[Bug] Various errors in etcd controls #30
Description
Describe the bug
Encountering various errors when executing etcd controls (2.*).
Expected behavior
I expect to receive passed/failed/skipped results based on observed system & application state.
Actual behavior
undefined method `empty?' error encountered in controls 2.1, 2.2, 2.4, & 2.5:
...
× cis-kubernetes-benchmark:2.1: Ensure that the --cert-file and --key-file arguments are set as appropriate (4 failed)
× ["/usr/bin/etcd -name=...\"] is expected to match /--cert-file=/
...
× Enviroment variables for Processes /\/usr\/bin\/etcd/ ETCD_CERT_FILE
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000006453908>
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000005d4c6a0>
× ["/usr/bin/etcd -name=...\"]" to match /--key-file=/
...
× Enviroment variables for Processes /\/usr\/bin\/etcd/ ETCD_KEY_FILE
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x000000000643f250>
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000005d1bb18>
× cis-kubernetes-benchmark:2.2: Ensure that the --client-cert-auth argument is set to true (2 failed)
× ["/usr/bin/etcd -name=...\"]" to match /--client-cert-auth=true/
...
× Enviroment variables for Processes /\/usr\/bin\/etcd/ ETCD_CLIENT_CERT_AUTH
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000006125a10>
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000005bc9198>
...
× cis-kubernetes-benchmark:2.4: Ensure that the --peer-cert-file and --peer-key-file arguments are set as appropriate (4 failed)
× ["/usr/bin/etcd -name=...\"]" to match /--peer-cert-file=/
...
× Enviroment variables for Processes /\/usr\/bin\/etcd/ ETCD_PEER_CERT_FILE
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000006303e90>
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000005ba25e8>
× ["/usr/bin/etcd -name=...\"] is expected to match /--peer-key-file=/
...
× Enviroment variables for Processes /\/usr\/bin\/etcd/ ETCD_PEER_KEY_FILE
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000005e12378>
undefined method `empty?' for #<#<Class:0x000000000443df60>:0x0000000005b901b8>
...
The last result in each control is the issue.
Control Source Code Error encountered in control 2.7:
× cis-kubernetes-benchmark:2.7: Ensure that a unique Certificate Authority is used for etcd
× Control Source Code Error cis-kubernetes-benchmark-1.0.2/controls/2_etcd_node.rb:133
undefined local variable or method `cis_level' for #<Inspec::Rule:0x0000000005d64138>
Example code
inspec exec https://github.com/dev-sec/cis-kubernetes-benchmark/archive/1.0.2.tar.gz --color --show-progress -i ~/.ssh/id_rsa --chef-license=accept --no-create-lockfile --bastion-user=bastion_user --bastion-host=bastion.dev.com -t=ssh://[email protected]OS / Environment
Linux ... 3.10.0-1160.15.2.el7.x86_64 #1 SMP Wed Feb 3 15:06:38 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Inspec Version
4.26.4
Baseline Version
6a960bc7872df07ee38876c5cb750f6637ff026b