diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 297639fc..a31c2504 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -3,13 +3,13 @@ First, it is awesome that you are considering contributing to Kubescape! Contributing is important and fun and we welcome your efforts. When contributing, we categorize contributions into two: -* Small code changes or fixes, whose scope are limited to a single or two files -* Complex features and improvements, whose are not limited +* Small code changes or fixes, whose scope is limited to a single or two files +* Complex features and improvements, that are not limited If you have a small change, feel free to fire up a Pull Request. When planning a bigger change, please first discuss the change you wish to make via issue, -email, or any other method with the owners of this repository before making a change. Most likely your changes or features are great, but sometimes we might be already going to this direction (or the exact opposite ;-) ) and we don't want to waste your time. +email, or any other method with the owners of this repository before making a change. Most likely your changes or features are great, but sometimes we might be already going in this direction (or the exact opposite ;-) ) and we don't want to waste your time. Please note we have a code of conduct, please follow it in all your interactions with the project. @@ -27,7 +27,7 @@ Please note we have a code of conduct, please follow it in all your interactions ### Our Pledge In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in our project and +contributors and maintainers pledge to make participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and diff --git a/README.md b/README.md index a50ea364..e423f879 100644 --- a/README.md +++ b/README.md @@ -195,7 +195,7 @@ kubescape scan --exclude-namespaces kube-system,kube-public kubescape scan *.yaml --submit ``` -#### Scan kubernetes manifest files from a git repository [and submit the results](https://hub.armosec.io/docs/repository-scanning?utm_source=github&utm_medium=repository) +#### Scan Kubernetes manifest files from a git repository [and submit the results](https://hub.armosec.io/docs/repository-scanning?utm_source=github&utm_medium=repository) ``` kubescape scan https://github.com/kubescape/kubescape --submit ``` @@ -264,7 +264,7 @@ kubescape scan --use-artifacts-from path/to/local/dir You can also download a single artifact and scan with the `--use-from` flag -1. Download and save in file, if file name is not specified, will save in `~/.kubescape/.json` +1. Download and save in a file, if the file name is not specified, will save in `~/.kubescape/.json` ``` kubescape download framework nsa --output /path/nsa.json ``` diff --git a/cmd/completion/completion.go b/cmd/completion/completion.go index 0fe36c1c..3a7ac1a5 100644 --- a/cmd/completion/completion.go +++ b/cmd/completion/completion.go @@ -43,7 +43,3 @@ func GetCompletionCmd() *cobra.Command { } return completionCmd } - -// func init() { -// rootCmd.AddCommand(completionCmd) -// } diff --git a/examples/exceptions/README.md b/examples/exceptions/README.md index a92e7d6f..3ef50ef1 100644 --- a/examples/exceptions/README.md +++ b/examples/exceptions/README.md @@ -1,6 +1,6 @@ # Kubescape Exceptions -Kubescape Exceptions is the proper way of excluding failed resources from effecting the risk score. +Kubescape Exceptions is the proper way of excluding failed resources from affecting the risk score. e.g. When a `kube-system` resource fails and it is ok, simply add the resource to the exceptions configurations. @@ -9,7 +9,7 @@ e.g. When a `kube-system` resource fails and it is ok, simply add the resource t * `name`- Exception name - unique name representing the exception * `policyType`- Do not change -* `actions`- List of available actions. Currently alertOnly is supported +* `actions`- List of available actions. Currently, alertOnly is supported * `resources`- List of resources to apply this exception on * `designatorType: Attributes`- An attribute-based declaration {key: value} Supported keys: @@ -19,19 +19,19 @@ e.g. When a `kube-system` resource fails and it is ok, simply add the resource t * `cluster`: k8s cluster name (usually it is the `current-context`) (case-sensitive, regex supported) * resource labels as key value (case-sensitive, regex NOT supported) * `posturePolicies`- An attribute-based declaration {key: value} - * `frameworkName` - Framework names can be find [here](https://github.com/armosec/regolibrary/tree/master/frameworks) (regex supported) - * `controlName` - Control names can be find [here](https://github.com/armosec/regolibrary/tree/master/controls) (regex supported) - * `controlID` - Control ID can be find [here](https://github.com/armosec/regolibrary/tree/master/controls) (regex supported) - * `ruleName` - Rule names can be find [here](https://github.com/armosec/regolibrary/tree/master/rules) (regex supported) + * `frameworkName` - Framework names can be found [here](https://github.com/armosec/regolibrary/tree/master/frameworks) (regex supported) + * `controlName` - Control names can be found [here](https://github.com/armosec/regolibrary/tree/master/controls) (regex supported) + * `controlID` - Control ID can be found [here](https://github.com/armosec/regolibrary/tree/master/controls) (regex supported) + * `ruleName` - Rule names can be found [here](https://github.com/armosec/regolibrary/tree/master/rules) (regex supported) You can find [here](https://github.com/kubescape/kubescape/tree/master/examples/exceptions) some examples of exceptions files ## Usage -The `resources` list and `posturePolicies` list are design to be a combination of the resources and policies to exclude +The `resources` list and `posturePolicies` list are designed to be a combination of the resources and policies to exclude > You must declare at least one resource and one policy -e.g. If you wish to exclude all namespaces with the label `"environment": "dev"`, the resource list should look as following: +e.g. If you wish to exclude all namespaces with the label `"environment": "dev"`, the resource list should look as follows: ``` "resources": [ { @@ -44,7 +44,7 @@ e.g. If you wish to exclude all namespaces with the label `"environment": "dev"` ] ``` -But if you wish to exclude all namespaces **OR** any resource with the label `"environment": "dev"`, the resource list should look as following: +But if you wish to exclude all namespaces **OR** any resource with the label `"environment": "dev"`, the resource list should look as follows: ``` "resources": [ { @@ -64,7 +64,7 @@ But if you wish to exclude all namespaces **OR** any resource with the label `"e Same works with the `posturePolicies` list -> -e.g. If you wish to exclude the resources declared in the `resources` list that failed when scanning the `NSA` framework **AND** failed the `Allowed hostPath` control, the `posturePolicies` list should look as following: +e.g. If you wish to exclude the resources declared in the `resources` list that failed when scanning the `NSA` framework **AND** failed the `Allowed hostPath` control, the `posturePolicies` list should look as follows: ``` "posturePolicies": [ { @@ -74,7 +74,7 @@ e.g. If you wish to exclude the resources declared in the `resources` list that ] ``` -But if you wish to exclude the resources declared in the `resources` list that failed when scanning the `NSA` framework **OR** failed the `Allowed hostPath` control, the `posturePolicies` list should look as following: +But if you wish to exclude the resources declared in the `resources` list that failed when scanning the `NSA` framework **OR** failed the `Allowed hostPath` control, the `posturePolicies` list should look as follows: ``` "posturePolicies": [ { @@ -177,4 +177,4 @@ The resources ] } ] -``` \ No newline at end of file +```