All commits come from upstream contributed merge requests:
-
5ca33ee9 [cern] Fix kube-bench 1.2.1, 1.2.23, 1.3.1.
- Set shorter apiserver timeout (from 60s to 10s)
- decrease number of terminated pods to GC
- Disallow anonymous auth
-
ed7b8a3c [cern] Fix kube-bench 1.2.32 and 4.2.13
- set TLS cypher-suits to use on kubelet and apiserver
-
d6f950f7 [cern] Ensure kube-apiserver TLS connection to etcd server
- set keys and certificates to use for connection with etcd server
-
303e6777 [cern] Add kube-bench disable profilling
- disable profiling on kubernetes control plane components
Closes: https://gitlab.cern.ch/kubernetes/project/-/issues/251