kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-04-06 18:56:53 +00:00

Author	SHA1	Message	Date
Matthias Bertschy	4e0328da43	wip - fix data retrieved from the host CRDs Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-03-22 22:03:21 +01:00
Matthias Bertschy	fbef268f22	feat: optimize CPU and memory usage for resource-intensive scans Implement Phases 1-3 of the performance optimization plan to address issue #1793 - reduce CPU and memory consumption for system-constrained environments. Phase 1 - OPA Module Caching: - Add compiledModules cache to OPAProcessor with thread-safe access - Cache compiled OPA rules to eliminate redundant compilation - Reuse compiled modules with double-checked locking pattern - Expected CPU savings: 30-40% Phase 2 - Map Pre-sizing: - Add estimateClusterSize() to calculate resource count - Pre-size AllResources, ResourcesResult, and related maps - Reduce memory reallocations and GC pressure - Expected memory savings: 10-20% Phase 3 - Set-based Deduplication: - Add thread-safe StringSet utility in core/pkg/utils - Replace O(n) slices.Contains() with O(1) map operations - Use StringSet for image scanning and related resources deduplication - 100% test coverage for new utility - Expected CPU savings: 5-10% for large clusters Full optimization plan documented in optimization-plan.md Related: #1793 Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-02-04 08:07:54 +01:00
Matthias Bertschy	7f79bc2d1d	Sort CVEs by severity then ID Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-02-02 17:51:43 +01:00
Matthias Bertschy	3623e55433	feat: add image column to vulnerability scanning table output Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-02-02 17:51:43 +01:00
Matthias Bertschy	f70d81d7c4	add verbose option to scan-images Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-02-02 17:51:43 +01:00
Matthias Bertschy	57addd493f	fix all linter errors Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-02-02 17:32:08 +01:00
Bezbran	25bd51e8b4	Replace host sensor with node agent sensing (#1916 ) In this change I used both claude code and Antigravity. --------- Signed-off-by: Bezalel Brandwine <bez@softwine.net>	2026-02-01 13:17:03 +02:00
copilot-swe-agent[bot]	c32e665809	Final verification - all changes complete Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com> Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-01-22 17:13:09 +01:00
copilot-swe-agent[bot]	82ec11b207	Fix indentation in test file Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2026-01-22 12:42:42 +00:00
copilot-swe-agent[bot]	32a15acdea	Add test for CheckShortTerminalWidth with non-string values Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2026-01-22 12:41:14 +00:00
copilot-swe-agent[bot]	837a50c903	Fix unsafe interface to string type assertions to prevent panic Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2026-01-22 12:37:43 +00:00
majiayu000	46eb266064	feat: add labels-to-copy flag to copy workload labels to reports Add a new --labels-to-copy CLI flag that allows users to specify which labels from Kubernetes workloads should be extracted and included in scan reports. This makes it easier to tie scan results back to app teams or repositories by including relevant labels like 'app', 'team', or 'environment' in the report output. Changes: - Add LabelsToCopy field to ScanInfo and OPASessionObj structs - Add --labels-to-copy flag to scan command - Add ResourceLabels field to PostureReportWithSeverity for JSON output - Implement extractResourceLabels function to extract specified labels - Add unit tests for label extraction functionality Fixes #1660 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: majiayu000 <1835304752@qq.com>	2025-12-31 06:20:29 +08:00
Matthias Bertschy	df37457504	Update cosign package to v3 and adjust go.mod dependencies Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-12-09 11:24:29 +01:00
copilot-swe-agent[bot]	1dd6d7a1b3	Address code review feedback: nil check and trailing whitespace Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2025-12-03 16:46:11 +00:00
copilot-swe-agent[bot]	6b80b85555	Add tests for results enrichment with severity Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2025-12-03 16:42:03 +00:00
copilot-swe-agent[bot]	d88bc067e2	Add severity to controls in results section as well Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2025-12-03 16:40:48 +00:00
copilot-swe-agent[bot]	4c8692bf8c	Remove test output files and update gitignore	2025-12-03 16:32:29 +00:00
copilot-swe-agent[bot]	742e3bb67f	Add severity field to controls in JSON output Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2025-12-03 16:31:57 +00:00
Matthias Bertschy	b33f1c8cc7	Merge pull request #1887 from Mujib-Ahasan/fix-print-sarif fix: --format sarif logs as expected	2025-11-05 18:17:31 +01:00
Mujib Ahasan	4929af510e	fix: --format sarif logs as expected Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>	2025-11-04 20:30:10 +05:30
mandronic	f28bb11c55	removed 'procMount: Unmasked' from host-scanner daemonset definition (refs kubescape/helm-charts#711) (#1886 ) Signed-off-by: Mihail Andronic <104365774+mandronic@users.noreply.github.com>	2025-11-03 13:40:14 +02:00
Matthias Bertschy	33d1e018ec	fix: update documentation links to include 'controls' path Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-11-03 07:47:37 +01:00
Mujib Ahasan	0c74599314	Test file updated Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>	2025-10-30 01:14:25 +05:30
Mujib Ahasan	c23b85cc84	fixed 404 url issue in kubescape scan Signed-off-by: Mujib Ahasan <ahasanmujib8@gmail.com>	2025-10-25 17:39:28 +05:30
Matthias Bertschy	3f80bce811	fix: improve error handling in hostscanner pod validation Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-10-10 16:13:43 +02:00
Matthias Bertschy	ff96edae4d	use grype v0.99.1 Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-17 10:11:19 +02:00
Matthias Bertschy	ca66ccb33d	replace olekukonko/tablewriter with jedib0t/go-pretty Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-01 16:38:42 +02:00
Matthias Bertschy	35e7fa2b94	fix imports Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-01 15:49:31 +02:00
anjali-deore	5faade2b66	Fixed test cases Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>	2025-08-31 17:37:32 +05:30
anjali-deore	af39f9a7ef	fix removed space Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>	2025-08-29 15:31:35 +05:30
anjali-deore	482b7c1f67	fix 1817 ,code cleanup Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>	2025-08-29 15:20:00 +05:30
anjali-deore	82e2fd0be2	fix issue 1817,Added Container Name in control scan output Signed-off-by: anjali-deore <200181980+cx-anjali-deore@users.noreply.github.com>	2025-08-29 15:20:00 +05:30
Matthias Bertschy	ffeb4577e3	refactor output formatting in prettyprinter and related files Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-08-18 12:15:54 +02:00
Matthias Bertschy	c5341a356b	fix prettyprinter test results Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-07-28 15:06:09 +02:00
Matthias Bertschy	bc602a78ab	fix docs URL in tests Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-07-28 14:41:25 +02:00
Yehudah Tor	d2bedc1d2b	added urls Signed-off-by: Yehudah Tor <yehudahtor@gmail.com>	2025-07-27 13:50:47 +03:00
Yehudah Tor	5b351d5eec	Done URL ref's before problematic ones Signed-off-by: Yehudah Tor <yehudahtor@gmail.com>	2025-07-24 12:11:31 +03:00
Amir Malka	4f9809eec1	fix: control-plane node taints check (#1843 ) Signed-off-by: Amir Malka <amirm@armosec.io>	2025-07-15 11:06:09 +03:00
Matthias Bertschy	6ed3e408be	check scanInfo.Submit in HandleResults to not submit by default Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-06-30 08:16:41 +02:00
Matthias Bertschy	31ed7d5160	upgrade open-policy-agent to 1.x Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-04-10 17:17:08 +02:00
Matthias Bertschy	825694ade1	do not skip on location resolver error Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-02-10 10:25:44 +01:00
Fernando-hub527	8985bbe3a9	refactor: update Maroto configuration file location Signed-off-by: Fernando-hub527 <fernandocoelhosaraivanando@gmail.com>	2025-02-06 18:07:57 -03:00
Matthias Bertschy	1ffca5648e	delete TableObject.getSeverityColor to please CI Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-02-06 07:56:07 +01:00
Fernando-hub527	76b1ecb022	refactor: create a method that returns the pdf row Return a struct with the data for ease of use Signed-off-by: Fernando-hub527 <fernandocoelhosaraivanando@gmail.com>	2025-02-05 21:52:50 -03:00
Fernando-hub527	fc69a3692e	refactor: remove unused code Signed-off-by: Fernando-hub527 <fernandocoelhosaraivanando@gmail.com>	2025-02-05 21:47:28 -03:00
Fernando-hub527	e159458129	test:validate creation of report pdf Signed-off-by: Fernando-hub527 <fernandocoelhosaraivanando@gmail.com>	2025-02-05 21:45:01 -03:00
Fernando-hub527	b259f117ff	refactor: create a report template with maroto/v2 Separate template creation from application logic Signed-off-by: Fernando-hub527 <fernandocoelhosaraivanando@gmail.com>	2025-02-05 21:36:39 -03:00
Matthias Bertschy	4215771134	fix helm detection in sarif printer Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-01-31 15:23:15 +01:00
Eng Zer Jun	2005010568	Replace `golang.org/x/exp/slices` with `slices` from stdlib (#1783 )	2025-01-17 20:51:08 +02:00
Amir Malka	14ffe35437	add trigger by indication in posture report Signed-off-by: Amir Malka <amirm@armosec.io>	2025-01-09 16:13:29 +02:00

1 2 3 4 5 ...

654 Commits