Support stdin input (#42)

* support stdin input
2026-02-14 18:09:55 +00:00 · 2021-08-30 14:55:50 +03:00
parent 44803ab915
commit c8068a8d90
3 changed files with 40 additions and 18 deletions
--- a/README.md
+++ b/README.md
@@ -50,12 +50,6 @@ Kubescape can produce output fitting for later processing:
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public
 ```

-* Scan a running Kubernetes cluster with [`mitre`](https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/) framework
-```
-kubescape scan framework mitre --exclude-namespaces kube-system,kube-public
-```
-
-
 * Scan local `yaml`/`json` files
 ```
 kubescape scan framework nsa examples/online-boutique/*
@@ -79,14 +73,14 @@ kubescape scan framework nsa --exclude-namespaces kube-system,kube-public --sile

 ### Helm Support

-1. Render the helm template to an output yaml
+Render the helm template and pass as stdout
 ```
-helm template [CHART] [flags] --generate-name  --dry-run --output-dir helm-output
+helm template [CHART] [flags] --generate-name --dry-run | kubescape scan framework nsa -
 ```

-2. Run `kubescape` with rended yaml files
+for example:
 ```
-kubescape scan framework nsa helm-output/*
+helm template bitnami/mysql --generate-name --dry-run | kubescape scan framework nsa -
 ```

 # How to build 
--- a/cmd/framework.go
+++ b/cmd/framework.go
@@ -4,6 +4,8 @@ import (
 	"errors"
 	"flag"
 	"fmt"
+	"io"
+	"io/ioutil"
 	"kubescape/cautils"
 	"kubescape/cautils/armotypes"
 	"kubescape/cautils/k8sinterface"
@@ -25,26 +27,42 @@ type CLIHandler struct {
 }

 var frameworkCmd = &cobra.Command{
-	Use:       "framework <framework name>",
-	Short:     "The framework you wish to use. Supported frameworks: nsa, mitre",
-	Long:      ``,
+	Use:       "framework <framework name> [`<glob patter>`/`-`] [flags]",
+	Short:     "The framework you wish to use. Supported frameworks: nsa",
+	Long:      "Execute a scan on a running Kubernetes cluster or yaml/json files (use glob) or `-` for stdin",
 	ValidArgs: supportedFrameworks,
 	Args: func(cmd *cobra.Command, args []string) error {
 		if len(args) < 1 {
 			return errors.New("requires at least one argument")
 		}
 		if !isValidFramework(args[0]) {
-			return errors.New("supported frameworks: nsa and mitre")
+			return errors.New("supported frameworks: nsa")
 		}
 		return nil
 	},
-	Run: func(cmd *cobra.Command, args []string) {
+	RunE: func(cmd *cobra.Command, args []string) error {
 		scanInfo.PolicyIdentifier = opapolicy.PolicyIdentifier{}
 		scanInfo.PolicyIdentifier.Kind = opapolicy.KindFramework
 		scanInfo.PolicyIdentifier.Name = args[0]
-		scanInfo.InputPatterns = args[1:]
+
+		if len(args[1:]) == 0 || args[1] != "-" {
+			scanInfo.InputPatterns = args[1:]
+		} else { // store stout to file
+			tempFile, err := ioutil.TempFile(".", "tmp-kubescape*.yaml")
+			if err != nil {
+				return err
+			}
+			defer os.Remove(tempFile.Name())
+
+			if _, err := io.Copy(tempFile, os.Stdin); err != nil {
+				return err
+			}
+			scanInfo.InputPatterns = []string{tempFile.Name()}
+		}
 		cautils.SetSilentMode(scanInfo.Silent)
 		CliSetup()
+
+		return nil
 	},
 }

--- a/printer/printresults.go
+++ b/printer/printresults.go
@@ -17,6 +17,8 @@ import (

 var INDENT = "   "

+const EmptyPercentage = "NaN"
+
 const (
 	PrettyPrinter      string = "pretty-printer"
 	JsonPrinter        string = "json"
@@ -158,7 +160,11 @@ func (printer *Printer) printResult(controlName string, controlSummary *ControlS
 func generateRow(control string, cs ControlSummary) []string {
 	row := []string{control}
 	row = append(row, cs.ToSlice()...)
-	row = append(row, fmt.Sprintf("%d%s", percentage(cs.TotalResources, cs.TotalFailed), "%"))
+	if cs.TotalResources != 0 {
+		row = append(row, fmt.Sprintf("%d%s", percentage(cs.TotalResources, cs.TotalFailed), "%"))
+	} else {
+		row = append(row, EmptyPercentage)
+	}
 	return row
 }

@@ -181,7 +187,11 @@ func generateFooter(numControlers, sumFailed, sumTotal int) []string {
 	row = append(row, fmt.Sprintf("%d", numControlers))
 	row = append(row, fmt.Sprintf("%d", sumFailed))
 	row = append(row, fmt.Sprintf("%d", sumTotal))
-	row = append(row, fmt.Sprintf("%d%s", percentage(sumTotal, sumFailed), "%"))
+	if sumTotal != 0 {
+		row = append(row, fmt.Sprintf("%d%s", percentage(sumTotal, sumFailed), "%"))
+	} else {
+		row = append(row, EmptyPercentage)
+	}
 	return row
 }
 func (printer *Printer) PrintSummaryTable() {