Cis v1.8.0

[Arcelone]

Add support for Cis benchmark v1.8.0

close #573

• Add new test for section 2.7
• Update Check 5.15
• Update all the subset (v8 Grid and level_1)
• Update Readme
• Move to bash (some scripts weren't call with bash)

[nikjoesta]

Don't know if anyone still merges this or what the plans are. But I found an issue in the old benchmark script. It is ambiguously defined in the 1.6.0 specification as well. And this script does something completely weird. It is now clear in the 1.8.0 specification.

Long story short:
docker.socket -> docker.sock in 1.1.9 fixes it.

Longer story:
docker.socket with get_service_file finds the systemd path (like /lib/systemd/system/docker.socket) and not the socket (/run/docker.sock) itself cause its name is .sock not .socket. Therefore it doesn't overwrite the path and wants the auditing person to audit the systemd docker.socket file. Which is not what is intended from CIS. No harm in auditing that. But the real goal is to audit the docker.sock.

If you want me to look into it or do a PR (also for 1.6.0) please let me know.