GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 08:42:33 +01:00
Code Issues Projects Releases Packages Wiki Activity
539 commits 3 branches 11 tags 4.9 MiB
Commit graph

61 commits

Author SHA1 Message Date
Mark Stemm
ec7d8ce690 Improve docker-bench-security json output 
Add a test object for each test performed by the script. Each object has
an id N.M, a desc property describing the test, and the result. Some
tests include additional information about the test e.g. "No TLS
Certificate Found". That can be found in an optional details property of
the test object.

Also, some tests might also return a list of containers, images, users,
etc. This is included in an optional items property of the test object.

Instead of having all test results as top-level objects, break the test
results into sections. Each section has an id + description e.g. "1" and
"Host Configuration". The tests for that section are an array below that
object.

All of the additional json output is implemented by adding new functions
startsectionjson(), endsectionjson(), starttestjson(), and
resulttestjson() that take the id/desc/etc as arguments and print the
proper json properties. It also required adding an "end" test to each
script that calls endsectionjson().

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2018-10-11 13:39:55 -07:00
Joe Williams
cfb3357a12 fix docker user json output 
This prints out the docker users in a similar fashion to the other tests, including `INFO` rather than just the system command output.

Signed-off-by: Joe Williams <joe.williams@github.com>
 2018-07-26 15:07:59 -04:00
Thomas Sjögren
78700f2600 consistent currentScore 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-07-01 20:04:20 +02:00
Thomas Sjögren
8142de8334 convert all checks to functions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-16 13:46:49 +01:00
Thomas Sjögren
ce5ab6b063 update version check 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-01-12 11:42:52 +01:00
Thomas Sjögren
3d532a29ac add score and totalChecks to 1_ 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-23 15:39:18 +02:00
Thomas Sjögren
a3612c574e check 1.x json log 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-10 14:33:32 +02:00
Thomas Sjögren
809da21c4a skeleton json 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-10-10 13:54:59 +02:00
Thomas Sjögren
d062b1edce Merge pull request #256 from konstruktoid/date_255 
busybox date conversion
 2017-10-06 09:57:41 +02:00
Julien Garcia Gonzalez
683a728364 update 1.1 
Signed-off-by: Julien Garcia Gonzalez <julien@giantswarm.io>
 2017-09-21 08:53:07 +02:00
Thomas Sjögren
f8354c1017 busybox date conversion 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-09-20 11:10:36 +02:00
Thomas Sjögren
73afde56d0 date conversion 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:38:21 +02:00
Thomas Sjögren
6f0303ef56 versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:31:22 +02:00
Thomas Sjögren
00c2d6e796 docker date versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 12:24:03 +02:00
Thomas Sjögren
2dd6f2ebec update test names 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-07-07 10:21:38 +02:00
Thomas Sjögren
e5afda701f auto update due to new versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-05-08 14:58:16 +02:00
Thomas Sjögren
986aaa67fb supress grep is auditd rules is missing 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-04-21 14:24:02 +02:00
Thomas Sjögren
a97bdfbe0d add note tag on informal checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-23 11:29:58 +01:00
Thomas Sjögren
bbdfa0015e new versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-02 13:29:01 +01:00
Thomas Sjögren
ea39505778 use grep if auditctl isnt present, closes #150 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-25 10:22:08 +01:00
Thomas Sjögren
ab6c2cd02f Update section 1 to 1.13 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-24 09:45:24 +01:00
Thomas Sjögren
77617321df update info messages, not scored 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 17:06:10 +01:00
Thomas Sjögren
6a2176b34e #182 messages and syntax 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-23 12:40:32 +01:00
Thomas Sjögren
91e684da65 1.13.0 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-20 11:53:18 +01:00
Thomas Sjögren
67c7562937 1.12.6 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-01-11 11:44:37 +01:00
Thomas Sjögren
27bb58c5cb current version in 1.12.5 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-12-16 09:17:41 +01:00
Thomas Sjögren
2f6ddfd500 docker version 1.12.4 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-12-13 08:34:01 +01:00
Thomas Sjögren
7d4ee87105 bump version to 1.12.3 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-10-27 11:40:55 +02:00
Thomas Sjögren
e45d4e3bb8 1.12.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-10-13 22:15:35 +02:00
Thomas Sjögren
adfee878b8 1.12.1 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-08-19 23:11:03 +02:00
Thomas Sjögren
fdac630c36 bump docker version to 1.12 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-07-29 18:40:40 +02:00
Thomas Sjögren
9ba6afe0f2 1.11.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-06-02 21:51:11 +02:00
Thomas Sjögren
80e571f759 new version 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-28 21:51:24 +02:00
Thomas Sjögren
1454b300a0 add 1.4 again 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 21:27:24 +02:00
Thomas Sjögren
6be21785c4 update chap 1 to cis 1.11 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 21:15:33 +02:00
Thomas Sjögren
03ec1b96b7 docker_current_version 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-04-14 20:18:49 +02:00
Thomas Sjögren
d3ff26c5fa version 1.10.3 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-03-11 22:01:32 +01:00
Thomas Sjögren
94d8a611d8 1.10.2 release 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-23 21:24:27 +01:00
Thomas Sjögren
68082d0727 current version 1.10.1 and correct date 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-15 20:58:19 +01:00
Thomas Sjögren
7c6a637b62 update to v1.10.0 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2016-02-05 20:56:25 +01:00
Thomas Sjögren
a53e1bec44 Merge pull request #105 from andreasstieger/version-check 
Improve version check, fixes #103
 2015-12-07 20:00:03 +01:00
Andreas Stieger
e285c472d6 Support remote users and groups for group check. Fixes #104 
Grepping /etc/group discards users and grous coming from NIS, LDAP, AD.
Use getent group which covers all.

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-12-01 16:17:48 +01:00
Andreas Stieger
3f538f537f Vendors now support docker packages, add language for #103 
Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-12-01 16:09:15 +01:00
Andreas Stieger
2c6285d4ef Improve statement of version check 1.6, fixes #103 
Add an as-of date.

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2015-12-01 15:43:13 +01:00
Thomas Sjögren
80794e5638 get .service file location from systemd 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-11-27 19:26:03 +01:00
Thomas Sjögren
2e6d3b290a latest version is 1.9.1 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-11-21 20:51:05 +01:00
Thomas Sjögren
9b9f17cabc 1.9.0 released 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-11-04 18:23:25 +01:00
Thomas Sjögren
50dc806232 current version is 1.8.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-10-01 21:46:33 +02:00
Thomas Sjögren
64bc5323e6 current version is 1.8.0 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-08-13 21:35:55 +02:00
Thomas Sjögren
45671a70f3 catch server versions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-07-11 20:36:04 +02:00