github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,514 Commits 23 Branches 553 Tags
addd66bf721eed5e368650e629dfdbaad52b9743
Commit Graph

2514 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Wertenteil
addd66bf72 Merge pull request #1327 from dwertent/hot-fix-submit-timestamp 
Fix submit time
 2023-08-04 19:24:27 +03:00
Amir Malka
e2f96200e0 Code refactor (follow up to PR #1300) (#1323) 
* code refactor

Signed-off-by: Amir Malka <amirm@armosec.io>

* use scaninfo object in resource handler

Signed-off-by: Amir Malka <amirm@armosec.io>

---------

Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-08-03 17:50:33 +03:00
David Wertenteil
f799b63684 Merge pull request #1331 from kubescape/fix-httphandler-go-mod-anchore 
fix(httphandler): pin breaking anchore dependency
 2023-08-03 17:49:41 +03:00
Vlad Klokun
a088219954 fix(httphandler): pin breaking anchore dependency 
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-08-03 17:36:27 +03:00
David Wertenteil
1a2e16b895 Update PR workflow (#1330) 
* fixed wf call

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* do not wait for pr checks

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* fixed typo

Signed-off-by: David Wertenteil <dwertent@armosec.io>

---------

Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 17:25:22 +03:00
David Wertenteil
7444acae11 Merge pull request #1312 from XDRAGON2002/issue_1282 
fix: negative compliance score
 2023-08-03 14:32:47 +03:00
David Wertenteil
8294694e09 Merge pull request #1277 from XDRAGON2002/issue_1176 
fix: kubescape list controls
 2023-08-03 14:30:12 +03:00
David Wertenteil
12d7f18b79 Merge pull request #1329 from kubescape/codesee-wf 
Update codesee-arch-diagram.yml
 2023-08-03 14:05:34 +03:00
David Wertenteil
83279484bd Merge pull request #1328 from kubescape/remove-label-condition 
Remove label condition in PR scanner workflow
 2023-08-03 14:05:08 +03:00
David Wertenteil
ba134ebc32 Update codesee-arch-diagram.yml 
Run codesee only on `.go` files

Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 13:52:27 +03:00
David Wertenteil
b44f0a76c9 Update 00-pr-scanner.yaml 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 13:49:34 +03:00
David Wertenteil
226b4772a2 fix submit time 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 13:26:49 +03:00
Daniel Grunberger
5379b9b0a6 New output (#1320) 
* phase-1

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* factory

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* wip: feat(cli): add an image scanning command

Add a CLI command that launches an image scan. Does not scan images yet.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* wip: feat: add image scanning service

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore: include dependencies

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* wip: adjust image scanning service

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* wip: feat: use scanning service in CLI

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* use iface

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* touches

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* continue

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* add cmd

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* support single workload scan

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix conflict

Signed-off-by: Amir Malka <amirm@armosec.io>

* identifiers

* go mod

* feat(imagescan): add an image scanning command

This commit adds a CLI command and an associated package that scan
images for vulnerabilities.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

feat(imagescan): fail on exceeding the severity threshold

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): include dependencies

This commit adds the dependencies necessary for image scanning.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): add dependencies to httphandler

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* added unit tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* merge

* more

* integrate img scan

* added unit tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* more refactoring

Signed-off-by: Amir Malka <amirm@armosec.io>

* add scanned workload reference to opasessionobj

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix GetWorkloadParentKind

Signed-off-by: Amir Malka <amirm@armosec.io>

* remove namespace argument from pullSingleResource, using field selector instead

Signed-off-by: Amir Malka <amirm@armosec.io>

* removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function

Signed-off-by: Amir Malka <amirm@armosec.io>

* changes

* changes

* fixes

* changes

* feat(imagescan): add an image scanning command

This commit adds a CLI command and an associated package that scan
images for vulnerabilities.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

feat(imagescan): fail on exceeding the severity threshold

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): include dependencies

This commit adds the dependencies necessary for image scanning.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): add dependencies to httphandler

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): create vuln db with dedicated function

Remove commented out code, too.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* docs(imagescan): provide package-level docs

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* finish merge

* image scan tests

* continue

* fixes

* refactor

* rm duplicate

* start fixes

* update gh actions

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* pr fixes

* fix test

* improvements

---------

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
Signed-off-by: Amir Malka <amirm@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>
Co-authored-by: Vlad Klokun <vklokun@protonmail.ch>
Co-authored-by: Amir Malka <amirm@armosec.io>
Co-authored-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 12:09:33 +03:00
David Wertenteil
98f68d8097 Merge pull request #1319 from kubescape/codesee-arch-diagram-workflow-1690964652908 
Install the CodeSee workflow.
 2023-08-03 10:14:47 +03:00
David Wertenteil
f8057b5c79 Merge pull request #1322 from kubescape/add-ai-workflow 
Adding pr-agent
 2023-08-02 16:29:25 +03:00
David Wertenteil
f36d8c31b0 Adding pr-agent 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-02 16:27:16 +03:00
Vlad Klokun
3abf18acb7 Merge pull request #1288 from kubescape/feat-image-scan-svc 
feat: add an image scanning service and CLI command
 2023-08-02 14:03:50 +03:00
codesee-maps[bot]
28200b2744 Install the CodeSee workflow. Learn more at https://docs.codesee.io 2023-08-02 08:24:13 +00:00
David Wertenteil
678f21e33c Merge pull request #1317 from kubescape/add-prints-to-smoketest 
add prints to smoketest
 2023-08-02 09:55:43 +03:00
Amir Malka
467a84ddac add prints to smoketest 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-08-02 09:52:01 +03:00
Vlad Klokun
925145724e docs(imagescan): provide package-level docs 
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-08-02 09:50:18 +03:00
Vlad Klokun
e3677fc45c chore(imagescan): create vuln db with dedicated function 
Remove commented out code, too.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-08-02 09:50:17 +03:00
Vlad Klokun
704de5bfc1 chore(imagescan): add dependencies to httphandler 
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-08-02 09:50:17 +03:00
Vlad Klokun
2494c1971c chore(imagescan): include dependencies 
This commit adds the dependencies necessary for image scanning.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-08-02 09:50:17 +03:00
Vlad Klokun
3b8bd7735e feat(imagescan): add an image scanning command 
This commit adds a CLI command and an associated package that scan
images for vulnerabilities.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

feat(imagescan): fail on exceeding the severity threshold

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-08-02 09:50:17 +03:00
David Wertenteil
602591e7f2 Merge pull request #1315 from kubescape/remove-workload-cmd 
remove scan workload command
 2023-08-02 08:44:15 +03:00
Amir Malka
e276e54d2b remove scan workload command 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-08-01 14:11:16 +03:00
Amir Malka
0c019819ff Scanning a single resource (#1300) 
* add cmd

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* support single workload scan

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix conflict

Signed-off-by: Amir Malka <amirm@armosec.io>

* added unit tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* added unit tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* more refactoring

Signed-off-by: Amir Malka <amirm@armosec.io>

* add scanned workload reference to opasessionobj

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix GetWorkloadParentKind

Signed-off-by: Amir Malka <amirm@armosec.io>

* remove namespace argument from pullSingleResource, using field selector instead

Signed-off-by: Amir Malka <amirm@armosec.io>

* removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* use ScanObject instead of workload identifier

Signed-off-by: Amir Malka <amirm@armosec.io>

* refactor logic after CR

Signed-off-by: Amir Malka <amirm@armosec.io>

---------

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Amir Malka <amirm@armosec.io>
Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>
 2023-08-01 14:07:31 +03:00
David Wertenteil
d9e946cf6d reset head (#1306) 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-01 10:47:07 +03:00
David Wertenteil
e3a8ebfe05 Merge pull request #1297 from dwertent/update-armo-docs 
docs(providers): Update ARMO docs
 2023-07-31 19:37:01 +03:00
David Wertenteil
fd3703b21b Merge pull request #1296 from kubescape/error-handle-for-empty-resource-scan 
Error handle for empty resource scan
 2023-07-31 16:13:42 +03:00
David Wertenteil
6bcdda7d56 Merge pull request #1309 from amirmalka/bump-dependencies 
bump opa-utils
 2023-07-31 12:11:26 +03:00
Amir Malka
981430d65f bump opa-utils 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-07-31 12:00:52 +03:00
David Wertenteil
e91ec69832 Merge pull request #1307 from amirmalka/bump-dependencies 
Bump dependencies
 2023-07-31 11:02:05 +03:00
Amir Malka
bbfa5d356a bump opa-utils, k8s-interface and armoapi-go 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-07-31 10:39:03 +03:00
DRAGON
d2af7f47db fix: negative compliance score 
Signed-off-by: DRAGON <anantvijay3@gmail.com>
 2023-07-31 00:21:01 +05:30
rcohencyberarmor
d28afcb00c linter correction 
Signed-off-by: rcohencyberarmor <rcohen@armosec.io>
 2023-07-30 15:46:54 +03:00
rcohencyberarmor
ca6bdb0bef review corrections 
Signed-off-by: rcohencyberarmor <rcohen@armosec.io>
 2023-07-30 12:06:03 +03:00
Raziel Cohen
e424bfa81b Merge branch 'master' of github.com:kubescape/kubescape into error-handle-for-empty-resource-scan 2023-07-30 11:21:53 +03:00
David Wertenteil
9f1ff4c090 Merge pull request #1279 from XDRAGON2002/issue_760 
feat: add build.ps1
v2.3.8 		2023-07-25 14:41:00 +03:00
David Wertenteil
1a2dda700b Merge pull request #1291 from XDRAGON2002/issue_1290 
fix: yamlhandler error handling
 2023-07-25 14:39:26 +03:00
rcohencyberarmor
c4e5611c7f add print in the cli to which version the kubescape was update (#1295) 
* add print in the cli to which version the kubescape was update

Signed-off-by: rcohencyberarmor <rcohen@armosec.io>

* update will suggest to our user to update by following kubescape installation guide

Signed-off-by: rcohencyberarmor <rcohen@armosec.io>

---------

Signed-off-by: rcohencyberarmor <rcohen@armosec.io>
Co-authored-by: rcohencyberarmor <rcohen@armosec.io>
 2023-07-25 14:37:44 +03:00
DRAGON
d8e913fb9f feat: add build.ps1 
Signed-off-by: DRAGON <anantvijay3@gmail.com>
 2023-07-25 14:36:57 +05:30
David Wertenteil
a37b1f7319 update armo docs 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-07-25 11:01:48 +03:00
rcohencyberarmor
b730ef5154 git recognition for empty directory for test 
Signed-off-by: rcohencyberarmor <rcohen@armosec.io>
 2023-07-24 17:24:13 +03:00
rcohencyberarmor
3280173e95 add error handle when there are no scan to trigger since the directory not contain any relevant scanning files 
Signed-off-by: rcohencyberarmor <rcohen@armosec.io>
 2023-07-24 17:17:06 +03:00
DRAGON
d0ae4f1c1a fix: yamlhandler error handling 
Signed-off-by: DRAGON <anantvijay3@gmail.com>
 2023-07-22 13:26:40 +05:30
Vlad Klokun
e4faad8284 Merge pull request #1287 from XDRAGON2002/issue_1255 
fix: --- kubescape fix
 2023-07-21 21:19:04 +03:00
Vlad Klokun
bc131efd91 tests(fixhandler): remove tests of an unexported sanitization method 
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-07-21 20:29:04 +03:00
Vlad Klokun
4763f0d69d docs(fixhandler): follow Go Doc comments convention in sanitization func 
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
 2023-07-21 20:28:18 +03:00