From 3385aea046147ea336fda1ec0fe137b10742ca63 Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Wed, 27 May 2020 15:46:15 +0200
Subject: [PATCH] make sure kube-bench fails if command does not exist, add
 unincluded firewall tasks

---
 ansible/roles/pre-configure/tasks/main.yml | 2 +-
 test/pytest/test_system.py                 | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/ansible/roles/pre-configure/tasks/main.yml b/ansible/roles/pre-configure/tasks/main.yml
index 3daa0e4bb..a970022a2 100644
--- a/ansible/roles/pre-configure/tasks/main.yml
+++ b/ansible/roles/pre-configure/tasks/main.yml
@@ -126,4 +126,4 @@
   when: kube_bench_check_deb.rc == 1
 
 - name: Configure firewall
-  import_tasks: journald.yml
+  import_tasks: firewall.yml
diff --git a/test/pytest/test_system.py b/test/pytest/test_system.py
index 8b232ebff..ab7da6c72 100644
--- a/test/pytest/test_system.py
+++ b/test/pytest/test_system.py
@@ -60,9 +60,7 @@ def test_kubernetes_setup(host):
         "--nosummary",
         "--json"]), capture_output=True)
 
-    if result.rc != 0:
-        print("Docker run failed: ")
-        print(result.stderr)
+    assert result.rc == 0
 
     # kube-bench doesn't give perfectly valid JSON as output. It gives 1 line
     # of valid json per test
-- 
GitLab