Preparing Kubescape for v3 (#1403)

* wip: minor cli fixes Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: change default view Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: reduce default topWorkloadsNumber to 3 Signed-off-by: David Wertenteil <dwertent@armosec.io> * update gif Signed-off-by: David Wertenteil <dwertent@armosec.io> * default view for controls and frameworks --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>
2026-02-14 09:59:54 +00:00 · 2023-10-22 15:39:58 +03:00
parent 052c042dac
commit d5407466d5
9 changed files with 19 additions and 10 deletions
--- a/README.md
+++ b/README.md
@@ -27,7 +27,7 @@ Kubescape scans clusters, YAML files, and Helm charts. It detects misconfigurati
 Kubescape was created by [ARMO](https://www.armosec.io/?utm_source=github&utm_medium=repository) and is a [Cloud Native Computing Foundation (CNCF) sandbox project](https://www.cncf.io/sandbox-projects/).

 ## Demo
-<img src="docs/img/demo.gif">
+<img src="docs/img/demo-v3.gif">

 _Please [star ⭐](https://github.com/kubescape/kubescape/stargazers) the repo if you want us to continue developing and improving Kubescape! 😀_

--- a/cmd/scan/control.go
+++ b/cmd/scan/control.go
@@ -38,7 +38,7 @@ var (

 // controlCmd represents the control command
 func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Command {
-	return &cobra.Command{
+	controlCmd := &cobra.Command{
 		Use:     "control <control names list>/<control ids list>",
 		Short:   fmt.Sprintf("The controls you wish to use. Run '%[1]s list controls' for the list of supported controls", cautils.ExecName()),
 		Example: controlExample,
@@ -120,6 +120,8 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 			return nil
 		},
 	}
+	controlCmd.PersistentFlags().StringVar(&scanInfo.View, "view", string(cautils.ResourceViewType), fmt.Sprintf("View results based on the %s/%s/%s. default is --view=%s", cautils.ResourceViewType, cautils.ControlViewType, cautils.SecurityViewType, cautils.ResourceViewType))
+	return controlCmd
 }

 // validateControlScanInfo validates the ScanInfo struct for the `control` command
--- a/cmd/scan/framework.go
+++ b/cmd/scan/framework.go
@@ -51,7 +51,7 @@ var (

 func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Command {

-	return &cobra.Command{
+	fwCmd := &cobra.Command{
 		Use:     "framework <framework names list> [`<glob pattern>`/`-`] [flags]",
 		Short:   fmt.Sprintf("The framework you wish to use. Run '%[1]s list frameworks' for the list of supported frameworks", cautils.ExecName()),
 		Example: frameworkExample,
@@ -140,6 +140,9 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 			return nil
 		},
 	}
+
+	fwCmd.PersistentFlags().StringVar(&scanInfo.View, "view", string(cautils.ResourceViewType), fmt.Sprintf("View results based on the %s/%s/%s. default is --view=%s", cautils.ResourceViewType, cautils.ControlViewType, cautils.SecurityViewType, cautils.ResourceViewType))
+	return fwCmd
 }

 // countersExceedSeverityThreshold returns true if severity of failed controls exceed the set severity threshold, else returns false
--- a/cmd/scan/image.go
+++ b/cmd/scan/image.go
@@ -21,6 +21,10 @@ var (

  # Scan the 'nginx' image
  %[1]s scan image "nginx"
+
+  # Scan the 'nginx' image and see the full report 
+  %[1]s scan image "nginx" -v
+
 `, cautils.ExecName())
 )

--- a/cmd/scan/scan.go
+++ b/cmd/scan/scan.go
@@ -73,7 +73,7 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Local, "keep-local", "", false, "If you do not want your Kubescape results reported to configured backend.")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Output, "output", "o", "", "Output file. Print output to file and not stdout")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.VerboseMode, "verbose", "v", false, "Display all of the input resources and not only failed resources")
-	scanCmd.PersistentFlags().StringVar(&scanInfo.View, "view", string(cautils.ResourceViewType), fmt.Sprintf("View results based on the %s/%s/%s. default is --view=%s", cautils.ResourceViewType, cautils.ControlViewType, cautils.SecurityViewType, cautils.ResourceViewType))
+	scanCmd.PersistentFlags().StringVar(&scanInfo.View, "view", string(cautils.SecurityViewType), fmt.Sprintf("View results based on the %s/%s/%s. default is --view=%s", cautils.ResourceViewType, cautils.ControlViewType, cautils.SecurityViewType, cautils.SecurityViewType))
 	scanCmd.PersistentFlags().BoolVar(&scanInfo.UseDefault, "use-default", false, "Load local policy object from default path. If not used will download latest")
 	scanCmd.PersistentFlags().StringSliceVar(&scanInfo.UseFrom, "use-from", nil, "Load local policy object from specified path. If not used will download latest")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.HostSensorYamlPath, "host-scan-yaml", "", "Override default host scanner DaemonSet. Use this flag cautiously")
--- a/cmd/scan/workload.go
+++ b/cmd/scan/workload.go
@@ -17,8 +17,6 @@ import (

 var (
 	workloadExample = fmt.Sprintf(`
-  This command is still in BETA. Feel free to contact the Kubescape maintainers for more information.
-
  Scan a workload for misconfigurations and image vulnerabilities.

  # Scan an workload
--- a/core/cautils/datastructures.go
+++ b/core/cautils/datastructures.go
@@ -27,7 +27,7 @@ type ImageScanData struct {
 type ScanTypes string

 const (
-	TopWorkloadsNumber           = 5
+	TopWorkloadsNumber           = 3
 	ScanTypeCluster    ScanTypes = "cluster"
 	ScanTypeRepo       ScanTypes = "repo"
 	ScanTypeImage      ScanTypes = "image"
--- a/core/pkg/resultshandling/printer/v2/prettyprinter/utils.go
+++ b/core/pkg/resultshandling/printer/v2/prettyprinter/utils.go
@@ -166,7 +166,9 @@ func printTopComponents(writer *os.File, summary imageprinter.ImageScanSummary)
 		return
 	}

-	cautils.InfoTextDisplay(writer, "\nMost vulnerable components:\n")
+	txt := "Components with most vulnerabilities"
+	cautils.InfoTextDisplay(writer, "\n"+txt+"\n")
+	cautils.SimpleDisplay(writer, strings.Repeat("─", len(txt))+"\n")

 	sortedPkgScores := getSortPackageScores(summary.PackageScores)

@@ -203,13 +205,13 @@ func printImageScanningSummary(writer *os.File, summary imageprinter.ImageScanSu
 	})

 	if len(summary.CVEs) == 0 {
-		txt := "Vulnerability summary - no vulnerabilities were found!"
+		txt := "No vulnerabilities were found!"
 		cautils.InfoTextDisplay(writer, txt+"\n")
 		cautils.SimpleDisplay(writer, strings.Repeat("─", len(txt))+"\n")
 		return
 	}

-	txt := fmt.Sprintf("Vulnerability summary - %d vulnerabilities found:", len(summary.CVEs))
+	txt := fmt.Sprintf("%d vulnerabilities found:", len(summary.CVEs))
 	cautils.InfoTextDisplay(writer, txt+"\n")
 	cautils.SimpleDisplay(writer, strings.Repeat("─", len(txt))+"\n")

--- a/docs/img/demo-v3.gif
+++ b/docs/img/demo-v3.gif