Merge pull request #141 from aquasecurity/version-default

Default version

.travis.yml

@@ -15,9 +15,8 @@ before_install:
   - gem install --no-ri --no-rdoc fpm
 
 install:
-  - go get -v github.com/Masterminds/glide
-  - cd $GOPATH/src/github.com/Masterminds/glide && git checkout tags/v0.12.3 && go install && cd - # use a known good glide version
-  - glide install
+  - go get -v github.com/golang/dep/cmd/dep
+  - dep ensure -v -vendor-only
 
 script:
   - go test ./...

Dockerfile

@@ -1,7 +1,7 @@
 FROM golang:1.9 AS build
 WORKDIR /go/src/github.com/aquasecurity/kube-bench/
-ADD glide.lock glide.yaml ./
-RUN go get github.com/Masterminds/glide && glide install
+ADD Gopkg.toml Gopkg.lock ./
+RUN go get -v github.com/golang/dep/cmd/dep && dep ensure -v -vendor-only
 ADD main.go .
 ADD check/ check/
 ADD cmd/ cmd/

Gopkg.lock

@@ -0,0 +1,153 @@
+# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
+
+
+[[projects]]
+  name = "github.com/fatih/color"
+  packages = ["."]
+  revision = "570b54cabe6b8eb0bc2dfce68d964677d63b5260"
+  version = "v1.5.0"
+
+[[projects]]
+  name = "github.com/fsnotify/fsnotify"
+  packages = ["."]
+  revision = "4da3e2cfbabc9f751898f250b49f2439785783a1"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/golang/glog"
+  packages = ["."]
+  revision = "23def4e6c14b4da8ac2ed8007337bc5eb5007998"
+
+[[projects]]
+  name = "github.com/hashicorp/hcl"
+  packages = [
+    ".",
+    "hcl/ast",
+    "hcl/parser",
+    "hcl/scanner",
+    "hcl/strconv",
+    "hcl/token",
+    "json/parser",
+    "json/scanner",
+    "json/token"
+  ]
+  revision = "23c074d0eceb2b8a5bfdbb271ab780cde70f05a8"
+
+[[projects]]
+  name = "github.com/inconshreveable/mousetrap"
+  packages = ["."]
+  revision = "76626ae9c91c4f2a10f34cad8ce83ea42c93bb75"
+  version = "v1.0"
+
+[[projects]]
+  name = "github.com/jinzhu/gorm"
+  packages = [
+    ".",
+    "dialects/postgres"
+  ]
+  revision = "5174cc5c242a728b435ea2be8a2f7f998e15429b"
+  version = "v1.0"
+
+[[projects]]
+  name = "github.com/jinzhu/inflection"
+  packages = ["."]
+  revision = "1c35d901db3da928c72a72d8458480cc9ade058f"
+
+[[projects]]
+  name = "github.com/lib/pq"
+  packages = [
+    ".",
+    "hstore",
+    "oid"
+  ]
+  revision = "83612a56d3dd153a94a629cd64925371c9adad78"
+
+[[projects]]
+  name = "github.com/magiconair/properties"
+  packages = ["."]
+  revision = "49d762b9817ba1c2e9d0c69183c2b4a8b8f1d934"
+
+[[projects]]
+  name = "github.com/mattn/go-colorable"
+  packages = ["."]
+  revision = "5411d3eea5978e6cdc258b30de592b60df6aba96"
+
+[[projects]]
+  name = "github.com/mattn/go-isatty"
+  packages = ["."]
+  revision = "57fdcb988a5c543893cc61bce354a6e24ab70022"
+
+[[projects]]
+  name = "github.com/mitchellh/mapstructure"
+  packages = ["."]
+  revision = "06020f85339e21b2478f756a78e295255ffa4d6a"
+
+[[projects]]
+  name = "github.com/pelletier/go-toml"
+  packages = ["."]
+  revision = "0131db6d737cfbbfb678f8b7d92e55e27ce46224"
+
+[[projects]]
+  name = "github.com/spf13/afero"
+  packages = [
+    ".",
+    "mem"
+  ]
+  revision = "57afd63c68602b63ed976de00dd066ccb3c319db"
+
+[[projects]]
+  name = "github.com/spf13/cast"
+  packages = ["."]
+  revision = "acbeb36b902d72a7a4c18e8f3241075e7ab763e4"
+  version = "v1.1.0"
+
+[[projects]]
+  name = "github.com/spf13/cobra"
+  packages = ["."]
+  revision = "7b2c5ac9fc04fc5efafb60700713d4fa609b777b"
+  version = "v0.0.1"
+
+[[projects]]
+  name = "github.com/spf13/jwalterweatherman"
+  packages = ["."]
+  revision = "12bd96e66386c1960ab0f74ced1362f66f552f7b"
+
+[[projects]]
+  name = "github.com/spf13/pflag"
+  packages = ["."]
+  revision = "4c012f6dcd9546820e378d0bdda4d8fc772cdfea"
+
+[[projects]]
+  name = "github.com/spf13/viper"
+  packages = ["."]
+  revision = "25b30aa063fc18e48662b86996252eabdcf2f0c7"
+  version = "v1.0.0"
+
+[[projects]]
+  name = "golang.org/x/sys"
+  packages = ["unix"]
+  revision = "e24f485414aeafb646f6fca458b0bf869c0880a1"
+
+[[projects]]
+  name = "golang.org/x/text"
+  packages = [
+    "internal/gen",
+    "internal/triegen",
+    "internal/ucd",
+    "transform",
+    "unicode/cldr",
+    "unicode/norm"
+  ]
+  revision = "e19ae1496984b1c655b8044a65c0300a3c878dd3"
+
+[[projects]]
+  name = "gopkg.in/yaml.v2"
+  packages = ["."]
+  revision = "c95af922eae69f190717a0b7148960af8c55a072"
+
+[solve-meta]
+  analyzer-name = "dep"
+  analyzer-version = 1
+  inputs-digest = "8d9a1b665b338530deef434f168913ba1184f835aa5bfed3a213a14c613bc17e"
+  solver-name = "gps-cdcl"
+  solver-version = 1

Gopkg.toml

@@ -0,0 +1,23 @@
+[[constraint]]
+  name = "github.com/fatih/color"
+  version = "1.5.0"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/golang/glog"
+
+[[constraint]]
+  name = "github.com/jinzhu/gorm"
+  version = "1.0.0"
+
+[[constraint]]
+  name = "github.com/spf13/cobra"
+  version = "0.0.1"
+
+[[constraint]]
+  name = "github.com/spf13/viper"
+  version = "1.0.0"
+
+[prune]
+  go-tests = true
+  unused-packages = true

README.md

@@ -37,6 +37,19 @@ You can even use your own configs by mounting them over the default ones in `/op
 docker run --pid=host -v path/to/my-config.yaml:/opt/kube-bench/cfg/config.yaml aquasec/kube-bench:latest <master|node>
 ```
 
+### Running in a kubernetes cluster
+Run the master check
+
+```
+kubectl run --rm -i -t kube-bench-master --image=aquasec/kube-bench:latest --restart=Never --overrides="{ \"apiVersion\": \"v1\", \"spec\": { \"hostPID\": true, \"nodeSelector\": { \"kubernetes.io/role\": \"master\" }, \"tolerations\": [ { \"key\": \"node-role.kubernetes.io/master\", \"operator\": \"Exists\", \"effect\": \"NoSchedule\" } ] } }" -- master --version 1.8
+```
+
+Run the node check
+
+```
+kubectl run --rm -i -t kube-bench-node --image=aquasec/kube-bench:latest --restart=Never --overrides="{ \"apiVersion\": \"v1\", \"spec\": { \"hostPID\": true } }" -- node --version 1.8
+```
+
 ### Installing from a container
 
 This command copies the kube-bench binary and configuration files to your host from the Docker container:
@@ -50,30 +63,19 @@ You can then run `./kube-bench <master|node>`.
 
 If Go is installed on the target machines, you can simply clone this repository and run as follows (assuming your [$GOPATH is set](https://github.com/golang/go/wiki/GOPATH)):
 
-```go get github.com/aquasecurity/kube-bench
-go get github.com/Masterminds/glide
+```shell
+go get github.com/aquasecurity/kube-bench
+go get github.com/golang/dep/cmd/dep
 cd $GOPATH/src/github.com/aquasecurity/kube-bench
-$GOPATH/bin/glide install
-go build -o kube-bench . 
-./kube-bench <master|node>
-```
+$GOPATH/bin/dep ensure -vendor-only
+go build -o kube-bench .
 
-## Usage
-```./kube-bench [command]```
+# See all supported options
+./kube-bench --help
 
-```
-Available Commands:
-  federated   Run benchmark checks for a Kubernetes federated deployment.
-  help        Help about any command
-  master      Run benchmark checks for a Kubernetes master node.
-  node        Run benchmark checks for a Kubernetes node.
+# Run the all checks on a master node
+./kube-bench master
 
-Flags:
-  -c, --check string          A comma-delimited list of checks to run as specified in CIS document. Example --check="1.1.1,1.1.2"
-      --config string         config file (default is ./cfg/config.yaml)
-  -g, --group string          Run all the checks under this comma-delimited list of groups. Example --group="1.1"
-      --json                  Prints the results as JSON
-  -v, --verbose               verbose output (default false)
 ```
 
 ## Configuration

cfg/1.8/config.yaml

@@ -9,21 +9,27 @@
 
 master:
   apiserver:
+    confs:
+      - /etc/kubernetes/manifests/kube-apiserver.yaml
+      - /etc/kubernetes/manifests/kube-apiserver.manifest
     defaultconf: /etc/kubernetes/manifests/kube-apiserver.yaml
 
   scheduler:
     confs: 
       - /etc/kubernetes/manifests/kube-scheduler.yaml
+      - /etc/kubernetes/manifests/kube-scheduler.manifest
     defaultconf: /etc/kubernetes/manifests/kube-scheduler.yaml
 
   controllermanager:
     confs:
       - /etc/kubernetes/manifests/kube-controller-manager.yaml
+      - /etc/kubernetes/manifests/kube-controller-manager.manifest
     defaultconf: /etc/kubernetes/manifests/kube-controller-manager.yaml
 
   etcd:
     confs:
       - /etc/kubernetes/manifests/etcd.yaml
+      - /etc/kubernetes/manifests/etcd.manifest
     defaultconf: /etc/kubernetes/manifests/etcd.yaml
 
 node:

cfg/1.8/master.yaml

@@ -418,7 +418,7 @@ groups:
 
   - id: 1.1.26
     text: "Ensure that the --etcd-certfile and --etcd-keyfile arguments are set as 
-      appropriate (Scored"
+      appropriate (Scored)"
     audit: "ps -ef | grep $apiserverbin | grep -v grep"
     tests:
       bin_op: and
@@ -666,7 +666,7 @@ groups:
     scored: true
 
   - id: 1.3.3
-    text: "Ensure that the --use-service-account-credentials argument is set"
+    text: "Ensure that the --use-service-account-credentials argument is set (Scored)"
     audit: "ps -ef | grep $controllermanagerbin | grep -v grep"
     tests:
       test_items:
@@ -942,7 +942,7 @@ groups:
 
   - id: 1.4.11
     text: "Ensure that the etcd data directory permissions are set to 700 or more restrictive (Scored)"
-    audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
+    audit: ps -ef | grep $etcdbin | grep -- --data-dir | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %a
     tests:
       test_items:
       - flag: "700"
@@ -960,7 +960,7 @@ groups:
 
   - id: 1.4.12
     text: "Ensure that the etcd data directory ownership is set to etcd:etcd (Scored)"
-    audit: ps -ef | grep $etcdbin | grep -v grep | sed 's%.*data-dir[= ]\(\S*\)%\1%' | xargs stat -c %U:%G
+    audit: ps -ef | grep $etcdbin | grep -- --data-dir | sed 's%.*data-dir[= ]\([^ ]*\).*%\1%' | xargs stat -c %U:%G
     tests:
       test_items:
       - flag: "etcd:etcd"

cfg/1.8/node.yaml

@@ -368,8 +368,7 @@ groups:
       scored: true
 
     - id: 2.2.4
-      text: "Ensure that the kubelet service file permissions are set to 644 or
-      more restrictive (Scored)"
+      text: "2.2.4 Ensure that the kubelet service file ownership is set to root:root (Scored)"
       audit: "/bin/sh -c 'if test -e $kubeletconf; then stat -c %U:%G $kubeletconf; fi'"
       tests:
         test_items:
@@ -411,6 +410,7 @@ groups:
 
     - id: 2.2.6
       text: "Ensure that the proxy kubeconfig file ownership is set to root:root (Scored)"
+      audit: "/bin/sh -c 'if test -e $proxyconf; then stat -c %U:%G $proxyconf; fi'"
       tests:
         test_items:
         - flag: "root:root"

check/test.go

@@ -80,10 +80,22 @@ func (t *testItem) execute(s string) (result bool) {
 
 			switch t.Compare.Op {
 			case "eq":
-				result = flagVal == t.Compare.Value
+				value := strings.ToLower(flagVal)
+				// Do case insensitive comparaison for booleans ...
+				if value == "false" || value == "true" {
+					result = value == t.Compare.Value
+				} else {
+					result = flagVal == t.Compare.Value
+				}
 
 			case "noteq":
-				result = !(flagVal == t.Compare.Value)
+				value := strings.ToLower(flagVal)
+				// Do case insensitive comparaison for booleans ...
+				if value == "false" || value == "true" {
+					result = !(value == t.Compare.Value)
+				} else {
+					result = !(flagVal == t.Compare.Value)
+				}
 
 			case "gt":
 				a, b := toNumeric(flagVal, t.Compare.Value)

cmd/common.go

@@ -17,6 +17,7 @@ package cmd
 import (
 	"fmt"
 	"io/ioutil"
+	"os"
 	"path/filepath"
 
 	"github.com/aquasecurity/kube-bench/check"
@@ -28,56 +29,50 @@ var (
 	errmsgs string
 )
 
-func runChecks(t check.NodeType) {
+func runChecks(nodetype check.NodeType) {
 	var summary check.Summary
-	var nodetype string
 	var file string
 	var err error
 	var typeConf *viper.Viper
 
-	switch t {
+	switch nodetype {
 	case check.MASTER:
 		file = masterFile
-		nodetype = "master"
 	case check.NODE:
 		file = nodeFile
-		nodetype = "node"
 	case check.FEDERATED:
 		file = federatedFile
-		nodetype = "federated"
 	}
 
-	var ver string
-	if kubeVersion != "" {
-		ver = kubeVersion
-	} else {
-		ver = getKubeVersion()
+	path, err := getConfigFilePath(kubeVersion, getKubeVersion(), file)
+	if err != nil {
+		exitWithError(fmt.Errorf("can't find %s controls file in %s: %v", nodetype, cfgDir, err))
 	}
 
-	switch ver {
-	case "1.9", "1.10":
-		continueWithError(nil, fmt.Sprintf("No CIS spec for %s - using tests from CIS 1.2.0 spec for Kubernetes 1.8\n", ver))
-		ver = "1.8"
-	}
-
-	path := filepath.Join(cfgDir, ver)
 	def := filepath.Join(path, file)
-
 	in, err := ioutil.ReadFile(def)
 	if err != nil {
-		exitWithError(fmt.Errorf("error opening %s controls file: %v", t, err))
+		exitWithError(fmt.Errorf("error opening %s controls file: %v", nodetype, err))
 	}
 
+	glog.V(1).Info(fmt.Sprintf("Using benchmark file: %s\n", def))
+
 	// Merge kubernetes version specific config if any.
 	viper.SetConfigFile(path + "/config.yaml")
 	err = viper.MergeInConfig()
 	if err != nil {
-		continueWithError(err, fmt.Sprintf("Reading %s specific configuration file", ver))
+		if os.IsNotExist(err) {
+			glog.V(2).Info(fmt.Sprintf("No version-specific config.yaml file in %s", path))
+		} else {
+			exitWithError(fmt.Errorf("couldn't read config file %s: %v", path+"/config.yaml", err))
+		}
+	} else {
+		glog.V(1).Info(fmt.Sprintf("Using config file: %s\n", viper.ConfigFileUsed()))
 	}
-	typeConf = viper.Sub(nodetype)
 
 	// Get the set of exectuables and config files we care about on this type of node. This also
 	// checks that the executables we need for the node type are running.
+	typeConf = viper.Sub(string(nodetype))
 	binmap := getBinaries(typeConf)
 	confmap := getConfigFiles(typeConf)
 
@@ -86,12 +81,9 @@ func runChecks(t check.NodeType) {
 	s = makeSubstitutions(s, "bin", binmap)
 	s = makeSubstitutions(s, "conf", confmap)
 
-	glog.V(1).Info(fmt.Sprintf("Using config file: %s\n", viper.ConfigFileUsed()))
-	glog.V(1).Info(fmt.Sprintf("Using benchmark file: %s\n", def))
-
-	controls, err := check.NewControls(t, []byte(s))
+	controls, err := check.NewControls(nodetype, []byte(s))
 	if err != nil {
-		exitWithError(fmt.Errorf("error setting up %s controls: %v", t, err))
+		exitWithError(fmt.Errorf("error setting up %s controls: %v", nodetype, err))
 	}
 
 	if groupList != "" && checkList == "" {

cmd/root.go

@@ -46,7 +46,7 @@ var (
 var RootCmd = &cobra.Command{
 	Use:   os.Args[0],
 	Short: "Run CIS Benchmarks checks against a Kubernetes deployment",
-	Long:  `This tool runs the CIS Kubernetes 1.6 Benchmark v1.0.0 checks.`,
+	Long:  `This tool runs the CIS Kubernetes Benchmark (http://www.cisecurity.org/benchmark/kubernetes/)`,
 }
 
 // Execute adds all child commands to the root command sets flags appropriately.
@@ -65,7 +65,7 @@ func init() {
 	cobra.OnInitialize(initConfig)
 
 	// Output control
-	RootCmd.PersistentFlags().BoolVar(&noResults, "noresults", false, "Disable prints of results section")
+	RootCmd.PersistentFlags().BoolVar(&noResults, "noresults", false, "Disable printing of results section")
 	RootCmd.PersistentFlags().BoolVar(&noSummary, "nosummary", false, "Disable printing of summary section")
 	RootCmd.PersistentFlags().BoolVar(&noRemediations, "noremediations", false, "Disable printing of remediations section")
 	RootCmd.PersistentFlags().BoolVar(&jsonFmt, "json", false, "Prints the results as JSON")

cmd/util.go

@@ -4,7 +4,9 @@ import (
 	"fmt"
 	"os"
 	"os/exec"
+	"path/filepath"
 	"regexp"
+	"strconv"
 	"strings"
 
 	"github.com/aquasecurity/kube-bench/check"
@@ -116,6 +118,57 @@ func getBinaries(v *viper.Viper) map[string]string {
 	return binmap
 }
 
+// getConfigFilePath locates the config files we should be using based on either the specified
+// version, or the running version of kubernetes if not specified
+func getConfigFilePath(specifiedVersion string, runningVersion string, filename string) (path string, err error) {
+	var fileVersion string
+
+	if specifiedVersion != "" {
+		fileVersion = specifiedVersion
+	} else {
+		fileVersion = runningVersion
+	}
+
+	for {
+		path = filepath.Join(cfgDir, fileVersion)
+		file := filepath.Join(path, string(filename))
+		glog.V(2).Info(fmt.Sprintf("Looking for config file: %s\n", file))
+
+		if _, err = os.Stat(file); !os.IsNotExist(err) {
+			if specifiedVersion == "" && fileVersion != runningVersion {
+				glog.V(1).Info(fmt.Sprintf("No test file found for %s - using tests for Kubernetes %s\n", runningVersion, fileVersion))
+			}
+			return path, nil
+		}
+
+		// If we were given an explicit version to look for, don't look for any others
+		if specifiedVersion != "" {
+			return "", err
+		}
+
+		fileVersion = decrementVersion(fileVersion)
+		if fileVersion == "" {
+			return "", fmt.Errorf("no test files found <= runningVersion")
+		}
+	}
+}
+
+// decrementVersion decrements the version number
+// We want to decrement individually even through versions where we don't supply test files
+// just in case someone wants to specify their own test files for that version
+func decrementVersion(version string) string {
+	split := strings.Split(version, ".")
+	minor, err := strconv.Atoi(split[1])
+	if err != nil {
+		return ""
+	}
+	if minor <= 1 {
+		return ""
+	}
+	split[1] = strconv.Itoa(minor - 1)
+	return strings.Join(split, ".")
+}
+
 // getConfigFiles finds which of the set of candidate config files exist
 // accepts a string 't' which indicates the type of config file, conf,
 // podspec or untifile.
@@ -275,7 +328,7 @@ func makeSubstitutions(s string, ext string, m map[string]string) string {
 			glog.V(2).Info(fmt.Sprintf("No subsitution for '%s'\n", subst))
 			continue
 		}
-		glog.V(1).Info(fmt.Sprintf("Substituting %s with '%s'\n", subst, v))
+		glog.V(2).Info(fmt.Sprintf("Substituting %s with '%s'\n", subst, v))
 		s = multiWordReplace(s, subst, v)
 	}
 

cmd/util_test.go

@@ -15,7 +15,9 @@
 package cmd
 
 import (
+	"io/ioutil"
 	"os"
+	"path/filepath"
 	"reflect"
 	"strconv"
 	"testing"
@@ -306,3 +308,45 @@ func TestMakeSubsitutions(t *testing.T) {
 		})
 	}
 }
+
+func TestGetConfigFilePath(t *testing.T) {
+	var err error
+	cfgDir, err = ioutil.TempDir("", "kube-bench-test")
+	if err != nil {
+		t.Fatalf("Failed to create temp directory")
+	}
+	defer os.RemoveAll(cfgDir)
+	d := filepath.Join(cfgDir, "1.8")
+	err = os.Mkdir(d, 0666)
+	if err != nil {
+		t.Fatalf("Failed to create temp file")
+	}
+	ioutil.WriteFile(filepath.Join(d, "master.yaml"), []byte("hello world"), 0666)
+
+	cases := []struct {
+		specifiedVersion string
+		runningVersion   string
+		succeed          bool
+		exp              string
+	}{
+		{runningVersion: "1.8", succeed: true, exp: d},
+		{runningVersion: "1.9", succeed: true, exp: d},
+		{runningVersion: "1.10", succeed: true, exp: d},
+		{runningVersion: "1.1", succeed: false},
+		{specifiedVersion: "1.8", succeed: true, exp: d},
+		{specifiedVersion: "1.9", succeed: false},
+		{specifiedVersion: "1.10", succeed: false},
+	}
+
+	for _, c := range cases {
+		t.Run(c.specifiedVersion+"-"+c.runningVersion, func(t *testing.T) {
+			path, err := getConfigFilePath(c.specifiedVersion, c.runningVersion, "/master.yaml")
+			if err != nil && c.succeed {
+				t.Fatalf("Error %v", err)
+			}
+			if path != c.exp {
+				t.Fatalf("Got %s expected %s", path, c.exp)
+			}
+		})
+	}
+}

glide.lock

@@ -1,72 +0,0 @@
-hash: f3cf12cf95d66d315c4aef2f3d0940770bd26267f84703e53c4928b786a91c14
-updated: 2018-01-09T12:49:41.3014329-08:00
-imports:
-- name: github.com/fatih/color
-  version: 570b54cabe6b8eb0bc2dfce68d964677d63b5260
-- name: github.com/fsnotify/fsnotify
-  version: 4da3e2cfbabc9f751898f250b49f2439785783a1
-- name: github.com/golang/glog
-  version: 23def4e6c14b4da8ac2ed8007337bc5eb5007998
-- name: github.com/hashicorp/hcl
-  version: 23c074d0eceb2b8a5bfdbb271ab780cde70f05a8
-  subpackages:
-  - hcl/ast
-  - hcl/parser
-  - hcl/scanner
-  - hcl/strconv
-  - hcl/token
-  - json/parser
-  - json/scanner
-  - json/token
-- name: github.com/inconshreveable/mousetrap
-  version: 76626ae9c91c4f2a10f34cad8ce83ea42c93bb75
-- name: github.com/jinzhu/gorm
-  version: 5174cc5c242a728b435ea2be8a2f7f998e15429b
-  subpackages:
-  - dialects/postgres
-- name: github.com/jinzhu/inflection
-  version: 1c35d901db3da928c72a72d8458480cc9ade058f
-- name: github.com/lib/pq
-  version: 83612a56d3dd153a94a629cd64925371c9adad78
-  subpackages:
-  - hstore
-  - oid
-- name: github.com/magiconair/properties
-  version: 49d762b9817ba1c2e9d0c69183c2b4a8b8f1d934
-- name: github.com/mattn/go-colorable
-  version: 5411d3eea5978e6cdc258b30de592b60df6aba96
-  repo: https://github.com/mattn/go-colorable
-- name: github.com/mattn/go-isatty
-  version: 57fdcb988a5c543893cc61bce354a6e24ab70022
-  repo: https://github.com/mattn/go-isatty
-- name: github.com/mitchellh/mapstructure
-  version: 06020f85339e21b2478f756a78e295255ffa4d6a
-- name: github.com/pelletier/go-toml
-  version: 0131db6d737cfbbfb678f8b7d92e55e27ce46224
-- name: github.com/spf13/afero
-  version: 57afd63c68602b63ed976de00dd066ccb3c319db
-  subpackages:
-  - mem
-- name: github.com/spf13/cast
-  version: acbeb36b902d72a7a4c18e8f3241075e7ab763e4
-- name: github.com/spf13/cobra
-  version: 7b2c5ac9fc04fc5efafb60700713d4fa609b777b
-- name: github.com/spf13/jwalterweatherman
-  version: 12bd96e66386c1960ab0f74ced1362f66f552f7b
-- name: github.com/spf13/pflag
-  version: 4c012f6dcd9546820e378d0bdda4d8fc772cdfea
-- name: github.com/spf13/viper
-  version: 25b30aa063fc18e48662b86996252eabdcf2f0c7
-- name: golang.org/x/sys
-  version: e24f485414aeafb646f6fca458b0bf869c0880a1
-  repo: https://go.googlesource.com/sys
-  subpackages:
-  - unix
-- name: golang.org/x/text
-  version: e19ae1496984b1c655b8044a65c0300a3c878dd3
-  subpackages:
-  - transform
-  - unicode/norm
-- name: gopkg.in/yaml.v2
-  version: c95af922eae69f190717a0b7148960af8c55a072
-testImports: []

glide.yaml

@@ -1,14 +0,0 @@
-package: github.com/aquasecurity/kube-bench
-import:
-- package: github.com/fatih/color
-  version: ^1.5.0
-- package: github.com/golang/glog
-- package: github.com/jinzhu/gorm
-  version: ^1.0.0
-  subpackages:
-  - dialects/postgres
-- package: github.com/spf13/cobra
-  version: ^0.0.1
-- package: github.com/spf13/viper
-  version: ^1.0.0
-- package: gopkg.in/yaml.v2