From c636caaa501a77a87d1231fd0e3eedafabf97c58 Mon Sep 17 00:00:00 2001 From: CIPHERTron Date: Wed, 22 Feb 2023 12:06:29 +0530 Subject: [PATCH] fix: migrate from k8s.gcr.io to registry.k8s.io Signed-off-by: CIPHERTron --- plugins/k8saudit/rules/k8s_audit_rules.yaml | 22 ++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/plugins/k8saudit/rules/k8s_audit_rules.yaml b/plugins/k8saudit/rules/k8s_audit_rules.yaml index 70f6e2af..a6d4de2f 100644 --- a/plugins/k8saudit/rules/k8s_audit_rules.yaml +++ b/plugins/k8saudit/rules/k8s_audit_rules.yaml @@ -194,8 +194,8 @@ gke.gcr.io/gke-metadata-server, gke.gcr.io/kube-proxy, gke.gcr.io/netd-amd64, - k8s.gcr.io/ip-masq-agent-amd64, - k8s.gcr.io/prometheus-to-sd, + registry.k8s.io/ip-masq-agent-amd64, + registry.k8s.io/prometheus-to-sd, ] # Corresponds to K8s CIS Benchmark 1.7.4 @@ -339,17 +339,17 @@ gke.gcr.io/addon-resizer, gke.gcr.io/heapster, gke.gcr.io/gke-metadata-server, - k8s.gcr.io/ip-masq-agent-amd64, - k8s.gcr.io/kube-apiserver, + registry.k8s.io/ip-masq-agent-amd64, + registry.k8s.io/kube-apiserver, gke.gcr.io/kube-proxy, gke.gcr.io/netd-amd64, gke.gcr.io/watcher-daemonset, - k8s.gcr.io/addon-resizer - k8s.gcr.io/prometheus-to-sd, - k8s.gcr.io/k8s-dns-dnsmasq-nanny-amd64, - k8s.gcr.io/k8s-dns-kube-dns-amd64, - k8s.gcr.io/k8s-dns-sidecar-amd64, - k8s.gcr.io/metrics-server-amd64, + registry.k8s.io/addon-resizer + registry.k8s.io/prometheus-to-sd, + registry.k8s.io/k8s-dns-dnsmasq-nanny-amd64, + registry.k8s.io/k8s-dns-kube-dns-amd64, + registry.k8s.io/k8s-dns-sidecar-amd64, + registry.k8s.io/metrics-server-amd64, kope/kube-apiserver-healthcheck, k8s_image_list ] @@ -746,4 +746,4 @@ output: Node not in allowed list tried unsuccessfully to join the cluster (user=%ka.user.name node=%ka.target.name reason=%ka.response.reason resource=%ka.target.resource) priority: WARNING source: k8s_audit - tags: [k8s] + tags: [k8s] \ No newline at end of file