Update SECURITY.md

Co-authored-by: Liz Rice <liz@lizrice.com>
Update SECURITY.md
2026-02-16 02:49:58 +00:00 · 2020-12-17 15:15:24 +02:00 · 2020-12-17 15:15:16 +02:00 · 2020-12-17 15:15:04 +02:00 · 2020-12-06 16:03:51 +02:00 · 2020-12-04 13:45:03 +02:00
7 changed files with 75 additions and 36 deletions
--- a/.github/workflows/greetings.yml
+++ b/.github/workflows/greetings.yml
@@ -1,14 +0,0 @@
-name: Greetings
-
-on: [pull_request, issues]
-
-jobs:
-  greeting:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/first-interaction@v1
-      with:
-        repo-token: ${{ secrets.GITHUB_TOKEN }}
-        issue-message: "Hola! @${{ github.actor }} 🥳 , You've just created an Issue!🌟 Thanks for making the Project Better"
-        pr-message: 'Submitted a PR already ?? @${{ github.actor }} . Sit tight until one of our amazing maintainers review it. Make sure you read the contributing guide'
- 
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -0,0 +1,52 @@
+on:
+  push:
+    # Sequence of patterns matched against refs/tags
+    tags:
+    - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+    
+name: Upload Release Asset
+
+jobs:
+  build:
+    name: Upload Release Asset
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up Python
+        uses: actions/setup-python@v2
+        with:
+          python-version: '3.9'
+      
+      - name: Install dependencies
+        run: |
+          python -m pip install -U pip
+          python -m pip install -r requirements-dev.txt
+      
+      - name: Build project
+        shell: bash
+        run: |
+          make pyinstaller
+      
+      - name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
+          draft: false
+          prerelease: false
+          
+      - name: Upload Release Asset
+        id: upload-release-asset 
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./dist/kube-hunter
+          asset_name: kube-hunter-linux-x86_64-${{ github.ref }}
+          asset_content_type: application/octet-stream
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,21 +0,0 @@
-group: travis_latest
-language: python
-cache: pip
-python:
-    - "3.6"
-    - "3.7"
-    - "3.8"
-    - "3.9"
-install:
-  - pip install -r requirements.txt
-  - pip install -r requirements-dev.txt
-before_script:
-  - make lint-check
-script:
-  - make test
-after_success:
-  -  bash <(curl -s https://codecov.io/bash)
-notifications:
-  email:
-    on_success: change
-    on_failure: always
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
 ![kube-hunter](https://github.com/aquasecurity/kube-hunter/blob/master/kube-hunter.png)

-[![Build Status](https://travis-ci.org/aquasecurity/kube-hunter.svg?branch=master)](https://travis-ci.org/aquasecurity/kube-hunter)
+[![Build Status](https://github.com/aquasecurity/kube-hunter/workflows/Test/badge.svg)](https://github.com/aquasecurity/kube-hunter/actions)
 [![codecov](https://codecov.io/gh/aquasecurity/kube-hunter/branch/master/graph/badge.svg)](https://codecov.io/gh/aquasecurity/kube-hunter)
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
 [![License](https://img.shields.io/github/license/aquasecurity/kube-hunter)](https://github.com/aquasecurity/kube-hunter/blob/master/LICENSE)
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,17 @@
+# Security Policy
+
+## Supported Versions
+
+| Version   | Supported          |
+| --------- | ------------------ |
+| 0.4.x | :white_check_mark: |
+| 0.3.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+We encourage you to find vulnerabilities in kube-hunter.
+The process is simple, just report a Bug issue. and we will take a look at this.
+If you prefer to disclose privately, you can write to one of the security maintainers at:
+
+| Name        | Email              |
+| ----------- | ------------------ |
+| Daniel Sagi | daniel.sagi@aquasec.com |
--- a/pyinstaller_hooks/hook-prettytable.py
+++ b/pyinstaller_hooks/hook-prettytable.py
@@ -0,0 +1,3 @@
+from PyInstaller.utils.hooks import collect_all
+
+datas, binaries, hiddenimports = collect_all("prettytable")
--- a/setup.py
+++ b/setup.py
@@ -41,6 +41,8 @@ class PyInstallerCommand(Command):
        cfg.read("setup.cfg")
        command = [
            "pyinstaller",
+            "--additional-hooks-dir",
+            "pyinstaller_hooks",
            "--clean",
            "--onefile",
            "--name",
Author	SHA1	Message	Date
danielsagi	b383d074f5	Update SECURITY.md Co-authored-by: Liz Rice <liz@lizrice.com>	2020-12-17 15:15:24 +02:00
danielsagi	6b9dfeac0c	Update SECURITY.md Co-authored-by: Liz Rice <liz@lizrice.com>	2020-12-17 15:15:16 +02:00
danielsagi	4f337cf9f9	Update SECURITY.md Co-authored-by: Liz Rice <liz@lizrice.com>	2020-12-17 15:15:04 +02:00
danielsagi	867e291ccf	Created a vulnerability disclosure readme	2020-12-06 16:03:51 +02:00
danielsagi	f95df8172b	added a release workflow for a linux binary (#421 )	2020-12-04 13:45:03 +02:00
danielsagi	a3ad928f29	Bug Fix: Pyinstaller prettytable error (#419 ) * added specific problematic hooks folder for when compiling with pyinstaller. added a fix for prettytable import * fixed typo * lint fix	2020-12-04 13:43:37 +02:00
danielsagi	22d6676e08	Removed Travis and Greetings workflows (#415 ) * removed greetings workflow, and travis * Update the build status badge to point to Github Actions	2020-12-04 13:42:38 +02:00