Fix ownership related to Calico (#8072)

kube-bench scan outputs warning related to Calico like:

* text: "Ensure that the Container Network Interface file
  permissions are set to 644 or more restrictive (Manual)"
* text: "Ensure that the Container Network Interface file
  ownership is set to root:root (Manual)"

This fixes these warnings.
This commit is contained in:
Kenichi Omichi 2021-10-19 17:35:57 -07:00 committed by GitHub
parent 6a5b87dda4
commit 19d07a4f2e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View file

@ -36,7 +36,7 @@
file:
path: /etc/cni/net.d
state: directory
owner: kube
owner: root
mode: 0755
- name: Setup CNI
copy:

View file

@ -20,7 +20,7 @@
template:
src: "cni-calico.conflist.j2"
dest: "/etc/cni/net.d/calico.conflist.template"
owner: kube
owner: root
register: calico_conflist
notify: reset_calico_cni