update inspec.yml and changelog

dev-sec CI · dev-sec CI · commit 656e61c53986 · 2020-06-18T09:47:23.000Z
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,27 @@
-# Change Log
+# Changelog
+
+## [1.3.1](https://github.com/dev-sec/cis-docker-benchmark/tree/1.3.1) (2020-06-18)
+
+[Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/2.1.0...1.3.1)
+
+**Closed issues:**
+
+- Examples not working [\#58](https://github.com/dev-sec/cis-docker-benchmark/issues/58)
+- incompatible character encodings: UTF-8 and ASCII-8BIT [\#51](https://github.com/dev-sec/cis-docker-benchmark/issues/51)
+
+**Merged pull requests:**
+
+- github release action [\#67](https://github.com/dev-sec/cis-docker-benchmark/pull/67) ([micheelengronne](https://github.com/micheelengronne))
+- Update Inspec.yml [\#66](https://github.com/dev-sec/cis-docker-benchmark/pull/66) ([MoisesTapia](https://github.com/MoisesTapia))
+- Removed trailing slashes in 1.8, 1.9 [\#63](https://github.com/dev-sec/cis-docker-benchmark/pull/63) ([presidenten](https://github.com/presidenten))
+- Remove .gitkeep file [\#62](https://github.com/dev-sec/cis-docker-benchmark/pull/62) ([james-stocks](https://github.com/james-stocks))
+- Simple fix for \#58 [\#61](https://github.com/dev-sec/cis-docker-benchmark/pull/61) ([commjoen](https://github.com/commjoen))
+- Update issue templates [\#57](https://github.com/dev-sec/cis-docker-benchmark/pull/57) ([rndmh3ro](https://github.com/rndmh3ro))
+- unified attributes [\#56](https://github.com/dev-sec/cis-docker-benchmark/pull/56) ([chris-rock](https://github.com/chris-rock))
+- Removed unneeded processing step [\#55](https://github.com/dev-sec/cis-docker-benchmark/pull/55) ([tstuber](https://github.com/tstuber))
 
 ## [2.1.0](https://github.com/dev-sec/cis-docker-benchmark/tree/2.1.0) (2018-04-20)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/2.0.0...2.1.0)
 
 **Closed issues:**
@@ -10,13 +31,15 @@
 
 **Merged pull requests:**
 
+- 2.1.0 [\#54](https://github.com/dev-sec/cis-docker-benchmark/pull/54) ([chris-rock](https://github.com/chris-rock))
 - Fix utf8 truncated output [\#53](https://github.com/dev-sec/cis-docker-benchmark/pull/53) ([aschmidt75](https://github.com/aschmidt75))
 - update inspec version to 2.0 [\#52](https://github.com/dev-sec/cis-docker-benchmark/pull/52) ([atomic111](https://github.com/atomic111))
 - Fixes \#37 prevent NoMethodError when no hosts available [\#49](https://github.com/dev-sec/cis-docker-benchmark/pull/49) ([Nowheresly](https://github.com/Nowheresly))
 - name correct minimum inspec version [\#47](https://github.com/dev-sec/cis-docker-benchmark/pull/47) ([chris-rock](https://github.com/chris-rock))
 - update changelog [\#45](https://github.com/dev-sec/cis-docker-benchmark/pull/45) ([chris-rock](https://github.com/chris-rock))
 
 ## [2.0.0](https://github.com/dev-sec/cis-docker-benchmark/tree/2.0.0) (2017-11-24)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/1.3.1...2.0.0)
 
 **Closed issues:**
@@ -33,6 +56,7 @@
 - update gemfile [\#41](https://github.com/dev-sec/cis-docker-benchmark/pull/41) ([atomic111](https://github.com/atomic111))
 
 ## [1.3.1](https://github.com/dev-sec/cis-docker-benchmark/tree/1.3.1) (2017-11-18)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/1.3.0...1.3.1)
 
 **Fixed bugs:**
@@ -52,6 +76,7 @@
 - Due to inspec deprecation warnings [\#33](https://github.com/dev-sec/cis-docker-benchmark/pull/33) ([alexpop](https://github.com/alexpop))
 
 ## [1.3.0](https://github.com/dev-sec/cis-docker-benchmark/tree/1.3.0) (2017-04-28)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/1.2.0...1.3.0)
 
 **Closed issues:**
@@ -70,13 +95,15 @@
 - update tags and refs [\#23](https://github.com/dev-sec/cis-docker-benchmark/pull/23) ([chris-rock](https://github.com/chris-rock))
 
 ## [1.2.0](https://github.com/dev-sec/cis-docker-benchmark/tree/1.2.0) (2017-04-18)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/1.1.1...1.2.0)
 
 **Merged pull requests:**
 
 - update to CIS Benchmark 1.12, controls 1.1 to 2.16 [\#19](https://github.com/dev-sec/cis-docker-benchmark/pull/19) ([atomic111](https://github.com/atomic111))
 
 ## [1.1.1](https://github.com/dev-sec/cis-docker-benchmark/tree/1.1.1) (2017-03-01)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/1.1.0...1.1.1)
 
 **Merged pull requests:**
@@ -85,6 +112,7 @@
 - add changelog [\#16](https://github.com/dev-sec/cis-docker-benchmark/pull/16) ([chris-rock](https://github.com/chris-rock))
 
 ## [1.1.0](https://github.com/dev-sec/cis-docker-benchmark/tree/1.1.0) (2016-12-13)
+
 [Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/1.0.0...1.1.0)
 
 **Merged pull requests:**
@@ -95,6 +123,9 @@
 - Fix README.md [\#12](https://github.com/dev-sec/cis-docker-benchmark/pull/12) ([netflash](https://github.com/netflash))
 
 ## [1.0.0](https://github.com/dev-sec/cis-docker-benchmark/tree/1.0.0) (2016-07-05)
+
+[Full Changelog](https://github.com/dev-sec/cis-docker-benchmark/compare/b7947d9bfea0a7fb961874f94a7fa0375bef31ba...1.0.0)
+
 **Implemented enhancements:**
 
 - use new InSpec attributes [\#10](https://github.com/dev-sec/cis-docker-benchmark/pull/10) ([chris-rock](https://github.com/chris-rock))
@@ -112,4 +143,4 @@
 
 
 
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
diff --git a/inspec.yml b/inspec.yml
@@ -1,110 +1,111 @@
+---
 name: cis-docker-benchmark
 title: CIS Docker Benchmark Profile
 maintainer: DevSec Hardening Framework Team
 copyright: DevSec Hardening Framework Team
 copyright_email: hello@dev-sec.io
 license: Apache-2.0
 summary: An InSpec Compliance Profile for the CIS Docker Benchmark
-version: 2.1.0
+version: 1.3.1
 inspec_version: '>= 2.3.23'
 attributes:
-  - name: container_user
-    required: false
-    description: 'define user within containers.'
-    value: 'ubuntu'
-    type: string
-  - name: container_capadd
-    required: true
-    description: 'define needed capabilities for containers.'
-    type: string
-    value: NET_ADMIN,SYS_ADMIN
-  - name: app_armor_profile
-    required: false
-    description: 'define apparmor profile for Docker containers.'
-    value: 'docker-default'
-    type: string
-  - name: selinux_profile
-    required: false
-    description: 'define SELinux profile for Docker containers.'
-    value: label:level:s0-s0:c1023
-    type: string
-  - name: trusted_user
-    required: false
-    description: 'define trusted user to control Docker daemon.'
-    value: vagrant
-    type: string
-  - name: managable_container_number
-    required: true
-    description: 'keep number of containers on a host to a manageable total.'
-    value: 25
-    type: numeric
-  - name: benchmark_version
-    required: true
-    description: 'to execute also the old controls from previous benchmarks. to execute the controls, define the value as 1.12.0'
-    type: string
-    value: 1.12.0
-  - name: registry_cert_path
-    required: true
-    description: 'directory contains various Docker registry directories.'
-    value: '/etc/docker/certs.d'
-    type: string
-  - name: registry_name
-    required: true
-    description: 'directory contain certificate certain Docker registry.'
-    value: '/etc/docker/certs.d/registry_hostname:port'
-    type: string
-  - name: registry_ca_file
-    required: false
-    description: 'directory contain certificate certain Docker registry.'
-    value: '/etc/docker/certs.d/registry_hostname:port/ca.crt'
-    type: string
-  - name: daemon_tlscacert
-    required: false
-    description: 'Trust certs signed only by this CA'
-    value: '/etc/docker/ssl/ca.pem'
-    type: string
-  - name: daemon_tlscert
-    required: false
-    description: 'Path to TLS certificate file'
-    value: '/etc/docker/ssl/server_cert.pem'
-    type: string
-  - name: daemon_tlskey
-    required: false
-    description: 'Path to TLS key file'
-    value: '/etc/docker/ssl/server_key.pem'
-    type: string
-  - name: authorization_plugin
-    required: false
-    description: 'define authorization plugin to manage access to Docker daemon.'
-    value: 'authz-broker'
-    type: string
-  - name: log_driver
-    required: false
-    description: 'define preferable way to store logs.'
-    value: 'syslog'
-    type: string
-  - name: log_opts
-    required: false
-    description: 'define Docker daemon log-opts.'
-    value: syslog-address
-    type: string
-  - name: swarm_mode
-    required: false
-    description: 'define the swarm mode, `active` or `inactive`'
-    value: inactive
-    type: string
-  - name: swarm_max_manager_nodes
-    required: false
-    description: 'number of manager nodes in a swarm'
-    value: 3
-    type: numeric
-  - name: swarm_port
-    required: false
-    description: 'port of the swarm node'
-    value: 2377
-    type: numeric
-  - name: seccomp_default_profile
-    required: false
-    description: 'define the default seccomp profile'
-    value: 'default'
-    type: string
+    - name: container_user
+      required: false
+      description: 'define user within containers.'
+      value: 'ubuntu'
+      type: string
+    - name: container_capadd
+      required: true
+      description: 'define needed capabilities for containers.'
+      type: string
+      value: NET_ADMIN,SYS_ADMIN
+    - name: app_armor_profile
+      required: false
+      description: 'define apparmor profile for Docker containers.'
+      value: 'docker-default'
+      type: string
+    - name: selinux_profile
+      required: false
+      description: 'define SELinux profile for Docker containers.'
+      value: label:level:s0-s0:c1023
+      type: string
+    - name: trusted_user
+      required: false
+      description: 'define trusted user to control Docker daemon.'
+      value: vagrant
+      type: string
+    - name: managable_container_number
+      required: true
+      description: 'keep number of containers on a host to a manageable total.'
+      value: 25
+      type: numeric
+    - name: benchmark_version
+      required: true
+      description: 'to execute also the old controls from previous benchmarks. to execute the controls, define the value as 1.12.0'
+      type: string
+      value: 1.12.0
+    - name: registry_cert_path
+      required: true
+      description: 'directory contains various Docker registry directories.'
+      value: '/etc/docker/certs.d'
+      type: string
+    - name: registry_name
+      required: true
+      description: 'directory contain certificate certain Docker registry.'
+      value: '/etc/docker/certs.d/registry_hostname:port'
+      type: string
+    - name: registry_ca_file
+      required: false
+      description: 'directory contain certificate certain Docker registry.'
+      value: '/etc/docker/certs.d/registry_hostname:port/ca.crt'
+      type: string
+    - name: daemon_tlscacert
+      required: false
+      description: 'Trust certs signed only by this CA'
+      value: '/etc/docker/ssl/ca.pem'
+      type: string
+    - name: daemon_tlscert
+      required: false
+      description: 'Path to TLS certificate file'
+      value: '/etc/docker/ssl/server_cert.pem'
+      type: string
+    - name: daemon_tlskey
+      required: false
+      description: 'Path to TLS key file'
+      value: '/etc/docker/ssl/server_key.pem'
+      type: string
+    - name: authorization_plugin
+      required: false
+      description: 'define authorization plugin to manage access to Docker daemon.'
+      value: 'authz-broker'
+      type: string
+    - name: log_driver
+      required: false
+      description: 'define preferable way to store logs.'
+      value: 'syslog'
+      type: string
+    - name: log_opts
+      required: false
+      description: 'define Docker daemon log-opts.'
+      value: syslog-address
+      type: string
+    - name: swarm_mode
+      required: false
+      description: 'define the swarm mode, `active` or `inactive`'
+      value: inactive
+      type: string
+    - name: swarm_max_manager_nodes
+      required: false
+      description: 'number of manager nodes in a swarm'
+      value: 3
+      type: numeric
+    - name: swarm_port
+      required: false
+      description: 'port of the swarm node'
+      value: 2377
+      type: numeric
+    - name: seccomp_default_profile
+      required: false
+      description: 'define the default seccomp profile'
+      value: 'default'
+      type: string
