-
Notifications
You must be signed in to change notification settings - Fork 697
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Assertion files for pci-dss-4-0 and pci-dss-node-4-0 on ocp > 4.12
- Loading branch information
Showing
12 changed files
with
6,222 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,352 @@ | ||
| rule_results: | ||
| e2e-pci-dss-4-0-accounts-restrict-service-account-tokens: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-accounts-unique-service-account: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-acs-sensor-exists: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-alert-receiver-configured: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-api-server-admission-control-plugin-alwaysadmit: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-admission-control-plugin-alwayspullimages: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-admission-control-plugin-namespacelifecycle: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-admission-control-plugin-noderestriction: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-admission-control-plugin-scc: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-admission-control-plugin-service-account: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-anonymous-auth: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-audit-log-maxbackup: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-audit-log-maxsize: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-audit-log-path: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-auth-mode-no-aa: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-auth-mode-rbac: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-basic-auth: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-bind-address: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-client-ca: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-encryption-provider-cipher: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-etcd-ca: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-etcd-cert: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-etcd-key: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-https-for-kubelet-conn: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-insecure-bind-address: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-kubelet-certificate-authority: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-kubelet-client-cert: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-kubelet-client-cert-pre-4-9: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-api-server-kubelet-client-key: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-kubelet-client-key-pre-4-9: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-api-server-oauth-https-serving-cert: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-openshift-https-serving-cert: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-profiling-protected-by-rbac: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-request-timeout: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-service-account-lookup: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-service-account-public-key: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-tls-cert: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-tls-cipher-suites: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-tls-private-key: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-tls-security-profile: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-api-server-token-auth: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-audit-error-alert-exists: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-audit-log-forwarding-enabled: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-audit-log-forwarding-webhook: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-audit-logging-enabled: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-audit-profile-set: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-configure-network-policies: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-configure-network-policies-hypershift-hosted: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-configure-network-policies-namespaces: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-container-security-operator-exists: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-controller-insecure-port-disabled: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-controller-secure-port: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-controller-service-account-ca: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-controller-service-account-private-key: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-controller-use-service-account: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-auto-tls: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-cert-file: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-client-cert-auth: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-key-file: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-peer-auto-tls: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-peer-cert-file: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-peer-client-cert-auth: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-etcd-peer-key-file: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-file-groupowner-proxy-kubeconfig: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-file-integrity-exists: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-file-integrity-notification-enabled: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-file-owner-proxy-kubeconfig: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-file-permissions-proxy-kubeconfig: | ||
| default_result: NOT-APPLICABLE | ||
| result_after_remediation: NOT-APPLICABLE | ||
| e2e-pci-dss-4-0-general-apply-scc: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-general-default-namespace-use: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-general-default-seccomp-profile: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-general-namespaces-in-use: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-idp-is-configured: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ingress-controller-certificate: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ingress-controller-tls-security-profile: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-kubeadmin-removed: | ||
| default_result: FAIL | ||
| result_after_remediation: FAIL | ||
| e2e-pci-dss-4-0-kubelet-configure-tls-cert: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-kubelet-configure-tls-key: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-kubelet-disable-readonly-port: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-machine-volume-encrypted: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-oauth-or-oauthclient-inactivity-timeout: | ||
| default_result: FAIL | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ocp-allowed-registries: | ||
| default_result: FAIL | ||
| result_after_remediation: FAIL | ||
| e2e-pci-dss-4-0-ocp-allowed-registries-for-import: | ||
| default_result: FAIL | ||
| result_after_remediation: FAIL | ||
| e2e-pci-dss-4-0-ocp-api-server-audit-log-maxbackup: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ocp-api-server-audit-log-maxsize: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ocp-idp-no-htpasswd: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ocp-insecure-allowed-registries-for-import: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ocp-insecure-registries: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-ocp-no-ldap-insecure: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-openshift-api-server-audit-log-path: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-rbac-cluster-roles-defined: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-rbac-debug-role-protects-pprof: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-rbac-least-privilege: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-rbac-limit-cluster-admin: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-rbac-limit-secrets-access: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-rbac-pod-creation-access: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-rbac-roles-defined: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-rbac-wildcard-use: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-routes-protected-by-tls: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-scansettingbinding-exists: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-scc-drop-container-capabilities: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-container-allowed-capabilities: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-scc-limit-ipc-namespace: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-net-raw-capability: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-network-namespace: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-privilege-escalation: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-privileged-containers: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-process-id-namespace: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scc-limit-root-containers: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-scheduler-profiling-protected-by-rbac: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-scheduler-service-protected-by-rbac: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-secrets-consider-external-storage: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-secrets-no-environment-variables: | ||
| default_result: MANUAL | ||
| result_after_remediation: MANUAL | ||
| e2e-pci-dss-4-0-security-profiles-operator-exists: | ||
| default_result: FAIL | ||
| result_after_remediation: FAIL | ||
| e2e-pci-dss-4-0-storageclass-encryption-enabled: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-tls-version-check-apiserver: | ||
| default_result: PASS | ||
| result_after_remediation: PASS | ||
| e2e-pci-dss-4-0-tls-version-check-router: | ||
| default_result: PASS | ||
| result_after_remediation: PASS |
Oops, something went wrong.