kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00

Author	SHA1	Message	Date
David Wertenteil	ba134ebc32	Update codesee-arch-diagram.yml Run codesee only on `.go` files Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-03 13:52:27 +03:00
Daniel Grunberger	5379b9b0a6	New output (#1320 ) * phase-1 Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * factory Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * wip: feat(cli): add an image scanning command Add a CLI command that launches an image scan. Does not scan images yet. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: add image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore: include dependencies Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: adjust image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: use scanning service in CLI Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * use iface Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * touches Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * continue Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * identifiers * go mod * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * merge * more * integrate img scan * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * changes * changes * fixes * changes * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): create vuln db with dedicated function Remove commented out code, too. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * docs(imagescan): provide package-level docs Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * finish merge * image scan tests * continue * fixes * refactor * rm duplicate * start fixes * update gh actions Signed-off-by: David Wertenteil <dwertent@armosec.io> * pr fixes * fix test * improvements --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> Signed-off-by: Amir Malka <amirm@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Vlad Klokun <vklokun@protonmail.ch> Co-authored-by: Amir Malka <amirm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-03 12:09:33 +03:00
David Wertenteil	98f68d8097	Merge pull request #1319 from kubescape/codesee-arch-diagram-workflow-1690964652908 Install the CodeSee workflow.	2023-08-03 10:14:47 +03:00
David Wertenteil	f8057b5c79	Merge pull request #1322 from kubescape/add-ai-workflow Adding pr-agent	2023-08-02 16:29:25 +03:00
David Wertenteil	f36d8c31b0	Adding pr-agent Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-02 16:27:16 +03:00
Vlad Klokun	3abf18acb7	Merge pull request #1288 from kubescape/feat-image-scan-svc feat: add an image scanning service and CLI command	2023-08-02 14:03:50 +03:00
codesee-maps[bot]	28200b2744	Install the CodeSee workflow. Learn more at https://docs.codesee.io	2023-08-02 08:24:13 +00:00
David Wertenteil	678f21e33c	Merge pull request #1317 from kubescape/add-prints-to-smoketest add prints to smoketest	2023-08-02 09:55:43 +03:00
Amir Malka	467a84ddac	add prints to smoketest Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-02 09:52:01 +03:00
Vlad Klokun	925145724e	docs(imagescan): provide package-level docs Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:18 +03:00
Vlad Klokun	e3677fc45c	chore(imagescan): create vuln db with dedicated function Remove commented out code, too. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:17 +03:00
Vlad Klokun	704de5bfc1	chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:17 +03:00
Vlad Klokun	2494c1971c	chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:17 +03:00
Vlad Klokun	3b8bd7735e	feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:17 +03:00
David Wertenteil	602591e7f2	Merge pull request #1315 from kubescape/remove-workload-cmd remove scan workload command	2023-08-02 08:44:15 +03:00
Amir Malka	e276e54d2b	remove scan workload command Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-01 14:11:16 +03:00
Amir Malka	0c019819ff	Scanning a single resource (#1300 ) * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * fix tests Signed-off-by: Amir Malka <amirm@armosec.io> * use ScanObject instead of workload identifier Signed-off-by: Amir Malka <amirm@armosec.io> * refactor logic after CR Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Amir Malka <amirm@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-01 14:07:31 +03:00
David Wertenteil	d9e946cf6d	reset head (#1306 ) Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-01 10:47:07 +03:00
David Wertenteil	e3a8ebfe05	Merge pull request #1297 from dwertent/update-armo-docs docs(providers): Update ARMO docs	2023-07-31 19:37:01 +03:00
David Wertenteil	fd3703b21b	Merge pull request #1296 from kubescape/error-handle-for-empty-resource-scan Error handle for empty resource scan	2023-07-31 16:13:42 +03:00
David Wertenteil	6bcdda7d56	Merge pull request #1309 from amirmalka/bump-dependencies bump opa-utils	2023-07-31 12:11:26 +03:00
Amir Malka	981430d65f	bump opa-utils Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 12:00:52 +03:00
David Wertenteil	e91ec69832	Merge pull request #1307 from amirmalka/bump-dependencies Bump dependencies	2023-07-31 11:02:05 +03:00
Amir Malka	bbfa5d356a	bump opa-utils, k8s-interface and armoapi-go Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 10:39:03 +03:00
rcohencyberarmor	d28afcb00c	linter correction Signed-off-by: rcohencyberarmor <rcohen@armosec.io>	2023-07-30 15:46:54 +03:00
rcohencyberarmor	ca6bdb0bef	review corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io>	2023-07-30 12:06:03 +03:00
Raziel Cohen	e424bfa81b	Merge branch 'master' of github.com:kubescape/kubescape into error-handle-for-empty-resource-scan	2023-07-30 11:21:53 +03:00
David Wertenteil	9f1ff4c090	Merge pull request #1279 from XDRAGON2002/issue_760 feat: add build.ps1 v2.3.8	2023-07-25 14:41:00 +03:00
David Wertenteil	1a2dda700b	Merge pull request #1291 from XDRAGON2002/issue_1290 fix: yamlhandler error handling	2023-07-25 14:39:26 +03:00
rcohencyberarmor	c4e5611c7f	add print in the cli to which version the kubescape was update (#1295 ) * add print in the cli to which version the kubescape was update Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update will suggest to our user to update by following kubescape installation guide Signed-off-by: rcohencyberarmor <rcohen@armosec.io> --------- Signed-off-by: rcohencyberarmor <rcohen@armosec.io> Co-authored-by: rcohencyberarmor <rcohen@armosec.io>	2023-07-25 14:37:44 +03:00
DRAGON	d8e913fb9f	feat: add build.ps1 Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-07-25 14:36:57 +05:30
David Wertenteil	a37b1f7319	update armo docs Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-07-25 11:01:48 +03:00
rcohencyberarmor	b730ef5154	git recognition for empty directory for test Signed-off-by: rcohencyberarmor <rcohen@armosec.io>	2023-07-24 17:24:13 +03:00
rcohencyberarmor	3280173e95	add error handle when there are no scan to trigger since the directory not contain any relevant scanning files Signed-off-by: rcohencyberarmor <rcohen@armosec.io>	2023-07-24 17:17:06 +03:00
DRAGON	d0ae4f1c1a	fix: yamlhandler error handling Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-07-22 13:26:40 +05:30
Vlad Klokun	e4faad8284	Merge pull request #1287 from XDRAGON2002/issue_1255 fix: --- kubescape fix	2023-07-21 21:19:04 +03:00
Vlad Klokun	bc131efd91	tests(fixhandler): remove tests of an unexported sanitization method Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-07-21 20:29:04 +03:00
Vlad Klokun	4763f0d69d	docs(fixhandler): follow Go Doc comments convention in sanitization func Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-07-21 20:28:18 +03:00
Vlad Klokun	22c412ce7f	refactor(fixhandler): sanitize YAML inside ApplyFixToContent External observers don’t need to be aware of the fact we need to sanitize leading document separators in YAML files. This should be hidden inside our public function - `ApplyFixToContent()`. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-07-21 20:17:33 +03:00
Vlad Klokun	1503e984f8	tests(fixhandler): fail test if unable to open test data file Previously when there was a typo in a test file name, we silently failed. This commit makes the test explicitly fail if a test data file was not found. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-07-21 19:55:03 +03:00
Vlad Klokun	a4478ba899	style(fixhandler): newlines and spacing Ran with `go fmt`. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-07-21 19:45:43 +03:00
David Wertenteil	fcbcb53995	Merge pull request #1276 from amirmalka/time-based-cached-policies Time-based cached policies	2023-07-20 16:56:39 +03:00
YiscahLevySilas1	17c43fd366	support related objects (#1272 ) * support related objects Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update pkg versions Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update go mod Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * only add ids of related resource Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fixes following review Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * add test for processRule Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-07-20 16:23:58 +03:00
YiscahLevySilas1	d44746cb85	allow adding a fw name when running all (#1286 ) * allow adding a fw name when running all Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> clean code Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix following review Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-07-20 14:07:38 +03:00
DRAGON	912035662b	fix: --- kubescape fix Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-07-20 00:05:23 +05:30
Matthias Bertschy	61dac76369	Merge pull request #1283 from kubescape/remove-website Remove website folder	2023-07-19 16:29:34 +02:00
Amir Malka	bacf15eeb8	cache control inputs Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-18 15:56:16 +03:00
Craig Box	0a5af235e3	Remove website folder Signed-off-by: Craig Box <craigb@armosec.io>	2023-07-17 20:09:34 +12:00
David Wertenteil	6fec02caff	Merge pull request #1281 from XDRAGON2002/issue_1280 fix: stuck spinner	2023-07-17 09:27:26 +03:00
DRAGON	067655d003	fix: stuck spinner Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-07-14 01:24:46 +05:30

1 2 3 4 5 ...

2501 Commits