hey! added the default matchers option for image scanning as requested in #1838. now you can choose between stock matchers and CPE matchers when scanning images.
what's new:
- added --use-default-matchers flag to scan/image/patch commands
- true = stock matchers (default behavior)
- false = CPE matchers (more precise)
usage:
# use CPE matchers for more precise detection
kubescape scan image nginx:latest --use-default-matchers=false
# or in scan command
kubescape scan --scan-images --use-default-matchers=false
everything's backward compatible - existing code works exactly the same. just added the new option for folks who want more control over their vulnerability detection.
fixes#1838
Signed-off-by: aadarsh-nagrath <anagrath1@gmail.com>
- Introduced a single context in main() to handle interrupt signals (os.Interrupt, syscall.SIGTERM).
- Removed repetitive context creation in the program by reusing the propagated context.
- Improved code readability and maintainability by centralizing context management.
- Ensured consistent handling of graceful shutdown across the program.
Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>
Title: Add Test Case for Non-Existent Image in GetPatchCmd
Description:
This pull request introduces a new test case TestGetPatchCmdWithNonExistentImage in the patch_test.go file. The purpose of this test case is to verify the behavior of the GetPatchCmd function when it's run with a non-existent image argument.
In this test case, we:
Create a mock Kubescape interface
Call the GetPatchCmd function with the mock interface
Run the command with a non-existent image argument
Check that there is an error and the error message is "image tag is required"
This test case enhances the test coverage of the GetPatchCmd function and ensures that it correctly handles non-existent image arguments.
Signed-off-by: Umair <58398786+Umair0343@users.noreply.github.com>
Wrote new tests for the following packages
- operator
- patch
- scan
Also fixed potential crash in the RunE function of the image subcommand
in the scan package.
Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>
