* set cloud provider using nodes
* use scan metadata for scanning scope
* code cleanup
Signed-off-by: David Wertenteil <dwertent@armosec.io>
* handle error
Signed-off-by: David Wertenteil <dwertent@armosec.io>
---------
Signed-off-by: David Wertenteil <dwertent@armosec.io>
* code refactor
Signed-off-by: Amir Malka <amirm@armosec.io>
* use scaninfo object in resource handler
Signed-off-by: Amir Malka <amirm@armosec.io>
---------
Signed-off-by: Amir Malka <amirm@armosec.io>
* add cmd
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
* support single workload scan
Signed-off-by: Amir Malka <amirm@armosec.io>
* fix conflict
Signed-off-by: Amir Malka <amirm@armosec.io>
* added unit tests
Signed-off-by: Amir Malka <amirm@armosec.io>
* added unit tests
Signed-off-by: Amir Malka <amirm@armosec.io>
* more refactoring
Signed-off-by: Amir Malka <amirm@armosec.io>
* add scanned workload reference to opasessionobj
Signed-off-by: Amir Malka <amirm@armosec.io>
* fix GetWorkloadParentKind
Signed-off-by: Amir Malka <amirm@armosec.io>
* remove namespace argument from pullSingleResource, using field selector instead
Signed-off-by: Amir Malka <amirm@armosec.io>
* removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function
Signed-off-by: Amir Malka <amirm@armosec.io>
* fix tests
Signed-off-by: Amir Malka <amirm@armosec.io>
* use ScanObject instead of workload identifier
Signed-off-by: Amir Malka <amirm@armosec.io>
* refactor logic after CR
Signed-off-by: Amir Malka <amirm@armosec.io>
---------
Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Amir Malka <amirm@armosec.io>
Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>
* fixes#964
* adapted build and ci to use build tag
* fixup error messages
* report git scan skipped warning & version
* fixed CI on windows: powershell parsing args...
* fixup leftover comment
* fixup typo in test message
* resolved merge conflicts on unit tests
* fix: added gitenabled tag to Makefile target
Signed-off-by: Frederic BIDON <fredbi@yahoo.com>
* Fix issue for scanning list obj
* Fix go mod in httphandler pkg
* Broken links fix in roadmap.md
Planning, backlog, and wishlist links were not taking to the required section.
* override infoMap only if it's not nil
* improved icon of kubescape in readme
* Support scanning several files
* gramatical improvements
* docs(readme): Star → star
* Fix issues according to review
* Handle with issues caused by updating opa-utils
* Fix scanning ListObj following reviews
* Update core/pkg/resourcehandler/filesloader.go
Co-authored-by: Vlad Klokun <vladklokun@users.noreply.github.com>
* Update completion.go
* Added fixed control input
* update go.mod
* Print chart name log when fail to generate
* Change formatting to %s
* Added resource prioritization information, raw resource will be sent on the result object
* Merging typo fixes from master (#772)
* greetings
* Update aws.sh
simplified the comment
* typo: In the title and h1 element
Their was a typo in index.html file.
* punctuation changes
* docs : added gitpod badge in readme.md
* fixed typos
* some grammar mistake is corrected inPULL_REQUEST_TEMPLATE.md file
* Updated README.md file
Added link to CONTRIBUTING.md file in a line in README.
* Added link to code of conduct file
I have added link to the code of conduct file and fixed some problems in the Readme file.
* Fixed readme
* Added alpine tag
Adding alpine tag instead of latest and removing repeating commands
* roadmap.md file is modified
* Automatically Close "Typo" labelled Issue
* build.py is modified
* modified PR template
* Fixed some typos in feature_request.md
"." at the end of the headings were missing and all the text were in same line.
Now this gives a clear and concise view of the texts.
* fixed the typo in docs/index.html
Found and fixed typo in the 'alt' attribute of img tag
* Update PULL_REQUEST_TEMPLATE.md
Co-authored-by: Krishna Agarwal <dmkrishna.agarwal@gmail.com>
Co-authored-by: Saswata Senapati <74651639+saswat16@users.noreply.github.com>
Co-authored-by: Rahul Singh <110548934+rahuldhirendersingh@users.noreply.github.com>
Co-authored-by: deepuyadav004 <deepuyadavze@gmail.com>
Co-authored-by: kartik <97971066+kartikgajjar7@users.noreply.github.com>
Co-authored-by: Rounak-28 <95576871+Rounak-28@users.noreply.github.com>
Co-authored-by: pwnb0y <vickykr07@yahoo.com>
Co-authored-by: Ben Hirschberg <59160382+slashben@users.noreply.github.com>
Co-authored-by: Saptarshi Sarkar <saptarshi.programmer@gmail.com>
Co-authored-by: Rahul Surwade <93492791+RahulSurwade08@users.noreply.github.com>
Co-authored-by: Suhas Gumma <43647369+suhasgumma@users.noreply.github.com>
Co-authored-by: Kamal Nayan <95926324+legendarykamal@users.noreply.github.com>
Co-authored-by: TarangVerma <90996971+TarangVerma@users.noreply.github.com>
Co-authored-by: avikittu <65793296+avikittu@users.noreply.github.com>
* update logger version
* update logger version (#773)
* Fixed: Kubescape fails to authenticate remote private Github repo (#721)
* grammar error fixer in CONTRIBUTING.md
* scanning private git repository is available
* giturl to gitapi
* NO TOKEN error functionality added
* Used GetToken method of giturl.IGitAPPI for auth
Co-authored-by: satyam kale <satyamkale271@gmail.com>
Co-authored-by: Ben Hirschberg <59160382+slashben@users.noreply.github.com>
* bump opa-utils to 181
* Option to force enable color output (closes#560) (#767)
* Option to force enable color output (closes#560)
(cherry picked from commit 4f951781ee8dd6bb451ac7d159787f47e4b07379)
* Update go.mod
* update scanner image
* Update host scanner image (#774)
* update logger version
* update scanner image
* remove windows exe extension
* Remove windows extension build (#775)
* update logger version
* update scanner image
* remove windows exe extension
* commened out prioritization logic
* Edit Junit output (#802)
* Edit Junit output
* Update go sum
* Following review
* update AdoptClusterName
* Print line separator only if some controls failed (#813)
* removed the extra 'download' word from the example (#810)
it was confusing to understand the download command because there was an extra 'download' mentioned
* Prioritization (#815)
* removed commented out code
* Added attack tracks information to prioritization algorithm
* bump opa-utils
* go mod tidy
* go mod tidy
* CR changes
* Issue 613 cluster name (#783)
* added --clusterName flag (#613)
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
* update flag name to --cluster-name
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
* Per 307 fail on severity counters (#831)
* feat: fail on exceeding severity thresholds (#830)
- Add support for severity counters
- Add support for CLI flags that set severity thresholds
- Terminate Kubescape with an exit code 1 if scan results exceed the
severity thresholds
* Update opa-utils pkg version
Co-authored-by: Vlad Klokun <vladklokun@users.noreply.github.com>
* Fix merge conflict
* typo in .gitignore file (#833)
* remove unsupported installation method
* fixed welcome message
* fixed merge
* fixed attack tracks loading logic
* add flag validation for --account-id (#605) (#793)
* add flag validation for --account-id (#605)
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
* add flag validation for --client-id & --secret-key
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
* Validation method should be a member function
* Adding unit tests for credentials validate
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
Co-authored-by: David Wertenteil <dwertent@armosec.io>
* Scan Kustomize Directory (#795)
* Scan Kustomize Files
* update 'scam Kustomize Directory' documentation in Readme.md
* go get
* go get inside httphandler
* SourceTypeKustomizeDirectory
* Added Scan for Kustomization File
Co-authored-by: David Wertenteil <dwertent@armosec.io>
* feat: unify severity threshold into one CLI flag (#838)
* feat: unify severity threshold into one CLI flag
Before this commit, severity threshold flags were separated by severity.
This commit unifies these thresholds into one flag that forces Kubescape
to terminate with an exit code 1 if there was at least one failed
control at the specified severity threshold or above.
* chore: update opa utils version
* chore: update opa-utils in httphandler
* feat: dont enforce severity by default
Previous iteration of supporting the severity threshold enforced it even
if the severity threshold was not explicitly specified.
This change enforces the severity threshold only if it has been
explicitly set.
* refactor: clarify flagValidationFramework func name
This change clarifies the meaning of the function that validates the
scan info for the `scan framework` command.
It achieves this by renaming the `flagValidationFramework` function to
`validateFrameworkScanInfo`.
* Merge branch 'master' into dev
Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>
Co-authored-by: Moshe-Rappaport-CA <moshep@armosec.io>
Co-authored-by: Moshe Rappaport <89577611+Moshe-Rappaport-CA@users.noreply.github.com>
Co-authored-by: Om Raut <33827410+om2137@users.noreply.github.com>
Co-authored-by: Kamal Nayan <95926324+legendarykamal@users.noreply.github.com>
Co-authored-by: Vlad Klokun <vladklokun@users.noreply.github.com>
Co-authored-by: Chirag Arora <84070677+Chirag8023@users.noreply.github.com>
Co-authored-by: shm12 <shmuelb@armosec.io>
Co-authored-by: Amir Malka <amirm@armosec.io>
Co-authored-by: Krishna Agarwal <dmkrishna.agarwal@gmail.com>
Co-authored-by: Saswata Senapati <74651639+saswat16@users.noreply.github.com>
Co-authored-by: Rahul Singh <110548934+rahuldhirendersingh@users.noreply.github.com>
Co-authored-by: deepuyadav004 <deepuyadavze@gmail.com>
Co-authored-by: kartik <97971066+kartikgajjar7@users.noreply.github.com>
Co-authored-by: Rounak-28 <95576871+Rounak-28@users.noreply.github.com>
Co-authored-by: pwnb0y <vickykr07@yahoo.com>
Co-authored-by: Ben Hirschberg <59160382+slashben@users.noreply.github.com>
Co-authored-by: Saptarshi Sarkar <saptarshi.programmer@gmail.com>
Co-authored-by: Rahul Surwade <93492791+RahulSurwade08@users.noreply.github.com>
Co-authored-by: Suhas Gumma <43647369+suhasgumma@users.noreply.github.com>
Co-authored-by: TarangVerma <90996971+TarangVerma@users.noreply.github.com>
Co-authored-by: avikittu <65793296+avikittu@users.noreply.github.com>
Co-authored-by: satyam kale <satyamkale271@gmail.com>
Co-authored-by: Aditya Pratap Singh <adityapratapsingh51@gmail.com>
Co-authored-by: Ashray Shetty <ashrayshetty1999@gmail.com>
Co-authored-by: Anubhav Gupta <mail.anubhav06@gmail.com>
Co-authored-by: Meyazhagan <meyazhagan.ofcl@gmail.com>
