github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,501 Commits 23 Branches 553 Tags
ba134ebc3262dcefeba53dfcf287967c19b4b298
Commit Graph

245 Commits

Author SHA1 Message Date
David Wertenteil
ba134ebc32 Update codesee-arch-diagram.yml 
Run codesee only on `.go` files

Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 13:52:27 +03:00
Daniel Grunberger
5379b9b0a6 New output (#1320) 
* phase-1

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* factory

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* wip: feat(cli): add an image scanning command

Add a CLI command that launches an image scan. Does not scan images yet.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* wip: feat: add image scanning service

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore: include dependencies

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* wip: adjust image scanning service

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* wip: feat: use scanning service in CLI

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* use iface

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* touches

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* continue

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* add cmd

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>

* support single workload scan

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix conflict

Signed-off-by: Amir Malka <amirm@armosec.io>

* identifiers

* go mod

* feat(imagescan): add an image scanning command

This commit adds a CLI command and an associated package that scan
images for vulnerabilities.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

feat(imagescan): fail on exceeding the severity threshold

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): include dependencies

This commit adds the dependencies necessary for image scanning.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): add dependencies to httphandler

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* added unit tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* merge

* more

* integrate img scan

* added unit tests

Signed-off-by: Amir Malka <amirm@armosec.io>

* more refactoring

Signed-off-by: Amir Malka <amirm@armosec.io>

* add scanned workload reference to opasessionobj

Signed-off-by: Amir Malka <amirm@armosec.io>

* fix GetWorkloadParentKind

Signed-off-by: Amir Malka <amirm@armosec.io>

* remove namespace argument from pullSingleResource, using field selector instead

Signed-off-by: Amir Malka <amirm@armosec.io>

* removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function

Signed-off-by: Amir Malka <amirm@armosec.io>

* changes

* changes

* fixes

* changes

* feat(imagescan): add an image scanning command

This commit adds a CLI command and an associated package that scan
images for vulnerabilities.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

feat(imagescan): fail on exceeding the severity threshold

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): include dependencies

This commit adds the dependencies necessary for image scanning.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): add dependencies to httphandler

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* chore(imagescan): create vuln db with dedicated function

Remove commented out code, too.

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* docs(imagescan): provide package-level docs

Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>

* finish merge

* image scan tests

* continue

* fixes

* refactor

* rm duplicate

* start fixes

* update gh actions

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* pr fixes

* fix test

* improvements

---------

Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>
Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>
Signed-off-by: Amir Malka <amirm@armosec.io>
Signed-off-by: David Wertenteil <dwertent@armosec.io>
Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>
Co-authored-by: Vlad Klokun <vklokun@protonmail.ch>
Co-authored-by: Amir Malka <amirm@armosec.io>
Co-authored-by: David Wertenteil <dwertent@armosec.io>
 2023-08-03 12:09:33 +03:00
David Wertenteil
98f68d8097 Merge pull request #1319 from kubescape/codesee-arch-diagram-workflow-1690964652908 
Install the CodeSee workflow.
 2023-08-03 10:14:47 +03:00
David Wertenteil
f36d8c31b0 Adding pr-agent 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-08-02 16:27:16 +03:00
codesee-maps[bot]
28200b2744 Install the CodeSee workflow. Learn more at https://docs.codesee.io 2023-08-02 08:24:13 +00:00
David Wertenteil
d380b2cb00 Revert "Deprecate kubescape-windows-latest" 2023-05-16 10:03:41 +03:00
David Wertenteil
d1bc6d0190 Merge pull request #1213 from HollowMan6/windows-latest 
Deprecate kubescape-windows-latest
 2023-05-15 13:23:32 +03:00
Amir Malka
0a0ef10d50 Control parallelism of opa rule processing by env var (#1230) 
* control parallelism of opa rule processing by env var

Signed-off-by: Amir Malka <amirm@armosec.io>

* go 1.20

Signed-off-by: Amir Malka <amirm@armosec.io>

* update go.mod go.sum

Signed-off-by: Amir Malka <amirm@armosec.io>

---------

Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-05-14 14:59:21 +03:00
Amir Malka
b26f83d0bd update go version 1.19->1.20 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-05-14 10:04:30 +03:00
David Wertenteil
9cc3053d74 Merge pull request #1214 from HollowMan6/dispatch 
Add ref to workflow dispatch
 2023-05-11 15:13:24 +01:00
YiscahLevySilas1
aff8cc480e add compliance score system test 
Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>
 2023-05-07 16:07:39 +03:00
Hollow Man
c637c1a589 Add ref to workflow dispatch 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-05-01 22:07:50 +03:00
Hollow Man
75d31c22d9 Deprecate kubescape-windows-latest 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-05-01 17:38:46 +03:00
David Wertenteil
b93a97a8c8 Merge pull request #1186 from HollowMan6/dispatch 
Invoke packaging workflow to update after release
 2023-05-01 16:45:10 +03:00
Hollow Man
1843bcdaf8 invoke only if the repository owner is kubescape 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-05-01 13:46:39 +03:00
Hollow Man
ec7bc26f64 Add kubescape.exe to the release assets 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-05-01 13:24:35 +03:00
Hollow Man
d4b75dcb0c ci: update before install packages 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-27 15:50:21 +00:00
David Wertenteil
c0530b4f88 wip: fixed github actions 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-04-23 11:47:54 +03:00
David Wertenteil
d448de131f Merge pull request #1148 from HollowMan6/master 
arm64 release binaries for CI and Krew
 2023-04-23 09:48:05 +03:00
Hollow Man
ab41d5dbf4 Invoke workflow to update github action 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-12 22:33:02 +03:00
MathoAvito
d44b9f7a31 Change wf (#1190) 
* added coveralls coverage tests 

Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-04-09 18:29:23 +03:00
Hollow Man
30ad3adbb6 Invoke workflow to update after release 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 15:49:25 +03:00
Hollow Man
e8d92ffd43 Resume test core pkg under ubuntu arm64 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Hollow Man
48a15e1a8d Disable multi-platform test with commits 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Hollow Man
d02f15ef6f merge pr scanner build into binary-build-and-e2e-tests 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Hollow Man
9327f70e1a Fix naming 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Hollow Man
c498026208 Disable core pkg test for ubuntu arm64 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Hollow Man
3238555df3 add cross compilation for ubuntu arm64 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Hollow Man
0c77d89bfc add cross compilation for mac m1 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-04-07 00:47:40 +03:00
Matan Shkalim
173eac552c delete BUILD_AND_TEST_LOCAL_KUBESCAPE_CLI input for b-binary-build-and-e2e-tests wf 
Signed-off-by: Matan Shkalim <shekel8@gmail.com>
 2023-04-03 07:40:09 +01:00
Matan Shkalim
bb576610ff change concurrency in 00-pr-scanner 
Signed-off-by: Matan Shkalim <shekel8@gmail.com>
 2023-03-21 08:05:40 +00:00
Matan Shkalim
085be86197 remove merge action 
Signed-off-by: Matan Shkalim <shekel8@gmail.com>
 2023-03-21 08:01:59 +00:00
Matan Shkalim
6a750671c3 change trigger for wf 
Signed-off-by: Matan Shkalim <shekel8@gmail.com>
 2023-03-20 15:40:52 +00:00
Matan Avital
678ef2b787 changed ks_branch to release 
Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-03-20 17:34:48 +02:00
Matan Avital
2ea9e1a596 moved the output TEST_NAMES to wf-preparation job (was check-secret job) and added step export_tests.. 
Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-03-20 17:22:52 +02:00
Matan Avital
62e3d3263d fixed syntax error 
Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-03-20 14:11:09 +02:00
Matan Avital
650d489c26 fixed syntax error 
Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-03-20 14:09:04 +02:00
Matan Avital
100822f48d added input to make the binary build and test dynamic 
Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-03-20 13:45:31 +02:00
Matan Avital
e3d5a8c3c6 added CHECKOUT_REPO input parameter 
Signed-off-by: Matan Avital <matavital13@gmail.com>
 2023-03-19 18:19:48 +02:00
Hollow Man
2542692f25 Revert add '.exe' to Win release binary 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-03-12 11:58:43 +02:00
Hollow Man
640483e991 ci(release): fix publishing krew plugin; add .exe suffix to Win binary 
Signed-off-by: Hollow Man <hollowman@opensuse.org>
 2023-03-12 00:39:34 +02:00
Alessio Greggi
e419af6c03 ci: pin workflows versions to fixed commits 
Signed-off-by: Alessio Greggi <ale_grey_91@hotmail.it>
 2023-02-27 21:43:09 +01:00
David Wertenteil
5d6ac80c38 Move GITHUB_REF to the krew step 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-02-26 14:47:25 +02:00
David Wertenteil
46682dfe16 Override GITHUB_REF env when releasing krew 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-02-24 00:34:18 +02:00
Amir Malka
cc823d7559 fix macos build - add missing pkg-config 
Signed-off-by: Amir Malka <amirm@armosec.io>
 2023-02-21 10:13:08 +02:00
Matthias Bertschy
31a693e9b6 enable krew plugin publishing action 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2023-02-15 08:02:24 +01:00
David Wertenteil
e8253d4193 Renaming the files (#1079) 
* Renaming the files

Signed-off-by: David Wertenteil <dwertent@armosec.io>

* Removing un-used code

Signed-off-by: David Wertenteil <dwertent@armosec.io>

---------

Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-02-06 19:01:53 +02:00
David Wertenteil
129b0f3ee3 fix dockerbuild paths 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-02-06 15:49:13 +02:00
David Wertenteil
01a8a34637 list files for upload 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-02-06 15:49:13 +02:00
David Wertenteil
bcb6c06e73 update artifacts location 
Signed-off-by: David Wertenteil <dwertent@armosec.io>
 2023-02-06 15:49:13 +02:00