GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-18 16:22:33 +01:00
Code Issues Projects Releases Packages Wiki Activity
588 commits 3 branches 11 tags 4.9 MiB
Commit graph

588 commits

This branch
This branch
All branches
Author SHA1 Message Date
LorensK
e1fcdb8c3d Minor clarification 
i spent too many seconds pondering whether non-systemd OSs are supported. Using "might" instead of "may" removes the ambiguity.

Signed-off-by: Lorens Kockum <LorensK@users.noreply.github.com>
 2017-03-13 12:41:09 +01:00
Thomas Sjögren
8d1174d569 Merge pull request #228 from konstruktoid/versioning 
new version
 2017-03-02 13:29:42 +01:00
Thomas Sjögren
bbdfa0015e new versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-02 13:29:01 +01:00
Thomas Sjögren
260a3a76f1 Merge pull request #225 from andreasstieger/netstat 
2.17: correct netstat usage and filtering
 2017-02-24 13:26:48 +01:00
Andreas Stieger
c30a43c1fd 2.17: account for :::2377 netstat output 
Fixes #224 - no. 4

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:24:02 +01:00
Andreas Stieger
421c6dd866 2.17: may incorrectly match 5 digit port numbers 
Fixes #224 - no. 3

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:57 +01:00
Andreas Stieger
7c66b6373a 2.17: grep -e recognizes IPv4 separator any character - escape 
Fixes #224 - no. 2

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:48 +01:00
Andreas Stieger
c15dc6c568 2.17: netstat non-numeric output may not interpreted correctly 
The port may be aliased in /etc/services
Fixes #224 - no. 1

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:33 +01:00
Thomas Sjögren
3d87e6d743 Merge pull request #218 from konstruktoid/issue_157 
Check configuration file settings
 2017-02-24 11:28:50 +01:00
Thomas Sjögren
c92e8a142e Merge pull request #222 from konstruktoid/issue_221 
Issue 221
 2017-02-23 17:08:21 +01:00
Thomas Sjögren
011ec950e9 use docker info, as all other tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 17:07:33 +01:00
Thomas Sjögren
7787fc0ec9 correct check_2_21, closes #221 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 17:01:47 +01:00
Thomas Sjögren
8aea40f72a Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157 
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
 2017-02-23 16:47:03 +01:00
Thomas Sjögren
e6522494a9 Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157 
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
  null if no config file
  fallback to default daemon.json
  get file locations from config file
  check config file settings
  add get_docker_configuration_file_args

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:46:26 +01:00
Thomas Sjögren
c1d4a1bd01 Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157 
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
  null if no config file
  fallback to default daemon.json
  get file locations from config file
  check config file settings
  add get_docker_configuration_file_args
 2017-02-23 16:42:25 +01:00
Thomas Sjögren
65ff6d1015 null if no config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
072ff1cce3 fallback to default daemon.json 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
91eb958dd3 get file locations from config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
7575020fd5 check config file settings 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:53 +01:00
Thomas Sjögren
7410cdf9f6 add get_docker_configuration_file_args 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:53 +01:00
Thomas Sjögren
7c20138161 Merge pull request #220 from willfarrell/master 
Add HEALTHCHECK -> removes warning from 4.6
 2017-02-23 12:24:45 +01:00
will Farrell
cee1e59860 force Healthcheck to healthy 
This will prevent:
```bash
# Docker Bench for Security v1.3.0
[WARN] 4.6  - Add HEALTHCHECK instruction to the container image
[WARN]      * No Healthcheck found: [docker-bench-security:latest]
```

Signed-off-by: will Farrell <will.farrell@gmail.com>
 2017-02-22 16:19:19 -07:00
Thomas Sjögren
1caa7f4344 Merge pull request #219 from konstruktoid/swarm_tests 
update swarm tests
 2017-02-22 10:13:15 +01:00
Thomas Sjögren
584847e5b4 update swarm tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-22 10:11:44 +01:00
Thomas Sjögren
ff314754a3 null if no config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-22 09:37:42 +01:00
Thomas Sjögren
1f499387c6 fallback to default daemon.json 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-21 11:49:06 +01:00
Thomas Sjögren
03f5088d08 get file locations from config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-20 11:22:01 +01:00
Thomas Sjögren
cda18f31a5 check config file settings 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-20 11:21:18 +01:00
Thomas Sjögren
bfcc4ec4b8 add get_docker_configuration_file_args 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-20 11:20:41 +01:00
Thomas Sjögren
48563f837a Merge pull request #217 from konstruktoid/code_clean 
remove code, if CMD instead of exit code
 2017-02-17 15:10:37 +01:00
Thomas Sjögren
7d992029e6 remove code, if CMD instead of exit code 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-17 15:03:29 +01:00
Thomas Sjögren
2de8e71d01 Merge pull request #216 from konstruktoid/issue_212 
replace contains with grep
 2017-02-15 15:12:25 +01:00
Thomas Sjögren
bd236b1ac0 add host / as sensitive 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-13 11:36:16 +01:00
Thomas Sjögren
e78f1b8045 replace contains with grep 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-10 15:35:06 +01:00
Thomas Sjögren
7eeb6890ff Merge pull request #215 from konstruktoid/alpine_apk 
apk upgrade
 2017-01-31 14:31:55 +01:00
Thomas Sjögren
c1c12e9659 distros/Dockerfile 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-31 14:31:28 +01:00
Thomas Sjögren
4d3686cb05 apk upgrade 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-31 14:29:57 +01:00
Thomas Sjögren
5e4d4304b5 Merge pull request #214 from konstruktoid/code_fixes 
Code fixes
 2017-01-27 11:01:48 +01:00
Thomas Sjögren
4e126efdbb 5.25 check correction 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-27 11:00:36 +01:00
Thomas Sjögren
6c35842734 5.19 check correction 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-27 11:00:25 +01:00
Thomas Sjögren
7fc5dc33a7 sh if lint 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-27 10:59:57 +01:00
Thomas Sjögren
c36649362b Merge pull request #211 from konstruktoid/documentation 
md lint and use labels
 2017-01-26 14:57:06 +01:00
Thomas Sjögren
cc98e55b9d md lint and use labels 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-26 14:53:47 +01:00
Thomas Sjögren
8fdb514dba Merge pull request #187 from ellerbrock/best-practices 
build(docker): add docker best practices
 2017-01-26 14:29:50 +01:00
binary
4535d08967 refactor(docker): update Dockerfile.alpine to latest version 
Signed-off-by: binary <binary@webdev.fritz.box>
 2017-01-26 12:10:19 +01:00
Thomas Sjögren
30e9089c50 Merge pull request #210 from konstruktoid/image 
less ugly image
 2017-01-26 10:18:24 +01:00
Thomas Sjögren
c1f07f5539 less ugly image 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-26 10:15:38 +01:00
Thomas Sjögren
fbe97f8858 Merge pull request #209 from konstruktoid/issue_207 
default capabilities are OK to add, closes #207
 2017-01-25 12:11:20 +01:00
Thomas Sjögren
68ed3dd845 default capabilities are OK to add, closes #207 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-25 12:07:14 +01:00
Maik Ellerbrock
85a32bf8c1
perf(docker): cleanup unused docker binaries 
Signed-off-by: Maik Ellerbrock <opensource@frapsoft.com>
 2017-01-25 10:55:17 +01:00