kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00

Author	SHA1	Message	Date
Daniel Grunberger	f7b3cdcf35	Improve logs (#1349 ) * use stop-success Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * improve logger Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * RBAC Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-17 14:18:40 +03:00
DRAGON2002	9265a5d6d0	fix: icons formatting (#1343 ) Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-16 12:58:55 +03:00
Daniel Grunberger	e6f5c7e0dd	bump k8s-interface version (#1345 ) * bump version Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * bump httphandler Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-15 10:34:45 +03:00
DRAGON	d946662e57	feat: migrate fatih/color to gchalk Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-11 04:31:39 +05:30
David Wertenteil	51b37d5cbf	Update logs (#1340 ) * update logger Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> * bump go-logger version Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-10 19:15:14 +03:00
Matthias Bertschy	1d64522607	use distroless base image (#1338 ) * use distroless base image Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> * bump cosign to v2 Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> --------- Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-08-10 15:46:07 +03:00
DRAGON2002	225a923006	feat: improve pretty logger (#1311 ) * feat: improve pretty logger Signed-off-by: DRAGON <anantvijay3@gmail.com> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: DRAGON <anantvijay3@gmail.com> Signed-off-by: Craig Box <craigb@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Craig Box <craigb@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-09 17:30:04 +03:00
DRAGON2002	6c1a3fb89b	feat: add short table (#1292 ) Signed-off-by: DRAGON <anantvijay3@gmail.com> Signed-off-by: DRAGON2002 <81813720+XDRAGON2002@users.noreply.github.com>	2023-08-09 16:56:58 +03:00
DRAGON2002	df5f7db51d	feat: change colors library (#1316 ) Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-09 09:48:34 +03:00
DRAGON2002	869f0ea109	feat: add unicode table (#1285 ) Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-09 09:26:37 +03:00
David Wertenteil	cf08daf7fb	scan per namespace (#1337 ) * scan per namespace Signed-off-by: David Wertenteil <dwertent@armosec.io> * disable unit test Signed-off-by: David Wertenteil <dwertent@armosec.io> * Adding build image wf Signed-off-by: David Wertenteil <dwertent@armosec.io> * removing unused channels Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scopes Signed-off-by: David Wertenteil <dwertent@armosec.io> * update Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed cluster size Signed-off-by: David Wertenteil <dwertent@armosec.io> * update rbac deps Signed-off-by: David Wertenteil <dwertent@armosec.io> * aggregate resources Signed-off-by: David Wertenteil <dwertent@armosec.io> * Delete build-image.yaml Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scan image logs Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cmd message Signed-off-by: David Wertenteil <dwertent@armosec.io> * update logs Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-08 10:47:15 +03:00
Ben Hirschberg	266029eb23	Implementing container image name normalization built-in function for Rego (#1334 ) * Implementing container image name normalization built-in function for Rego Signed-off-by: Ben <ben@armosec.io> * updating go.mod t include docker/distribution Signed-off-by: Ben <ben@armosec.io> * fix test Signed-off-by: Ben <ben@armosec.io> --------- Signed-off-by: Ben <ben@armosec.io>	2023-08-08 09:35:32 +03:00
rcohencyberarmor	4c9fec8ef4	Support scanning scope (#1293 ) * support scanning scope Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go mod Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update white list Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go mod Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * scope empty return control should tested Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update rego scope for system test Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update test + mock Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add comment Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update rego library Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update k8s-interface Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update opa utils - lots of file changes in this commit since armoapi-go bump up in opa-utils Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * move to temp k8s-interface - till PR in k8s-interface repo will approved Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update k8s-interface with released tag Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go mod in httphandler Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * PR review corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * change test name Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * scanning scope support for framework Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * test/mock adjustments after merge Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add more informative log to the user Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go.mod and go.sum of the http handler Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * remove framework just scanning scope not matched to framework config scope Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add system tests to workflow Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add system test to github workflow Signed-off-by: rcohencyberarmor <rcohen@armosec.io> --------- Signed-off-by: rcohencyberarmor <rcohen@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: rcohencyberarmor <rcohen@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-07 19:11:14 +03:00
Daniel Grunberger	5379b9b0a6	New output (#1320 ) * phase-1 Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * factory Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * wip: feat(cli): add an image scanning command Add a CLI command that launches an image scan. Does not scan images yet. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: add image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore: include dependencies Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: adjust image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: use scanning service in CLI Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * use iface Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * touches Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * continue Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * identifiers * go mod * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * merge * more * integrate img scan * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * changes * changes * fixes * changes * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): create vuln db with dedicated function Remove commented out code, too. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * docs(imagescan): provide package-level docs Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * finish merge * image scan tests * continue * fixes * refactor * rm duplicate * start fixes * update gh actions Signed-off-by: David Wertenteil <dwertent@armosec.io> * pr fixes * fix test * improvements --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> Signed-off-by: Amir Malka <amirm@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Vlad Klokun <vklokun@protonmail.ch> Co-authored-by: Amir Malka <amirm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-03 12:09:33 +03:00
Vlad Klokun	2494c1971c	chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:17 +03:00
Amir Malka	981430d65f	bump opa-utils Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 12:00:52 +03:00
Amir Malka	bbfa5d356a	bump opa-utils, k8s-interface and armoapi-go Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 10:39:03 +03:00
YiscahLevySilas1	17c43fd366	support related objects (#1272 ) * support related objects Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update pkg versions Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update go mod Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * only add ids of related resource Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fixes following review Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * add test for processRule Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-07-20 16:23:58 +03:00
Amir Malka	e470fce6ed	initial implementation of OpenTelemetry metrics collection (#1269 ) Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-10 14:22:26 +03:00
kooomix	868db91801	update regolibrary to v1.0.286-rc.0	2023-07-02 13:25:37 +03:00
guangwu	5e5b9d564c	fix: CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 CVE-2022-41723 etc. (#1221 ) * fix: CVE-2023-28840 CVE-2023-28841 CVE-2023-28842 CVE-2022-41723GHSA-vvpx-j8f3-3w6h CVE-2022-23524 CVE-2022-23525 CVE-2022-23526 CVE-2022-36055 CVE-2023-25165 Signed-off-by: guoguangwu <guoguangwu@magic-shield.com> * restore go.sum Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: guoguangwu <guoguangwu@magic-shield.com> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-06-13 11:39:25 +03:00
YiscahLevySilas1	8ee72895b9	Fix statuses - Manual review and Requires configuration (#1251 ) * fix statuses - req. review, configurations, manual Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update opa-utils version Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update opa-utils version Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update opa-utils version Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * use const for inner info Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-06-12 10:38:35 +03:00
Nitish Chauhan	6cefada215	correcting the formating of the table in pdf output (#1244 ) * correcting the formatting of the table in pdf output Signed-off-by: ntishchauhan0022 <nitishchauhan0022@gmail.com> * adding some starting unit tests Signed-off-by: ntishchauhan0022 <nitishchauhan0022@gmail.com> * resolving the mod error Signed-off-by: ntishchauhan0022 <nitishchauhan0022@gmail.com> --------- Signed-off-by: ntishchauhan0022 <nitishchauhan0022@gmail.com>	2023-06-04 15:21:07 +03:00
Anubhav Gupta	07a5c6488b	update kubescape/go-git-url version Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>	2023-05-26 18:13:39 +05:30
Amir Malka	225545476c	update opa-utils Signed-off-by: Amir Malka <amirm@armosec.io>	2023-05-23 19:18:45 +03:00
Amir Malka	987f97102d	bump opa-utils version for memory optimizations Signed-off-by: Amir Malka <amirm@armosec.io>	2023-05-22 16:44:11 +03:00
Amir Malka	0a0ef10d50	Control parallelism of opa rule processing by env var (#1230 ) * control parallelism of opa rule processing by env var Signed-off-by: Amir Malka <amirm@armosec.io> * go 1.20 Signed-off-by: Amir Malka <amirm@armosec.io> * update go.mod go.sum Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-05-14 14:59:21 +03:00
Amir Malka	b26f83d0bd	update go version 1.19->1.20 Signed-off-by: Amir Malka <amirm@armosec.io>	2023-05-14 10:04:30 +03:00
YiscahLevySilas1	f3225855d0	rerun workflows Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-05-01 09:19:09 +03:00
YiscahLevySilas1	d6edd818b8	add compliance score to new field in controls for backward compatibility Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-04-27 15:53:47 +03:00
YiscahLevySilas1	f25d573f32	update opa-utils version for fix in compliance score Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-04-19 18:34:10 +03:00
YiscahLevySilas1	acaf6e78da	update opa-utils version Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-04-17 20:25:27 +03:00
YiscahLevySilas1	344e9188f6	add compliance-threshold, deprecate fail-threshold Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-04-17 16:08:38 +03:00
yuleib	875deb7ec3	adding compliance score updates (#1181 ) Signed-off-by: Yuval Leibovich <yuvall@armosec.io>	2023-04-04 16:03:40 +03:00
YiscahLevySilas1	9420fd5e79	update version k8s-interface for cloud resources Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-04-03 09:34:22 +03:00
Avraham Shalev	55ce7086d7	upgrade opa-utils and armo api Signed-off-by: Avraham Shalev <8184528+avrahams@users.noreply.github.com>	2023-03-15 13:53:30 +02:00
Amir Malka	106db84a66	bump go-logger (#1144 ) Signed-off-by: Amir Malka <amirm@armosec.io>	2023-03-14 10:00:08 +02:00
Alessio Greggi	5aa56b1c0a	feat: integrate support to retrieve eks policies Signed-off-by: Alessio Greggi <ale_grey_91@hotmail.it>	2023-03-13 11:35:07 +01:00
Amir Malka	cec4e5ca39	added clusterName to otel initialization Signed-off-by: Amir Malka <amirm@armosec.io>	2023-02-26 18:07:38 +02:00
David Wertenteil	25e42ee4b6	Update rbac-utils pkg Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-02-23 23:33:35 +02:00
David Wertenteil	3a80ff00b6	update opa pkg to 238 Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-02-23 14:25:21 +02:00
David Wertenteil	b989c4c21f	update opa pkg Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-02-23 09:48:52 +02:00
Matthias Bertschy	8102dd93ba	bump go-git-url (#1110 ) Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-02-21 11:42:59 +02:00
Amir Malka	df39e10300	Statuses (#1016 ) (#1082 ) New statuses	2023-02-14 15:00:21 +02:00
kooomix	4ea35eec00	GitRegoStore moved to Regolibrary (#1058 ) * GitRegoStore moved to Regolibrary * httphandler go mod * update go.mod * test old regostorlibrary * restore gitRegoStore from regolibrary * Update github.com/kubescape/regolibrary to ver 249 Signed-off-by: kooomix <eranm@armosec.io> * update go mod Signed-off-by: kooomix <eranm@armosec.io> * print scan_control_id mesg Signed-off-by: kooomix <eranm@armosec.io> * Update regolibrary version - windows host fix Signed-off-by: kooomix <eranm@armosec.io> --------- Signed-off-by: kooomix <eranm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-02-07 13:18:51 +02:00
YiscahLevySilas1	c6eff8cbaa	minor change	2023-02-05 11:54:21 +02:00
David Wertenteil	af9df548d6	Merge branch 'master' into CIS-EKS-support	2023-02-05 09:43:41 +02:00
Matthias Bertschy	160ac0db7c	add otel with uptrace client Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-01-31 08:06:33 +01:00
yiscah	0d1b92c2ee	update k8s-interface - fix in get region Signed-off-by: yiscah <yiscahls@armosec.io>	2023-01-29 20:32:12 +02:00
yiscah	9a7e61edd1	add cloud resource ListEntitiesForPolicies	2023-01-27 13:42:15 +02:00

1 2 3 4 5

239 Commits