bug(k8s): RKE2 commands contain audits referencing incorrect paths

[nikpivkin]

The audit definitions currently contain incorrect paths for Rancher. All commands in which the platform field contains only rke2 must be updated in the trivy-checks repository.

If a command specifies multiple platforms, for example:

platforms:
  - k8s
  - rke2

a separate command should be created specifically for rke2 in the same file (verify that trivy-kubernetes can load multiple commands from a single file). Then, remove rke2 from the original command’s platforms list and update compliance by adding the new command.

Example:

Before:

---
- id: CMD-0013
  key: adminConfFilePermissions
  title: admin.conf file permissions
  nodeType: master
  audit: stat -c %a /etc/kubernetes/admin.conf
  platforms:
    - k8s
    - rke2

After:

---
- id: CMD-0013
  key: adminConfFilePermissions
  title: admin.conf file permissions
  nodeType: master
  audit: stat -c %a /etc/kubernetes/admin.conf
  platforms:
    - k8s
---
- id: <newID>
  key: adminConfFilePermissions
  title: admin.conf file permissions
  nodeType: master
  audit: stat -c permissions=%a /var/lib/rancher/rke2/server/cred/admin.kubeconfig
  platforms:
    - rke2

Additionally, ensure that using the same key for multiple commands does not cause conflicts. If it does, create a new key (for example, by appending a -rke2 suffix).

The command can be generated using make command-id.

Discussed in #10162

[afdesk]

it seems this PR is fixed the issue aquasecurity/trivy-checks#527
right?

@nikpivkin @simar7 do you need assist to review it?

[nikpivkin]

@afdesk Yes, that would be great.

[afdesk]

@afdesk Yes, that would be great.

sure, I'll take a look