-
Notifications
You must be signed in to change notification settings - Fork 63
/
worker.sh
executable file
·63 lines (55 loc) · 1.21 KB
/
worker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/bin/sh
# ------------------------------------------------------------------------------
# Kubenetes CIS benchmark
#
# Neuvector, Inc. (c) 2016-
#
# ------------------------------------------------------------------------------
usage () {
cat <<EOF
usage: ./worker.sh [-b] VERSION
-b optional Do not print colors
VERSION required CIS benchmark version, for example: "gke", "1.6.0", "1.5.1", "1.4.1", "1.2.0", "1.0.0"
EOF
}
while [ "$#" -ge 0 ]
do
case $1 in
-b) nocolor="nocolor"; shift;;
1.0.0|1.2.0|1.4.1|1.5.1|1.6.0|gke) ver=$1; break 2;;
*) usage; exit 1;;
esac
done
CIS_KUBELET_CMD=${CIS_KUBELET_CMD:-kubelet}
CIS_PROXY_CMD=${CIS_PROXY_CMD:-kube-proxy}
# Load dependencies
case $ver in
gke)
. ./helper_gke.sh
;;
1.6.0)
. ./helper1_6_0.sh
;;
1.5.1)
. ./helper1_5_1.sh
;;
1.4.1)
. ./helper1_4_1.sh
;;
*)
. ./helper.sh
;;
esac
# Check for required program(s)
req_progs='grep pgrep sed'
for p in $req_progs; do
command -v "$p" >/dev/null 2>&1 || { printf "%s command not found.\n" "$p"; exit 1; }
done
# Load all the tests from worker/ and run them
main () {
for audit in $ver/worker/*.sh
do
. ./"$audit"
done
}
main "$@"