* feat: added support for ListControls and GetFrameworks
* perf: introduced jsoniter unmarshalling for faster decoding
* introduced stricted error handling & predefined errors:
* suppressed edge cases when a flaky value is returned instead of an error
* added full unit tests of LoadPolicy
Signed-off-by: Frederic BIDON <fredbi@yahoo.com>
* fixes#964
* adapted build and ci to use build tag
* fixup error messages
* report git scan skipped warning & version
* fixed CI on windows: powershell parsing args...
* fixup leftover comment
* fixup typo in test message
* resolved merge conflicts on unit tests
* fix: added gitenabled tag to Makefile target
Signed-off-by: Frederic BIDON <fredbi@yahoo.com>
This change fixes the case in which Kubescape would panic when scanning
a local Git repository that:
- has the current branch that does not have an upstream set
- does not have an `origin` branch to fall back on
The panic happened because we did not check if the `origin` key exists
in the map of upstreams. This change adds a test for this scenario and
makes it pass by checking if the key exists. If it does not, it returns
an error.
Fixes#1005
* fixed flaky loop(cautils): loadpolicy getter
We should not inject pointers to the variable iterated over by the
"range" operator.
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* fixed more flaky pointers in loops (registryadaptors, opaprocessor)
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* fixed more flaky pointers in loops (resultshandling)
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* enabled golangci linter in CI
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* fixed linting issues with minimal linters config
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* bump go version to 1.19
* English and typos
* Support AKS parser (#994)
* support GKE parser
* update go mod
* support GKE parser
* update go mod
* update k8s-interface pkg
* Added KS desgin.drawio
* revert k8s.io to v0.25.3
* ran go mod tidy
* update sign-up url
* [wip] Adding CreateAccount support
* revert to docs URL
* update opa-utils pkg
* Print attack tree (optional, with argument) (#997)
* Print attack tree with the argument
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
Co-authored-by: Frédéric BIDON <frederic@oneconcern.com>
Co-authored-by: Frédéric BIDON <fredbi@yahoo.com>
Co-authored-by: Oshrat Nir <45561829+Oshratn@users.noreply.github.com>
Co-authored-by: Amir Malka <amirm@armosec.io>
Co-authored-by: David Wertenteil <dwertent@armosec.io>
Prior to this change, `pretty-printer` was a special type of Printer
that wrote output to `Stdout`, unless explicitly asked to write to a
given file. Kubescape used `pretty-printer` as an output format by
default. This behavior created the following inconsistencies:
- When invoked as `kubescape scan`, Kubescape would use `pretty-printer`
by default, and it would output the scan resluts in the
`pretty-printer` format to `Stdout`.
- When invoked as `kubescape scan --format=pretty-printer`, the behavior
would be as above.
- When invoked as `kubescape scan --format=FORMAT`, where `FORMAT` is any
format except for `pretty-printer`, Kubescape would write the results
to a sensible default file for the selected format. This is in
contrast to how `--format=pretty-printer` would still output to
`os.Stdout`, and not an output file.
- When invoked as `kubescape scan --format=ANY_FORMAT --output=FILENAME`, where
`ANY_FORMAT` is any format, including `pretty-printer`, Kubescape
would write the results to the provided `FILENAME` in the given
`ANY_FORMAT`, and not write any results to `Stdout`.
The aforementioned situation complicates life for users running
Kubescape in CI, where Kubescape would skip writing the results to
`Stdout` and only write to the provided output file.
Moreover, with the addition of support for multiple output formats and,
hence, files, this introduces the following ambiguity:
- When invoked as `kubescape scan --format=json,pdf,pretty-printer
--output=FILENAME`, should Kubescape treat `pretty-printer` as a
format for the output file, or just an instruction to also print the
results to `Stdout`?
To fix these inconsistencies and ambiguities, this commit introduces the
following changes:
- Kubescape will always print results to `Stdout` using the
PrettyPrinter format.
- The `--format` CLI flag will control the format(s) in which the results
will be written to one or many *output* files. This breaks the
previous behavior that running `kubescape scan
--format=pretty-printer` would not produce an output file, and only
write to `Stdout`. After this change, the same invocation will still
write to `Stdout`, but also produce a `report.txt` file in the
PrettyPrinter format.
* replaced dependencies to github.com/armosec/go-git-url by
github.com/kubescape/go-git-url
* fixes#789
NOTE: this requires kubescape/go-git-url#2 to be merged, a new release
of that repo to be cut, in order to finalize the dependency update.
Signed-off-by: Frederic BIDON <fredbi@yahoo.com>
