save policy in file

2026-02-14 18:09:55 +00:00 · 2022-04-10 09:33:44 +03:00
parent 0d83654197
commit 3df3b7766c
7 changed files with 19 additions and 9 deletions
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh |

 ## Run:
 ```
-kubescape scan --submit --enable-host-scan
+kubescape scan --submit --enable-host-scan --format-version v2 --verbose
 ```

 <img src="docs/summary.png">
--- a/core/cautils/getter/armoapi.go
+++ b/core/cautils/getter/armoapi.go
@@ -163,7 +163,6 @@ func (armoAPI *ArmoAPI) GetFramework(name string) (*reporthandling.Framework, er
 	if err = JSONDecoder(respStr).Decode(framework); err != nil {
 		return nil, err
 	}
-	SaveInFile(framework, GetDefaultPath(name+".json"))

 	return framework, err
 }
--- a/core/core/initutils.go
+++ b/core/core/initutils.go
@@ -2,7 +2,6 @@ package core

 import (
 	"fmt"
-	"os"

 	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/core/cautils"
@@ -193,7 +192,7 @@ func getConfigInputsGetter(ControlsInputs string, accountID string, downloadRele
 		downloadReleasedPolicy = getter.NewDownloadReleasedPolicy()
 	}
 	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil { // if failed to pull config inputs, fallback to BE
-		cautils.WarningDisplay(os.Stderr, "Warning: failed to get config inputs from github release, this may affect the scanning results\n")
+		logger.L().Warning("failed to get config inputs from github release, this may affect the scanning results", helpers.Error(err))
 	}
 	return downloadReleasedPolicy
 }
--- a/core/pkg/opaprocessor/processorhandlerutils.go
+++ b/core/pkg/opaprocessor/processorhandlerutils.go
@@ -3,7 +3,6 @@ package opaprocessor
 import (
 	"github.com/armosec/kubescape/core/cautils"
 	"github.com/armosec/kubescape/core/cautils/logger"
-	"github.com/armosec/kubescape/core/cautils/logger/helpers"

 	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/k8s-interface/workloadinterface"
@@ -116,7 +115,7 @@ func getKubernetesObjects(k8sResources *cautils.K8SResources, allResources map[s
 					for _, groupResource := range groupResources {
 						if k8sObj, ok := (*k8sResources)[groupResource]; ok {
 							if k8sObj == nil {
-								logger.L().Debug("skipping", helpers.String("resource", groupResource))
+								// logger.L().Debug("skipping", helpers.String("resource", groupResource))
 							}
 							for i := range k8sObj {
 								k8sObjects = append(k8sObjects, allResources[k8sObj[i]])
--- a/core/pkg/policyhandler/handlepullpolicies.go
+++ b/core/pkg/policyhandler/handlepullpolicies.go
@@ -5,7 +5,9 @@ import (
 	"strings"

 	"github.com/armosec/kubescape/core/cautils"
+	"github.com/armosec/kubescape/core/cautils/getter"
 	"github.com/armosec/kubescape/core/cautils/logger"
+	"github.com/armosec/kubescape/core/cautils/logger/helpers"
 	"github.com/armosec/opa-utils/reporthandling"
 )

@@ -54,6 +56,11 @@ func (policyHandler *PolicyHandler) getScanPolicies(notification *reporthandling
 			}
 			if receivedFramework != nil {
 				frameworks = append(frameworks, *receivedFramework)
+
+				cache := getter.GetDefaultPath(rule.Name + ".json")
+				if err := getter.SaveInFile(receivedFramework, cache); err != nil {
+					logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
+				}
 			}
 		}
 	case reporthandling.KindControl: // Download controls
@@ -67,6 +74,11 @@ func (policyHandler *PolicyHandler) getScanPolicies(notification *reporthandling
 			}
 			if receivedControl != nil {
 				f.Controls = append(f.Controls, *receivedControl)
+
+				cache := getter.GetDefaultPath(rule.Name + ".json")
+				if err := getter.SaveInFile(receivedControl, cache); err != nil {
+					logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
+				}
 			}
 		}
 		frameworks = append(frameworks, f)
--- a/core/pkg/resourcehandler/filesloader.go
+++ b/core/pkg/resourcehandler/filesloader.go
@@ -2,7 +2,6 @@ package resourcehandler

 import (
 	"fmt"
-	"os"

 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/armosec/k8s-interface/workloadinterface"
@@ -10,6 +9,8 @@ import (

 	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/core/cautils"
+	"github.com/armosec/kubescape/core/cautils/logger"
+	"github.com/armosec/kubescape/core/cautils/logger/helpers"
 )

 // FileResourceHandler handle resources from files and URLs
@@ -82,7 +83,7 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess
 	}

 	if err := fileHandler.registryAdaptors.collectImagesVulnerabilities(k8sResources, allResources, armoResources); err != nil {
-		cautils.WarningDisplay(os.Stderr, "Warning: failed to collect images vulnerabilities: %s\n", err.Error())
+		logger.L().Warning("failed to collect images vulnerabilities", helpers.Error(err))
 	}

 	return k8sResources, allResources, armoResources, nil
--- a/install.sh
+++ b/install.sh
@@ -54,6 +54,6 @@ echo -e "\033[0m"
 $KUBESCAPE_EXEC version
 echo

-echo -e "\033[35mUsage: $ $KUBESCAPE_EXEC scan --submit --enable-host-scan  --verbose"
+echo -e "\033[35mUsage: $ $KUBESCAPE_EXEC scan --submit --enable-host-scan --format-version v2 --verbose"

 echo -e "\033[0m"