Add YAML to Markdown conversion script and generated Markdown files #497
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
eaudetcobello
changed the title
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
from
555fbe7
to
bffb2d2
Compare
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
from
dfe8617
to
058e22f
Compare
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
2 times, most recently
from
353ccfc
to
a259434
Compare
and drive-by simplifications
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
from
a259434
to
010e5b4
Compare
DATA_DIR is hard-coded in master.cis-yaml it is not a variable this script has to override
DATA_DIR is a hardcoded variable that should not be modified by the script
evilnick
requested changes
Jun 17, 2024
There was a problem hiding this comment.
Nice so far! Questions and comments:
- The output files should not go directly to docs, that isn't how we do it. Create a 'cis' directory in '_parts' and put them in there
- As far as I understand, this is a list of the various tests and remediations which apply which we do need, but we also need/want a list of the ones which Fail without user steps. Are we going to autogenerate that too?
- i made a few suggestions on the script. I would rather try and generate something that is expected to pass linting because then if linting fails we know something has gone wrong
- i will also a few notes on some of the generated output on things we can improve.
evilnick
reviewed
Jun 17, 2024
evilnick
reviewed
Jun 17, 2024
evilnick
reviewed
Jun 17, 2024
we support configuring etcd through /etc/default/etcd, therefore the only configuration relevant to us is through environment variables on the /usr/bin/etcd process. This commit goes hand in hand with : canonical/kube-bench@a4f580b
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
from
b949a0a
to
6479818
Compare
|
Aren't the outputs still in the wrong order? I thought it should go:
Other than that, as none of this is actually visible I suggest we merge so:
|
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
from
31dd6e3
to
f743969
Compare
evilnick
approved these changes
Jun 27, 2024
eaudetcobello
force-pushed
the
cis-hardening-docs-2
branch
from
ebbaf1b
to
11353c2
Compare
eaudetcobello
changed the title
eaudetcobello
changed the title
louiseschmidtgen
pushed a commit
that referenced
this pull request
Jul 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This contains every control in CIS adapted to Canonical K8s in markdown form. There is also the python script and jinja template.
Note this doesn't have the metadata for webpages yet.