Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add YAML to Markdown conversion script and generated Markdown files #497

Merged
merged 46 commits into from
Jun 27, 2024
Merged

Add YAML to Markdown conversion script and generated Markdown files #497

merged 46 commits into from
Jun 27, 2024

Commits on Jun 14, 2024

  1. initial version of cis hardening reference

    @eaudetcobello
    eaudetcobello authored and k8s-bot committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    691af86 View commit details
    Browse the repository at this point in the history

  2. replace variable

    @eaudetcobello
    eaudetcobello authored and k8s-bot committed Jun 14, 2024
    Configuration menu
    Copy the full SHA
    bffb2d2 View commit details
    Browse the repository at this point in the history

Commits on Jun 15, 2024

  1. add expected output to each control

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    ae1a04a View commit details
    Browse the repository at this point in the history

  2. add newline before audit

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    4f52fc7 View commit details
    Browse the repository at this point in the history

  3. remove newline from top of file

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    1910950 View commit details
    Browse the repository at this point in the history

  4. add cis yaml to markdown script

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    058e22f View commit details
    Browse the repository at this point in the history

  5. change usage and run isort

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    9c6386b View commit details
    Browse the repository at this point in the history

  6. move file logic out of generate_markdown 

    and drive-by simplifications
    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    010e5b4 View commit details
    Browse the repository at this point in the history

  7. remove $DATA_DIR subst 

    DATA_DIR is hard-coded in master.cis-yaml
it is not a variable this script has to override
    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    e778872 View commit details
    Browse the repository at this point in the history

  8. revert changing $data_dir in the files 

    DATA_DIR is a hardcoded variable that should not be modified by the script
    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    dd39725 View commit details
    Browse the repository at this point in the history

  9. add markdownlint-disable to template

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    4b5140c View commit details
    Browse the repository at this point in the history

  10. each control is anchored for easy reference

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    c01dc9f View commit details
    Browse the repository at this point in the history

  11. remove bold from id because it is part of a title now

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    7c6bd6f View commit details
    Browse the repository at this point in the history

  12. Update cis-yaml-to-md.py

    @eaudetcobello
    eaudetcobello committed Jun 15, 2024
    Configuration menu
    Copy the full SHA
    ecf9ddf View commit details
    Browse the repository at this point in the history

Commits on Jun 17, 2024

  1. update type hint

    @eaudetcobello
    eaudetcobello committed Jun 17, 2024
    Configuration menu
    Copy the full SHA
    602ab7e View commit details
    Browse the repository at this point in the history

Commits on Jun 20, 2024

  1. use proper current directory

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    9d2aa63 View commit details
    Browse the repository at this point in the history

  2. add spacing to template file

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    99c2c6a View commit details
    Browse the repository at this point in the history

  3. wordwrap description and add spacing

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    c5a59a1 View commit details
    Browse the repository at this point in the history

  4. Merge branch 'main' into cis-hardening-docs-2

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    78fdc62 View commit details
    Browse the repository at this point in the history

  5. use global var

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    e00833a View commit details
    Browse the repository at this point in the history

  6. add expected outputs from node.md

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    ed244db View commit details
    Browse the repository at this point in the history

  7. controlplane.md and etcd.md in expected-outputs

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    c490de6 View commit details
    Browse the repository at this point in the history

  8. add master.md to expected-outputs

    @eaudetcobello
    eaudetcobello committed Jun 20, 2024
    Configuration menu
    Copy the full SHA
    30b9450 View commit details
    Browse the repository at this point in the history

Commits on Jun 21, 2024

  1. change expected-outputs file format 

    the previous format was not well suited to be parsed to a dictionary in python where we were only interested in one key and one value.

the new format directly maps to a dict[str, str] with one call to yaml.safe_load
    @eaudetcobello
    eaudetcobello committed Jun 21, 2024
    Configuration menu
    Copy the full SHA
    e192998 View commit details
    Browse the repository at this point in the history

  2. refactor cis-yaml-to-md.py and cis-template.jinja2 

    refactor the file to use clearer function, variable names

extract logic from generate_markdown that is better suited to be in a new function

add a setup_directories function

extract the logic to find the kube bench control files into a function

extract argument parsing to a function

reflect these changes in the jinja template
    @eaudetcobello
    eaudetcobello committed Jun 21, 2024
    Configuration menu
    Copy the full SHA
    f827577 View commit details
    Browse the repository at this point in the history

  3. add default to custom output

    @eaudetcobello
    eaudetcobello committed Jun 21, 2024
    Configuration menu
    Copy the full SHA
    dd683a3 View commit details
    Browse the repository at this point in the history

  4. generate docs

    @eaudetcobello
    eaudetcobello committed Jun 21, 2024
    Configuration menu
    Copy the full SHA
    6d8bd3b View commit details
    Browse the repository at this point in the history

  5. change empty output to TODO for now

    @eaudetcobello
    eaudetcobello committed Jun 21, 2024
    Configuration menu
    Copy the full SHA
    62e9b2b View commit details
    Browse the repository at this point in the history

Commits on Jun 25, 2024

  1. move cis output to _parts

    @eaudetcobello
    eaudetcobello committed Jun 25, 2024
    Configuration menu
    Copy the full SHA
    267dffd View commit details
    Browse the repository at this point in the history

Commits on Jun 26, 2024

  1. modify expected outputs of etcd controls 

    we support configuring etcd through /etc/default/etcd, therefore
the only configuration relevant to us is through environment variables on the /usr/bin/etcd process.

This commit goes hand in hand with : canonical/kube-bench@a4f580b
    @eaudetcobello
    eaudetcobello committed Jun 26, 2024
    Configuration menu
    Copy the full SHA
    ad16e1f View commit details
    Browse the repository at this point in the history

Commits on Jun 27, 2024

  1. more accurate expected outputs

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    6479818 View commit details
    Browse the repository at this point in the history

  2. reorder fields, change code blocks to normal text

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    7c4dfaf View commit details
    Browse the repository at this point in the history

  3. output to _parts/cis

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    5c83175 View commit details
    Browse the repository at this point in the history

  4. delete files from howto/cis-hardening

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    08e7af9 View commit details
    Browse the repository at this point in the history

  5. don't say "not applicable" and re-generate

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    f743969 View commit details
    Browse the repository at this point in the history

  6. fix double newlines

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    756a014 View commit details
    Browse the repository at this point in the history

  7. improve description

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    081cd0d View commit details
    Browse the repository at this point in the history

  8. s/pod specification/configuration

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    16cf932 View commit details
    Browse the repository at this point in the history

  9. re-generate after modifying kube-bench etcd.yaml

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    eaa3dc1 View commit details
    Browse the repository at this point in the history

  10. re-generate with kube-bench changes 

    see: canonical/kube-bench@0254dd9
    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    1585060 View commit details
    Browse the repository at this point in the history

  11. improve formatting in node.md

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    aa13351 View commit details
    Browse the repository at this point in the history

  12. re-generate following major wording rework

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    8354b8e View commit details
    Browse the repository at this point in the history

  13. re-generate after improving etcd.md format

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    eec027f View commit details
    Browse the repository at this point in the history

  14. re-generate after small changes in master and node yamls

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    1ffd8cb View commit details
    Browse the repository at this point in the history

  15. add readme and requirements file

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    11353c2 View commit details
    Browse the repository at this point in the history

  16. improve readme

    @eaudetcobello
    eaudetcobello committed Jun 27, 2024
    Configuration menu
    Copy the full SHA
    b37d55d View commit details
    Browse the repository at this point in the history