From 8700668686511be003d01cded657b6bfb762aaa5 Mon Sep 17 00:00:00 2001
From: vardhaman22 <vardhaman.surana@suse.com>
Date: Wed, 20 Mar 2024 10:58:36 +0530
Subject: [PATCH 1/3] make remove cis 4.4.0-rc2

---
 .../rancher-cis-benchmark-crd-4.4.0-rc2.tgz   | Bin 1465 -> 0 bytes
 .../rancher-cis-benchmark-4.4.0-rc2.tgz       | Bin 8608 -> 0 bytes
 .../4.4.0-rc2/Chart.yaml                      |  10 -
 .../4.4.0-rc2/README.md                       |   2 -
 .../4.4.0-rc2/templates/clusterscan.yaml      | 148 ------------
 .../templates/clusterscanbenchmark.yaml       |  54 -----
 .../templates/clusterscanprofile.yaml         |  36 ---
 .../templates/clusterscanreport.yaml          |  39 ----
 .../4.4.0-rc2/Chart.yaml                      |  22 --
 .../rancher-cis-benchmark/4.4.0-rc2/README.md |   9 -
 .../4.4.0-rc2/app-readme.md                   |  33 ---
 .../4.4.0-rc2/templates/_helpers.tpl          |  27 ---
 .../4.4.0-rc2/templates/alertingrule.yaml     |  14 --
 .../templates/benchmark-aks-1.0.yaml          |   8 -
 .../templates/benchmark-cis-1.20.yaml         |   9 -
 .../templates/benchmark-cis-1.23.yaml         |   9 -
 .../templates/benchmark-cis-1.24.yaml         |   9 -
 .../templates/benchmark-cis-1.5.yaml          |   9 -
 .../templates/benchmark-cis-1.6.yaml          |   9 -
 .../templates/benchmark-cis-1.7.yaml          |   9 -
 .../templates/benchmark-cis-1.8.yaml          |   8 -
 .../templates/benchmark-eks-1.2.0.yaml        |   8 -
 .../templates/benchmark-gke-1.2.0.yaml        |   8 -
 .../benchmark-k3s-cis-1.20-hardened.yaml      |   9 -
 .../benchmark-k3s-cis-1.20-permissive.yaml    |   9 -
 .../benchmark-k3s-cis-1.23-hardened.yaml      |   9 -
 .../benchmark-k3s-cis-1.23-permissive.yaml    |   9 -
 .../benchmark-k3s-cis-1.24-hardened.yaml      |   9 -
 .../benchmark-k3s-cis-1.24-permissive.yaml    |   9 -
 .../benchmark-k3s-cis-1.6-hardened.yaml       |   9 -
 .../benchmark-k3s-cis-1.6-permissive.yaml     |   9 -
 .../benchmark-k3s-cis-1.7-hardened.yaml       |   9 -
 .../benchmark-k3s-cis-1.7-permissive.yaml     |   9 -
 .../benchmark-k3s-cis-1.8-hardened.yaml       |   8 -
 .../benchmark-k3s-cis-1.8-permissive.yaml     |   8 -
 .../benchmark-rke-cis-1.20-hardened.yaml      |   9 -
 .../benchmark-rke-cis-1.20-permissive.yaml    |   9 -
 .../benchmark-rke-cis-1.23-hardened.yaml      |   9 -
 .../benchmark-rke-cis-1.23-permissive.yaml    |   9 -
 .../benchmark-rke-cis-1.24-hardened.yaml      |   9 -
 .../benchmark-rke-cis-1.24-permissive.yaml    |   9 -
 .../benchmark-rke-cis-1.5-hardened.yaml       |   9 -
 .../benchmark-rke-cis-1.5-permissive.yaml     |   9 -
 .../benchmark-rke-cis-1.6-hardened.yaml       |   9 -
 .../benchmark-rke-cis-1.6-permissive.yaml     |   9 -
 .../benchmark-rke-cis-1.7-hardened.yaml       |   9 -
 .../benchmark-rke-cis-1.7-permissive.yaml     |   9 -
 .../benchmark-rke-cis-1.8-hardened.yaml       |   8 -
 .../benchmark-rke-cis-1.8-permissive.yaml     |   8 -
 .../benchmark-rke2-cis-1.20-hardened.yaml     |   9 -
 .../benchmark-rke2-cis-1.20-permissive.yaml   |   9 -
 .../benchmark-rke2-cis-1.23-hardened.yaml     |   9 -
 .../benchmark-rke2-cis-1.23-permissive.yaml   |   9 -
 .../benchmark-rke2-cis-1.24-hardened.yaml     |   9 -
 .../benchmark-rke2-cis-1.24-permissive.yaml   |   9 -
 .../benchmark-rke2-cis-1.5-hardened.yaml      |   9 -
 .../benchmark-rke2-cis-1.5-permissive.yaml    |   9 -
 .../benchmark-rke2-cis-1.6-hardened.yaml      |   9 -
 .../benchmark-rke2-cis-1.6-permissive.yaml    |   9 -
 .../benchmark-rke2-cis-1.7-hardened.yaml      |   9 -
 .../benchmark-rke2-cis-1.7-permissive.yaml    |   9 -
 .../benchmark-rke2-cis-1.8-hardened.yaml      |   8 -
 .../benchmark-rke2-cis-1.8-permissive.yaml    |   8 -
 .../4.4.0-rc2/templates/cis-roles.yaml        |  49 ----
 .../4.4.0-rc2/templates/configmap.yaml        |  18 --
 .../4.4.0-rc2/templates/deployment.yaml       |  61 -----
 .../templates/network_policy_allow_all.yaml   |  15 --
 .../patch_default_serviceaccount.yaml         |  29 ---
 .../4.4.0-rc2/templates/psp.yaml              |  59 -----
 .../4.4.0-rc2/templates/rbac.yaml             | 219 ------------------
 .../templates/scanprofile-cis-1.20.yaml       |   9 -
 .../templates/scanprofile-cis-1.23.yaml       |   9 -
 .../templates/scanprofile-cis-1.24.yaml       |   9 -
 .../templates/scanprofile-cis-1.6.yaml        |   9 -
 .../templates/scanprofile-cis-1.7.yaml        |   9 -
 .../templates/scanprofile-cis-1.8.yaml        |   9 -
 .../scanprofile-k3s-cis-1.20-hardened.yml     |   9 -
 .../scanprofile-k3s-cis-1.20-permissive.yml   |   9 -
 .../scanprofile-k3s-cis-1.23-hardened.yml     |   9 -
 .../scanprofile-k3s-cis-1.23-permissive.yml   |   9 -
 .../scanprofile-k3s-cis-1.24-hardened.yml     |   9 -
 .../scanprofile-k3s-cis-1.24-permissive.yml   |   9 -
 .../scanprofile-k3s-cis-1.6-hardened.yml      |   9 -
 .../scanprofile-k3s-cis-1.6-permissive.yml    |   9 -
 .../scanprofile-k3s-cis-1.7-hardened.yml      |   9 -
 .../scanprofile-k3s-cis-1.7-permissive.yml    |   9 -
 .../scanprofile-k3s-cis-1.8-hardened.yml      |   9 -
 .../scanprofile-k3s-cis-1.8-permissive.yml    |   9 -
 .../scanprofile-rke-1.20-hardened.yaml        |   9 -
 .../scanprofile-rke-1.20-permissive.yaml      |   9 -
 .../scanprofile-rke-1.23-hardened.yaml        |   9 -
 .../scanprofile-rke-1.23-permissive.yaml      |   9 -
 .../scanprofile-rke-1.24-hardened.yaml        |   9 -
 .../scanprofile-rke-1.24-permissive.yaml      |   9 -
 .../scanprofile-rke-1.6-hardened.yaml         |   9 -
 .../scanprofile-rke-1.6-permissive.yaml       |   9 -
 .../scanprofile-rke-1.7-hardened.yaml         |   9 -
 .../scanprofile-rke-1.7-permissive.yaml       |   9 -
 .../scanprofile-rke-1.8-hardened.yaml         |   9 -
 .../scanprofile-rke-1.8-permissive.yaml       |   9 -
 .../scanprofile-rke2-cis-1.20-hardened.yml    |   9 -
 .../scanprofile-rke2-cis-1.20-permissive.yml  |   9 -
 .../scanprofile-rke2-cis-1.23-hardened.yml    |   9 -
 .../scanprofile-rke2-cis-1.23-permissive.yml  |   9 -
 .../scanprofile-rke2-cis-1.24-hardened.yml    |   9 -
 .../scanprofile-rke2-cis-1.24-permissive.yml  |   9 -
 .../scanprofile-rke2-cis-1.6-hardened.yml     |   9 -
 .../scanprofile-rke2-cis-1.6-permissive.yml   |   9 -
 .../scanprofile-rke2-cis-1.7-hardened.yml     |   9 -
 .../scanprofile-rke2-cis-1.7-permissive.yml   |   9 -
 .../scanprofile-rke2-cis-1.8-hardened.yml     |   9 -
 .../scanprofile-rke2-cis-1.8-permissive.yml   |   9 -
 .../4.4.0-rc2/templates/scanprofileaks.yml    |   9 -
 .../4.4.0-rc2/templates/scanprofileeks.yml    |   9 -
 .../4.4.0-rc2/templates/scanprofilegke.yml    |   9 -
 .../4.4.0-rc2/templates/serviceaccount.yaml   |  14 --
 .../templates/validate-install-crd.yaml       |  17 --
 .../templates/validate-psp-install.yaml       |   7 -
 .../4.4.0-rc2/values.yaml                     |  55 -----
 index.yaml                                    |  40 ----
 120 files changed, 1822 deletions(-)
 delete mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0-rc2.tgz
 delete mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0-rc2.tgz
 delete mode 100644 charts/rancher-cis-benchmark-crd/4.4.0-rc2/Chart.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/4.4.0-rc2/README.md
 delete mode 100644 charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscan.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanbenchmark.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanprofile.yaml
 delete mode 100644 charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanreport.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/Chart.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/README.md
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/app-readme.md
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/_helpers.tpl
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/alertingrule.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-aks-1.0.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.20.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.23.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.24.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.5.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.6.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.7.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.8.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-eks-1.2.0.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-gke-1.2.0.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/cis-roles.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/configmap.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/deployment.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/network_policy_allow_all.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/patch_default_serviceaccount.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/psp.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/rbac.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.20.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.23.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.24.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.6.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.7.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.8.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-hardened.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-permissive.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-hardened.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-permissive.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileaks.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileeks.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofilegke.yml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/serviceaccount.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-install-crd.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-psp-install.yaml
 delete mode 100644 charts/rancher-cis-benchmark/4.4.0-rc2/values.yaml

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0-rc2.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0-rc2.tgz
deleted file mode 100644
index 54950b25c604aaf0c1ee71c1797d3ac17d976e59..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1465
zcmV;q1xETGiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI>(bE7s8&a;1o=K5?76OwfNmh)XZ*Y<K5C%rze#m3eJBt}}&
z^K|;(I|32|24igOT<5$m9!ug|3BLVSTF@Z*0`-s!Gn}F1iwN}Nkn7;>WC5C-B}C!b
zp60r)d+Gb>uj{(iU-!cE&qn^mm4E5^o^2mpx>w#AbN6+;jU|RapSgScsxIz-Vj!g=
zAfcog4;bS>5URPufha^rsJ9$7i3fqfnB`ol9kvibfO5><kWTPT?GOnOnix2anPr=b
zQ3EMGG)qGm)n1}8L@+qCm%jL4=js4r@ddRJN{-pnXb_;`TEvw8|0oSX7#c<kWRvN8
z!yc5b$8rX3j%XR<m_Zzef~R+F@bv80cYMbkYVHkQ`<ZsJ=J+R!;t&YUTOKBcP#X?%
zCq394|0CBMjmq)wjn4h6Q~V#pijf1cz;A@o{xi<w&&Gz}(`fK0WH4rv#E^=nXjGy(
zzQ+e4MH&GS5(GeC^&^X)0%459g;_=Pz{JSyz`0gQoC-mqGrK+&BF1vB8PpvInYPAZ
zq9H817%*nIvVob89x#@NWr{V-r}Z>SAq?s#D`!@zvIbHb=2&QfAV}8+;jI>uP)}5t
zL^7Y*kbN~u-U2Pg%rOL%7$*cn(?r^N-fHzALcD<}1AD$Jg{9;}^6pGj3~3?fjSfr_
zMWB}sDT1(sdtYej1QmlZC8XO`LnojI5alWTvTEoAWFAFa0=io@bOQPtv@8MrwQA@D
zBo$p}YCj9hkMl+mTkF~iJLk&1h|my3<rV)?-`N5jBX<m6V333uScXlMd=PVoYbEdU
z_A(jQJJwv7WTx|Q&zWyy#V%pY{`of>!WS69bEk??Uf+KFa(-88W-Qh=+ml$~q!;H}
zu(JAbnWIu*Rl6CJNf_D(QHbKAtu3wyy>{O^!#7XdTJb5=^|!*etiYN^LTNQ?q7q5<
zUNQ(PX!BGgt7dQVb%>g#`%HB6y|4z>$7eZFQ5+&Qcv?+(rc{U^H-lNpN%US=*$6fJ
zikun<RNHB|(r5)n$QtILOrrJHAuFhFvALk7E8CUa4U^7;c+1ec!Ea<k<GO}byGPyK
zGuMQiTe|ff)m+Iehu5%B5Jt7+Y@@DK?t2Z=q{vpIoA|axoV12?=I_rq0K&ujiqIIl
z3p%J1jbM~KtdBZ&_w6Gca6k_mrD&_50IgwJ=?jF3Ls<5l-B4?#Hzk~A&E3ek{d1ya
z!ok4lMF(nSpS3Q3!!xcwP4p>`)jepR*lLy?v3^B~I<1ndqi@=Z<a_U)X=)SeZrh^L
z8DKXEo9uVolRb)>hqKL<=}B?7OYQM#mn$17UE5J=eC<NW4{9Cjf2&eyheBXW{olLt
zFDv!GbI*5A^}l1-q3eGygz2#m`0g1q?XIZ^uAIJZX)s3a<kPy<>PZAIl3A(<R{FLm
z^+ZDcp3G27BsBT+D<OYs9<U8Od~1Pk9<T*GPnq=c6tj}cCy3W7rdtf$(_Q*LYHOdx
z(cg8otU|h8&($05&$0YuZxMTRR!8_=@oU1dKm2_*R~_?zoSjCxy#{Q_|Dy}<ypsRD
ztMkiK{y&BtI{)W{=`s5k-<{Ru{%42%Xa4U=;9o-Z0AgiNocCy`OX0M&oU*Z)vSUH3
zUH8}y8@B4LE$t58)pwRw_u3)d$vW!4##nX!Dy&WaFE1{t`hPh(egAP3JGB01gy~WK
zrzv2Q`seOm|JZk+cl>*c6Z?S@*&%D(8PR^b`+Rf6ef$C9zghpMAFkhj`rt&t-agvC
z{~h^W<@?_Y-#gX+j$%J;_}KNDO|w467odsJ0*HyV&uJ5b0h=wGKB;}}6`t&5Cp+26
T>g>M&00960H+msP05kvq(bnMH

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0-rc2.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0-rc2.tgz
deleted file mode 100644
index 4a7bb8488eabb11bdfdd6bd7bc92be22028b9cc7..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 8608
zcmX|nby!s2_w`T`N~eT0l2X#bP$DG_QVN0!q7u?MG?IdpNDLhcqJ)$%AdRG;D2Rg~
zAs{0;FwETZ8~l9V_x?4{IqU4R&))mav(`SBH<^kBcKQG@n8a;;3mI4a>x#y~Dhe+0
zHZpfC74F+xswkS;*eG7V@zCS8=bd0Hb1!xMyAL11w!%*y&nvgD;X6WTvg91vYOikI
z8-ArKZ@n#~HmGhecem=q>c+SgX$Dd#MJ$pw^6`UD5xL<x;SExe?B=C+44Yt8RXeX<
zr(KQa^F(2=;e48pjS1)f=9ua}I5&eFlSQeAtM@vF7+s+Ue&kK_e-4Y$v*6wQpD~15
zOaRuj5c>88zJA!T5wuo2`v;<Ke(JL)-ly#XRUMXLn(f-q)G`&uE(RQ|WoNWCa+L2_
zP7GSaFER!sxenXM(j@kJ$G)S>&6$WnjlSJ?bMXBeWhBSX@GIBrIvWFHT+p}DAUeT)
z-0qq1+y&<cxcQ)SbrjxO96Tj!2*TNopoO$q&*mvaHGJYTa-!wdOHY1*tzN2{q&HN`
zIVmlD7W&V<I%5+VX{b{X3n7Z68W$~^cC9W3#-7<Sd1yNJEt;Iqewt!d*tT#FFT=*v
z`d5~<DtY|NW}}JitFT$FN`FiUy;Y$Om96I7h(m|(rvKyfHD3%3XP>3SIb`;iuQUet
ziJG-ZgmPyf8=gt4(sEyYg$%F9G&_99D3UU0T+EmmgpWJdRWX=dq0{2KU}?B+MW2hO
z(~so!70A_B5_Dm?T^@h7icbq`VDa?Kj`g;@n4qkx`a$+*=3Dk2>PK-fF%uodyGvHA
zn)IsSf~Jy{sSdV3WG_51FUv+Z?U+rk-hB6ReR>zsL2z1>IpZTqQvC)jGzPd$L&!qf
zLPATF+d8eWH@9KdzRC-kuJEmpRJZlz6e?Zv59@2mSd2aMz?!Wg)nsgJG1Gezcpvv9
zsqZrxE4j;OSj0pqo|p|!KI`W;cz%sPhwr^!%;*kF6OJK6){&t5M5m8DBSqR*yO8Zq
zq>0du)p@4+KmH+7+Y<SCK05=0et{--FLUIW<7($_&2H{n+o($GeN(>oap8EBdM!m~
za^%@6qV{fx;{IIf8Ok1)?HG=ddMs^hQ3)VrN#;oS$>j6*TNvGC%`Ah@egdRO;~Y_a
zH8B+DZO&?P{zVGD8XU!|h@JDS8n@q0+MUSjg-wQwyKN|Tca}5zh;j(btQpdh@47w5
z4Wk@A8ei6mOj7(z8ILlI+I~_{k}hggzc-%zI9hjWV&)H;*)S_^e{x0FU!I1ez1Oc!
zB<`cjiy51Z57%uu8q~C_RI%x1+2oWUB~Al=L#cQ%hT*xisUJaQH1D-KAAI#EQ>x0B
zNAelnQ+w8yaO@}JY{RGfXsToLE82wtp+!(puVdhYs!*t?+!`-@<}HRb)oo&uk_|?)
z!|@^3fblE?TePvi;7gWS89T9Y!>lICzA&GcxN3z|16WlS#Uv9$biLKzrkyQ29iH~7
zYaFv=`gf1hs1m=D*JSFul!h3|3E5TKlCH<Sr2NS@iQYTm|07L%OYxJ{9EmOxnsR4p
z+f(Oy)!s<qZ9;lvYpm8&VkTIUMN(u;CHy!q%Zsx?md+Aw5uZLOy3=Ga?MrJZQ0_5w
z&k}ik<v51z)4r`x=`V|{B*Yu>Xb(N7_>S{0L~P~R7kuky-4_{xKJ`>MQb<N_hJ3$m
zk{P8!Ih-i{nj=@x?}vsL{B0PVbN&F{GG2vrW6<l4yI3~&TGJXoyLqUzk5Jw^R{+g-
z&(>GfPdbRZ(23F~XZ4-cA8qLN)l8!P*m2%lv)%-Q;c`N~%MxOwsjgYd#gB-1EJ#>e
zQor96`tn!f*D;iH*3Q>xG25~Bk~K{=bgRSs*}CtGUbiCq)X&y;qTeH#CKTSP+Br9T
zp8J)1wZKe8YYd2)<TuMjnrT91cCY*OQcau`Ac;ged7Xr9eGUO`^58vpiPx;U37K<E
z$(iwna`EX46$xkG-LS)}4S4CqlSPHGC5VeLLFb~C$^S?Woo6;1eQUmPJ-neJyDB}{
zqKd7Z;%<4e`CGa1IbZII*_UK8d6ClBs*j@<%CR>Re9?3YXozX~O<PC(*?xwa@4|O&
zZ;V=7-5UK}qjC_colTg<>91!E^3SAFN^BuI;NPEs_CF=bV9UAJQ)D|m7pG0V=}^}!
zmakGa(jnltahyWNTr{y-m29${GwB@r+V-!8!PN7ZK9U^U;2SFj8BZwcF4ymesS0Bc
z9$etbnd#TTVrf|oQ<`FOR6oqsPcx@unl=knk{(z-sFK)gWYpG^3_>3Hd);S{U4g&i
zwio^6S!Alaakyf$iXI%Y+CeA`CwpBrqWG4;6(tS@DiKhgRch{P#6*g8%!*|;;{2DY
ztDk!-NI0zqs_H$CuY|^|<$jL&ld@iAY){hNb5K&dwKn=d3EZqc=;(&<H^fwLwZxND
z{{o8-GeKw9G(tl85@?idn1`)@D_Fn-bP_Q9h*&5pp5KY^KeO~i`8iNm!^3?iKwUQ#
z2=zZk|FPLYtsNn(xJN;kFofj>kBAc|&By5aB?Nj0R4ZozH<2Zvr2_E=oKBL136Boo
z#=4IwP{HxCC+s4elfgJ>A!Ww%&a8ssB(RnS2K!6!ymL#aJ>oXxAfb5yh!ZfX1h^dC
z3TVq%Lv-%$!Igj)g~$=&Rz4uZ9!<y{uEE#cIu<x3U@wp1Uw<J`n_m$2JwC_Crx^=u
zu<taHUeqUhh>){v$7r7&6f1WwIOg~^27XH^LkP96NYJ95QBUGACPN>o{U%qcdI?eA
z`5R!*JgNdV-j0wLk6_26o=2G5PTh59<kDW?XQi(&L`xoiV=)^8V{3rm*@8LpB0F=8
z;uIVw4Qs6K2SvdIOzRr3aZUl9gPSM^TK5YI$6mL<0v^T6@e45SqwQeRL|hjIA#e|I
z3L^-v6JZazi7-bH>Iv#kak8hl-s)b^b9)y>2|Ds|h%dgx13X^>i&WFVQ{heU%rekA
zol}|xhiaYx#q)d_$X0?v3Yk<@Vi+e8?7$&P45EL^0Cg<DR?VM+)dMivPjrnKX{!I>
z;P3`0@FX7twh9l%PZPxgCY}}pPo?xz`#uM#d2|>wi)qDzuTjKY>ik<qIG*t8S;8S&
zz${(bM^NW_M~M*Je~YgLH>>Qii{9Tu_z&%%Nzd&fcqzN>A}{JmK@PS6^8?(a95_Nv
z-~i2G$7j^4c_tV*KrOElv&{#Hn~sw{|Nlt0{~^Uskpo2J>H)eAG?T{Q;qj2#S!WLa
zBgDN30&*UBQCA)z0%Ct7unMrf>OsWvCio5^jARCZt1%!VIsK2kZiD{;Q4<h~XmSDm
zUpUZzKnt1g|4jY|L>K>ahy`H3fg1|PYXRW-HFd~g5}^d#C{~XUDZdeJB*tZQKxzwc
z`F%ejI{zQGKceMi@XE#x`UpaKPILk^&FBu`z+ogK?{oJ7&raIN&k$I}A%9H%0nIUG
zdx(!5!Rg>;3s@5~&jkrVu+MnjoG*a(CZ1T}$EYgGMagdF(hGoo9%gF<PDfXdP-|zp
zDZgP3!E?Qv5ZCO#3>*9}E6E{v_(L*hDMH{TqOO}8V86qTWKI?!-rnkuh-Dlx`mRK~
z2o^#hTeqmk4(KL2ghxAqX)a}GK1vqCw2}P%ISg+BgO@#a!O#hyTp@t%W8`Tyn*S@S
zWP3c^``-?G|LQx`6BhQI;0d1IpZSFfCYCdCG#y-<A_i!*lnu~-KXv?H-7kY8E*NhS
z-uDDyTqXj>Hc|PY@idns`>00PJ@aHh=?SY{LIeX-ude|Z@RrmSkM<>7?A;3dZ^hG>
zU?Jj|fVzo=cqL?pK-v1gb^Qqcf<}hE2nRw-X*5_c5rez}#|w!65c&8u*R4?H9QlD^
z)El9ckd`%<e5uxZ{10VGJh~U1P26J!`KkO%<GgjD0Xy#BNSZo-owBEo86;OVSeS)d
zm^3Pn7g^@V^$M=*Q#njLQXk@XaTKXy>mGE8)ldkhv(?@sS6CL+2Q+-Kzv`)s5MQp`
zH_>{D3>-F{IhU9|hS;jTNF?0Th5lEOFO-vF$DRH0WJMR(-tEd?FUUQ4!=#X}mY+XG
zoj2}d^)MH|wRdBJOE3OoboT<ry9wVj(6fz4&c&<DT&sZGbb1P)z_|)6Xzn0pgQr~4
z9=jXLU3VUP)h)S)&N+J7?A^P3%WOT}uL+De9P8a)Duryq_=G}6!ZwD>u4`g4UueQ5
z%O`s^QD8AoSkIhOiLWiCILc~YMjO@Kl!2q~WNj^cA0s4X&QCt2_RRkS3aXG>34RtB
z_+Yi4cDy3_W1wiC&b&o$9Y=}C_oS^Rxe-h2`c*&cEB*|dSwZS6k4$+SPqspSUlPAL
z_dsxgx!><nE6%lS1fpb!d#FMwzIj$Nj)1{-R2<c#0}s(ONr$(NkrF7v^&fj`-vii4
z2A}PajcI7}U(k8pp1-+w-7beqX{hokdF<k=Y22r_$2w@%-8p%sEOwc(Dl@e>Z>f)+
z@>fMADj}|;=p*l+Cz6%BIyF=F_el$chDIi;`(jC@m6sj3u8`y{i=|BNH7l|k@!y72
znvakw#);`+c}>u4{m=<@f-IG()7G)>oo^xHBaFIoUAkCo8D*y7m8)3n#H`U{)`Xv|
zXA@D}B_D?=Me3EQh9nZw=}K*A9jfQKg)VjtnX<lEO7f{mu(sjkCe8g|ByC=mc{>}n
zUK*B=-%^iw--SQgTg#ti=hblPLLJS|f2d;<N2g|l+Dg#;bv5~A5qxQLtku+91M&W7
z{>#!8@62+tkv8!6X96Yy|I>}x|4vq_>$}>QXnX3zI{O@Knn!2X`{S^k?LP;D`4bp)
z#QUzW@V(=Wgw3Zb1;`tznQQbb;d_TwEib(;Ncy~}i=?RjQ7yVXPtT6-3_ZDr<c?bM
zp(4Ra?R_!xjn*N#zR!gdzQ^?L$Hu}_C0_I`1mwLFVHC)o?|RBi<&ARMXGUcHJj~{O
z{o|HX82%@2FTVv%XszHv!rcW(IR-cNmNsYE1Tyi@mV%(7RP}eTaRV5yU3CLrN|Fa@
zIOq*T!lAz=toyqO^h)&XkN46VysOaZchG0`%xi`;V_Z}W_k`_Kha(2|WKecRbcA@(
z5)!jS)dg#lEDG;T>KB}JvAEmZFpv1y0o1#hW1GsLq|8?j$E`1M)!B_+Qt7lSZe~H1
zjJ^Nz(#}1v@UBF8&7~qo%*^B8Urv^KKGcu}>W<rxzc8k{x$F{fXGRn|anHa=oiL-3
zcirk3u>9g#Zb1sxZ6bY$QsV&Vlt#T=Lv=QO!cF|>RtL?|W7LEu6m?;a$Sz!{iisW*
zmB+8HHv{O;os+|=xM=lU5|3a~UE%vwMTVn#ctL+)ZSZcEx^AoS>nQ~4Iuy3?4q`L!
zM-V0@0vTsxa>5^Je%?a|RP93vY0D^{hr5VcTxkC>=3CI&>4Rc->hGFVmLqpIMBRlS
zjq??Rx&)}YZoN~{W@K)-TAi+Z&h(j+&*c^6$j7@jyKkDa)7w<Eam7!<dHEt2$y0BC
zP;T14O?Z<d^I|^rpc>lgY4x4lP<7{Kskx)b{#Pr`Fk7BGL|IsWP2ojz>F3MiZK;Ec
zAHA{V1A6U3yAQXErbM0EGs-!Hjvi_ZCTSvH{HCRmpfd9fe=q#;oL}<{vQD1>HW5lb
zlHVMKTkW_|yx*iIfoEEJ8Xaajp?hv~#gb6)?rQ$U?2wbEdSoTChhE?A?52$-a+joK
z4#7Fa51g*74tqt9960r+5_k)5hpz9VX%wxT!=LH<M<`18BT%asg_y$I*Hg5XMjcu$
zibCc38{`em$fTIeU(c!9w=Uh$(tiHI;pehh@+g(T1)UsN^sMp+S0*L{IeKvXYK=Bl
zM7#ch!A$HRf6Ao4v2-8BO+|(mvi#EZx7PA%(D%6;1GYAH$8ea3mF;n>N3)Ea1w^j%
ztcoHw&CKB{w_RQg-te_2z6{n?cA4~tnEwxd#k5j}RZU^K<OlwS)a;TeYyCFWZ^bvG
zR%|n#>_3|z>uvEPnH{hwvr)C+%zyBL^LN7~bq>XQpJ%RWDcV)lUkvfr>f)=5b0P76
zMc^qRDVa{1dpd1JsYrVEC#Oh=bJf^i%{ERd))3bRyibDgrhh9uzY6_nmwyvrJ)Eju
zz8?AuHSeVHOAj%b_s)yi8dpEKEyxo|L*S*u{kcwLmsr%-o(#4<He}wi=qGdQhJ2ly
zMV@ru6lVe)OD>+Pmb=KU-A!sQ{`Aj)Xn0n|*vchFkJsvbUO5z1$1mG1$!ut<<UhJ0
zUgsf#s0@%jX|unUf5GhbvEJNFeA3vwsa7TRf%yF8-aAntyMi~%itzehepON!LYHzQ
z+$g<X*=UjP;cD$euz4ddvOX$|)1d6)5e+_K9XH1qS?!%2rn!B7<Cs$de!9+;3UDnZ
zwEkH+jA(wq;nnK+s`48Bxsj&uvkhImUXM}ETxuib;!G9B3UucBVGF4mWzQOA$h&xJ
zwnzN5&@xT|%#}mWV=tuSa5Sko`RjRUiLSgFC+ApAq0v|6Q^~4laNsdIxh++gZu>!q
zt}!MqT$r9+B*(ZvCf1}S*8qFga>t@CTJqpt%Z=~l``r&t>OS4Md+!eQr&|tOj!!Sc
z>HFN<jw+&FSSRm)ed7H}L3FomD8BR!tA2;Tut~F;zO}el<~G@UqoVMNQ=^*(`p$<-
z2v-SSqldL4_r^stQeMe!%hMSLY2<rRx2xpG6lh8MP1Ly+xc?Ef_H$S#q_(Eny?2t2
zmTsrXzO|vHMevE<UdB3nQ+oR)_u6(@EuL-7K26E@AZtGu7u?{_gI6k$l;;6A#sJG<
z;L1r6T_OETM_@e%(C6C;hyd@S6ZogXV6~>=R%y@q-SpjeT3&>l<>#@_CK){pFX+f4
zOtR?5UCc9YhMO+Lqugc|5fe0E;RIgS4FjP8$7o+Xg52XT$}0wJ6PyB^BSClv9-{`q
zNfY)E-hY=DJs__xP$s|LwuZ9t4uj}xKOq*s0#WX9P{ISL5!r0o1SqkF=y?EdT<<Z$
zGY*8W0f(L);?L|;?e_EoKi;YHUhVv)Fp|X`G{9tcfvIiP(}lyJc_)MR1zrMnude6I
z+usj$ggy39M--8R5dej%0feqS@TXfD%>D?tKSs*3jhm6eKO)k^(8>eUtPj40L<f&i
zFM+TH5a#I|Ua1y@V+qm{GUK3X5)@5?aH2X0ClcHvFN*jhG(wwzQ6r#vn~%NhL1-FK
zbS?m<B_O;CoDj)0Wx^1+fO84~n}0{ui4;^G&wHg1PhWuJjc&)oH6iRI2>5-1B0DAf
zmB)a57w)}*f^X~~+;0IMBGo?!5=^UrP8CQfz64VLqp{O?1Sx@6mAL1@5yJET;U<tK
zV4@H@wX5_RctU6z<2^vV55E5fka8@*vnkF(m}cf`d!U2_2e|DM`T%cZh#gghq|Mms
zI1#C--`@NJ&FV-&?EMJ(vqZi535PTp+#%W__5*Zl9bi=uW$_shYO{|%CK7KQ5PJ9(
z^9AC4Vvlbr0cpgcYoN{^Rs~K`Cqz^yn5B8RjzC{HS(pQ4M9!_ak0zSiT1Q!*UEBvS
zVyb&e{t3!chj_4fG>zms=;k~o!eh)60ObfG^#D%Pr&6|4h<vv08la_I0Cd!Fm{m~Q
z9Szafy+zj%;6!ESb@gAclA!q}m<gc&@DmSjDI>;U;?!W9!eK`<pd>1&x^>htiuFHZ
zzlp}u!GbC;toqlf3~*Z{rt{h=0z0e$dlT-h%4HUX!=n+D&I-T?2PgJE9HN3Dhk26L
z2SKV_e_<QDAe|mI^9g|^&`ZelBQ|+qUp16@uo7lS5Pxub%+Wnyu#f&j`jy%L7%@Z%
z+gL{twIgNakr#msHcwf#96_<MhpvS>2q3_@2$+@vPxkJj>R}M00W%v0k4_N(<S_%N
zL%^Ijzxs{V>pp_=3D88|3Dm;Fu?8%MQ1cXTl!)4?_@5_(2nm_Ke~zds5*;zm2bBlt
zF`^{*f#7ja$4yu$vBc?dFioOj!?%#?;9DS)$U4_)9~2X@c5R8B0AkIg>;bWVUUO0Y
z<wYljcO6>lv4W1?Mp`IPmDoOsaor^jryRz&z22VLiBL+#(=NlH7!`=#2#;x7L)Z{&
zDn<c{Sw+m+MP4ILnR;Q5zRW7l{6x%#6YGKaZvOTF^|v9@Or<GR2+o;}r|ja>a7Mey
zW}kHJxbj%z;SzOVbARp<)DkU#^?ipHDvZeR3rYMf@IfPGa<*QS>tc1y^8(}p0r~~>
zT7Xun)IUc51sCb@a1Obg%irfpWyu^{Hq?<i*e#~dFtS=M&pvPaW|>AiuFq<r;IzeW
zwDQ*GTdJytKQBC19Fq3dCzULzc*PShg~SkkAkVSlG5g~oTzE_XCGp77Zp7v!Ltb%>
zuC#XX`qiPYkGM-jcwN!GZwq8ipo+WSJJi_|EhlxyX84JM@3Ofi0lO>gQTBxpzI@&y
z7z+O2!dX1!WTqKrr_8T;?_z%bkAeF=6YizdbQCkKyB!a?XD0;wA8)vM(=skMgsBhu
z(F}#A3SJT6&mfNt^zqM|gPZFch`7i1qi^ReVB+p5J!4kA`s3r}1@Kk$lReXlF6%BC
z=N3LYYhwawI*I&wL!jJ@kh9umQ_B9=s7Uw5qdFn(h(ziHm_mIc>Xs9Vk;+#yL^a1m
z-LE25#PARGGkHyoWp3R*_u?c7hodDn(~U02Q!fWw_?wJB(KiVR`D$%b|982j=J2|U
z*9mW;=yasuJUA@wYy+?6H(QS;XpFyt%SM=s+yi{??+*<qk4oMZ5}+5okibx^?J^=1
z@^)G>1SC>;=t&AeyM9yWWBLlGCD^|IyBWEGGv2#fv`n7Kpa36-8H`r(H7+t!oQv)H
zc1~K83u&RazO=#Qb1IX69g6d5vvS^CaHQ6C?_s)oPkd>V(oAIZ!D}ugB^0p%p~t~y
z3%l13)WK?x`L=mKhzN8gT&sdB`%WNg7tgnw=)pq5gJT{~P<Pr0c1)R_6OZ>2EqSeZ
zrP3<-U}elB;!I+ezW&j3nm*AF?yTx7LVcGtEsMpCgrPlAA@NdeN44vu!{>8`23b-`
zD7Mn#&rvc2r4GpZ<>{v@>ZcCmN;`4NQ?0crz4ccX#IQ8mYfx6W21h=z_Y;)6Nki>h
zxMqn>Qh&GxPb+1k<R1OWp;#OZddIy5q0Iu?lWoF;&6^mYZ4PH|P1%32|7G7TvoFdt
zkw=1^H{8OmGl<rT=Y>q#rO!?*LL;$<D<k)wAl^SWIG;H6`}e{^;acXF$c5$U>Cfqo
zc^T8Wx5{=99M|@Ql%LCJ%pPif%Rk?t^Q^>HXi0-a(v|MwlV0*x)n1o04T@3e?@B9?
zYmLV>s+l~>H~l)DOrwf6RCw-A&1A@j1MSW7ch`iJ?%W>QwvrI-7!WlR(@WJm8!kTg
z;&W$}?)cK%F8_d8mk+tsafXUP@%M|{1^Z+V++s}t8d$eL<u63}cfR0vq-DoBv3}Wy
z!o<t8#IY4wRw_Y8X6lz-*4GTpdM=c;hh$Ok&E!>h45D(4I}$F5yqsk|f%9iQ`DP%e
zo1`$5f@-%LhA@|blwVonqmr}XWV$m4;*McE6$~MW;JjZ9-LYm2>z-$<4&MK|qk5e(
z<h5!4l-dAk^p^8u|Hy`Gtm^_2MH@kN!XzKs8^nWcF5KiwH}ILZi!JZFuct;+D6$|K
z%EU8Goi}jh{Bn}%hPzENv!9Y6WPJA(UA?YX#&xlBKeN*0-%N>AVRHNtb8nyV`xuq>
zRrEj3j!Jl!>XRbkU6quuY*zY6K{G;9D1YrjlO|COGF;zg)=K}bEYafGa?DK{EgWm~
zdF}1Snc+`6og31h%O&XVD%_2}H1he!)adcbJZH#4?y%f5<0%1!M-p><l9N2KCAb?m
zYspqpyOLxEebc+I&OLg1A8kElBvs3~DnNe8nz4Q_!0YZiLfhBB+ukg3eWo<$qgj&1
z+jEpJ#$1@3i()>#zldd4kBy~qeA8|>QY-LTUES@6cJ7>Jv6^v(2TB*-@JeX9FFsu|
zQYZaagU@n`-jc4HF8_H(&8wsQ_lHbhjdZ$Y=~u3GS}`_ODtCXF*yFZW?o@3)c<|^d
zc~X!D`|EQsT0ab;{S2>Fc&vusm<x4+=;-)KJ#F>08}1jk<rQm<d=0FHY5m>b&jLOb
z_POLK27i%a*V44oP(GKtNh_gQDs8ZoQKXE2#zC%W!0<GpD+rj#Dmvz;xpMbUWi30q
zdcK|tIy^@pR&0{R+x4J@M)2AFyM956t+r8>>134z+b@XpQ-+F|;%}VJ`GsnYG7Vje
zf>m+$x5e26_ljvs>C8#QIZeg{6$i~ok%BS*M`u@BTif?JQ_o&Cpc9~5p$<6^r#)Cs
zczL+N8qyQ=p^%zV_G1}yDP6X`0N1g!Y1Yc}u%8&7GfFyhJTX#&mr~5gz`?vaI=7rW
zUD>(q{8Y~2$8qXh>2{>Bj?@14KkT|9PxLSM3fxb7(i{E8HumF{k_%^vZ{&^rjn9-K
zxA!-!m+RLbKY|3q=>keugg=s9r;63m{;VcRydXT*eN}m>!Z6g|*E&7%aSKC|NKnb#
z<I*jLl4%Ariw>caDV=PoT-CRRcGLISMH*G-<J}eCmL->|I!q8Gsq{F)r*6Bw_{_df
z%BE@U`;u!^HkGwMotLyyG|eVEtmX`(IS*^RXzW9}4Y>8a`|=`XcSgU}$-TCS8+zF@
z)Lt*(g2=hNEwpNJj8T2s*ZZlV+Dj`>H!uZV%6>oUzA784;Gxw|@~HjJ+#-*f_jN&^
zdP%Qq3GllDMI`Q%u$q>+#XY3?RmPirlEr2PlC8gjUDv~AJtVu=ibt)M2cMWL95&qy
za_2M3xq{Fy{OGrza9cIt-MM;LX}T0M<x_oyB{$`Q+G=Fz8~Yr~Kyl`!TK&Wn_AN&b
z-pgWZniVD`1H+XR9aQ_w40^n-AG~vhe;Wzilcb9obsAX{3q0%-N`6k7{yg@<&CJAW
zB@=t&!xxR49&h%PQ`h#AwCc=1$ZO3vXSp=X{9WIeY?SOLAxgxKoA`8T;lb(07{F1i
Km<EO?f&Cx9Y1H@t

diff --git a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/Chart.yaml b/charts/rancher-cis-benchmark-crd/4.4.0-rc2/Chart.yaml
deleted file mode 100644
index c626159d9c..0000000000
--- a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/Chart.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-annotations:
-  catalog.cattle.io/certified: rancher
-  catalog.cattle.io/hidden: "true"
-  catalog.cattle.io/namespace: cis-operator-system
-  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
-apiVersion: v1
-description: Installs the CRDs for rancher-cis-benchmark.
-name: rancher-cis-benchmark-crd
-type: application
-version: 4.4.0-rc2
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/README.md b/charts/rancher-cis-benchmark-crd/4.4.0-rc2/README.md
deleted file mode 100644
index f6d9ef621f..0000000000
--- a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/README.md
+++ /dev/null
@@ -1,2 +0,0 @@
-# rancher-cis-benchmark-crd
-A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscan.yaml
deleted file mode 100644
index 3cbb0ffcd3..0000000000
--- a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscan.yaml
+++ /dev/null
@@ -1,148 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscans.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScan
-    plural: clusterscans
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    additionalPrinterColumns:
-    - jsonPath: .status.lastRunScanProfileName
-      name: ClusterScanProfile
-      type: string
-    - jsonPath: .status.summary.total
-      name: Total
-      type: string
-    - jsonPath: .status.summary.pass
-      name: Pass
-      type: string
-    - jsonPath: .status.summary.fail
-      name: Fail
-      type: string
-    - jsonPath: .status.summary.skip
-      name: Skip
-      type: string
-    - jsonPath: .status.summary.warn
-      name: Warn
-      type: string
-    - jsonPath: .status.summary.notApplicable
-      name: Not Applicable
-      type: string
-    - jsonPath: .status.lastRunTimestamp
-      name: LastRunTimestamp
-      type: string
-    - jsonPath: .spec.scheduledScanConfig.cronSchedule
-      name: CronSchedule
-      type: string
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              scanProfileName:
-                nullable: true
-                type: string
-              scheduledScanConfig:
-                nullable: true
-                properties:
-                  cronSchedule:
-                    nullable: true
-                    type: string
-                  retentionCount:
-                    type: integer
-                  scanAlertRule:
-                    nullable: true
-                    properties:
-                      alertOnComplete:
-                        type: boolean
-                      alertOnFailure:
-                        type: boolean
-                    type: object
-                type: object
-              scoreWarning:
-                enum:
-                - pass
-                - fail
-                nullable: true
-                type: string
-            type: object
-          status:
-            properties:
-              NextScanAt:
-                nullable: true
-                type: string
-              ScanAlertingRuleName:
-                nullable: true
-                type: string
-              conditions:
-                items:
-                  properties:
-                    lastTransitionTime:
-                      nullable: true
-                      type: string
-                    lastUpdateTime:
-                      nullable: true
-                      type: string
-                    message:
-                      nullable: true
-                      type: string
-                    reason:
-                      nullable: true
-                      type: string
-                    status:
-                      nullable: true
-                      type: string
-                    type:
-                      nullable: true
-                      type: string
-                  type: object
-                nullable: true
-                type: array
-              display:
-                nullable: true
-                properties:
-                  error:
-                    type: boolean
-                  message:
-                    nullable: true
-                    type: string
-                  state:
-                    nullable: true
-                    type: string
-                  transitioning:
-                    type: boolean
-                type: object
-              lastRunScanProfileName:
-                nullable: true
-                type: string
-              lastRunTimestamp:
-                nullable: true
-                type: string
-              observedGeneration:
-                type: integer
-              summary:
-                nullable: true
-                properties:
-                  fail:
-                    type: integer
-                  notApplicable:
-                    type: integer
-                  pass:
-                    type: integer
-                  skip:
-                    type: integer
-                  total:
-                    type: integer
-                  warn:
-                    type: integer
-                type: object
-            type: object
-        type: object
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanbenchmark.yaml
deleted file mode 100644
index fd291f8c33..0000000000
--- a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanbenchmark.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscanbenchmarks.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScanBenchmark
-    plural: clusterscanbenchmarks
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    additionalPrinterColumns:
-    - jsonPath: .spec.clusterProvider
-      name: ClusterProvider
-      type: string
-    - jsonPath: .spec.minKubernetesVersion
-      name: MinKubernetesVersion
-      type: string
-    - jsonPath: .spec.maxKubernetesVersion
-      name: MaxKubernetesVersion
-      type: string
-    - jsonPath: .spec.customBenchmarkConfigMapName
-      name: customBenchmarkConfigMapName
-      type: string
-    - jsonPath: .spec.customBenchmarkConfigMapNamespace
-      name: customBenchmarkConfigMapNamespace
-      type: string
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              clusterProvider:
-                nullable: true
-                type: string
-              customBenchmarkConfigMapName:
-                nullable: true
-                type: string
-              customBenchmarkConfigMapNamespace:
-                nullable: true
-                type: string
-              maxKubernetesVersion:
-                nullable: true
-                type: string
-              minKubernetesVersion:
-                nullable: true
-                type: string
-            type: object
-        type: object
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanprofile.yaml
deleted file mode 100644
index 1e75501b7c..0000000000
--- a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanprofile.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscanprofiles.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScanProfile
-    plural: clusterscanprofiles
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              benchmarkVersion:
-                nullable: true
-                type: string
-              skipTests:
-                items:
-                  nullable: true
-                  type: string
-                nullable: true
-                type: array
-            type: object
-        type: object
-    additionalPrinterColumns:
-    - jsonPath: .spec.benchmarkVersion
-      name: BenchmarkVersion
-      type: string
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanreport.yaml
deleted file mode 100644
index 6e8c0b7de5..0000000000
--- a/charts/rancher-cis-benchmark-crd/4.4.0-rc2/templates/clusterscanreport.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  name: clusterscanreports.cis.cattle.io
-spec:
-  group: cis.cattle.io
-  names:
-    kind: ClusterScanReport
-    plural: clusterscanreports
-  scope: Cluster
-  versions:
-  - name: v1
-    served: true
-    storage: true
-    additionalPrinterColumns:
-    - jsonPath: .spec.lastRunTimestamp
-      name: LastRunTimestamp
-      type: string
-    - jsonPath: .spec.benchmarkVersion
-      name: BenchmarkVersion
-      type: string
-    subresources:
-      status: {}
-    schema:
-      openAPIV3Schema:
-        properties:
-          spec:
-            properties:
-              benchmarkVersion:
-                nullable: true
-                type: string
-              lastRunTimestamp:
-                nullable: true
-                type: string
-              reportJSON:
-                nullable: true
-                type: string
-            type: object
-        type: object
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/Chart.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/Chart.yaml
deleted file mode 100644
index 4bf6c72e51..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/Chart.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-annotations:
-  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
-  catalog.cattle.io/certified: rancher
-  catalog.cattle.io/display-name: CIS Benchmark
-  catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.28.0-0'
-  catalog.cattle.io/namespace: cis-operator-system
-  catalog.cattle.io/os: linux
-  catalog.cattle.io/permits-os: linux,windows
-  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
-  catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
-  catalog.cattle.io/release-name: rancher-cis-benchmark
-  catalog.cattle.io/type: cluster-tool
-  catalog.cattle.io/ui-component: rancher-cis-benchmark
-apiVersion: v1
-appVersion: v4.4.0-rc2
-description: The cis-operator enables running CIS benchmark security scans on a kubernetes
-  cluster
-icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
-keywords:
-- security
-name: rancher-cis-benchmark
-version: 4.4.0-rc2
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/README.md b/charts/rancher-cis-benchmark/4.4.0-rc2/README.md
deleted file mode 100644
index 50beab58ba..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/README.md
+++ /dev/null
@@ -1,9 +0,0 @@
-# Rancher CIS Benchmark Chart
-
-The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
-
-# Installation
-
-```
-helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
-```
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/app-readme.md b/charts/rancher-cis-benchmark/4.4.0-rc2/app-readme.md
deleted file mode 100644
index 147e91ea2e..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/app-readme.md
+++ /dev/null
@@ -1,33 +0,0 @@
-# Rancher CIS Benchmarks
-
-This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
-
-For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/cis-scans/v2.5/).
-
-This chart installs the following components:
-
-- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
-- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
-- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
-- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
-- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
-    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
-    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
-
-## Upgrading to Kubernetes v1.25+
-
-Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
-
-As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
-
-> **Note:**
-> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
-
-> **Note:**
-> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
->
-> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
-
-Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
-
-As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/_helpers.tpl b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/_helpers.tpl
deleted file mode 100644
index b7bb000422..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/_helpers.tpl
+++ /dev/null
@@ -1,27 +0,0 @@
-{{/* Ensure namespace is set the same everywhere */}}
-{{- define "cis.namespace" -}}
-  {{- .Release.Namespace | default "cis-operator-system" -}}
-{{- end -}}
-
-{{- define "system_default_registry" -}}
-{{- if .Values.global.cattle.systemDefaultRegistry -}}
-{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
-{{- else -}}
-{{- "" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Windows cluster will add default taint for linux nodes,
-add below linux tolerations to workloads could be scheduled to those linux nodes
-*/}}
-{{- define "linux-node-tolerations" -}}
-- key: "cattle.io/os"
-  value: "linux"
-  effect: "NoSchedule"
-  operator: "Equal"
-{{- end -}}
-
-{{- define "linux-node-selector" -}}
-kubernetes.io/os: linux
-{{- end -}}
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/alertingrule.yaml
deleted file mode 100644
index 1787c88a07..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/alertingrule.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-{{- if .Values.alerts.enabled -}}
----
-apiVersion: monitoring.coreos.com/v1
-kind: PodMonitor
-metadata:
-  name: rancher-cis-pod-monitor
-  namespace: {{ template "cis.namespace" . }}
-spec:
-  selector:
-    matchLabels:
-      cis.cattle.io/operator: cis-operator
-  podMetricsEndpoints:
-  - port: cismetrics
-{{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-aks-1.0.yaml
deleted file mode 100644
index 1ac866253f..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-aks-1.0.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: aks-1.0
-spec:
-  clusterProvider: aks
-  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.20.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.20.yaml
deleted file mode 100644
index 1203e5bcc5..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.20.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.20
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.23.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.23.yaml
deleted file mode 100644
index 83002966d8..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.23.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.23
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.24.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.24.yaml
deleted file mode 100644
index ad73b2c34c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.24.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.24
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.5.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.5.yaml
deleted file mode 100644
index c9e6075fb4..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.5.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.5
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.6.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.6.yaml
deleted file mode 100644
index 4f5d66e92f..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.6.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.6
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.7.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.7.yaml
deleted file mode 100644
index fa8dfd8eb9..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.7.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.7
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.8.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.8.yaml
deleted file mode 100644
index ae19007b2e..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-cis-1.8.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: cis-1.8
-spec:
-  clusterProvider: ""
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-eks-1.2.0.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-eks-1.2.0.yaml
deleted file mode 100644
index c1bdd9ed5e..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-eks-1.2.0.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: eks-1.2.0
-spec:
-  clusterProvider: eks
-  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-gke-1.2.0.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-gke-1.2.0.yaml
deleted file mode 100644
index c609e736fd..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-gke-1.2.0.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: gke-1.2.0
-spec:
-  clusterProvider: gke
-  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-hardened.yaml
deleted file mode 100644
index 147cac3906..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.20-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-permissive.yaml
deleted file mode 100644
index d9584f7229..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.20-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-hardened.yaml
deleted file mode 100644
index 1a928db35c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.23-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-permissive.yaml
deleted file mode 100644
index 5a46787d51..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.23-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.23-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-hardened.yaml
deleted file mode 100644
index 47b6be197a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.24-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-permissive.yaml
deleted file mode 100644
index 6ded2f02bd..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.24-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.24-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-hardened.yaml
deleted file mode 100644
index 5160cf7950..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.6-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-permissive.yaml
deleted file mode 100644
index 10c0759853..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.6-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-hardened.yaml
deleted file mode 100644
index 6fb369360c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.7-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-permissive.yaml
deleted file mode 100644
index b556d70fe5..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.7-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.7-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-hardened.yaml
deleted file mode 100644
index 07b4300d20..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-hardened.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.8-hardened
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-permissive.yaml
deleted file mode 100644
index c30fa7f725..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-k3s-cis-1.8-permissive.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: k3s-cis-1.8-permissive
-spec:
-  clusterProvider: k3s
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-hardened.yaml
deleted file mode 100644
index 4924679cb3..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.20-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-permissive.yaml
deleted file mode 100644
index 2db66d7c62..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.20-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-hardened.yaml
deleted file mode 100644
index 12de23173d..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.23-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-permissive.yaml
deleted file mode 100644
index f9d5052541..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.23-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.23-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-hardened.yaml
deleted file mode 100644
index 7030c793fc..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.24-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-permissive.yaml
deleted file mode 100644
index b2633eade1..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.24-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.24-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-hardened.yaml
deleted file mode 100644
index b9154f1ada..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.5-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-permissive.yaml
deleted file mode 100644
index 9da65d55dd..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.5-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.5-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-hardened.yaml
deleted file mode 100644
index 77f8a31df6..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.6-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-permissive.yaml
deleted file mode 100644
index 600b8df35a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.6-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-hardened.yaml
deleted file mode 100644
index 39bac7833c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.7-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-permissive.yaml
deleted file mode 100644
index 2e2f09ac74..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.7-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.7-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-hardened.yaml
deleted file mode 100644
index d3d357c023..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-hardened.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.8-hardened
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-permissive.yaml
deleted file mode 100644
index 208eb777cd..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke-cis-1.8-permissive.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke-cis-1.8-permissive
-spec:
-  clusterProvider: rke
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-hardened.yaml
deleted file mode 100644
index b6cc88359c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.20-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-permissive.yaml
deleted file mode 100644
index fd898bfe86..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.20-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.19.0"
-  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-hardened.yaml
deleted file mode 100644
index 55d96da59d..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.23-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-permissive.yaml
deleted file mode 100644
index 55fffe3209..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.23-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.23-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.22.0"
-  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-hardened.yaml
deleted file mode 100644
index f702a13726..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.24-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-permissive.yaml
deleted file mode 100644
index 5bc70099f7..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.24-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.24-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.24.0"
-  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-hardened.yaml
deleted file mode 100644
index 20091ec2b3..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.5-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-permissive.yaml
deleted file mode 100644
index 9a86906b02..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.5-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.5-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.15.0"
-  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-hardened.yaml
deleted file mode 100644
index ea2549ef39..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.6-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-permissive.yaml
deleted file mode 100644
index 0afdaaa19b..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.6-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.16.0"
-  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-hardened.yaml
deleted file mode 100644
index 6306e9601a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.7-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-permissive.yaml
deleted file mode 100644
index 76236e11af..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.7-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.7-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.25.0"
-  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-hardened.yaml
deleted file mode 100644
index 0237206a73..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-hardened.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.8-hardened
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-permissive.yaml
deleted file mode 100644
index b5f9e4b50f..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/benchmark-rke2-cis-1.8-permissive.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanBenchmark
-metadata:
-  name: rke2-cis-1.8-permissive
-spec:
-  clusterProvider: rke2
-  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/cis-roles.yaml
deleted file mode 100644
index 23c93dc659..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/cis-roles.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cis-admin
-rules:
-  - apiGroups:
-      - cis.cattle.io
-    resources:
-      - clusterscanbenchmarks
-      - clusterscanprofiles
-      - clusterscans
-      - clusterscanreports
-    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
-  - apiGroups:
-      - catalog.cattle.io
-    resources: ["apps"]
-    resourceNames: ["rancher-cis-benchmark"]
-    verbs: ["get", "watch", "list"]
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs:
-      - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cis-view
-rules:
-  - apiGroups:
-      - cis.cattle.io
-    resources:
-      - clusterscanbenchmarks
-      - clusterscanprofiles
-      - clusterscans
-      - clusterscanreports
-    verbs: ["get", "watch", "list"]
-  - apiGroups:
-      - catalog.cattle.io
-    resources: ["apps"]
-    resourceNames: ["rancher-cis-benchmark"]
-    verbs: ["get", "watch", "list"]
-  - apiGroups:
-      - ""
-    resources:
-      - configmaps
-    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/configmap.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/configmap.yaml
deleted file mode 100644
index 094c9dfe0a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/configmap.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-kind: ConfigMap
-apiVersion: v1
-metadata:
-  name: default-clusterscanprofiles
-  namespace: {{ template "cis.namespace" . }}
-data:
-  # Default ClusterScanProfiles per cluster provider type
-  rke: |-
-    <1.21.0: rke-profile-permissive-1.20
-    >=1.21.0: rke-profile-permissive-1.8
-  rke2: |-
-    <1.21.0: rke2-cis-1.20-profile-permissive
-    >=1.21.0: rke2-cis-1.8-profile-permissive
-  eks: "eks-profile"
-  gke: "gke-profile"
-  aks: "aks-profile"
-  k3s: "k3s-cis-1.8-profile-permissive"
-  default: "cis-1.8-profile"
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/deployment.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/deployment.yaml
deleted file mode 100644
index 8c9f72f5de..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/deployment.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: cis-operator
-  namespace: {{ template "cis.namespace" . }}
-  labels:
-    cis.cattle.io/operator: cis-operator
-spec:
-  selector:
-    matchLabels:
-      cis.cattle.io/operator: cis-operator
-  template:
-    metadata:
-      labels:
-        cis.cattle.io/operator: cis-operator
-    spec:
-      serviceAccountName: cis-operator-serviceaccount
-      containers:
-      - name: cis-operator
-        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
-        imagePullPolicy: IfNotPresent
-        ports:
-        - name: cismetrics
-          containerPort: {{ .Values.alerts.metricsPort }}
-        env:
-        - name: SECURITY_SCAN_IMAGE
-          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
-        - name: SECURITY_SCAN_IMAGE_TAG
-          value: {{ .Values.image.securityScan.tag }}
-        - name: SONOBUOY_IMAGE
-          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
-        - name: SONOBUOY_IMAGE_TAG
-          value: {{ .Values.image.sonobuoy.tag }}
-        - name: CIS_ALERTS_METRICS_PORT
-          value: '{{ .Values.alerts.metricsPort }}'
-        - name: CIS_ALERTS_SEVERITY
-          value: {{ .Values.alerts.severity }}
-        - name: CIS_ALERTS_ENABLED
-          value: {{ .Values.alerts.enabled | default "false" | quote }}
-        - name: CLUSTER_NAME
-          value: '{{ .Values.global.cattle.clusterName }}'
-        - name: CIS_OPERATOR_DEBUG
-          value: '{{ .Values.image.cisoperator.debug }}'
-        {{- if .Values.securityScanJob.overrideTolerations }}
-        - name: SECURITY_SCAN_JOB_TOLERATIONS
-          value: '{{ .Values.securityScanJob.tolerations | toJson  }}'
-        {{- end }}
-        resources:
-          {{- toYaml .Values.resources | nindent 12 }}
-      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
-{{- end }}
-      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.tolerations }}
-{{ toYaml .Values.tolerations | indent 8 }}
-{{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-      {{- toYaml . | nindent 8 }}
-      {{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/network_policy_allow_all.yaml
deleted file mode 100644
index 6ed5d645ea..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/network_policy_allow_all.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: default-allow-all
-  namespace: {{ template "cis.namespace" . }}
-spec:
-  podSelector: {}
-  ingress:
-  - {}
-  egress:
-  - {}
-  policyTypes:
-  - Ingress
-  - Egress
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/patch_default_serviceaccount.yaml
deleted file mode 100644
index e78a6bd08a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/patch_default_serviceaccount.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: patch-sa
-  annotations:
-    "helm.sh/hook": post-install, post-upgrade
-    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
-spec:
-  template:
-    spec:
-      serviceAccountName: cis-operator-serviceaccount
-      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
-{{- if .Values.nodeSelector }}
-{{ toYaml .Values.nodeSelector | indent 8 }}
-{{- end }}
-      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
-{{- if .Values.tolerations }}
-{{ toYaml .Values.tolerations | indent 8 }}
-{{- end }}
-      restartPolicy: Never
-      containers:
-      - name: sa
-        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
-        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
-        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
-        args: ["-n", {{ template "cis.namespace" . }}]
-
-  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/psp.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/psp.yaml
deleted file mode 100644
index 9b8a5995ee..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/psp.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-{{- if .Values.global.cattle.psp.enabled }}
-apiVersion: policy/v1beta1
-kind: PodSecurityPolicy
-metadata:
-  name: cis-psp
-spec:
-  allowPrivilegeEscalation: true
-  allowedCapabilities:
-  - '*'
-  fsGroup:
-    rule: RunAsAny
-  hostIPC: true
-  hostNetwork: true
-  hostPID: true
-  hostPorts:
-  - max: 65535
-    min: 0
-  privileged: true
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes:
-  - '*'
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cis-psp-role
-  namespace: {{ template "cis.namespace" . }}
-rules:
-- apiGroups:
-  - policy
-  resourceNames:
-  - cis-psp
-  resources:
-  - podsecuritypolicies
-  verbs:
-  - use
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: cis-psp-rolebinding
-  namespace: {{ template "cis.namespace" . }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cis-psp-role
-subjects:
-- kind: ServiceAccount
-  name: cis-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
-- kind: ServiceAccount
-  name: cis-operator-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
-{{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/rbac.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/rbac.yaml
deleted file mode 100644
index 33fb93f04c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/rbac.yaml
+++ /dev/null
@@ -1,219 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-operator-clusterrole
-rules:
-- apiGroups:
-  - "cis.cattle.io"
-  resources:
-  - "*"
-  verbs:
-  - "*"
-- apiGroups:
-  - ""
-  resources:
-  - "pods"
-  - "services"
-  - "configmaps"
-  - "nodes"
-  - "serviceaccounts"
-  verbs:
-  - "get"
-  - "list"
-  - "create"
-  - "update"
-  - "watch"
-  - "patch"
-- apiGroups:
-  - "rbac.authorization.k8s.io"
-  resources:
-  - "rolebindings"
-  - "clusterrolebindings"
-  - "clusterroles"
-  verbs:
-  - "get"
-  - "list"
-- apiGroups:
-  - "batch"
-  resources:
-  - "jobs"
-  verbs:
-  - "list"
-  - "create"
-  - "patch"
-  - "update"
-  - "watch"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-scan-ns
-rules:
-{{- if .Values.global.cattle.psp.enabled }}
-- apiGroups:
-  - "*"
-  resources:
-  - "podsecuritypolicies"
-  verbs: 
-  - "get"
-  - "list"
-  - "watch"
-{{- end }}
-- apiGroups:
-  - ""
-  resources:
-  - "namespaces"
-  - "nodes"
-  - "pods"
-  - "serviceaccounts"
-  - "services"
-  - "replicationcontrollers"
-  verbs:
-  - "get"
-  - "list"
-  - "watch"
-- apiGroups: 
-  - "rbac.authorization.k8s.io"
-  resources:
-  - "rolebindings"
-  - "clusterrolebindings"
-  - "clusterroles"
-  verbs:
-  - "get"
-  - "list"
-- apiGroups:
-   - "batch"
-  resources:
-   - "jobs"
-   - "cronjobs"
-  verbs:
-   - "list"
-- apiGroups:
-    - "apps"
-  resources:
-    - "daemonsets"
-    - "deployments"
-    - "replicasets"
-    - "statefulsets"
-  verbs:
-    - "list"
-- apiGroups:
-    - "autoscaling"
-  resources:
-    - "horizontalpodautoscalers"
-  verbs:
-    - "list"
-- apiGroups:
-    - "networking.k8s.io"
-  resources:
-    - "networkpolicies"
-  verbs:
-    - "get"
-    - "list"
-    - "watch"
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  name: cis-operator-role
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  namespace: {{ template "cis.namespace" . }}
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - "services"
-  verbs:
-  - "watch"
-  - "list"
-  - "get"
-  - "patch"
-- apiGroups:
-  - "batch"
-  resources:
-  - "jobs"
-  verbs:
-  - "watch"
-  - "list"
-  - "get"
-  - "delete"
-- apiGroups:
-  - ""
-  resources:
-  - "configmaps"
-  - "pods"
-  - "secrets"
-  verbs:
-  - "*"
-- apiGroups:
-  - "apps"
-  resources:
-  - "daemonsets"
-  verbs:
-  - "*"
-- apiGroups:
-  - monitoring.coreos.com
-  resources:
-  - prometheusrules
-  verbs:
-  - create
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-operator-clusterrolebinding
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cis-operator-clusterrole
-subjects:
-- kind: ServiceAccount
-  name: cis-operator-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cis-scan-ns
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cis-scan-ns
-subjects:
-- kind: ServiceAccount
-  name: cis-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-operator-rolebinding
-  namespace: {{ template "cis.namespace" . }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: cis-operator-role
-subjects:
-- kind: ServiceAccount
-  name: cis-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
-- kind: ServiceAccount
-  name: cis-operator-serviceaccount
-  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.20.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.20.yaml
deleted file mode 100644
index 05263ce7da..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.20.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.20-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.20
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.23.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.23.yaml
deleted file mode 100644
index c59d8f51ff..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.23.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.23-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.23
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.24.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.24.yaml
deleted file mode 100644
index aa3e51c3e2..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.24.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.24-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.24
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.6.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.6.yaml
deleted file mode 100644
index 8a8d8bf881..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.6.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.6-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.6
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.7.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.7.yaml
deleted file mode 100644
index 1a37aad835..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.7.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.7-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.7
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.8.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.8.yaml
deleted file mode 100644
index 40be06c946..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-cis-1.8.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: cis-1.8-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: cis-1.8
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-hardened.yml
deleted file mode 100644
index a0b6cb6f6a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.20-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-permissive.yml
deleted file mode 100644
index 89885548df..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.20-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.20-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-hardened.yml
deleted file mode 100644
index 724412d3aa..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.23-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-permissive.yml
deleted file mode 100644
index 9f9213de1c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.23-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.23-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-hardened.yml
deleted file mode 100644
index 252251efcf..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.24-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.24-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-permissive.yml
deleted file mode 100644
index 05555c64dc..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.24-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.24-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.24-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-hardened.yml
deleted file mode 100644
index 095e977ab2..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.6-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-permissive.yml
deleted file mode 100644
index 3b22a80c83..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.6-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.6-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-hardened.yml
deleted file mode 100644
index 22ae9e0d23..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.7-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.7-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-permissive.yml
deleted file mode 100644
index f79e9ed966..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.7-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.7-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.7-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-hardened.yml
deleted file mode 100644
index 03f6695689..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.8-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-permissive.yml
deleted file mode 100644
index 39932a4e5b..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-k3s-cis-1.8-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: k3s-cis-1.8-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: k3s-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-hardened.yaml
deleted file mode 100644
index c36cf38c90..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.20
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-permissive.yaml
deleted file mode 100644
index cfeb4b34c6..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.20-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.20
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-hardened.yaml
deleted file mode 100644
index 0073311496..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.23
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-permissive.yaml
deleted file mode 100644
index 085b60dfa4..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.23-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.23
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-hardened.yaml
deleted file mode 100644
index faae63e87f..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.24
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.24-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-permissive.yaml
deleted file mode 100644
index 7335a1d2d8..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.24-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.24
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.24-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-hardened.yaml
deleted file mode 100644
index d38febd80f..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.6
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-permissive.yaml
deleted file mode 100644
index d31b5b0d25..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.6-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.6
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-hardened.yaml
deleted file mode 100644
index 7b83f95bcd..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.7
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.7-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-permissive.yaml
deleted file mode 100644
index 52327c4af1..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.7-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.7
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.7-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-hardened.yaml
deleted file mode 100644
index 54aa08691e..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-hardened.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-hardened-1.8
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-permissive.yaml
deleted file mode 100644
index f7d4fdd229..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke-1.8-permissive.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke-profile-permissive-1.8
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-hardened.yml
deleted file mode 100644
index decc9b6516..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.20-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-permissive.yml
deleted file mode 100644
index 74c96ffc49..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.20-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.20-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-hardened.yml
deleted file mode 100644
index abc1c2a21b..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.23-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-permissive.yml
deleted file mode 100644
index 51cc519acd..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.23-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.23-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-hardened.yml
deleted file mode 100644
index f8ddb9851c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.24-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.24-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-permissive.yml
deleted file mode 100644
index c820f03928..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.24-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.24-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.24-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-hardened.yml
deleted file mode 100644
index c7ac7f949a..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.6-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-permissive.yml
deleted file mode 100644
index 96ca1345aa..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.6-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.6-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-hardened.yml
deleted file mode 100644
index 193753a0bc..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.7-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.7-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-permissive.yml
deleted file mode 100644
index 409645dc76..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.7-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.7-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.7-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-hardened.yml
deleted file mode 100644
index d0a1180f56..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-hardened.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.8-profile-hardened
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-permissive.yml
deleted file mode 100644
index 0aa72407c0..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofile-rke2-cis-1.8-permissive.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: rke2-cis-1.8-profile-permissive
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: rke2-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileaks.yml
deleted file mode 100644
index ea7b25b404..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileaks.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: aks-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: aks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileeks.yml
deleted file mode 100644
index de4500acd9..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofileeks.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: eks-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: eks-1.2.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofilegke.yml
deleted file mode 100644
index 3e5e2439ac..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/scanprofilegke.yml
+++ /dev/null
@@ -1,9 +0,0 @@
----
-apiVersion: cis.cattle.io/v1
-kind: ClusterScanProfile
-metadata:
-  name: gke-profile
-  annotations:
-    clusterscanprofile.cis.cattle.io/builtin: "true"
-spec:
-  benchmarkVersion: gke-1.2.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/serviceaccount.yaml
deleted file mode 100644
index ec48ec6224..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/serviceaccount.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  namespace: {{ template "cis.namespace" . }}
-  name: cis-operator-serviceaccount
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  namespace: {{ template "cis.namespace" . }}
-  labels:
-    app.kubernetes.io/name: rancher-cis-benchmark
-    app.kubernetes.io/instance: release-name
-  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-install-crd.yaml
deleted file mode 100644
index 562295791b..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-install-crd.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-# {{- $found := dict -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
-# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
-# {{- range .Capabilities.APIVersions -}}
-# {{- if hasKey $found (toString .) -}}
-# 	{{- set $found (toString .) true -}}
-# {{- end -}}
-# {{- end -}}
-# {{- range $_, $exists := $found -}}
-# {{- if (eq $exists false) -}}
-# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
-# {{- end -}}
-# {{- end -}}
-#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-psp-install.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-psp-install.yaml
deleted file mode 100644
index a30c59d3b7..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/templates/validate-psp-install.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
-#{{- if .Values.global.cattle.psp.enabled }}
-#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
-#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
-#{{- end }}
-#{{- end }}
-#{{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0-rc2/values.yaml b/charts/rancher-cis-benchmark/4.4.0-rc2/values.yaml
deleted file mode 100644
index df8503c63c..0000000000
--- a/charts/rancher-cis-benchmark/4.4.0-rc2/values.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-# Default values for rancher-cis-benchmark.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-image:
-  cisoperator:
-    repository: rancher/cis-operator
-    tag: v1.0.13-rc1
-  securityScan:
-    repository: rancher/security-scan
-    tag: v0.2.14-rc11
-  sonobuoy:
-    repository: rancher/mirrored-sonobuoy-sonobuoy
-    tag: v0.57.0
-
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
-
-## Node labels for pod assignment
-## Ref: https://kubernetes.io/docs/user-guide/node-selection/
-##
-nodeSelector: {}
-
-## List of node taints to tolerate (requires Kubernetes >= 1.6)
-tolerations: []
-
-securityScanJob:
-  overrideTolerations: false
-  tolerations: []
-
-affinity: {}
-
-global:
-  cattle:
-    systemDefaultRegistry: ""
-    clusterName: ""
-    psp:
-      enabled: false
-  kubectl:
-    repository: rancher/kubectl
-    tag: v1.28.3
-
-alerts:
-  enabled: false
-  severity: warning
-  metricsPort: 8080
diff --git a/index.yaml b/index.yaml
index 421ec6b25a..e671c17919 100755
--- a/index.yaml
+++ b/index.yaml
@@ -7400,32 +7400,6 @@ entries:
     - assets/rancher-backup-crd/rancher-backup-crd-1.0.200.tgz
     version: 1.0.200
   rancher-cis-benchmark:
-  - annotations:
-      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
-      catalog.cattle.io/certified: rancher
-      catalog.cattle.io/display-name: CIS Benchmark
-      catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.28.0-0'
-      catalog.cattle.io/namespace: cis-operator-system
-      catalog.cattle.io/os: linux
-      catalog.cattle.io/permits-os: linux,windows
-      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
-      catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
-      catalog.cattle.io/release-name: rancher-cis-benchmark
-      catalog.cattle.io/type: cluster-tool
-      catalog.cattle.io/ui-component: rancher-cis-benchmark
-    apiVersion: v1
-    appVersion: v4.4.0-rc2
-    created: "2024-03-14T22:10:32.616439971+05:30"
-    description: The cis-operator enables running CIS benchmark security scans on
-      a kubernetes cluster
-    digest: b4c9c856e7913b288dc48163e699bef85a056d35d3abeb00c83af6795628d510
-    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
-    keywords:
-    - security
-    name: rancher-cis-benchmark
-    urls:
-    - assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0-rc2.tgz
-    version: 4.4.0-rc2
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -7922,20 +7896,6 @@ entries:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.100.tgz
     version: 1.0.100
   rancher-cis-benchmark-crd:
-  - annotations:
-      catalog.cattle.io/certified: rancher
-      catalog.cattle.io/hidden: "true"
-      catalog.cattle.io/namespace: cis-operator-system
-      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
-    apiVersion: v1
-    created: "2024-03-14T22:10:32.630490988+05:30"
-    description: Installs the CRDs for rancher-cis-benchmark.
-    digest: 5c54052ad56b2da7f5bd50d1509d9058b64a839bf757a6afee91cfbf9756e22b
-    name: rancher-cis-benchmark-crd
-    type: application
-    urls:
-    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0-rc2.tgz
-    version: 4.4.0-rc2
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"

From 2a17a1a31967d6f3cd272f46552bf688083ad618 Mon Sep 17 00:00:00 2001
From: vardhaman22 <vardhaman.surana@suse.com>
Date: Wed, 20 Mar 2024 10:59:51 +0530
Subject: [PATCH 2/3] CIS: unrc cis 4.4.0 chart

---
 packages/rancher-cis-benchmark/charts/Chart.yaml  | 4 ++--
 packages/rancher-cis-benchmark/charts/values.yaml | 4 ++--
 packages/rancher-cis-benchmark/package.yaml       | 2 +-
 release.yaml                                      | 4 ++--
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/packages/rancher-cis-benchmark/charts/Chart.yaml b/packages/rancher-cis-benchmark/charts/Chart.yaml
index 4bf6c72e51..2baf73d5a8 100644
--- a/packages/rancher-cis-benchmark/charts/Chart.yaml
+++ b/packages/rancher-cis-benchmark/charts/Chart.yaml
@@ -12,11 +12,11 @@ annotations:
   catalog.cattle.io/type: cluster-tool
   catalog.cattle.io/ui-component: rancher-cis-benchmark
 apiVersion: v1
-appVersion: v4.4.0-rc2
+appVersion: v4.4.0
 description: The cis-operator enables running CIS benchmark security scans on a kubernetes
   cluster
 icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
 keywords:
 - security
 name: rancher-cis-benchmark
-version: 4.4.0-rc2
+version: 4.4.0
diff --git a/packages/rancher-cis-benchmark/charts/values.yaml b/packages/rancher-cis-benchmark/charts/values.yaml
index df8503c63c..8233a7a6ef 100644
--- a/packages/rancher-cis-benchmark/charts/values.yaml
+++ b/packages/rancher-cis-benchmark/charts/values.yaml
@@ -5,10 +5,10 @@
 image:
   cisoperator:
     repository: rancher/cis-operator
-    tag: v1.0.13-rc1
+    tag: v1.0.13
   securityScan:
     repository: rancher/security-scan
-    tag: v0.2.14-rc11
+    tag: v0.2.14
   sonobuoy:
     repository: rancher/mirrored-sonobuoy-sonobuoy
     tag: v0.57.0
diff --git a/packages/rancher-cis-benchmark/package.yaml b/packages/rancher-cis-benchmark/package.yaml
index c55e829e8d..1bd9183ed1 100644
--- a/packages/rancher-cis-benchmark/package.yaml
+++ b/packages/rancher-cis-benchmark/package.yaml
@@ -1,5 +1,5 @@
 url: local
-version: 4.4.0-rc2
+version: 4.4.0
 additionalCharts:
   - workingDir: charts-crd
     crdOptions:
diff --git a/release.yaml b/release.yaml
index 0aedb1ac72..8b2046d828 100644
--- a/release.yaml
+++ b/release.yaml
@@ -11,9 +11,9 @@ rancher-gke-operator:
 rancher-gke-operator-crd:
   - 102.1.0+up1.1.7
 rancher-cis-benchmark:
-  - 4.4.0-rc2
+  - 4.4.0
 rancher-cis-benchmark-crd:
-  - 4.4.0-rc2
+  - 4.4.0
 rancher-istio:
   - 102.4.0+up1.18.2
 fleet:

From ce3f11764543675b2fe923880392ff0b354f42ff Mon Sep 17 00:00:00 2001
From: vardhaman22 <vardhaman.surana@suse.com>
Date: Wed, 20 Mar 2024 11:00:07 +0530
Subject: [PATCH 3/3] make charts

---
 .../rancher-cis-benchmark-crd-4.4.0.tgz       | Bin 0 -> 1463 bytes
 .../rancher-cis-benchmark-4.4.0.tgz           | Bin 0 -> 8608 bytes
 .../4.4.0/Chart.yaml                          |  10 +
 .../rancher-cis-benchmark-crd/4.4.0/README.md |   2 +
 .../4.4.0/templates/clusterscan.yaml          | 148 ++++++++++++
 .../4.4.0/templates/clusterscanbenchmark.yaml |  54 +++++
 .../4.4.0/templates/clusterscanprofile.yaml   |  36 +++
 .../4.4.0/templates/clusterscanreport.yaml    |  39 ++++
 charts/rancher-cis-benchmark/4.4.0/Chart.yaml |  22 ++
 charts/rancher-cis-benchmark/4.4.0/README.md  |   9 +
 .../rancher-cis-benchmark/4.4.0/app-readme.md |  33 +++
 .../4.4.0/templates/_helpers.tpl              |  27 +++
 .../4.4.0/templates/alertingrule.yaml         |  14 ++
 .../4.4.0/templates/benchmark-aks-1.0.yaml    |   8 +
 .../4.4.0/templates/benchmark-cis-1.20.yaml   |   9 +
 .../4.4.0/templates/benchmark-cis-1.23.yaml   |   9 +
 .../4.4.0/templates/benchmark-cis-1.24.yaml   |   9 +
 .../4.4.0/templates/benchmark-cis-1.5.yaml    |   9 +
 .../4.4.0/templates/benchmark-cis-1.6.yaml    |   9 +
 .../4.4.0/templates/benchmark-cis-1.7.yaml    |   9 +
 .../4.4.0/templates/benchmark-cis-1.8.yaml    |   8 +
 .../4.4.0/templates/benchmark-eks-1.2.0.yaml  |   8 +
 .../4.4.0/templates/benchmark-gke-1.2.0.yaml  |   8 +
 .../benchmark-k3s-cis-1.20-hardened.yaml      |   9 +
 .../benchmark-k3s-cis-1.20-permissive.yaml    |   9 +
 .../benchmark-k3s-cis-1.23-hardened.yaml      |   9 +
 .../benchmark-k3s-cis-1.23-permissive.yaml    |   9 +
 .../benchmark-k3s-cis-1.24-hardened.yaml      |   9 +
 .../benchmark-k3s-cis-1.24-permissive.yaml    |   9 +
 .../benchmark-k3s-cis-1.6-hardened.yaml       |   9 +
 .../benchmark-k3s-cis-1.6-permissive.yaml     |   9 +
 .../benchmark-k3s-cis-1.7-hardened.yaml       |   9 +
 .../benchmark-k3s-cis-1.7-permissive.yaml     |   9 +
 .../benchmark-k3s-cis-1.8-hardened.yaml       |   8 +
 .../benchmark-k3s-cis-1.8-permissive.yaml     |   8 +
 .../benchmark-rke-cis-1.20-hardened.yaml      |   9 +
 .../benchmark-rke-cis-1.20-permissive.yaml    |   9 +
 .../benchmark-rke-cis-1.23-hardened.yaml      |   9 +
 .../benchmark-rke-cis-1.23-permissive.yaml    |   9 +
 .../benchmark-rke-cis-1.24-hardened.yaml      |   9 +
 .../benchmark-rke-cis-1.24-permissive.yaml    |   9 +
 .../benchmark-rke-cis-1.5-hardened.yaml       |   9 +
 .../benchmark-rke-cis-1.5-permissive.yaml     |   9 +
 .../benchmark-rke-cis-1.6-hardened.yaml       |   9 +
 .../benchmark-rke-cis-1.6-permissive.yaml     |   9 +
 .../benchmark-rke-cis-1.7-hardened.yaml       |   9 +
 .../benchmark-rke-cis-1.7-permissive.yaml     |   9 +
 .../benchmark-rke-cis-1.8-hardened.yaml       |   8 +
 .../benchmark-rke-cis-1.8-permissive.yaml     |   8 +
 .../benchmark-rke2-cis-1.20-hardened.yaml     |   9 +
 .../benchmark-rke2-cis-1.20-permissive.yaml   |   9 +
 .../benchmark-rke2-cis-1.23-hardened.yaml     |   9 +
 .../benchmark-rke2-cis-1.23-permissive.yaml   |   9 +
 .../benchmark-rke2-cis-1.24-hardened.yaml     |   9 +
 .../benchmark-rke2-cis-1.24-permissive.yaml   |   9 +
 .../benchmark-rke2-cis-1.5-hardened.yaml      |   9 +
 .../benchmark-rke2-cis-1.5-permissive.yaml    |   9 +
 .../benchmark-rke2-cis-1.6-hardened.yaml      |   9 +
 .../benchmark-rke2-cis-1.6-permissive.yaml    |   9 +
 .../benchmark-rke2-cis-1.7-hardened.yaml      |   9 +
 .../benchmark-rke2-cis-1.7-permissive.yaml    |   9 +
 .../benchmark-rke2-cis-1.8-hardened.yaml      |   8 +
 .../benchmark-rke2-cis-1.8-permissive.yaml    |   8 +
 .../4.4.0/templates/cis-roles.yaml            |  49 ++++
 .../4.4.0/templates/configmap.yaml            |  18 ++
 .../4.4.0/templates/deployment.yaml           |  61 +++++
 .../templates/network_policy_allow_all.yaml   |  15 ++
 .../patch_default_serviceaccount.yaml         |  29 +++
 .../4.4.0/templates/psp.yaml                  |  59 +++++
 .../4.4.0/templates/rbac.yaml                 | 219 ++++++++++++++++++
 .../4.4.0/templates/scanprofile-cis-1.20.yaml |   9 +
 .../4.4.0/templates/scanprofile-cis-1.23.yaml |   9 +
 .../4.4.0/templates/scanprofile-cis-1.24.yaml |   9 +
 .../4.4.0/templates/scanprofile-cis-1.6.yaml  |   9 +
 .../4.4.0/templates/scanprofile-cis-1.7.yaml  |   9 +
 .../4.4.0/templates/scanprofile-cis-1.8.yaml  |   9 +
 .../scanprofile-k3s-cis-1.20-hardened.yml     |   9 +
 .../scanprofile-k3s-cis-1.20-permissive.yml   |   9 +
 .../scanprofile-k3s-cis-1.23-hardened.yml     |   9 +
 .../scanprofile-k3s-cis-1.23-permissive.yml   |   9 +
 .../scanprofile-k3s-cis-1.24-hardened.yml     |   9 +
 .../scanprofile-k3s-cis-1.24-permissive.yml   |   9 +
 .../scanprofile-k3s-cis-1.6-hardened.yml      |   9 +
 .../scanprofile-k3s-cis-1.6-permissive.yml    |   9 +
 .../scanprofile-k3s-cis-1.7-hardened.yml      |   9 +
 .../scanprofile-k3s-cis-1.7-permissive.yml    |   9 +
 .../scanprofile-k3s-cis-1.8-hardened.yml      |   9 +
 .../scanprofile-k3s-cis-1.8-permissive.yml    |   9 +
 .../scanprofile-rke-1.20-hardened.yaml        |   9 +
 .../scanprofile-rke-1.20-permissive.yaml      |   9 +
 .../scanprofile-rke-1.23-hardened.yaml        |   9 +
 .../scanprofile-rke-1.23-permissive.yaml      |   9 +
 .../scanprofile-rke-1.24-hardened.yaml        |   9 +
 .../scanprofile-rke-1.24-permissive.yaml      |   9 +
 .../scanprofile-rke-1.6-hardened.yaml         |   9 +
 .../scanprofile-rke-1.6-permissive.yaml       |   9 +
 .../scanprofile-rke-1.7-hardened.yaml         |   9 +
 .../scanprofile-rke-1.7-permissive.yaml       |   9 +
 .../scanprofile-rke-1.8-hardened.yaml         |   9 +
 .../scanprofile-rke-1.8-permissive.yaml       |   9 +
 .../scanprofile-rke2-cis-1.20-hardened.yml    |   9 +
 .../scanprofile-rke2-cis-1.20-permissive.yml  |   9 +
 .../scanprofile-rke2-cis-1.23-hardened.yml    |   9 +
 .../scanprofile-rke2-cis-1.23-permissive.yml  |   9 +
 .../scanprofile-rke2-cis-1.24-hardened.yml    |   9 +
 .../scanprofile-rke2-cis-1.24-permissive.yml  |   9 +
 .../scanprofile-rke2-cis-1.6-hardened.yml     |   9 +
 .../scanprofile-rke2-cis-1.6-permissive.yml   |   9 +
 .../scanprofile-rke2-cis-1.7-hardened.yml     |   9 +
 .../scanprofile-rke2-cis-1.7-permissive.yml   |   9 +
 .../scanprofile-rke2-cis-1.8-hardened.yml     |   9 +
 .../scanprofile-rke2-cis-1.8-permissive.yml   |   9 +
 .../4.4.0/templates/scanprofileaks.yml        |   9 +
 .../4.4.0/templates/scanprofileeks.yml        |   9 +
 .../4.4.0/templates/scanprofilegke.yml        |   9 +
 .../4.4.0/templates/serviceaccount.yaml       |  14 ++
 .../4.4.0/templates/validate-install-crd.yaml |  17 ++
 .../4.4.0/templates/validate-psp-install.yaml |   7 +
 .../rancher-cis-benchmark/4.4.0/values.yaml   |  55 +++++
 index.yaml                                    |  40 ++++
 120 files changed, 1822 insertions(+)
 create mode 100644 assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0.tgz
 create mode 100644 assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0.tgz
 create mode 100644 charts/rancher-cis-benchmark-crd/4.4.0/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/4.4.0/README.md
 create mode 100644 charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscan.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanbenchmark.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanprofile.yaml
 create mode 100644 charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanreport.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/Chart.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/README.md
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/app-readme.md
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/_helpers.tpl
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/alertingrule.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-aks-1.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.20.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.23.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.24.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.5.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.6.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.7.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.8.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-eks-1.2.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-gke-1.2.0.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/cis-roles.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/configmap.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/deployment.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/network_policy_allow_all.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/patch_default_serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/psp.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/rbac.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.20.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.23.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.24.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.6.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.7.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.8.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-hardened.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-permissive.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofileaks.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofileeks.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/scanprofilegke.yml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/serviceaccount.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/validate-install-crd.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/templates/validate-psp-install.yaml
 create mode 100644 charts/rancher-cis-benchmark/4.4.0/values.yaml

diff --git a/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0.tgz b/assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..7f6c8ed2e4a7ce4e600de145e687e9d0400dd5b8
GIT binary patch
literal 1463
zcmV;o1xWfIiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc
zVQyr3R8em|NM&qo0PI>(bK*7-&NIJ4bA85V6CfSla@@6ZZ7-K0>GgS$H=v6xd8BoE
zOsD_7BijkKu`vciu5;`QgCu_|+24LEt*t@wCF(vGrawo?mm%oKKG*)+=@K+KD+q&&
z1I=|^cRU;>zpm?+f8Ei*z3_&ktMTw^;0;C>t~YkCt}d8+sN-EMHU#>@J=j-yasLwo
zDHQ<;CC#MA7zcttEgTL+0Xjmx<)}$K2=pf`<4WbQrSN@}6ZVF5jBhH3NC?qHz;VJX
z+f;-aNa?;=8N#sg5{&_Z!M?rp#s4N(dk~2)sEtr^!k)aIkA`azQS$$zGz39l7%h=a
zXYUPrP`Vn+=`}f`RfH1;Q4|QC+_m1*v)`dJbll!+KhL&SAOD156ab-l%Y)buYQsV9
zr3c&N-*X3^SB(FGcR6;?@qY@-M-D^+zY$9N&p3}i8ykX8Uhh#zf5N7*Ar;Qhs91A+
zj}JnMBmzPt@PWYUM;bpl!Wf4OvySMViICfY3$5ZP5rSN2dVL~9jAdR^s5=faX^nzd
zLr`?lW6W@612Y@lV=N2H1goD->&Z(X4C*H<XI81w22vUpm}>#wPu2#(trn6{PgM|y
zGMibSeKktn0xc)ZF$5GFCjdjUSlW5sYV{xjyn!$Ud%i2VrDQ|0?o?C^X(1Q24on<|
zpjQqlf}ntVpKECa6@f7Yq}z2vE1(Au#VP%=ZfFH$9z|3Dx?4B20{R=YECBtrZfFH0
z6<w!lKM#tJ^F|Td=-LT8<I24V(GY~i75`D)*#I0NcMM;m9|!1LhE0`x5DSNECGWEK
zA{jS3He8r^uCs8@m~UgnE@8s{`8OTHml(oxr;1Qs-+ugZc~@v=EYddHlUU;<7iU_q
zw(4=Iqe5VnyBU*l5ZDKii{iX(EG`edao<|Q*H7G9{wY-TH^Mipz?w!vX*FxAVoB9r
zQV1((i$o;LW^eL!fSP89OmzFbum;x0XE{}26d=`jT2FYcRDdA2gIURm^+8za2sQtT
zoN5SE*=e}aXaz>d3g)1U!_C${%c*a^Ij5y-+n3xmlg@&8$I!dMZ)8K`x`I{vN8Q~s
z*MwYHx^*4ZT*)+tSFlhJhLz-OqOMi$dkxYg$X284__jlwG=_BQ@6X5w!sGi2(HOf6
zI;s<mV3a(rk1BR|?IRg*L=Rh~Xs4h6tzlK_^M#25SaqD;P-~^PC7gQA-O9PcbE0L!
z(ZK0N2P$QsH7<Y4Gp;^ObSaPJJ!qHMYMvgkenp8osgi7>Z`+Dwd+&~EY7^^z+oHl5
zU_S_(?DyQ0J&KBlv&)sqNpZhR?eS@!D{CoT*->bG?Lx>8YAx%3>r!cpLSRGve{eM%
zm+F6)gOPWx|DD2)UH^L_OoxTQch8tfcSS{T?euj^gAsBko7SyXPr`qZ%tA%5)VD*a
zClvDcc#c{kp~;?K0r^w?fL-9>TLXOkfF0m@!laj{n3h~VL9|gZ-C^K??vnRWJNwL!
z{;sQKCDL_zuHJHgPUR<ki`b#FD#CY)UlESo;UBWOYMK9|^fc1$HDE*j_eO)uQvM%Y
z4bSiYPh!W;{~2LA%>MazXBD~s*<tsY|9cYnmry-|SlJWjJsN6LIBhJaY%QkjS<q_M
zJ+{Y&t$b?>yMuStorTrCc1X9fmin(TQmwxVYtsMmXjIn!@#XpZkCWK3^*<#{hw?v5
z0PEC0bNBkkz9YTkKUkdD50uD`S>sNL_S@a(n-lKij}ZU$`ak<{{r=MjC-e{Y(e(YV
zHyo6{{~Zl4&-K5P*iTzNcD-h^w2$#6XkxSkVq)WS+Ss7a=Bv6-YF~SWXFJ>3&UUsc
R`!4_h|Nps!V3q(h0010B%d-Fg

literal 0
HcmV?d00001

diff --git a/assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0.tgz b/assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..153a577d54c15889ce7f28f55a24e7127ca4044f
GIT binary patch
literal 8608
zcmYLPcRW@9|G#8QN(mv^nT3q(k&?ZV88R|5N@h4_$jZpbxFoZr>`^Y+WMpP_ZCPD1
zF4w*1{k{4;9>3rD>)!YKeO~kVdY{+xeGW$~)dj@K1q2X6wi<@l?KE_xwEb^NK9n%I
zZf_*%Y;JT@O3%bZO6UG#7h89Ge`5m=1r3MCZivmGji=M~wT^&Yp+j(4ds+Nqd6r1x
z`li*guK01iZ?ezin&Q~&DxuJBUh3%!EfmTPLBql6{%QV|0wGKW(nfF9WxldndwUBr
zkUcpbue(U~D(pJ+^6j$G<R#ACVhJwy1Z%w*{a@^vk!W_rmQPdA6ebIr-a1%E<)o-!
zn{<J_=M={?x!DxVR8GnR)Gm89{gYkscEfW!R>wcE=H)XSWD#N?qu*xt*q&<Pe;E<D
zaCEEmtU_<%-4A}T;-wnQXKWWeosYN<`{J%bjbfA>k#Fr@sstZ(+LOFC(D-8>_uZ4K
z;@Zdg<4p?I5p+BE<9-8;-pRAMVE@|CP9uB8tV<heLuqgiIVk<0%!8AAVe#xUb-#$P
ztD@$Abp^BCzC`qKMx=J2+~isFGYohw{L2a~dP#$Yq>C>G>Yhq1@3G8a5FYRkX4Z;S
z#YOZi`afFSH{%z+*StYD-01t2vP|^)EiN&)<@ni#9a(RtwQ)_&3B&9t)|8Iw<z2IO
z7V#R9=L|oPRmp>LbPVdT$e;>L4J(PJ^^iuU9Y=Bfs8&c^oNDTohn-imGV+sG&oB^7
z^}Q*Js6!>L<VC%-DH+<kV;DuT@BPQ9kn5(r;z3PE$^-L<65EBhcoWqW=l_~AwVamm
z;?^7Bk7xbTw9NIY?Y0ogc`@Iyze%Wc$w)$})$v$~-!|^AKB@jg&_qyqJ_aLC>t++`
zLLY5Ybn%>F<Ow=sCn}X_U9odoQMZ&#Ftp{`Dh6HCY56_ckhvw}MalUuDoQ-0wz_0G
zre!j5XSw=|5Lb=Z{`d(i&kNJUsIEy~dUl)7X*8-gZW+fP(h{vzR$t$D*W0q1oG*#%
zyqm_C+KDyEE2|4NdOr^=D~(0m_-H1pzkZxp+juOqSdf8s8+>>>a*j0IB<%*U6F{Ye
zPPpG7)4WW}v3$1qmoy@`72;|a=d<;rBn?u`;-n3EQfQ%l`}fEWJDD?j>HaC(P~Ed!
zncP=r*>Cwq4QB2MBo_8eA)l@ntZ7P))v3($2HjEZ2^F_?I`?W$k9s!+iWI+ik5${=
zOHd|@(}=;n^o^=UO{ld0s`^b*mSdx!V{EE{8=FEs^Tw~pkTwxpElB~(i&gJxdoQ?u
zZ+nF{loD%*N?qgOIeaACf0WrwqQ+6kv+$>T)Os#1Yl{2uGZn^$C)zpdvnt6TlMZ1<
zOJZz6{swgF&_F&yw@E<@8uWB*tQk>wt~VkGUn-c{f7w~}XgidWij&1Q<LuQ1lCuJ9
z?Kj@)K8ak6{3*QGEu%P--qo0Bo{~Y~_uVf<B!&}bj!0x3%$3~BclC;(l?Zv3hAA;_
z>B`d!<1)skE#&!?^n`A!PK48>Ze#JmHZ$)=(&KNu-Z`EdQMwe*<rX~0ZRM+Yhtny9
zBi6Z#CpCcQgM)IXU2jRFR<AVmQFKJ9R;jACQ>u(<X-C61>ergm_EpXUMZNe|C#L}6
zWP_&y?;1ITU*=`~xIgdnqKG=}!!7Lh4arM9x00T1n}1|jy{fI?9%IwflAX^mnx1Z1
z!kJw&*vz;eEHAYIx#uJ*>50YZYv`%JwhFC0teDuU_zi4^*ky=-tgueBZnfaE3w;%(
zZoa_FcVL#x5?0hcyLEy5+xx}i<Iaf+k#e0>&KutNWb4U@@vmvpIW0|^59u&!xfo2t
zTS;lM2R$7)Ly<@vrjV64MzQ#2;KkA-Q%m)(IYPGI$C#rY(v)~dev~jnYN^-_P%Q6m
z(u+`wIZ9j!5HWFihA-Pe-hGx~CSPA@OT|O=cSUSvMk9urKR!PF4qc9Y1Sd*|o+<8=
z6rs*?CL)`RA@FjPtbhjeQibj9&ZW^*E#Z})rW-n5l@2^5ulx;*FV5uEj(3!pS~xG>
zJTv0DPr{b?<Gz|x@Z7{2VSj$6E_`L$+Kxf04(pxIEI#)2-RZvJhUnhdn+lS}u*TIY
zaQmu2R<ule*^W&N!2?T~<8X|2qo;6t1l(*o-1&l&(q+}DH!R8v1+rKkP4&Nhyl`ZB
zB|UfWQP-~S;)_Zfs&sij<U6PD`bi;I-_Cy6k4cKAEWc5)7bwe%-FLmr{;@Qc5{so{
zH#!|(oEFgD*(!1V6(){8*FR3n$hC`hw~9gaHc^6%pNHAmCtDgDZ02WKpuuACeehIh
zx5Cc8_Yjq_#4BA{7`{n}S7rfC?_uk@5%&5cNXXOyEAH^r1f|Qy$j&C}xIA%`laQ31
zUkZ6;YWvZqC`TEkil`3b$NLi|ZthI=LyRs2&QEf{`(?sJxeY?|2nwj|1;0v1AR!rH
zP$gD5i^y=!*}?<#8(`iCO=ss#?*w~MEQI{b0t#Aq%uRS&Sp<){w+z);bb{PPpz>K7
z9H$+keerdn=7;Et?;w~3947$Ej%K`4DL1TS6$_qkeOyG*jkbc6-ap_jH9?L)0ggJE
zujznRfrSb?Ua9;$7!ik&H(`#8$A2N4STF$U!ekGXN;cv2HE3cDgnqsT23`E&35!)!
z*1tK(Boh?>*+DvN4nQ{seVQ0e5UIQ1*=s<^wE)iKQOl6x?OF@OGa*DX@8$sLp)+5C
zCOUwLrzyN@XD<i%rGFoSEgN4Ly=UJ{Q6kC9rTn5*w>B>hd_5=wXt^z7orJahg%+77
z-D%we=#NR=CH1#Tx}n`~rv%ml({)Ie@zy~w8gnoMdkB>zfmpEx;TGvwO+03-0$5@3
zXd0JA2(yF3n4B6<e2K5H0>|z!ac~Kc?4iv<8VzDV5G@X~0zTwP!C3k{;4bM&ln-$G
z=q*qacIgPBBKTg+b2Od@Yr%g}r-*6CLBqZ~D8|taFmg&8G>x_F7hD3^WWauiYJ}_1
zPmaM>o+8Zg5cf}hBsj&2!z@5TC9xp<R0MFBRwk5mLPVV>V~HS&3gnQNu--d_d~67q
zgZpSODYu4{C8pR4uOt@&H_a-a$fth~X5sZ+RB+c<&~;{g5pe!9|FazEpqsJ)N}k8i
z*4!sNTIP1`h;`~F`P281>m7A?f`CU&Jb{VUb^|Lm#3Pbi=GTYT00%;!gLL-MPGB_-
z(m$cg;c^bfBkLyEcNYI|?Wy0WDuj0d1K6-8%Eo}I@To&o9}b8gG>xHZ3b??=1XKr4
zoW${;A#V&K0snpl@Hz$}`JynA%?5`KqRR_5UWB$bzzhs&ow%9-6GQ24JdcVbK<)s=
zOAMja0eJlxy#<$Yj2(KYfPd<{fZBiRX@JNkklSh`mKZU5O`AX{3-8qgt>2M^EruXz
z@Q8eW2b>)N1Eizzg7~^m08_p33wV%w??CAU$YIm>zqJ$1pkmq=Lj)}D@V|7rZ*~Cp
z8oH2W7_8%vzgmc?4iDdj+L--c0joN&Dq!#$9Qz@b@f;u4A=K7Mrc!`h0Ahetp0jKR
zLeYi1-a`{%tj_^_XAp;1j%Q(HBk`V^4OA>B&(noDR8O+XG<JwWQ?v-;lsq?}av~@&
z^(5Q22TcSe$pS&(Issu}juXk0KcGh>F6z86rh(*BHh8}Q1)S=F<Vxa!oI4`W@9*Fi
zC}m|lg60UIc;gt%?kb%?oig(zoDYl_KrSmnXzgD`60@{O(GoR@IRK;aM7Uf37twAI
zeiG6Bw+sL~gD_Pm$~`H9MUcRX;K;>$9YgE4iD0P!?(pDAPF0Hjng99_wMx+<4p(5n
z8lCJPf|7|o>pzFD|K~8#hB4p{5eO)Sf1VKkpLnva&I0zIw5p{xx$UE)8DL*I*Bz+I
zYaLJADVI^q=g{1r-#k?TSyy{AeZBakC&Pp;FHoG%qdZORm@0XT?d>SPxiS|{x^=M|
zKk6jHddbT;Z|U>)=ZvcjulK0?D2r#FNihU!tIhbiFRFx|V-mb6c}FZ+?QnFDoFTHG
z+o{vw70hT8-D7>u0Iv2Q&CVNE@<>4roh~)*haQ*n8}KZplzT_&=`g4d+kcXQL%%0`
zu^wge4fK7rj(O8x-rql&q3g&aSgRF$aP)pP-uy*h_QDp2XEna3v-JRvoO*H7_)aPO
zNG)HHfT^DN1t$J9u0lSqrkqClFn6o%XI69QDCAniV${Z_9_xBvVmZeVwY@K7-$wOj
zDtLAE&0H%Xh`SHV^5yPd;oB_f&bepvyM@JWInN;0MZZz}{%uQzs*6j)`BpL3=X?q0
z5i#H-6O&8U`G$fEZ!DW7`}*3gbkGgBGF71S&(gbT#!Ek?()p4!>Fk!u-}s=v=dB;^
zikLvp)84FH#rnO;{hFrV&zvjhbo4HaG|a6J#)}_w*j)JA#3Fvr3Zc0Pq0q!<1CD<H
zwov);%N2Od*P(iz2ggnia9_Cf<a6;PB~=eq+vu!iu19aBWrK=T5Rcd`Yot{AKs77w
z<Ex2;29*abH;}4ZH@+1L`wm>VB2;w5+L4X(`*SSsxZY-7P%})%bNAJ2q=foaH3QF1
zX(>NaS?=>}-*yY7(tQo*H@#eTlxVZ{OWUo6an`6XtOT`PYHq{N-O}%s`_EFjOBWW-
z{J})g^WC#2#bO83wVtv>&GXWiLedejJCq+q$u++VQQCx+sJC5Qmr~;`xwdN*SyaEI
znrZv`^^1tBse8j(du#TlyvkD6sJ8v-2_-A5K>YIV{>Cmn^4c#X*m9dU@yfyUcF$HY
z^5Q<{t?ND)?dz}CGEju%!F1<>yl2Y0Q{!G>r!5f;_7<;sk0wbdzC5xrBcy45aviJu
zQfIue-?6{C>+4aW_y7t92a97J8ykb^N)Li82ao(GW&C0NUlSfs@cZMHR)*q9&Fq3d
z@yQF#1W%aIROjK-bB={2lDP$wSx3<?M$IcV?|Ue@LL>caeO7OR1N|Tf_Jo7ge3`QB
z82+B4me5LT9G$xE=JuN78u~#Fgx^`;&8kC#>U>tDk`osxTSwpRg^h`eLr;S5K9L74
zcP=9f&faKAlpi(IAF#g}8hp5OJjekB7SjgoEJkfa(KZC!xmQ1e$vdP^mM|3(ugo(|
zs5wd&&RIacGRr^<>rtXk6$mRA<&9V^wflukWah2SD`#?alBi0&6NbwR2kXQ;MzSsK
zy^6fdocka8^sJ4MiWDBQo9vpGIp#amrj@@c`r_x(U^JmsH^W4KQJ15>(53Opke~J>
z15*`uTW0|HkoK&+7&*mX6(bIi`Hjm9D_-``2olt4!S4Y|?}q*XzRtI@7Os-^9E8ek
zyj7L9JbL+D&mVCl8^uInTfV<y;l_dI6cm}qY&&^2Op;0hSyZWOBP3pA_vv{ScNeWv
z6>imQd=!IFI&k26Equ|S6WSdT@;#Rxo@V8yJh_YZd9+2KXD4pArprJBiw)aV+WtXN
zl%?_``5lQe^P-^lg}7v?V&(z)n+my4gGbm@+Y4O`_!z0%3YPA(>5x%-D)<Ze|D4k7
zo?#2SdDRYm=k#@%uyY9wEonC&UmiCcc-r)tZA?j#+4qe3JxZNCzSq4gq>8`wOP{@H
zJ6%k+_T_e!VfCBNo6<W}L5%LmQPaEWw{rWpBra{Ff8-IMpjJfoNAnF8I|hV*qak$?
zO{}xe3@uHAs~Fb+M5y44VMMNxO=vA*xlt+y*8Q9rzqb{Gs2+cLASO2GZ1KV0xU3F1
z-9X%KN6jzp$jKJCP_gqTK~kyfsKD<jXtKf$6ot^Sl5Du{^csrsLrKeDo}@qc$0qA=
zaF3n_56<rwOFma-ooA^6*8Zh~Yib^)IZuIQjZU?v!0+rAGOcyP{Q2iHIj^3xOGAWD
z@NjWoGE|qK2gH4oF68r#4RZ#`b5Ekx>R(Pa$UpL>3lT_PU-;{tn+fN1ifMI;Ui&2s
z1{}*Qu5+X4=J%G~`6kPY<UOWxV}D}raOSU2Wb=+5Lr2=MMqu%n|MaBHOVw;nBOc+8
zV`f@1tG4n&wW^W#%;<%?UfSEI1^!`aE~KqDNxM`toHT4|H8QG^?w#5CN&J1$HJZvE
zSuX|2_q2b>okgN~P0A0jspP3Tnl4J3Mq86q^6f%wS)n;nZKsx95ElaM>^Qpp_Vo5%
zJOAX_s+9QjZ0rqdlim;CZm0?MWiTFoC*g+X>)k`g&EAnk@ZywYw(9QhqlkUSLrO~X
z?-qfMx^KI0-Rp5b6Xf4`(|$yM`e|h5b(^Vds?$jtkJsd-SPS+H(!|oIZ<RFcokcZ>
z%JkpwcL@DKIbJpStZ=-{@$VxSrYdBtcl8<xds@Xi9k&w8uLQDtZ-zcp>PTo`Ea6ug
zmR#>iwAXPr&s)Om4|{CQ>5K_R+dM$3Yk4RcnWyYOjj#Mxkv5MEtWKM)U5Ta<`BdtB
zrv4d$`gYSEwX0Yr-FDE-!Tv#TjT>`Cy=81s6eWejR5Q65I$pZL`cn-1#ydd<ha4Bu
zf>*dA)}VpZIos%m(uT7iN64FPn;-LQCy7xj$XM779R%*PRFT_?SO@W4ky+G!I84%$
z9~k*_!E}mVYwaBuP1lnQcHvDS|N85n7i2HLdtBL|U1VLKkj{14zVv?6*Cjqz`Y%#w
zL7m!xIAN73SFP}kq?OfBW)UXT4gD&Yq|2=5+^Z?n6`3aWFVvDcGx1E8`8+SxTyq-^
zvXL8i)HzDu%)Dlj`KcfMv%5=DD$PM+F-}l)j~UybEUJJUlp>oA8`RekODkGUlhCa`
zND^!m*n@9db_xHgU~XlyiZs0DU6BW0SHaF7yUj{}9#5zIQ}6+Qan<~cwAX&>o<GjN
z(t#b%lr8*T4!)KJ1U50fScNS)4&z4H)eS(8<_^GQD~tgezAJ7&!WNqAb^6rC>*xad
z>exDN7^l+Zm)?r&$KNzil!;Z>@!41KW`&asLV*G+9@Bt@%vI>{n8{^ma0i?#X#vfQ
zaMM1AiT){Y>~lmUauC_UDp>oK7~Xe;!oi6H&S(W99ckMIqk;rI_G6An!jaOaZ{R$U
zy0y*|fA)gVMNsfb2@Gy-qmPIL%MV7HErZOHL3+Sc!Lm_HYmM;3W5IJ*G;qRZ6Wipd
zB`|#0O`!ubh6I$ic79%atR^71i#j9^=?VrYR2d*N?-IF;4}9(G*6<tht26th7KhWs
zMiIL{4uU6k&=f8U5QcgmwYmrS8m~aJI7~BeAg|d40(&Q8_l=hzln;T(O2gh9q9IiR
zMvj1He|=<K2V>cR8&R-QB#h00F)v;4O0#!h-yyJ%0Z3vuWui|H^pLu+UJecuUWP}j
zoy;9fVIj(s26cS}obLvuMqt(;9)uH_+76m#eICrM?Ll*U5Qp(HwDljObBC2eVft(s
zlR#AP-WsqId-KaMQXz*(atUb4dnb&i>4aQl0lhr%NEi5aDdL%=>l+WC;vD5=914f8
z@LgyIHk46I(9Uz*<k_C)CTsrv{h-+?;8M~K-X3CXNP3S@wQ%u>H_^?;LliUDxJZZ*
zP|zo4S_p?B_Pn3+fx`1mUsr&=#S2dlL0!b50$?H%GV*U#5OLKn;7TsFhw?}yxNm{n
zl6Htl84o?kefH30<eoSb<p~y=PuS;uB-qFOqqV}nL8;{5rW)|PfCgYw0nG+916x~s
zdJCjZ^nWEnfs%NCKQId=CvceBp)8J3(q-G|m#`dc5z0uYb0#4Mh6p3b@eYwBAQ?@E
zfQ0KmGjB7(7C-)(`A^sgQ5ZjHx~GWH?*;n=rJT@36eC*(nB_l4w5+tQJyxbJ+l8>~
zAw()Z0!9*uv!jEMs~n<^PVdpF%gXm)%q~d?4G!(rgn>*|tnhU(Nl1VA$P*OV*pYPw
z?0b@yU|1;zZn8qiy%hx5BZM+9!S|R*nM7d=@J~s-b=W$-!t7rP|9>qPz~T_f0zi5T
z+$6?7^v$6M;S_?ktH>_+1j)ZJAiEv|O{;9-A(|uKCWH?WyqJBG5Y2z#mE1w&C=pT#
zI$Z=qB7FOCXy08Tr;`InRWK_Wl4Fnro(CcFUcy*5qJ@0_Od(cDz4gmpe1*k-%xVA>
z4?%UbHjg%2p{LxwM^l5cy@zP_><`<h5hCwqXG;c4w;ii1GB<F#>=^oyZuIqoIi>L~
z&?@_n$I0-3AD6(7ZPbQvOTlMK;(>@<;D+n@vTf9AGZ7TT61D#f>KtLcWa%HWu+pVM
z{2j4kMF#Y$m{C*njvb2wUdhY?OssiZ;yuXK|ExYn>B<u1*Y+ff`l1hIA}XvoS^0-X
zwFd?zTf>i!XGDL0?l|e}f0$p^kH2^9btoQTA7Sefrg6ca*np6$MH)_LKU;Ztp0?If
zCDS-!EsOTQr&gL^lVMl!pT#KsPH>ajS@}Y(c1_!-<=7nbaY}v!$oX~GBNEL1X(8@B
z+nXmHsF?PJFH}jbv9ETsWWtL6kMm7;*Apq<`Qkk4{!z~Q1x~5_Qt<qUVQQ!m<spA6
zXB8Fi|DBW>CMR8g|BX6EP;Sz4Un+q%`1biuo>bHMUQE>!ONH3cp3>Y_#@m)9`y1r8
z=gBaVG2PKGj15wM9WAT70DDee_O{e+)S{ISis_}bkjf<4mvrYw@Y(QPA<tBd;8K+E
zPn?jz7%E6H3~ED{7#m_O-mDtNJeaHSXE3TMOs2w17LlHEdf)(kZ4TfLr6QAH@8i2{
zd8vT9RDncNeY@f8Rqg>&tG$W)9xX_Qe47Y6(ZBC-*>4Opv-iG#5-NW%-(_U9mDN6Q
zpp<M-L_%2$wnh%t;R^SPjRhicZ-a}?0+dp&-(J&ERphdD6yRp@@9w_Zj-ZKQxxfAJ
zz1bcduHkfB{vABK^F=~cUA8M-zW%n-MdMkkHxm8n{t0%f#6#6=uB%*pC6#mMNfU-=
z9&4^R#SNNEc?SEFkn$!*CN_MfDH)A?(YK*RoysU|;8?`f8g$F;+n1Hf9sfB@@gLBS
zM+H2GR|pm!7ul9BJK!<C_s5}UxZ+b-d>2h_>pgMOx&02wrQGvh#<`n*44oEy;qglU
zepob%#KWK`Uo(&-nGDqL^fJf>LRz>2dhcqOBF@{(YKg#ASKrCLCAH1wqju4}a2U}_
z#W`0eyu{Pe;(8;uRh>(v^NQpp>*hdbZL#d-U+taqr+<l6n>Q<$+xdr3iPSP={<<3}
zk+N!peW~zxMJeWOnli)p?XyyO5g>fPh8Nz*KCL@*j4ZdI1%*YyqMj^k>A&564|c_z
zLNdsWiz)^Vn|<|**XFq7MZ$!;_JT${Kd9jo%U_ObMVjhQ{Q?7@Ki@dI(G=6wvE(Pl
z!{oShSUBN?=Mc3?Bcrqvb?m(C^ju=OE>EUi{2W${fst08G}P__?sOt~AWgk>y+<#}
z;A)j!5TBf<JSG6e&Mhb9B|G(YjhlZ3jvT-1mZ<ICO?+RnZZhN(FJZ5FhBf|Tpy1S-
zj<5X2I*UmS-aZo#zoid_NwUiG3J=YmOU^hl>g59%ux<ej>!iN&vxAo=GVJ4@f6+K*
zxUg#b&`bS0&)HXE_ezdUeBY_EZ$5D>>+%aRL^h0U9bzR%{<I#MVgnw6u2h4Y3Ysr8
zK2v1wOh{W)0gHZ!_M=X%h>Wx}qO4+Kej)Z+<j`?nA5RpbD>Xl2T0neuS97R`hy8bh
zBI6xQw8rVm@SZUe`$WMxd7<1teg(WFXN}Bq<b@JT>B`>KuL-LfF5D;(iPTN`n5Gbu
zKs+3Im=yP<pFilv`;K!nx}{2Elk07?Ke8Sf(Fm|t|7P%^6jwzilp=jTEL`z$O0BQH
zB_h6UGs4V&z0<-<o*{}xY7Bul6;$j~aH6g=)(Pds#$4BM&wf2!J^lCv2`^2X-0bS-
zKNKA!J70fan|()1?;z$ty1Fs;Yxw)oa@M7Q$@Cs^L(35^NjKUlM3QH$Z3!4-%2M_(
ztl;A6KFvsz=`(FN<!i84b8(!`>+)Ou#_0S0O?Beau;oWTU!Iq$>->?Y4eshZGSW&;
zX+7<<*mC#ejmAO}i>e`|=q<FcgGthQZl;7sYoyp&PpypMt@Ph_d|ofS_{ltcljd}?
zrHOm?4~@&2am;+&q?vK#d~`?71`XJ3gO2_$>7ozEFFZFrG|N?seRsdOHn_CBBtm1!
zYkmsxsbvo?7TPnIxbsHszPw3&;<v|N!ElIdu%qq(75DkAs!XqI{d?wVqR#vycjZl-
zQy$Gey-a4js`hQ$y}_1O@GzO@@|&2pYcVRy8ex8i%XorZ|4&b6*#z3?f|x6<y)%{t
zJDV){YMHiJLotlsYzi22vJ^^=GwmJM<!CL|y1WFFW^`v?%zAc|ALne0l;GgzP4s#l
z>o?RJTs^!No__bYlB)d`&(2lm7Srv_Qn!4z)pVu@1y4Q-2<Ug_%ZA;r7}i$`E^(=N
z&`K-H@F$ME*ZFdeevnf+Z)Fnrt6`y-q@BLtaSkWAmQ59T@I=`{bNr<$`xhSGmUfc9
z{^-xu*0s9zfntOYGJ#@Vb=DyXp@JC<nK$n6c<TBKw>8P<v(P>$*tzewzkcezOyGXm
z&i#7RH$Vd!&d%cB^EX7S<GMykfELeLfd;*Jmp6v%)#(%I<e8?Ji@i45D~%#uQ)djM
zsLv%&@lMinlx+r-o`0Vzne)U}{C$;kwBvcXBALdj{+YpShAZ105joB#)^p?oNoy;k
z(i!J2y1oqM;Ich?Cswn0G(37efkur=EGryGpJO%^*K?JHI=CSI{V->x`}M}n_uW5{
zeDQJ#k;8CP5BJWeIN>)I*FVms#j^S(UCb!7+v)qE$(Vq6jrqFwOl#SVH~Dhfbro{M
z4p>KV-$B!d%)rnQDWP-Ds9iX3C|kIG$=@y`Fx^G?2UAJE@nUhbgu+3bm7miUp<H=L
zBd71#UX-n@kJRZ3M8PXG@0rW@0^0TN$~@3l!rH_O7ymKlYd1?`V7d0QVN{XXaNw0d
zifUrYJzAg38T?nW6*?o5gi{vNuN2Fl3IA^0yDCt3&@L03L24ZFLdz;8=1%_L?m!Q}
zcHGmfR(q<)-$=eh_Sb07^k1dHq@A}E`bNq{x<-iMGh-uO%_?|s@-YS&RTy7E;7Jhw
E0~7fh-2eap

literal 0
HcmV?d00001

diff --git a/charts/rancher-cis-benchmark-crd/4.4.0/Chart.yaml b/charts/rancher-cis-benchmark-crd/4.4.0/Chart.yaml
new file mode 100644
index 0000000000..94ffbfac41
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/4.4.0/Chart.yaml
@@ -0,0 +1,10 @@
+annotations:
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/hidden: "true"
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+apiVersion: v1
+description: Installs the CRDs for rancher-cis-benchmark.
+name: rancher-cis-benchmark-crd
+type: application
+version: 4.4.0
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0/README.md b/charts/rancher-cis-benchmark-crd/4.4.0/README.md
new file mode 100644
index 0000000000..f6d9ef621f
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/4.4.0/README.md
@@ -0,0 +1,2 @@
+# rancher-cis-benchmark-crd
+A Rancher chart that installs the CRDs used by rancher-cis-benchmark.
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscan.yaml b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscan.yaml
new file mode 100644
index 0000000000..3cbb0ffcd3
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscan.yaml
@@ -0,0 +1,148 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscans.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScan
+    plural: clusterscans
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .status.lastRunScanProfileName
+      name: ClusterScanProfile
+      type: string
+    - jsonPath: .status.summary.total
+      name: Total
+      type: string
+    - jsonPath: .status.summary.pass
+      name: Pass
+      type: string
+    - jsonPath: .status.summary.fail
+      name: Fail
+      type: string
+    - jsonPath: .status.summary.skip
+      name: Skip
+      type: string
+    - jsonPath: .status.summary.warn
+      name: Warn
+      type: string
+    - jsonPath: .status.summary.notApplicable
+      name: Not Applicable
+      type: string
+    - jsonPath: .status.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.scheduledScanConfig.cronSchedule
+      name: CronSchedule
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              scanProfileName:
+                nullable: true
+                type: string
+              scheduledScanConfig:
+                nullable: true
+                properties:
+                  cronSchedule:
+                    nullable: true
+                    type: string
+                  retentionCount:
+                    type: integer
+                  scanAlertRule:
+                    nullable: true
+                    properties:
+                      alertOnComplete:
+                        type: boolean
+                      alertOnFailure:
+                        type: boolean
+                    type: object
+                type: object
+              scoreWarning:
+                enum:
+                - pass
+                - fail
+                nullable: true
+                type: string
+            type: object
+          status:
+            properties:
+              NextScanAt:
+                nullable: true
+                type: string
+              ScanAlertingRuleName:
+                nullable: true
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      nullable: true
+                      type: string
+                    lastUpdateTime:
+                      nullable: true
+                      type: string
+                    message:
+                      nullable: true
+                      type: string
+                    reason:
+                      nullable: true
+                      type: string
+                    status:
+                      nullable: true
+                      type: string
+                    type:
+                      nullable: true
+                      type: string
+                  type: object
+                nullable: true
+                type: array
+              display:
+                nullable: true
+                properties:
+                  error:
+                    type: boolean
+                  message:
+                    nullable: true
+                    type: string
+                  state:
+                    nullable: true
+                    type: string
+                  transitioning:
+                    type: boolean
+                type: object
+              lastRunScanProfileName:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              observedGeneration:
+                type: integer
+              summary:
+                nullable: true
+                properties:
+                  fail:
+                    type: integer
+                  notApplicable:
+                    type: integer
+                  pass:
+                    type: integer
+                  skip:
+                    type: integer
+                  total:
+                    type: integer
+                  warn:
+                    type: integer
+                type: object
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanbenchmark.yaml b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanbenchmark.yaml
new file mode 100644
index 0000000000..fd291f8c33
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanbenchmark.yaml
@@ -0,0 +1,54 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanbenchmarks.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanBenchmark
+    plural: clusterscanbenchmarks
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.clusterProvider
+      name: ClusterProvider
+      type: string
+    - jsonPath: .spec.minKubernetesVersion
+      name: MinKubernetesVersion
+      type: string
+    - jsonPath: .spec.maxKubernetesVersion
+      name: MaxKubernetesVersion
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapName
+      name: customBenchmarkConfigMapName
+      type: string
+    - jsonPath: .spec.customBenchmarkConfigMapNamespace
+      name: customBenchmarkConfigMapNamespace
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              clusterProvider:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapName:
+                nullable: true
+                type: string
+              customBenchmarkConfigMapNamespace:
+                nullable: true
+                type: string
+              maxKubernetesVersion:
+                nullable: true
+                type: string
+              minKubernetesVersion:
+                nullable: true
+                type: string
+            type: object
+        type: object
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanprofile.yaml b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanprofile.yaml
new file mode 100644
index 0000000000..1e75501b7c
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanprofile.yaml
@@ -0,0 +1,36 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanprofiles.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanProfile
+    plural: clusterscanprofiles
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              skipTests:
+                items:
+                  nullable: true
+                  type: string
+                nullable: true
+                type: array
+            type: object
+        type: object
+    additionalPrinterColumns:
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
diff --git a/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanreport.yaml b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanreport.yaml
new file mode 100644
index 0000000000..6e8c0b7de5
--- /dev/null
+++ b/charts/rancher-cis-benchmark-crd/4.4.0/templates/clusterscanreport.yaml
@@ -0,0 +1,39 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: clusterscanreports.cis.cattle.io
+spec:
+  group: cis.cattle.io
+  names:
+    kind: ClusterScanReport
+    plural: clusterscanreports
+  scope: Cluster
+  versions:
+  - name: v1
+    served: true
+    storage: true
+    additionalPrinterColumns:
+    - jsonPath: .spec.lastRunTimestamp
+      name: LastRunTimestamp
+      type: string
+    - jsonPath: .spec.benchmarkVersion
+      name: BenchmarkVersion
+      type: string
+    subresources:
+      status: {}
+    schema:
+      openAPIV3Schema:
+        properties:
+          spec:
+            properties:
+              benchmarkVersion:
+                nullable: true
+                type: string
+              lastRunTimestamp:
+                nullable: true
+                type: string
+              reportJSON:
+                nullable: true
+                type: string
+            type: object
+        type: object
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0/Chart.yaml b/charts/rancher-cis-benchmark/4.4.0/Chart.yaml
new file mode 100644
index 0000000000..2baf73d5a8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/Chart.yaml
@@ -0,0 +1,22 @@
+annotations:
+  catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+  catalog.cattle.io/certified: rancher
+  catalog.cattle.io/display-name: CIS Benchmark
+  catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.28.0-0'
+  catalog.cattle.io/namespace: cis-operator-system
+  catalog.cattle.io/os: linux
+  catalog.cattle.io/permits-os: linux,windows
+  catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+  catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+  catalog.cattle.io/release-name: rancher-cis-benchmark
+  catalog.cattle.io/type: cluster-tool
+  catalog.cattle.io/ui-component: rancher-cis-benchmark
+apiVersion: v1
+appVersion: v4.4.0
+description: The cis-operator enables running CIS benchmark security scans on a kubernetes
+  cluster
+icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+keywords:
+- security
+name: rancher-cis-benchmark
+version: 4.4.0
diff --git a/charts/rancher-cis-benchmark/4.4.0/README.md b/charts/rancher-cis-benchmark/4.4.0/README.md
new file mode 100644
index 0000000000..50beab58ba
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/README.md
@@ -0,0 +1,9 @@
+# Rancher CIS Benchmark Chart
+
+The cis-operator enables running CIS benchmark security scans on a kubernetes cluster and generate compliance reports that can be downloaded.
+
+# Installation
+
+```
+helm install rancher-cis-benchmark ./ --create-namespace -n cis-operator-system
+```
diff --git a/charts/rancher-cis-benchmark/4.4.0/app-readme.md b/charts/rancher-cis-benchmark/4.4.0/app-readme.md
new file mode 100644
index 0000000000..147e91ea2e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/app-readme.md
@@ -0,0 +1,33 @@
+# Rancher CIS Benchmarks
+
+This chart enables security scanning of the cluster using [CIS (Center for Internet Security) benchmarks](https://www.cisecurity.org/benchmark/kubernetes/).
+
+For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/cis-scans/v2.5/).
+
+This chart installs the following components:
+
+- [cis-operator](https://github.com/rancher/cis-operator) - The cis-operator handles launching the [kube-bench](https://github.com/aquasecurity/kube-bench) tool that runs a suite of CIS tests on the nodes of your Kubernetes cluster. After scans finish, the cis-operator generates a compliance report that can be downloaded.
+- Scans - A scan is a CRD (`ClusterScan`) that defines when to trigger CIS scans on the cluster based on the defined profile. A report is created after the scan is completed.
+- Profiles - A profile is a CRD (`ClusterScanProfile`) that defines the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark. This chart installs a few default `ClusterScanProfile` custom resources with no skipped tests, which can immediately be used to launch CIS scans.
+- Benchmark Versions - A benchmark version is a CRD (`ClusterScanBenchmark`) that defines the CIS benchmark version to run using kube-bench as well as the valid configuration parameters for that benchmark. This chart installs a few default `ClusterScanBenchmark` custom resources.
+- Alerting Resources - Rancher's CIS Benchmark application lets you run a cluster scan on a schedule, and send alerts when scans finish.
+    - If you want to enable alerts to be delivered when a cluster scan completes, you need to ensure that [Rancher's Monitoring and Alerting](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/) application is pre-installed and the [Receivers and Routes](https://rancher.com/docs/rancher/v2.x/en/monitoring-alerting/v2.5/configuration/#alertmanager-config) are configured to send out alerts.
+    - Additionally, you need to set `alerts: true` in the Values YAML while installing or upgrading this chart.
+
+## Upgrading to Kubernetes v1.25+
+
+Starting in Kubernetes v1.25, [Pod Security Policies](https://kubernetes.io/docs/concepts/security/pod-security-policy/) have been removed from the Kubernetes API.
+
+As a result, **before upgrading to Kubernetes v1.25** (or on a fresh install in a Kubernetes v1.25+ cluster), users are expected to perform an in-place upgrade of this chart with `global.cattle.psp.enabled` set to `false` if it has been previously set to `true`.
+
+> **Note:**
+> In this chart release, any previous field that was associated with any PSP resources have been removed in favor of a single global field: `global.cattle.psp.enabled`.
+
+> **Note:**
+> If you upgrade your cluster to Kubernetes v1.25+ before removing PSPs via a `helm upgrade` (even if you manually clean up resources), **it will leave the Helm release in a broken state within the cluster such that further Helm operations will not work (`helm uninstall`, `helm upgrade`, etc.).**
+>
+> If your charts get stuck in this state, please consult the Rancher docs on how to clean up your Helm release secrets.
+
+Upon setting `global.cattle.psp.enabled` to false, the chart will remove any PSP resources deployed on its behalf from the cluster. This is the default setting for this chart.
+
+As a replacement for PSPs, [Pod Security Admission](https://kubernetes.io/docs/concepts/security/pod-security-admission/) should be used. Please consult the Rancher docs for more details on how to configure your chart release namespaces to work with the new Pod Security Admission and apply Pod Security Standards.
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/_helpers.tpl b/charts/rancher-cis-benchmark/4.4.0/templates/_helpers.tpl
new file mode 100644
index 0000000000..b7bb000422
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/_helpers.tpl
@@ -0,0 +1,27 @@
+{{/* Ensure namespace is set the same everywhere */}}
+{{- define "cis.namespace" -}}
+  {{- .Release.Namespace | default "cis-operator-system" -}}
+{{- end -}}
+
+{{- define "system_default_registry" -}}
+{{- if .Values.global.cattle.systemDefaultRegistry -}}
+{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
+{{- else -}}
+{{- "" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Windows cluster will add default taint for linux nodes,
+add below linux tolerations to workloads could be scheduled to those linux nodes
+*/}}
+{{- define "linux-node-tolerations" -}}
+- key: "cattle.io/os"
+  value: "linux"
+  effect: "NoSchedule"
+  operator: "Equal"
+{{- end -}}
+
+{{- define "linux-node-selector" -}}
+kubernetes.io/os: linux
+{{- end -}}
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/alertingrule.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/alertingrule.yaml
new file mode 100644
index 0000000000..1787c88a07
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/alertingrule.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.alerts.enabled -}}
+---
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: rancher-cis-pod-monitor
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  podMetricsEndpoints:
+  - port: cismetrics
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-aks-1.0.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-aks-1.0.yaml
new file mode 100644
index 0000000000..1ac866253f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-aks-1.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: aks-1.0
+spec:
+  clusterProvider: aks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.20.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.20.yaml
new file mode 100644
index 0000000000..1203e5bcc5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.20.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.20
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.23.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.23.yaml
new file mode 100644
index 0000000000..83002966d8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.23.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.23
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.24.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.24.yaml
new file mode 100644
index 0000000000..ad73b2c34c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.24.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.24
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.5.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.5.yaml
new file mode 100644
index 0000000000..c9e6075fb4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.5.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.5
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.6.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.6.yaml
new file mode 100644
index 0000000000..4f5d66e92f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.6.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.6
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.7.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.7.yaml
new file mode 100644
index 0000000000..fa8dfd8eb9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.7.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.7
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.8.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.8.yaml
new file mode 100644
index 0000000000..ae19007b2e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-cis-1.8.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: cis-1.8
+spec:
+  clusterProvider: ""
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-eks-1.2.0.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-eks-1.2.0.yaml
new file mode 100644
index 0000000000..c1bdd9ed5e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-eks-1.2.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: eks-1.2.0
+spec:
+  clusterProvider: eks
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-gke-1.2.0.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-gke-1.2.0.yaml
new file mode 100644
index 0000000000..c609e736fd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-gke-1.2.0.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: gke-1.2.0
+spec:
+  clusterProvider: gke
+  minKubernetesVersion: "1.15.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-hardened.yaml
new file mode 100644
index 0000000000..147cac3906
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.20-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-permissive.yaml
new file mode 100644
index 0000000000..d9584f7229
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.20-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-hardened.yaml
new file mode 100644
index 0000000000..1a928db35c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.23-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-permissive.yaml
new file mode 100644
index 0000000000..5a46787d51
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.23-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.23-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-hardened.yaml
new file mode 100644
index 0000000000..47b6be197a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.24-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-permissive.yaml
new file mode 100644
index 0000000000..6ded2f02bd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.24-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.24-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-hardened.yaml
new file mode 100644
index 0000000000..5160cf7950
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.6-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-permissive.yaml
new file mode 100644
index 0000000000..10c0759853
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.6-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml
new file mode 100644
index 0000000000..6fb369360c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.7-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml
new file mode 100644
index 0000000000..b556d70fe5
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.7-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..07b4300d20
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.8-hardened
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..c30fa7f725
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-k3s-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: k3s-cis-1.8-permissive
+spec:
+  clusterProvider: k3s
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-hardened.yaml
new file mode 100644
index 0000000000..4924679cb3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.20-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-permissive.yaml
new file mode 100644
index 0000000000..2db66d7c62
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.20-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-hardened.yaml
new file mode 100644
index 0000000000..12de23173d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.23-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-permissive.yaml
new file mode 100644
index 0000000000..f9d5052541
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.23-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.23-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-hardened.yaml
new file mode 100644
index 0000000000..7030c793fc
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.24-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-permissive.yaml
new file mode 100644
index 0000000000..b2633eade1
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.24-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.24-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-hardened.yaml
new file mode 100644
index 0000000000..b9154f1ada
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-permissive.yaml
new file mode 100644
index 0000000000..9da65d55dd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.5-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.5-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-hardened.yaml
new file mode 100644
index 0000000000..77f8a31df6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-permissive.yaml
new file mode 100644
index 0000000000..600b8df35a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.6-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml
new file mode 100644
index 0000000000..39bac7833c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.7-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml
new file mode 100644
index 0000000000..2e2f09ac74
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.7-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..d3d357c023
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.8-hardened
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..208eb777cd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke-cis-1.8-permissive
+spec:
+  clusterProvider: rke
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-hardened.yaml
new file mode 100644
index 0000000000..b6cc88359c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.20-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-permissive.yaml
new file mode 100644
index 0000000000..fd898bfe86
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.20-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.19.0"
+  maxKubernetesVersion: "1.21.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-hardened.yaml
new file mode 100644
index 0000000000..55d96da59d
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.23-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-permissive.yaml
new file mode 100644
index 0000000000..55fffe3209
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.23-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.23-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.22.0"
+  maxKubernetesVersion: "1.23.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-hardened.yaml
new file mode 100644
index 0000000000..f702a13726
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.24-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-permissive.yaml
new file mode 100644
index 0000000000..5bc70099f7
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.24-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.24-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.24.0"
+  maxKubernetesVersion: "1.24.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-hardened.yaml
new file mode 100644
index 0000000000..20091ec2b3
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-permissive.yaml
new file mode 100644
index 0000000000..9a86906b02
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.5-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.5-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.15.0"
+  maxKubernetesVersion: "1.15.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-hardened.yaml
new file mode 100644
index 0000000000..ea2549ef39
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.6-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-permissive.yaml
new file mode 100644
index 0000000000..0afdaaa19b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.6-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.16.0"
+  maxKubernetesVersion: "1.18.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml
new file mode 100644
index 0000000000..6306e9601a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.7-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml
new file mode 100644
index 0000000000..76236e11af
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.7-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.25.0"
+  maxKubernetesVersion: "1.25.x"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
new file mode 100644
index 0000000000..0237206a73
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-hardened.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.8-hardened
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
new file mode 100644
index 0000000000..b5f9e4b50f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/benchmark-rke2-cis-1.8-permissive.yaml
@@ -0,0 +1,8 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanBenchmark
+metadata:
+  name: rke2-cis-1.8-permissive
+spec:
+  clusterProvider: rke2
+  minKubernetesVersion: "1.26.0"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/cis-roles.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/cis-roles.yaml
new file mode 100644
index 0000000000..23c93dc659
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/cis-roles.yaml
@@ -0,0 +1,49 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-admin
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["create", "update", "delete", "patch","get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs:
+      - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: cis-view
+rules:
+  - apiGroups:
+      - cis.cattle.io
+    resources:
+      - clusterscanbenchmarks
+      - clusterscanprofiles
+      - clusterscans
+      - clusterscanreports
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - catalog.cattle.io
+    resources: ["apps"]
+    resourceNames: ["rancher-cis-benchmark"]
+    verbs: ["get", "watch", "list"]
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+    verbs: ["get", "watch", "list"]
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/configmap.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/configmap.yaml
new file mode 100644
index 0000000000..094c9dfe0a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/configmap.yaml
@@ -0,0 +1,18 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+  name: default-clusterscanprofiles
+  namespace: {{ template "cis.namespace" . }}
+data:
+  # Default ClusterScanProfiles per cluster provider type
+  rke: |-
+    <1.21.0: rke-profile-permissive-1.20
+    >=1.21.0: rke-profile-permissive-1.8
+  rke2: |-
+    <1.21.0: rke2-cis-1.20-profile-permissive
+    >=1.21.0: rke2-cis-1.8-profile-permissive
+  eks: "eks-profile"
+  gke: "gke-profile"
+  aks: "aks-profile"
+  k3s: "k3s-cis-1.8-profile-permissive"
+  default: "cis-1.8-profile"
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/deployment.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/deployment.yaml
new file mode 100644
index 0000000000..8c9f72f5de
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/deployment.yaml
@@ -0,0 +1,61 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cis-operator
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    cis.cattle.io/operator: cis-operator
+spec:
+  selector:
+    matchLabels:
+      cis.cattle.io/operator: cis-operator
+  template:
+    metadata:
+      labels:
+        cis.cattle.io/operator: cis-operator
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      containers:
+      - name: cis-operator
+        image: '{{ template "system_default_registry" . }}{{ .Values.image.cisoperator.repository }}:{{ .Values.image.cisoperator.tag }}'
+        imagePullPolicy: IfNotPresent
+        ports:
+        - name: cismetrics
+          containerPort: {{ .Values.alerts.metricsPort }}
+        env:
+        - name: SECURITY_SCAN_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.securityScan.repository }}
+        - name: SECURITY_SCAN_IMAGE_TAG
+          value: {{ .Values.image.securityScan.tag }}
+        - name: SONOBUOY_IMAGE
+          value: {{ template "system_default_registry" . }}{{ .Values.image.sonobuoy.repository }}
+        - name: SONOBUOY_IMAGE_TAG
+          value: {{ .Values.image.sonobuoy.tag }}
+        - name: CIS_ALERTS_METRICS_PORT
+          value: '{{ .Values.alerts.metricsPort }}'
+        - name: CIS_ALERTS_SEVERITY
+          value: {{ .Values.alerts.severity }}
+        - name: CIS_ALERTS_ENABLED
+          value: {{ .Values.alerts.enabled | default "false" | quote }}
+        - name: CLUSTER_NAME
+          value: '{{ .Values.global.cattle.clusterName }}'
+        - name: CIS_OPERATOR_DEBUG
+          value: '{{ .Values.image.cisoperator.debug }}'
+        {{- if .Values.securityScanJob.overrideTolerations }}
+        - name: SECURITY_SCAN_JOB_TOLERATIONS
+          value: '{{ .Values.securityScanJob.tolerations | toJson  }}'
+        {{- end }}
+        resources:
+          {{- toYaml .Values.resources | nindent 12 }}
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+      {{- toYaml . | nindent 8 }}
+      {{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/network_policy_allow_all.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/network_policy_allow_all.yaml
new file mode 100644
index 0000000000..6ed5d645ea
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/network_policy_allow_all.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: default-allow-all
+  namespace: {{ template "cis.namespace" . }}
+spec:
+  podSelector: {}
+  ingress:
+  - {}
+  egress:
+  - {}
+  policyTypes:
+  - Ingress
+  - Egress
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/patch_default_serviceaccount.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/patch_default_serviceaccount.yaml
new file mode 100644
index 0000000000..e78a6bd08a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/patch_default_serviceaccount.yaml
@@ -0,0 +1,29 @@
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: patch-sa
+  annotations:
+    "helm.sh/hook": post-install, post-upgrade
+    "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation
+spec:
+  template:
+    spec:
+      serviceAccountName: cis-operator-serviceaccount
+      nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
+{{- if .Values.nodeSelector }}
+{{ toYaml .Values.nodeSelector | indent 8 }}
+{{- end }}
+      tolerations: {{ include "linux-node-tolerations" . | nindent 8 }}
+{{- if .Values.tolerations }}
+{{ toYaml .Values.tolerations | indent 8 }}
+{{- end }}
+      restartPolicy: Never
+      containers:
+      - name: sa
+        image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}"
+        imagePullPolicy: {{ .Values.global.imagePullPolicy }}
+        command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"]
+        args: ["-n", {{ template "cis.namespace" . }}]
+
+  backoffLimit: 1
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/psp.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/psp.yaml
new file mode 100644
index 0000000000..9b8a5995ee
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/psp.yaml
@@ -0,0 +1,59 @@
+{{- if .Values.global.cattle.psp.enabled }}
+apiVersion: policy/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  name: cis-psp
+spec:
+  allowPrivilegeEscalation: true
+  allowedCapabilities:
+  - '*'
+  fsGroup:
+    rule: RunAsAny
+  hostIPC: true
+  hostNetwork: true
+  hostPID: true
+  hostPorts:
+  - max: 65535
+    min: 0
+  privileged: true
+  runAsUser:
+    rule: RunAsAny
+  seLinux:
+    rule: RunAsAny
+  supplementalGroups:
+    rule: RunAsAny
+  volumes:
+  - '*'
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-psp-role
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - policy
+  resourceNames:
+  - cis-psp
+  resources:
+  - podsecuritypolicies
+  verbs:
+  - use
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: cis-psp-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-psp-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+{{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/rbac.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/rbac.yaml
new file mode 100644
index 0000000000..33fb93f04c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/rbac.yaml
@@ -0,0 +1,219 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrole
+rules:
+- apiGroups:
+  - "cis.cattle.io"
+  resources:
+  - "*"
+  verbs:
+  - "*"
+- apiGroups:
+  - ""
+  resources:
+  - "pods"
+  - "services"
+  - "configmaps"
+  - "nodes"
+  - "serviceaccounts"
+  verbs:
+  - "get"
+  - "list"
+  - "create"
+  - "update"
+  - "watch"
+  - "patch"
+- apiGroups:
+  - "rbac.authorization.k8s.io"
+  resources:
+  - "rolebindings"
+  - "clusterrolebindings"
+  - "clusterroles"
+  verbs:
+  - "get"
+  - "list"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "list"
+  - "create"
+  - "patch"
+  - "update"
+  - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-scan-ns
+rules:
+{{- if .Values.global.cattle.psp.enabled }}
+- apiGroups:
+  - "*"
+  resources:
+  - "podsecuritypolicies"
+  verbs: 
+  - "get"
+  - "list"
+  - "watch"
+{{- end }}
+- apiGroups:
+  - ""
+  resources:
+  - "namespaces"
+  - "nodes"
+  - "pods"
+  - "serviceaccounts"
+  - "services"
+  - "replicationcontrollers"
+  verbs:
+  - "get"
+  - "list"
+  - "watch"
+- apiGroups: 
+  - "rbac.authorization.k8s.io"
+  resources:
+  - "rolebindings"
+  - "clusterrolebindings"
+  - "clusterroles"
+  verbs:
+  - "get"
+  - "list"
+- apiGroups:
+   - "batch"
+  resources:
+   - "jobs"
+   - "cronjobs"
+  verbs:
+   - "list"
+- apiGroups:
+    - "apps"
+  resources:
+    - "daemonsets"
+    - "deployments"
+    - "replicasets"
+    - "statefulsets"
+  verbs:
+    - "list"
+- apiGroups:
+    - "autoscaling"
+  resources:
+    - "horizontalpodautoscalers"
+  verbs:
+    - "list"
+- apiGroups:
+    - "networking.k8s.io"
+  resources:
+    - "networkpolicies"
+  verbs:
+    - "get"
+    - "list"
+    - "watch"
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: cis-operator-role
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  namespace: {{ template "cis.namespace" . }}
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - "services"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "patch"
+- apiGroups:
+  - "batch"
+  resources:
+  - "jobs"
+  verbs:
+  - "watch"
+  - "list"
+  - "get"
+  - "delete"
+- apiGroups:
+  - ""
+  resources:
+  - "configmaps"
+  - "pods"
+  - "secrets"
+  verbs:
+  - "*"
+- apiGroups:
+  - "apps"
+  resources:
+  - "daemonsets"
+  verbs:
+  - "*"
+- apiGroups:
+  - monitoring.coreos.com
+  resources:
+  - prometheusrules
+  verbs:
+  - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-clusterrolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-operator-clusterrole
+subjects:
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: cis-scan-ns
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cis-scan-ns
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-operator-rolebinding
+  namespace: {{ template "cis.namespace" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: cis-operator-role
+subjects:
+- kind: ServiceAccount
+  name: cis-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
+- kind: ServiceAccount
+  name: cis-operator-serviceaccount
+  namespace: {{ template "cis.namespace" . }}
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.20.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.20.yaml
new file mode 100644
index 0000000000..05263ce7da
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.20.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.20-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.20
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.23.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.23.yaml
new file mode 100644
index 0000000000..c59d8f51ff
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.23.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.23-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.23
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.24.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.24.yaml
new file mode 100644
index 0000000000..aa3e51c3e2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.24.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.24-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.24
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.6.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.6.yaml
new file mode 100644
index 0000000000..8a8d8bf881
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.6.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.6-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.6
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.7.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.7.yaml
new file mode 100644
index 0000000000..1a37aad835
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.7.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.7-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.7
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.8.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.8.yaml
new file mode 100644
index 0000000000..40be06c946
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-cis-1.8.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: cis-1.8-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: cis-1.8
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-hardened.yml
new file mode 100644
index 0000000000..a0b6cb6f6a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.20-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-permissive.yml
new file mode 100644
index 0000000000..89885548df
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.20-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.20-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-hardened.yml
new file mode 100644
index 0000000000..724412d3aa
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.23-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-permissive.yml
new file mode 100644
index 0000000000..9f9213de1c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.23-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.23-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-hardened.yml
new file mode 100644
index 0000000000..252251efcf
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.24-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.24-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-permissive.yml
new file mode 100644
index 0000000000..05555c64dc
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.24-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.24-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.24-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-hardened.yml
new file mode 100644
index 0000000000..095e977ab2
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.6-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-permissive.yml
new file mode 100644
index 0000000000..3b22a80c83
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.6-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.6-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml
new file mode 100644
index 0000000000..22ae9e0d23
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.7-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.7-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml
new file mode 100644
index 0000000000..f79e9ed966
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.7-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.7-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.7-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
new file mode 100644
index 0000000000..03f6695689
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.8-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
new file mode 100644
index 0000000000..39932a4e5b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-k3s-cis-1.8-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: k3s-cis-1.8-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: k3s-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-hardened.yaml
new file mode 100644
index 0000000000..c36cf38c90
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.20
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-permissive.yaml
new file mode 100644
index 0000000000..cfeb4b34c6
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.20-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.20
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-hardened.yaml
new file mode 100644
index 0000000000..0073311496
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.23
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-permissive.yaml
new file mode 100644
index 0000000000..085b60dfa4
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.23-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.23
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-hardened.yaml
new file mode 100644
index 0000000000..faae63e87f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.24
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.24-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-permissive.yaml
new file mode 100644
index 0000000000..7335a1d2d8
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.24-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.24
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.24-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-hardened.yaml
new file mode 100644
index 0000000000..d38febd80f
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-permissive.yaml
new file mode 100644
index 0000000000..d31b5b0d25
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.6-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.6
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-hardened.yaml
new file mode 100644
index 0000000000..7b83f95bcd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.7
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.7-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-permissive.yaml
new file mode 100644
index 0000000000..52327c4af1
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.7-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.7
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.7-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-hardened.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-hardened.yaml
new file mode 100644
index 0000000000..54aa08691e
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-hardened.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-hardened-1.8
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-permissive.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-permissive.yaml
new file mode 100644
index 0000000000..f7d4fdd229
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke-1.8-permissive.yaml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke-profile-permissive-1.8
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-hardened.yml
new file mode 100644
index 0000000000..decc9b6516
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.20-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.20-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-permissive.yml
new file mode 100644
index 0000000000..74c96ffc49
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.20-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.20-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.20-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-hardened.yml
new file mode 100644
index 0000000000..abc1c2a21b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.23-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.23-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-permissive.yml
new file mode 100644
index 0000000000..51cc519acd
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.23-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.23-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.23-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-hardened.yml
new file mode 100644
index 0000000000..f8ddb9851c
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.24-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.24-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-permissive.yml
new file mode 100644
index 0000000000..c820f03928
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.24-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.24-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.24-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-hardened.yml
new file mode 100644
index 0000000000..c7ac7f949a
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.6-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.6-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-permissive.yml
new file mode 100644
index 0000000000..96ca1345aa
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.6-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.6-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.6-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml
new file mode 100644
index 0000000000..193753a0bc
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.7-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.7-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml
new file mode 100644
index 0000000000..409645dc76
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.7-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.7-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.7-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
new file mode 100644
index 0000000000..d0a1180f56
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-hardened.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.8-profile-hardened
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.8-hardened
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
new file mode 100644
index 0000000000..0aa72407c0
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofile-rke2-cis-1.8-permissive.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: rke2-cis-1.8-profile-permissive
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: rke2-cis-1.8-permissive
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofileaks.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofileaks.yml
new file mode 100644
index 0000000000..ea7b25b404
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofileaks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: aks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: aks-1.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofileeks.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofileeks.yml
new file mode 100644
index 0000000000..de4500acd9
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofileeks.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: eks-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: eks-1.2.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/scanprofilegke.yml b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofilegke.yml
new file mode 100644
index 0000000000..3e5e2439ac
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/scanprofilegke.yml
@@ -0,0 +1,9 @@
+---
+apiVersion: cis.cattle.io/v1
+kind: ClusterScanProfile
+metadata:
+  name: gke-profile
+  annotations:
+    clusterscanprofile.cis.cattle.io/builtin: "true"
+spec:
+  benchmarkVersion: gke-1.2.0
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/serviceaccount.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/serviceaccount.yaml
new file mode 100644
index 0000000000..ec48ec6224
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/serviceaccount.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  name: cis-operator-serviceaccount
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  namespace: {{ template "cis.namespace" . }}
+  labels:
+    app.kubernetes.io/name: rancher-cis-benchmark
+    app.kubernetes.io/instance: release-name
+  name: cis-serviceaccount
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/validate-install-crd.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/validate-install-crd.yaml
new file mode 100644
index 0000000000..562295791b
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/validate-install-crd.yaml
@@ -0,0 +1,17 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+# {{- $found := dict -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScan" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanBenchmark" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanProfile" false -}}
+# {{- set $found "cis.cattle.io/v1/ClusterScanReport" false -}}
+# {{- range .Capabilities.APIVersions -}}
+# {{- if hasKey $found (toString .) -}}
+# 	{{- set $found (toString .) true -}}
+# {{- end -}}
+# {{- end -}}
+# {{- range $_, $exists := $found -}}
+# {{- if (eq $exists false) -}}
+# 	{{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}}
+# {{- end -}}
+# {{- end -}}
+#{{- end -}}
\ No newline at end of file
diff --git a/charts/rancher-cis-benchmark/4.4.0/templates/validate-psp-install.yaml b/charts/rancher-cis-benchmark/4.4.0/templates/validate-psp-install.yaml
new file mode 100644
index 0000000000..a30c59d3b7
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/templates/validate-psp-install.yaml
@@ -0,0 +1,7 @@
+#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
+#{{- if .Values.global.cattle.psp.enabled }}
+#{{- if not (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }}
+#{{- fail "The target cluster does not have the PodSecurityPolicy API resource. Please disable PSPs in this chart before proceeding." -}}
+#{{- end }}
+#{{- end }}
+#{{- end }}
diff --git a/charts/rancher-cis-benchmark/4.4.0/values.yaml b/charts/rancher-cis-benchmark/4.4.0/values.yaml
new file mode 100644
index 0000000000..8233a7a6ef
--- /dev/null
+++ b/charts/rancher-cis-benchmark/4.4.0/values.yaml
@@ -0,0 +1,55 @@
+# Default values for rancher-cis-benchmark.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+image:
+  cisoperator:
+    repository: rancher/cis-operator
+    tag: v1.0.13
+  securityScan:
+    repository: rancher/security-scan
+    tag: v0.2.14
+  sonobuoy:
+    repository: rancher/mirrored-sonobuoy-sonobuoy
+    tag: v0.57.0
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+
+securityScanJob:
+  overrideTolerations: false
+  tolerations: []
+
+affinity: {}
+
+global:
+  cattle:
+    systemDefaultRegistry: ""
+    clusterName: ""
+    psp:
+      enabled: false
+  kubectl:
+    repository: rancher/kubectl
+    tag: v1.28.3
+
+alerts:
+  enabled: false
+  severity: warning
+  metricsPort: 8080
diff --git a/index.yaml b/index.yaml
index e671c17919..cb13725c2a 100755
--- a/index.yaml
+++ b/index.yaml
@@ -7400,6 +7400,32 @@ entries:
     - assets/rancher-backup-crd/rancher-backup-crd-1.0.200.tgz
     version: 1.0.200
   rancher-cis-benchmark:
+  - annotations:
+      catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/display-name: CIS Benchmark
+      catalog.cattle.io/kube-version: '>= 1.21.0-0 < 1.28.0-0'
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/os: linux
+      catalog.cattle.io/permits-os: linux,windows
+      catalog.cattle.io/provides-gvr: cis.cattle.io.clusterscans/v1
+      catalog.cattle.io/rancher-version: '>= 2.7.0-0 < 2.8.0-0'
+      catalog.cattle.io/release-name: rancher-cis-benchmark
+      catalog.cattle.io/type: cluster-tool
+      catalog.cattle.io/ui-component: rancher-cis-benchmark
+    apiVersion: v1
+    appVersion: v4.4.0
+    created: "2024-03-20T10:59:57.714714242+05:30"
+    description: The cis-operator enables running CIS benchmark security scans on
+      a kubernetes cluster
+    digest: b070d3725cd7f828e5b9eb83d6bf8528dbb01458e76c7f034e2a279870b40cba
+    icon: https://charts.rancher.io/assets/logos/cis-kube-bench.svg
+    keywords:
+    - security
+    name: rancher-cis-benchmark
+    urls:
+    - assets/rancher-cis-benchmark/rancher-cis-benchmark-4.4.0.tgz
+    version: 4.4.0
   - annotations:
       catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
       catalog.cattle.io/certified: rancher
@@ -7896,6 +7922,20 @@ entries:
     - assets/rancher-cis-benchmark/rancher-cis-benchmark-1.0.100.tgz
     version: 1.0.100
   rancher-cis-benchmark-crd:
+  - annotations:
+      catalog.cattle.io/certified: rancher
+      catalog.cattle.io/hidden: "true"
+      catalog.cattle.io/namespace: cis-operator-system
+      catalog.cattle.io/release-name: rancher-cis-benchmark-crd
+    apiVersion: v1
+    created: "2024-03-20T10:59:57.722292901+05:30"
+    description: Installs the CRDs for rancher-cis-benchmark.
+    digest: 943ec603646b4469ee4c8c50c8b81a7976446a9542b527924a2d5f4d04346f9e
+    name: rancher-cis-benchmark-crd
+    type: application
+    urls:
+    - assets/rancher-cis-benchmark-crd/rancher-cis-benchmark-crd-4.4.0.tgz
+    version: 4.4.0
   - annotations:
       catalog.cattle.io/certified: rancher
       catalog.cattle.io/hidden: "true"