c"
 	caps_containers="$caps_containers $c"
        fail=1
@ -142,7 +142,7 @@ check_5_3() {
  done
  # We went through all the containers and found none with extra capabilities
  if [ $fail -eq 0 ]; then
-      pass "$check_5_3"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -157,10 +157,10 @@ check_5_4() {
    return
  fi
-  id_5_4="5.4"
+  local id="5.4"
-  desc_5_4="Ensure that privileged containers are not used (Scored)"
+  local desc="Ensure that privileged containers are not used (Scored)"
-  check_5_4="$id_5_4  - $desc_5_4"
+  local check="$id  - $desc"
-  starttestjson "$id_5_4" "$desc_5_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -172,7 +172,7 @@ check_5_4() {
    if [ "$privileged" = "true" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_4"
+        warn "$check"
        warn "     * Container running in Privileged mode: $c"
 	privileged_containers="$privileged_containers $c"
        fail=1
@ -184,7 +184,7 @@ check_5_4() {
  done
  # We went through all the containers and found no privileged containers
  if [ $fail -eq 0 ]; then
-      pass "$check_5_4"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -199,10 +199,10 @@ check_5_5() {
    return
  fi
-  id_5_5="5.5"
+  local id="5.5"
-  desc_5_5="Ensure sensitive host system directories are not mounted on containers (Scored)"
+  local desc="Ensure sensitive host system directories are not mounted on containers (Scored)"
-  check_5_5="$id_5_5  - $desc_5_5"
+  local check="$id  - $desc"
-  starttestjson "$id_5_5" "$desc_5_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -233,7 +233,7 @@ check_5_5() {
      if [ $sensitive -eq 1 ]; then
        # If it's the first container, fail the test
        if [ $fail -eq 0 ]; then
-          warn "$check_5_5"
+          warn "$check"
          warn "     * Sensitive directory $v mounted in: $c"
 	  sensitive_mount_containers="$sensitive_mount_containers $c:$v"
          fail=1
@ -246,7 +246,7 @@ check_5_5() {
  done
  # We went through all the containers and found none with sensitive mounts
  if [ $fail -eq 0 ]; then
-      pass "$check_5_5"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -261,10 +261,10 @@ check_5_6() {
    return
  fi
-  id_5_6="5.6"
+  local id="5.6"
-  desc_5_6="Ensure sshd is not run within containers (Scored)"
+  local desc="Ensure sshd is not run within containers (Scored)"
-  check_5_6="$id_5_6  - $desc_5_6"
+  local check="$id  - $desc"
-  starttestjson "$id_5_6" "$desc_5_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -277,7 +277,7 @@ check_5_6() {
    if [ "$processes" -ge 1 ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_6"
+        warn "$check"
        warn "     * Container running sshd: $c"
 	ssh_exec_containers="$ssh_exec_containers $c"
        fail=1
@ -291,7 +291,7 @@ check_5_6() {
    exec_check=$(docker exec "$c" ps -el 2>/dev/null)
    if [ $? -eq 255 ]; then
        if [ $printcheck -eq 0 ]; then
-          warn "$check_5_6"
+          warn "$check"
          printcheck=1
        fi
      warn "     * Docker exec fails: $c"
@ -302,7 +302,7 @@ check_5_6() {
  done
  # We went through all the containers and found none with sshd
  if [ $fail -eq 0 ]; then
-      pass "$check_5_6"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -317,10 +317,10 @@ check_5_7() {
    return
  fi
-  id_5_7="5.7"
+  local id="5.7"
-  desc_5_7="Ensure privileged ports are not mapped within containers (Scored)"
+  local desc="Ensure privileged ports are not mapped within containers (Scored)"
-  check_5_7="$id_5_7  - $desc_5_7"
+  local check="$id  - $desc"
-  starttestjson "$id_5_7" "$desc_5_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -335,7 +335,7 @@ check_5_7() {
    if [ -n "$port" ] && [ "$port" -lt 1024 ]; then
        # If it's the first container, fail the test
        if [ $fail -eq 0 ]; then
-          warn "$check_5_7"
+          warn "$check"
          warn "     * Privileged Port in use: $port in $c"
 	  privileged_port_containers="$privileged_port_containers $c:$port"
          fail=1
@ -348,7 +348,7 @@ check_5_7() {
  done
  # We went through all the containers and found no privileged ports
  if [ $fail -eq 0 ]; then
-      pass "$check_5_7"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -363,13 +363,13 @@ check_5_8() {
    return
  fi
-  id_5_8="5.8"
+  local id="5.8"
-  desc_5_8="Ensure that only needed ports are open on the container (Not Scored)"
+  local desc="Ensure that only needed ports are open on the container (Not Scored)"
-  check_5_8="$id_5_8  - $desc_5_8"
+  local check="$id  - $desc"
-  starttestjson "$id_5_8" "$desc_5_8"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_5_8"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
@ -380,10 +380,10 @@ check_5_9() {
    return
  fi
-  id_5_9="5.9"
+  local id="5.9"
-  desc_5_9="Ensure that the host's network namespace is not shared (Scored)"
+  local desc="Ensure that the host's network namespace is not shared (Scored)"
-  check_5_9="$id_5_9  - $desc_5_9"
+  local check="$id  - $desc"
-  starttestjson "$id_5_9" "$desc_5_9"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -395,7 +395,7 @@ check_5_9() {
    if [ "$mode" = "NetworkMode=host" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_9"
+        warn "$check"
        warn "     * Container running with networking mode 'host': $c"
 	net_host_containers="$net_host_containers $c"
        fail=1
@ -407,7 +407,7 @@ check_5_9() {
  done
  # We went through all the containers and found no Network Mode host
  if [ $fail -eq 0 ]; then
-      pass "$check_5_9"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 0))
  else
@ -422,10 +422,10 @@ check_5_10() {
    return
  fi
-  id_5_10="5.10"
+  local id="5.10"
-  desc_5_10="Ensure that the memory usage for containers is limited (Scored)"
+  local desc="Ensure that the memory usage for containers is limited (Scored)"
-  check_5_10="$id_5_10  - $desc_5_10"
+  local check="$id  - $desc"
-  starttestjson "$id_5_10" "$desc_5_10"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -441,7 +441,7 @@ check_5_10() {
    if [ "$memory" = "0" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_10"
+        warn "$check"
        warn "     * Container running without memory restrictions: $c"
 	mem_unlimited_containers="$mem_unlimited_containers $c"
        fail=1
@ -453,7 +453,7 @@ check_5_10() {
  done
  # We went through all the containers and found no lack of Memory restrictions
  if [ $fail -eq 0 ]; then
-      pass "$check_5_10"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -468,10 +468,10 @@ check_5_11() {
    return
  fi
-  id_5_11="5.11"
+  local id="5.11"
-  desc_5_11="Ensure that CPU priority is set appropriately on containers (Scored)"
+  local desc="Ensure that CPU priority is set appropriately on containers (Scored)"
-  check_5_11="$id_5_11  - $desc_5_11"
+  local check="$id  - $desc"
-  starttestjson "$id_5_11" "$desc_5_11"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -487,7 +487,7 @@ check_5_11() {
    if [ "$shares" = "0" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_11"
+        warn "$check"
        warn "     * Container running without CPU restrictions: $c"
        cpu_unlimited_containers="$cpu_unlimited_containers $c"
        fail=1
@ -499,7 +499,7 @@ check_5_11() {
  done
  # We went through all the containers and found no lack of CPUShare restrictions
  if [ $fail -eq 0 ]; then
-      pass "$check_5_11"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -514,10 +514,10 @@ check_5_12() {
    return
  fi
-  id_5_12="5.12"
+  local id="5.12"
-  desc_5_12="Ensure that the container's root filesystem is mounted as read only (Scored)"
+  local desc="Ensure that the container's root filesystem is mounted as read only (Scored)"
-  check_5_12="$id_5_12  - $desc_5_12"
+  local check="$id  - $desc"
-  starttestjson "$id_5_12" "$desc_5_12"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -529,7 +529,7 @@ check_5_12() {
    if [ "$read_status" = "false" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_12"
+        warn "$check"
        warn "     * Container running with root FS mounted R/W: $c"
 	fsroot_mount_containers="$fsroot_mount_containers $c"
        fail=1
@ -541,7 +541,7 @@ check_5_12() {
  done
  # We went through all the containers and found no R/W FS mounts
  if [ $fail -eq 0 ]; then
-      pass "$check_5_12"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -556,10 +556,10 @@ check_5_13() {
    return
  fi
-  id_5_13="5.13"
+  local id="5.13"
-  desc_5_13="Ensure that incoming container traffic is bound to a specific host interface (Scored)"
+  local desc="Ensure that incoming container traffic is bound to a specific host interface (Scored)"
-  check_5_13="$id_5_13  - $desc_5_13"
+  local check="$id  - $desc"
-  starttestjson "$id_5_13" "$desc_5_13"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -570,7 +570,7 @@ check_5_13() {
      if [ "$ip" = "0.0.0.0" ]; then
        # If it's the first container, fail the test
        if [ $fail -eq 0 ]; then
-          warn "$check_5_13"
+          warn "$check"
          warn "     * Port being bound to wildcard IP: $ip in $c"
          incoming_unbound_containers="$incoming_unbound_containers $c:$ip"
          fail=1
@ -583,7 +583,7 @@ check_5_13() {
  done
  # We went through all the containers and found no ports bound to 0.0.0.0
  if [ $fail -eq 0 ]; then
-      pass "$check_5_13"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -598,10 +598,10 @@ check_5_14() {
    return
  fi
-  id_5_14="5.14"
+  local id="5.14"
-  desc_5_14="Ensure that the 'on-failure' container restart policy is set to '5' (Scored)"
+  local desc="Ensure that the 'on-failure' container restart policy is set to '5' (Scored)"
-  check_5_14="$id_5_14  - $desc_5_14"
+  local check="$id  - $desc"
-  starttestjson "$id_5_14" "$desc_5_14"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -613,7 +613,7 @@ check_5_14() {
    if [ "$policy" != "MaximumRetryCount=5" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_14"
+        warn "$check"
        warn "     * MaximumRetryCount is not set to 5: $c"
 	maxretry_unset_containers="$maxretry_unset_containers $c"
        fail=1
@ -625,7 +625,7 @@ check_5_14() {
  done
  # We went through all the containers and they all had MaximumRetryCount=5
  if [ $fail -eq 0 ]; then
-      pass "$check_5_14"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -640,10 +640,10 @@ check_5_15() {
    return
  fi
-  id_5_15="5.15"
+  local id="5.15"
-  desc_5_15="Ensure that the host's process namespace is not shared (Scored)"
+  local desc="Ensure that the host's process namespace is not shared (Scored)"
-  check_5_15="$id_5_15  - $desc_5_15"
+  local check="$id  - $desc"
-  starttestjson "$id_5_15" "$desc_5_15"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -655,7 +655,7 @@ check_5_15() {
    if [ "$mode" = "PidMode=host" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_15"
+        warn "$check"
        warn "     * Host PID namespace being shared with: $c"
        pidns_shared_containers="$pidns_shared_containers $c"
        fail=1
@ -667,7 +667,7 @@ check_5_15() {
  done
  # We went through all the containers and found none with PidMode as host
  if [ $fail -eq 0 ]; then
-      pass "$check_5_15"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -682,10 +682,10 @@ check_5_16() {
    return
  fi
-  id_5_16="5.16"
+  local id="5.16"
-  desc_5_16="Ensure that the host's IPC namespace is not shared (Scored)"
+  local desc="Ensure that the host's IPC namespace is not shared (Scored)"
-  check_5_16="$id_5_16  - $desc_5_16"
+  local check="$id  - $desc"
-  starttestjson "$id_5_16" "$desc_5_16"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -697,7 +697,7 @@ check_5_16() {
    if [ "$mode" = "IpcMode=host" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_16"
+        warn "$check"
        warn "     * Host IPC namespace being shared with: $c"
        ipcns_shared_containers="$ipcns_shared_containers $c"
        fail=1
@ -709,7 +709,7 @@ check_5_16() {
  done
  # We went through all the containers and found none with IPCMode as host
  if [ $fail -eq 0 ]; then
-      pass "$check_5_16"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -724,10 +724,10 @@ check_5_17() {
    return
  fi
-  id_5_17="5.17"
+  local id="5.17"
-  desc_5_17="Ensure that host devices are not directly exposed to containers (Not Scored)"
+  local desc="Ensure that host devices are not directly exposed to containers (Not Scored)"
-  check_5_17="$id_5_17  - $desc_5_17"
+  local check="$id  - $desc"
-  starttestjson "$id_5_17" "$desc_5_17"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -739,7 +739,7 @@ check_5_17() {
    if [ "$devices" != "Devices=" ] && [ "$devices" != "Devices=[]" ] && [ "$devices" != "Devices=<no value>" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        info "$check_5_17"
+        info "$check"
        info "     * Container has devices exposed directly: $c"
        hostdev_exposed_containers="$hostdev_exposed_containers $c"
        fail=1
@ -751,7 +751,7 @@ check_5_17() {
  done
  # We went through all the containers and found none with devices
  if [ $fail -eq 0 ]; then
-      pass "$check_5_17"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -766,10 +766,10 @@ check_5_18() {
    return
  fi
-  id_5_18="5.18"
+  local id="5.18"
-  desc_5_18="Ensure that the default ulimit is overwritten at runtime if needed (Not Scored)"
+  local desc="Ensure that the default ulimit is overwritten at runtime if needed (Not Scored)"
-  check_5_18="$id_5_18  - $desc_5_18"
+  local check="$id  - $desc"
-  starttestjson "$id_5_18" "$desc_5_18"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -781,7 +781,7 @@ check_5_18() {
    if [ "$ulimits" = "Ulimits=" ] || [ "$ulimits" = "Ulimits=[]" ] || [ "$ulimits" = "Ulimits=<no value>" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        info "$check_5_18"
+        info "$check"
        info "     * Container no default ulimit override: $c"
        no_ulimit_containers="$no_ulimit_containers $c"
        fail=1
@ -793,7 +793,7 @@ check_5_18() {
  done
  # We went through all the containers and found none without Ulimits
  if [ $fail -eq 0 ]; then
-      pass "$check_5_18"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -808,10 +808,10 @@ check_5_19() {
    return
  fi
-  id_5_19="5.19"
+  local id="5.19"
-  desc_5_19="Ensure mount propagation mode is not set to shared (Scored)"
+  local desc="Ensure mount propagation mode is not set to shared (Scored)"
-  check_5_19="$id_5_19  - $desc_5_19"
+  local check="$id  - $desc"
-  starttestjson "$id_5_19" "$desc_5_19"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -822,7 +822,7 @@ check_5_19() {
     grep shared 2>/dev/null 1>&2; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_19"
+        warn "$check"
        warn "     * Mount propagation mode is shared: $c"
        mountprop_shared_containers="$mountprop_shared_containers $c"
        fail=1
@ -834,7 +834,7 @@ check_5_19() {
  done
  # We went through all the containers and found none with shared propagation mode
  if [ $fail -eq 0 ]; then
-      pass "$check_5_19"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -849,10 +849,10 @@ check_5_20() {
    return
  fi
-  id_5_20="5.20"
+  local id="5.20"
-  desc_5_20="Ensure that the host's UTS namespace is not shared (Scored)"
+  local desc="Ensure that the host's UTS namespace is not shared (Scored)"
-  check_5_20="$id_5_20  - $desc_5_20"
+  local check="$id  - $desc"
-  starttestjson "$id_5_20" "$desc_5_20"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -864,7 +864,7 @@ check_5_20() {
    if [ "$mode" = "UTSMode=host" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_20"
+        warn "$check"
        warn "     * Host UTS namespace being shared with: $c"
        utcns_shared_containers="$utcns_shared_containers $c"
        fail=1
@ -876,7 +876,7 @@ check_5_20() {
  done
  # We went through all the containers and found none with UTSMode as host
  if [ $fail -eq 0 ]; then
-      pass "$check_5_20"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -891,10 +891,10 @@ check_5_21() {
    return
  fi
-  id_5_21="5.21"
+  local id="5.21"
-  desc_5_21="Ensurethe default seccomp profile is not Disabled (Scored)"
+  local desc="Ensurethe default seccomp profile is not Disabled (Scored)"
-  check_5_21="$id_5_21  - $desc_5_21"
+  local check="$id  - $desc"
-  starttestjson "$id_5_21" "$desc_5_21"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -905,7 +905,7 @@ check_5_21() {
      grep -E 'seccomp:unconfined|seccomp=unconfined' 2>/dev/null 1>&2; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_21"
+        warn "$check"
        warn "     * Default seccomp profile disabled: $c"
        seccomp_disabled_containers="$seccomp_disabled_containers $c"
        fail=1
@ -917,7 +917,7 @@ check_5_21() {
  done
  # We went through all the containers and found none with default secomp profile disabled
  if [ $fail -eq 0 ]; then
-      pass "$check_5_21"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -932,13 +932,13 @@ check_5_22() {
    return
  fi
-  id_5_22="5.22"
+  local id="5.22"
-  desc_5_22="Ensure that docker exec commands are not used with the privileged option (Scored)"
+  local desc="Ensure that docker exec commands are not used with the privileged option (Scored)"
-  check_5_22="$id_5_22  - $desc_5_22"
+  local check="$id  - $desc"
-  starttestjson "$id_5_22" "$desc_5_22"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_5_22"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
@ -949,13 +949,13 @@ check_5_23() {
    return
  fi
-  id_5_23="5.23"
+  local id="5.23"
-  desc_5_23="Ensure that docker exec commands are not used with the user=root option (Not Scored)"
+  local desc="Ensure that docker exec commands are not used with the user=root option (Not Scored)"
-  check_5_23="$id_5_23  - $desc_5_23"
+  local check="$id  - $desc"
-  starttestjson "$id_5_23" "$desc_5_23"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_5_23"
+  note "$check"
  resulttestjson "NOTE"
  currentScore=$((currentScore + 0))
 }
@ -966,10 +966,10 @@ check_5_24() {
    return
  fi
-  id_5_24="5.24"
+  local id="5.24"
-  desc_5_24="Ensure that cgroup usage is confirmed (Scored)"
+  local desc="Ensure that cgroup usage is confirmed (Scored)"
-  check_5_24="$id_5_24  - $desc_5_24"
+  local check="$id  - $desc"
-  starttestjson "$id_5_24" "$desc_5_24"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -981,7 +981,7 @@ check_5_24() {
    if [ "$mode" != "CgroupParent=x" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_24"
+        warn "$check"
        warn "     * Confirm cgroup usage: $c"
        unexpected_cgroup_containers="$unexpected_cgroup_containers $c"
        fail=1
@ -993,7 +993,7 @@ check_5_24() {
  done
  # We went through all the containers and found none with UTSMode as host
  if [ $fail -eq 0 ]; then
-      pass "$check_5_24"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -1007,10 +1007,10 @@ check_5_25() {
  if [ "$running_containers" -ne 1 ]; then
    return
  fi
-  id_5_25="5.25"
+  local id="5.25"
-  desc_5_25="Ensure that the container is restricted from acquiring additional privileges (Scored)"
+  local desc="Ensure that the container is restricted from acquiring additional privileges (Scored)"
-  check_5_25="$id_5_25  - $desc_5_25"
+  local check="$id  - $desc"
-  starttestjson "$id_5_25" "$desc_5_25"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -1020,7 +1020,7 @@ check_5_25() {
    if ! docker inspect --format 'SecurityOpt={{.HostConfig.SecurityOpt }}' "$c" | grep 'no-new-privileges' 2>/dev/null 1>&2; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_25"
+        warn "$check"
        warn "     * Privileges not restricted: $c"
        addprivs_containers="$addprivs_containers $c"
        fail=1
@ -1032,7 +1032,7 @@ check_5_25() {
  done
  # We went through all the containers and found none with capability to acquire additional privileges
  if [ $fail -eq 0 ]; then
-      pass "$check_5_25"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -1047,30 +1047,30 @@ check_5_26() {
    return
  fi
-  id_5_26="5.26"
+  local id="5.26"
-  desc_5_26="Ensure that container health is checked at runtime (Scored)"
+  local desc="Ensure that container health is checked at runtime (Scored)"
-  check_5_26="$id_5_26  - $desc_5_26"
+  local check="$id  - $desc"
-  starttestjson "$id_5_26" "$desc_5_26"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  fail=0
-  nohealthcheck_containers=""
+  nohealthlocal check=""
  for c in $containers; do
    if ! docker inspect --format '{{ .Id }}: Health={{ .State.Health.Status }}' "$c" 2>/dev/null 1>&2; then
      if [ $fail -eq 0 ]; then
-        warn "$check_5_26"
+        warn "$check"
        warn "     * Health check not set: $c"
-        nohealthcheck_containers="$nohealthcheck_containers $c"
+        nohealthlocal check="$nohealthcheck_containers $c"
        fail=1
      else
        warn "     * Health check not set: $c"
-        nohealthcheck_containers="$nohealthcheck_containers $c"
+        nohealthlocal check="$nohealthcheck_containers $c"
      fi
    fi
  done
  if [ $fail -eq 0 ]; then
-      pass "$check_5_26"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -1085,13 +1085,13 @@ check_5_27() {
    return
  fi
-  id_5_27="5.27"
+  local id="5.27"
-  desc_5_27="Ensure that Docker commands always make use of the latest version of their image (Not Scored)"
+  local desc="Ensure that Docker commands always make use of the latest version of their image (Not Scored)"
-  check_5_27="$id_5_27  - $desc_5_27"
+  local check="$id  - $desc"
-  starttestjson "$id_5_27" "$desc_5_27"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  info "$check_5_27"
+  info "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -1102,10 +1102,10 @@ check_5_28() {
    return
  fi
-  id_5_28="5.28"
+  local id="5.28"
-  desc_5_28="Ensure that the PIDs cgroup limit is used (Scored)"
+  local desc="Ensure that the PIDs cgroup limit is used (Scored)"
-  check_5_28="$id_5_28  - $desc_5_28"
+  local check="$id  - $desc"
-  starttestjson "$id_5_28" "$desc_5_28"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -1117,7 +1117,7 @@ check_5_28() {
    if [ "$pidslimit" = "0" ] || [  "$pidslimit" = "<nil>" ] || [  "$pidslimit" = "-1" ]; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_28"
+        warn "$check"
        warn "     * PIDs limit not set: $c"
        nopids_limit_containers="$nopids_limit_containers $c"
        fail=1
@ -1129,7 +1129,7 @@ check_5_28() {
  done
  # We went through all the containers and found all with PIDs limit
  if [ $fail -eq 0 ]; then
-      pass "$check_5_28"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -1144,10 +1144,10 @@ check_5_29() {
    return
  fi
-  id_5_29="5.29"
+  local id="5.29"
-  desc_5_29="Ensure that Docker's default bridge "docker0" is not used (Not Scored)"
+  local desc="Ensure that Docker's default bridge "docker0" is not used (Not Scored)"
-  check_5_29="$id_5_29  - $desc_5_29"
+  local check="$id  - $desc"
-  starttestjson "$id_5_29" "$desc_5_29"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -1161,7 +1161,7 @@ check_5_29() {
        if [ -n "$docker0Containers" ]; then
          if [ $fail -eq 0 ]; then
-            info "$check_5_29"
+            info "$check"
            fail=1
          fi
          for c in $docker0Containers; do
@ -1182,7 +1182,7 @@ check_5_29() {
  done
  # We went through all the containers and found none in docker0 network
  if [ $fail -eq 0 ]; then
-      pass "$check_5_29"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -1197,10 +1197,10 @@ check_5_30() {
    return
  fi
-  id_5_30="5.30"
+  local id="5.30"
-  desc_5_30="Ensure that the host's user namespaces are not shared (Scored)"
+  local desc="Ensure that the host's user namespaces are not shared (Scored)"
-  check_5_30="$id_5_30  - $desc_5_30"
+  local check="$id  - $desc"
-  starttestjson "$id_5_30" "$desc_5_30"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -1210,7 +1210,7 @@ check_5_30() {
    if docker inspect --format '{{ .HostConfig.UsernsMode }}' "$c" 2>/dev/null | grep -i 'host' >/dev/null 2>&1; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_30"
+        warn "$check"
        warn "     * Namespace shared: $c"
        hostns_shared_containers="$hostns_shared_containers $c"
        fail=1
@ -1222,7 +1222,7 @@ check_5_30() {
  done
  # We went through all the containers and found none with host's user namespace shared
  if [ $fail -eq 0 ]; then
-      pass "$check_5_30"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -1237,10 +1237,10 @@ check_5_31() {
    return
  fi
-  id_5_31="5.31"
+  local id="5.31"
-  desc_5_31="Ensure that the Docker socket is not mounted inside any containers (Scored)"
+  local desc="Ensure that the Docker socket is not mounted inside any containers (Scored)"
-  check_5_31="$id_5_31  - $desc_5_31"
+  local check="$id  - $desc"
-  starttestjson "$id_5_31" "$desc_5_31"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
@ -1250,7 +1250,7 @@ check_5_31() {
    if docker inspect --format '{{ .Mounts }}' "$c" 2>/dev/null | grep 'docker.sock' >/dev/null 2>&1; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_5_31"
+        warn "$check"
        warn "     * Docker socket shared: $c"
        docker_sock_containers="$docker_sock_containers $c"
        fail=1
@ -1262,7 +1262,7 @@ check_5_31() {
  done
  # We went through all the containers and found none with docker.sock shared
  if [ $fail -eq 0 ]; then
-      pass "$check_5_31"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
--- a/tests/6_docker_security_operations.sh
+++ b/tests/6_docker_security_operations.sh
@ -2,19 +2,19 @@
 check_6() {
  logit "\n"
-  id_6="6"
+  local id="6"
-  desc_6="Docker Security Operations"
+  local desc="Docker Security Operations"
-  check_6="$id_6 - $desc_6"
+  local check="$id - $desc"
-  info "$check_6"
+  info "$check"
-  startsectionjson "$id_6" "$desc_6"
+  startsectionjson "$id" "$desc"
 }
 # 6.1
 check_6_1() {
-  id_6_1="6.1"
+  local id="6.1"
-  desc_6_1="Ensure that image sprawl is avoided (Not Scored)"
+  local desc="Ensure that image sprawl is avoided (Not Scored)"
-  check_6_1="$id_6_1  - $desc_6_1"
+  local check="$id  - $desc"
-  starttestjson "$id_6_1" "$desc_6_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  images=$(docker images -q | sort -u | wc -l | awk '{print $1}')
@ -26,7 +26,7 @@ check_6_1() {
    fi
  done
-    info "$check_6_1"
+    info "$check"
    info "     * There are currently: $images images"
  if [ "$active_images" -lt "$((images / 2))" ]; then
@ -38,21 +38,21 @@ check_6_1() {
 # 6.2
 check_6_2() {
-  id_6_2="6.2"
+  local id="6.2"
-  desc_6_2="Ensure that container sprawl is avoided (Not Scored)"
+  local desc="Ensure that container sprawl is avoided (Not Scored)"
-  check_6_2="$id_6_2  - $desc_6_2"
+  local check="$id  - $desc"
-  starttestjson "$id_6_2" "$desc_6_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  total_containers=$(docker info 2>/dev/null | grep "Containers" | awk '{print $2}')
  running_containers=$(docker ps -q | wc -l | awk '{print $1}')
  diff="$((total_containers - running_containers))"
  if [ "$diff" -gt 25 ]; then
-    info "$check_6_2"
+    info "$check"
    info "     * There are currently a total of $total_containers containers, with only $running_containers of them currently running"
    resulttestjson "INFO" "$total_containers total/$running_containers running"
  else
-    info "$check_6_2"
+    info "$check"
    info "     * There are currently a total of $total_containers containers, with $running_containers of them currently running"
    resulttestjson "INFO" "$total_containers total/$running_containers running"
  fi
--- a/tests/7_docker_swarm_configuration.sh
+++ b/tests/7_docker_swarm_configuration.sh
@ -2,27 +2,27 @@
 check_7() {
  logit "\n"
-  id_7="7"
+  local id="7"
-  desc_7="Docker Swarm Configuration"
+  local desc="Docker Swarm Configuration"
-  check_7="$id_7 - $desc_7"
+  local check="$id - $desc"
-  info "$check_7"
+  info "$check"
-  startsectionjson "$id_7" "$desc_7"
+  startsectionjson "$id" "$desc"
 }
 # 7.1
 check_7_1() {
-  id_7_1="7.1"
+  local id="7.1"
-  desc_7_1="Ensure swarm mode is not Enabled, if not needed (Scored)"
+  local desc="Ensure swarm mode is not Enabled, if not needed (Scored)"
-  check_7_1="$id_7_1  - $desc_7_1"
+  local check="$id  - $desc"
-  starttestjson "$id_7_1" "$desc_7_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:*\sinactive\s*" >/dev/null 2>&1; then
-    pass "$check_7_1"
+    pass "$check"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  else
-    warn "$check_7_1"
+    warn "$check"
    resulttestjson "WARN"
    currentScore=$((currentScore - 1))
  fi
@ -30,25 +30,25 @@ check_7_1() {
 # 7.2
 check_7_2() {
-  id_7_2="7.2"
+  local id="7.2"
-  desc_7_2="Ensure that the minimum number of manager nodes have been created in a swarm (Scored)"
+  local desc="Ensure that the minimum number of manager nodes have been created in a swarm (Scored)"
-  check_7_2="$id_7_2  - $desc_7_2"
+  local check="$id  - $desc"
-  starttestjson "$id_7_2" "$desc_7_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:*\sactive\s*" >/dev/null 2>&1; then
    managernodes=$(docker node ls | grep -c "Leader")
    if [ "$managernodes" -eq 1 ]; then
-      pass "$check_7_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_7_2"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    pass "$check_7_2 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -56,25 +56,25 @@ check_7_2() {
 # 7.3
 check_7_3() {
-  id_7_3="7.3"
+  local id="7.3"
-  desc_7_3="Ensure that swarm services are bound to a specific host interface (Scored)"
+  local desc="Ensure that swarm services are bound to a specific host interface (Scored)"
-  check_7_3="$id_7_3  - $desc_7_3"
+  local check="$id  - $desc"
-  starttestjson "$id_7_3" "$desc_7_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:*\sactive\s*" >/dev/null 2>&1; then
    $netbin -lnt | grep -e '\[::]:2377 ' -e ':::2377' -e '*:2377 ' -e ' 0\.0\.0\.0:2377 ' >/dev/null 2>&1
    if [ $? -eq 1 ]; then
-      pass "$check_7_3"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_7_3"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    pass "$check_7_3 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -82,10 +82,10 @@ check_7_3() {
 # 7.4
 check_7_4() {
-  id_7_4="7.4"
+  local id="7.4"
-  desc_7_4="Ensure that all Docker swarm overlay networks are encrypted (Scored)"
+  local desc="Ensure that all Docker swarm overlay networks are encrypted (Scored)"
-  check_7_4="$id_7_4  - $desc_7_4"
+  local check="$id  - $desc"
-  starttestjson "$id_7_4" "$desc_7_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  fail=0
@ -95,7 +95,7 @@ check_7_4() {
      grep -v 'encrypted:' 2>/dev/null 1>&2; then
      # If it's the first container, fail the test
      if [ $fail -eq 0 ]; then
-        warn "$check_7_4"
+        warn "$check"
        fail=1
      fi
      warn "     * Unencrypted overlay network: $(docker network inspect --format '{{ .Name }} ({{ .Scope }})' "$encnet")"
@ -104,7 +104,7 @@ check_7_4() {
  done
  # We went through all the networks and found none that are unencrypted
  if [ $fail -eq 0 ]; then
-      pass "$check_7_4"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
  else
@ -115,24 +115,24 @@ check_7_4() {
 # 7.5
 check_7_5() {
-  id_7_5="7.5"
+  local id="7.5"
-  desc_7_5="Ensure that Docker's secret management commands are used for managing secrets in a swarm cluster (Not Scored)"
+  local desc="Ensure that Docker's secret management commands are used for managing secrets in a swarm cluster (Not Scored)"
-  check_7_5="$id_7_5  - $desc_7_5"
+  local check="$id  - $desc"
-  starttestjson "$id_7_5" "$desc_7_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:\s*active\s*" >/dev/null 2>&1; then
    if [ "$(docker secret ls -q | wc -l)" -ge 1 ]; then
-      pass "$check_7_5"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      info "$check_7_5"
+      info "$check"
      resulttestjson "INFO"
      currentScore=$((currentScore + 0))
    fi
  else
-    pass "$check_7_5 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -140,24 +140,24 @@ check_7_5() {
 # 7.6
 check_7_6() {
-  id_7_6="7.6"
+  local id="7.6"
-  desc_7_6="Ensure that swarm manager is run in auto-lock mode (Scored)"
+  local desc="Ensure that swarm manager is run in auto-lock mode (Scored)"
-  check_7_6="$id_7_6  - $desc_7_6"
+  local check="$id  - $desc"
-  starttestjson "$id_7_6" "$desc_7_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:\s*active\s*" >/dev/null 2>&1; then
    if ! docker swarm unlock-key 2>/dev/null | grep 'SWMKEY' 2>/dev/null 1>&2; then
-      warn "$check_7_6"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    else
-      pass "$check_7_6"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    fi
  else
-    pass "$check_7_6 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -165,18 +165,18 @@ check_7_6() {
 # 7.7
 check_7_7() {
-  id_7_7="7.7"
+  local id="7.7"
-  desc_7_7="Ensure that the swarm manager auto-lock key is rotated periodically (Not Scored)"
+  local desc="Ensure that the swarm manager auto-lock key is rotated periodically (Not Scored)"
-  check_7_7="$id_7_7  - $desc_7_7"
+  local check="$id  - $desc"
-  starttestjson "$id_7_7" "$desc_7_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:\s*active\s*" >/dev/null 2>&1; then
-    note "$check_7_7"
+    note "$check"
    resulttestjson "NOTE"
    currentScore=$((currentScore + 0))
  else
-    pass "$check_7_7 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -184,24 +184,24 @@ check_7_7() {
 # 7.8
 check_7_8() {
-  id_7_8="7.8"
+  local id="7.8"
-  desc_7_8="Ensure that node certificates are rotated as appropriate (Not Scored)"
+  local desc="Ensure that node certificates are rotated as appropriate (Not Scored)"
-  check_7_8="$id_7_8  - $desc_7_8"
+  local check="$id  - $desc"
-  starttestjson "$id_7_8" "$desc_7_8"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:\s*active\s*" >/dev/null 2>&1; then
    if docker info 2>/dev/null | grep "Expiry Duration: 2 days"; then
-      pass "$check_7_8"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      info "$check_7_8"
+      info "$check"
      resulttestjson "INFO"
      currentScore=$((currentScore + 0))
    fi
  else
-    pass "$check_7_8 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -209,18 +209,18 @@ check_7_8() {
 # 7.9
 check_7_9() {
-  id_7_9="7.9"
+  local id="7.9"
-  desc_7_9="Ensure that CA certificates are rotated as appropriate (Not Scored)"
+  local desc="Ensure that CA certificates are rotated as appropriate (Not Scored)"
-  check_7_9="$id_7_9  - $desc_7_9"
+  local check="$id  - $desc"
-  starttestjson "$id_7_9" "$desc_7_9"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:\s*active\s*" >/dev/null 2>&1; then
-    info "$check_7_9"
+    info "$check"
    resulttestjson "INFO"
    currentScore=$((currentScore + 0))
  else
-    pass "$check_7_9 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
@ -228,18 +228,18 @@ check_7_9() {
 # 7.10
 check_7_10() {
-  id_7_10="7.10"
+  local id="7.10"
-  desc_7_10="Ensure that management plane traffic is separated from data plane traffic (Not Scored)"
+  local desc="Ensure that management plane traffic is separated from data plane traffic (Not Scored)"
-  check_7_10="$id_7_10  - $desc_7_10"
+  local check="$id  - $desc"
-  starttestjson "$id_7_10" "$desc_7_10"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
  if docker info 2>/dev/null | grep -e "Swarm:\s*active\s*" >/dev/null 2>&1; then
-    info "$check_7_10"
+    info "$check"
    resulttestjson "INFO"
    currentScore=$((currentScore + 0))
  else
-    pass "$check_7_10 (Swarm mode not enabled)"
+    pass "$check (Swarm mode not enabled)"
    resulttestjson "PASS"
    currentScore=$((currentScore + 1))
  fi
--- a/tests/8_docker_enterprise_configuration.sh
+++ b/tests/8_docker_enterprise_configuration.sh
@ -2,11 +2,11 @@
 check_8() {
  logit "\n"
-  id_8="8"
+  local id="8"
-  desc_8="Docker Enterprise Configuration"
+  local desc="Docker Enterprise Configuration"
-  check_8="$id_8 - $desc_8"
+  local check="$id - $desc"
-  info "$check_8"
+  info "$check"
-  startsectionjson "$id_8" "$desc_8"
+  startsectionjson "$id" "$desc"
 }
 check_product_license() {
@ -23,10 +23,10 @@ check_8_1() {
    return
  fi
-  id_8_1="8.1"
+  local id="8.1"
-  desc_8_1="Universal Control Plane Configuration"
+  local desc="Universal Control Plane Configuration"
-  check_8_1="$id_8_1 - $desc_8_1"
+  local check="$id - $desc"
-  info "$check_8_1"
+  info "$check"
 }
 # 8.1.1
@ -35,13 +35,13 @@ check_8_1_1() {
    return
  fi
-  id_8_1_1="8.1.1"
+  local id="8.1.1"
-  desc_8_1_1="Configure the LDAP authentication service (Scored)"
+  local desc="Configure the LDAP authentication service (Scored)"
-  check_8_1_1="$id_8_1_1  - $desc_8_1_1"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_1" "$desc_8_1_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_1"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -52,13 +52,13 @@ check_8_1_2() {
    return
  fi
-  id_8_1_2="8.1.2"
+  local id="8.1.2"
-  desc_8_1_2="Use external certificates (Scored)"
+  local desc="Use external certificates (Scored)"
-  check_8_1_2="$id_8_1_2  - $desc_8_1_2"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_2" "$desc_8_1_2"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_2"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -69,13 +69,13 @@ check_8_1_3() {
    return
  fi
-  id_8_1_3="8.1.3"
+  local id="8.1.3"
-  desc_8_1_3="Enforce the use of client certificate bundles for unprivileged users (Not Scored)"
+  local desc="Enforce the use of client certificate bundles for unprivileged users (Not Scored)"
-  check_8_1_3="$id_8_1_3  - $desc_8_1_3"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_3" "$desc_8_1_3"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_3"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -86,13 +86,13 @@ check_8_1_4() {
    return
  fi
-  id_8_1_4="8.1.4"
+  local id="8.1.4"
-  desc_8_1_4="Configure applicable cluster role-based access control policies (Not Scored)"
+  local desc="Configure applicable cluster role-based access control policies (Not Scored)"
-  check_8_1_4="$id_8_1_4  - $desc_8_1_4"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_4" "$desc_8_1_4"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_4"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -103,13 +103,13 @@ check_8_1_5() {
    return
  fi
-  id_8_1_5="8.1.5"
+  local id="8.1.5"
-  desc_8_1_5="Enable signed image enforcement (Scored)"
+  local desc="Enable signed image enforcement (Scored)"
-  check_8_1_5="$id_8_1_5  - $desc_8_1_5"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_5" "$desc_8_1_5"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_5"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -120,13 +120,13 @@ check_8_1_6() {
    return
  fi
-  id_8_1_6="8.1.6"
+  local id="8.1.6"
-  desc_8_1_6="Set the Per-User Session Limit to a value of '3' or lower (Scored)"
+  local desc="Set the Per-User Session Limit to a value of '3' or lower (Scored)"
-  check_8_1_6="$id_8_1_6  - $desc_8_1_6"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_6" "$desc_8_1_6"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_6"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -137,13 +137,13 @@ check_8_1_7() {
    return
  fi
-  id_8_1_7="8.1.7"
+  local id="8.1.7"
-  desc_8_1_7="Set the 'Lifetime Minutes' and 'Renewal Threshold Minutes' values to '15' or lower and '0' respectively (Scored)"
+  local desc="Set the 'Lifetime Minutes' and 'Renewal Threshold Minutes' values to '15' or lower and '0' respectively (Scored)"
-  check_8_1_7="$id_8_1_7  - $desc_8_1_7"
+  local check="$id  - $desc"
-  starttestjson "$id_8_1_7" "$desc_8_1_7"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_1_7"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
@ -154,10 +154,10 @@ check_8_2() {
  fi
  logit "\n"
-  id_8_2="8.2"
+  local id="8.2"
-  desc_8_2="Docker Trusted Registry Configuration"
+  local desc="Docker Trusted Registry Configuration"
-  check_8_2="$id_8_2 - $desc_8_2"
+  local check="$id - $desc"
-  info "$check_8_2"
+  info "$check"
 }
 check_8_2_1() {
@ -165,13 +165,13 @@ check_8_2_1() {
    return
  fi
-  id_8_2_1="8.2.1"
+  local id="8.2.1"
-  desc_8_2_1="Enable image vulnerability scanning (Scored)"
+  local desc="Enable image vulnerability scanning (Scored)"
-  check_8_2_1="$id_8_2_1  - $desc_8_2_1"
+  local check="$id  - $desc"
-  starttestjson "$id_8_2_1" "$desc_8_2_1"
+  starttestjson "$id" "$desc"
  totalChecks=$((totalChecks + 1))
-  note "$check_8_2_1"
+  note "$check"
  resulttestjson "INFO"
  currentScore=$((currentScore + 0))
 }
--- a/tests/99_community_checks.sh
+++ b/tests/99_community_checks.sh
@ -1,22 +1,22 @@
 #!/bin/sh
 check_c() {
  logit "\n"
-  id_99="99"
+  local id="99"
-  desc_99="Community contributed checks"
+  local desc="Community contributed checks"
-  check_99="$id_99 - $desc_99"
+  local check="$id - $desc"
-  info "$check_99"
+  info "$check"
-  startsectionjson "$id_99" "$desc_99"
+  startsectionjson "$id" "$desc"
 }
 # check_c_1
 check_c_1() {
-  check_c_1="C.1  - This is a example check"
+  local check="C.1  - This is a example check"
  totalChecks=$((totalChecks + 1))
  if docker info --format='{{ .Architecture }}' | grep 'x86_64' 2>/dev/null 1>&2; then
-    pass "$check_c_1"
+    pass "$check"
    resulttestjson "PASS"
  else
-    warn "$check_c_1"
+    warn "$check"
    resulttestjson "WARN"
  fi
 }
@ -27,29 +27,29 @@ check_c_2() {
    | awk '{print $NF; exit}' | tr -d '[:alpha:]-,.' | cut -c 1-4)
  totalChecks=$((totalChecks + 1))
-  id_c_2="C.2"
+  local id="C.2"
-  desc_c_2="Ensure operations on legacy registry (v1) are Disabled"
+  local desc="Ensure operations on legacy registry (v1) are Disabled"
-  check_c_2="$id_c_2  - $desc_c_2"
+  local check="$id  - $desc"
-  starttestjson "$id_c_2" "$desc_c_2"
+  starttestjson "$id" "$desc"
  if [ "$docker_version" -lt 1712 ]; then
    if get_docker_configuration_file_args 'disable-legacy-registry' | grep 'true' >/dev/null 2>&1; then
-      pass "$check_c_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    elif get_docker_effective_command_line_args '--disable-legacy-registry' | grep "disable-legacy-registry" >/dev/null 2>&1; then
-      pass "$check_c_2"
+      pass "$check"
      resulttestjson "PASS"
      currentScore=$((currentScore + 1))
    else
-      warn "$check_c_2"
+      warn "$check"
      resulttestjson "WARN"
      currentScore=$((currentScore - 1))
    fi
  else
-    desc_c_2="$desc_c_2 (Deprecated)"
+    local desc="$desc (Deprecated)"
-    check_c_2="$id_c_2  - $desc_c_2"
+    local check="$id  - $desc"
-    info "$check_c_2"
+    info "$check"
    resulttestjson "INFO"
  fi
 }