CIS K8s boolean cli arguments rules perform case sensitive check #2007
Labels
8.15 candidate
bug
Something isn't working
good first issue
Good for newcomers
Team:Cloud Security
Cloud Security team related
Describe the bug
CIS K8s rules:
1.2.18
: Verify that the--profiling
argument is set tofalse
forkube-apiserver
.1.3.2
: Verify that the--profiling
argument is set tofalse
forkube-controller-manager
.1.4.1
: Verify that the--profiling
argument is set tofalse
forkube-scheduler
.2.2
: Verify that the--client-cert-auth
argument is set totrue
foretcd
.Evaluate to fail when the boolean values are
True
/False
.Preconditions
A k8s cluster with updated the mentioned arguments in control plane to have
True
/False
value.Config files:
/etc/kubernetes/manifests/kube-apiserver.yaml
/etc/kubernetes/manifests/kube-controller-manager.yaml
/etc/kubernetes/manifests/kube-scheduler.yaml
/etc/kubernetes/manifests/etcd.yaml
To Reproduce
Write the exact actions one should perform in order to reproduce the bug.
Steps to reproduce the behavior:
Expected behavior
Those rules should pass with boolean values in this format
True
/False
.Technically the cli boolean flag parsing happens with
strconv.ParseBool
in all cases.strconv.ParseBool
accepts these values:"1"
,"t"
,"T"
,"true"
,"TRUE"
,"True"
astrue
"0"
,"f"
,"F"
,"false"
,"FALSE"
,"False"
asfalse
The text was updated successfully, but these errors were encountered: