kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00

Author	SHA1	Message	Date
Matthias Bertschy	3efa40e808	use go-gitlog as an alternative to git2go (#1393 ) * use go-gitlog as an alternative to git2go Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> * set RELEASE to something to avoid failing binary-build step Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> --------- Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-10-15 15:16:05 +03:00
Amir Malka	8257e31232	Save scan results in storage and support scanning a deleted resource (#1376 ) * store scan results in storage Signed-off-by: Amir Malka <amirm@armosec.io> * store scan results in storage Signed-off-by: Amir Malka <amirm@armosec.io> * save resources in their namespaces, load namespace from env var, extend the config obj Signed-off-by: Amir Malka <amirm@armosec.io> * setting context name Signed-off-by: Amir Malka <amirm@armosec.io> * updated k8s-interface Signed-off-by: Amir Malka <amirm@armosec.io> * scanning a deleted resource Signed-off-by: Amir Malka <amirm@armosec.io> * cr changes Signed-off-by: Amir Malka <amirm@armosec.io> * cr changes Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * remove unused constants Signed-off-by: Amir Malka <amirm@armosec.io> * use t.Setenv Signed-off-by: Amir Malka <amirm@armosec.io> * added tests for rbac triplet slugs Signed-off-by: Amir Malka <amirm@armosec.io> * updated namespace logic Signed-off-by: Amir Malka <amirm@armosec.io> * fix test Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-09-14 10:03:36 +03:00
Daniel Grunberger	96337edc67	add new line (#1389 ) * add new line Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * rename ks-cloud-operator Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-09-13 14:26:11 +03:00
Daniel Grunberger	53f23b663b	Logger fixes (#1362 ) * fix rbac log Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix logger logic Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * use const Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * use const for zap Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-30 19:17:41 +03:00
David Wertenteil	92449bf564	core(cmd): adding corrections to cmd (#1357 ) * adding corrections to cmd Signed-off-by: David Wertenteil <dwertent@armosec.io> * remove decorative line Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: changed results indicator Signed-off-by: David Wertenteil <dwertent@armosec.io> * replace status test with icons Signed-off-by: David Wertenteil <dwertent@armosec.io> * print workloads in a different line Signed-off-by: David Wertenteil <dwertent@armosec.io> * update display Signed-off-by: David Wertenteil <dwertent@armosec.io> * deprecate commands Signed-off-by: David Wertenteil <dwertent@armosec.io> * removed unused functions Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed tests Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cloud provider detection Signed-off-by: David Wertenteil <dwertent@armosec.io> * rename column name Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-29 09:50:22 +03:00
Amir Malka	150967eae8	Refactor backend integration (#1355 ) * refactor BE integration Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-23 15:36:08 +03:00
Daniel Grunberger	f7b3cdcf35	Improve logs (#1349 ) * use stop-success Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * improve logger Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * RBAC Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-17 14:18:40 +03:00
Daniel Grunberger	936cb26c06	fix panic and improve logs (#1344 ) Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-16 13:00:52 +03:00
DRAGON2002	225a923006	feat: improve pretty logger (#1311 ) * feat: improve pretty logger Signed-off-by: DRAGON <anantvijay3@gmail.com> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: DRAGON <anantvijay3@gmail.com> Signed-off-by: Craig Box <craigb@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Craig Box <craigb@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-09 17:30:04 +03:00
David Wertenteil	cf08daf7fb	scan per namespace (#1337 ) * scan per namespace Signed-off-by: David Wertenteil <dwertent@armosec.io> * disable unit test Signed-off-by: David Wertenteil <dwertent@armosec.io> * Adding build image wf Signed-off-by: David Wertenteil <dwertent@armosec.io> * removing unused channels Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scopes Signed-off-by: David Wertenteil <dwertent@armosec.io> * update Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed cluster size Signed-off-by: David Wertenteil <dwertent@armosec.io> * update rbac deps Signed-off-by: David Wertenteil <dwertent@armosec.io> * aggregate resources Signed-off-by: David Wertenteil <dwertent@armosec.io> * Delete build-image.yaml Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scan image logs Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cmd message Signed-off-by: David Wertenteil <dwertent@armosec.io> * update logs Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-08 10:47:15 +03:00
Amir Malka	e2f96200e0	Code refactor (follow up to PR #1300 ) (#1323 ) * code refactor Signed-off-by: Amir Malka <amirm@armosec.io> * use scaninfo object in resource handler Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-03 17:50:33 +03:00
Daniel Grunberger	5379b9b0a6	New output (#1320 ) * phase-1 Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * factory Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * wip: feat(cli): add an image scanning command Add a CLI command that launches an image scan. Does not scan images yet. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: add image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore: include dependencies Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: adjust image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: use scanning service in CLI Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * use iface Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * touches Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * continue Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * identifiers * go mod * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * merge * more * integrate img scan * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * changes * changes * fixes * changes * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): create vuln db with dedicated function Remove commented out code, too. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * docs(imagescan): provide package-level docs Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * finish merge * image scan tests * continue * fixes * refactor * rm duplicate * start fixes * update gh actions Signed-off-by: David Wertenteil <dwertent@armosec.io> * pr fixes * fix test * improvements --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> Signed-off-by: Amir Malka <amirm@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Vlad Klokun <vklokun@protonmail.ch> Co-authored-by: Amir Malka <amirm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-03 12:09:33 +03:00
Amir Malka	0c019819ff	Scanning a single resource (#1300 ) * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * fix tests Signed-off-by: Amir Malka <amirm@armosec.io> * use ScanObject instead of workload identifier Signed-off-by: Amir Malka <amirm@armosec.io> * refactor logic after CR Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Amir Malka <amirm@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-01 14:07:31 +03:00
David Wertenteil	fd3703b21b	Merge pull request #1296 from kubescape/error-handle-for-empty-resource-scan Error handle for empty resource scan	2023-07-31 16:13:42 +03:00
Amir Malka	bbfa5d356a	bump opa-utils, k8s-interface and armoapi-go Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 10:39:03 +03:00
rcohencyberarmor	3280173e95	add error handle when there are no scan to trigger since the directory not contain any relevant scanning files Signed-off-by: rcohencyberarmor <rcohen@armosec.io>	2023-07-24 17:17:06 +03:00
David Wertenteil	fcbcb53995	Merge pull request #1276 from amirmalka/time-based-cached-policies Time-based cached policies	2023-07-20 16:56:39 +03:00
Amir Malka	bacf15eeb8	cache control inputs Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-18 15:56:16 +03:00
DRAGON	067655d003	fix: stuck spinner Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-07-14 01:24:46 +05:30
Amir Malka	e470fce6ed	initial implementation of OpenTelemetry metrics collection (#1269 ) Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-10 14:22:26 +03:00
Amir Malka	ea3172eda6	time-based cached policies Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-10 10:54:56 +03:00
David Wertenteil	b149e00d1a	Merge pull request #1264 from dwertent/deprecate-image-controls core(adaptors): Ignore adaptors when credentials are not set	2023-07-05 17:48:12 +03:00
David Wertenteil	06f5c24b7d	ignore adaptors if credentials are not set Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-07-05 10:13:21 +03:00
David Wertenteil	8989cc1679	Deprecated host-scanner Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-07-04 09:43:10 +03:00
Matthias Bertschy	75b64d58f3	change basic auth username to x-token-auth Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-05-01 10:55:07 +02:00
Alessio Greggi	f010364c98	feat: add progress bar during cloud resources download Signed-off-by: Alessio Greggi <ale_grey_91@hotmail.it>	2023-03-28 16:10:55 +02:00
David Wertenteil	ec4a098b1c	replace error by warning Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-03-15 17:17:29 +02:00
David Wertenteil	1e0b9563a1	Merge to master - PR number: 1129	2023-03-13 13:43:07 +02:00
Alessio Greggi	5aa56b1c0a	feat: integrate support to retrieve eks policies Signed-off-by: Alessio Greggi <ale_grey_91@hotmail.it>	2023-03-13 11:35:07 +01:00
Frederic BIDON	7174f49f87	chore(lintin): run another pass of linting with the rules already in place Signed-off-by: Frederic BIDON <fredbi@yahoo.com>	2023-03-05 20:16:37 +01:00
YiscahLevySilas1	2a0a2cf95a	update logs in some resource getters (#1071 ) * change warning to debug Signed-off-by: yiscah <yiscahls@armosec.io> * update log Signed-off-by: yiscah <yiscahls@armosec.io> --------- Signed-off-by: yiscah <yiscahls@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-02-07 22:37:13 +02:00
YiscahLevySilas1	9f97f91f32	add context Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-02-05 12:03:10 +02:00
YiscahLevySilas1	c6eff8cbaa	minor change	2023-02-05 11:54:21 +02:00
David Wertenteil	af9df548d6	Merge branch 'master' into CIS-EKS-support	2023-02-05 09:43:41 +02:00
Matthias Bertschy	160ac0db7c	add otel with uptrace client Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-01-31 08:06:33 +01:00
yiscah	45fcc59b5f	add unit test Signed-off-by: yiscah <yiscahls@armosec.io>	2023-01-30 11:03:10 +02:00
YiscahLevySilas1	a7f810f0d1	Merge pull request #1043 from YiscahLevySilas1/dev Get cloud provider resources	2023-01-29 08:59:01 +02:00
yiscah	9a7e61edd1	add cloud resource ListEntitiesForPolicies	2023-01-27 13:42:15 +02:00
yiscah	de1d8a9d86	improve cloud resources getters	2023-01-24 17:18:39 +02:00
kooomix	8810631d5c	Support in CNIInfo	2023-01-23 09:50:07 +02:00
yiscah	6cddce7399	minor improvements in getting cloud resources	2023-01-22 12:11:58 +02:00
yiscah	5e4bc5ddb8	get new cloud resource - DescribeRepositories	2023-01-18 09:25:50 +02:00
David Wertenteil	c6261e45a8	Merge pull request #1026 from kubescape/fix-command-indentation Fix command indentation	2023-01-13 13:40:46 +02:00
Vlad Klokun	0c23579db7	docs: clarify the comment adjusting the repoRoot	2023-01-13 12:47:07 +02:00
suhasgumma	a755f365df	Fixed: Fix not working when multiple individual files are passed	2023-01-13 12:47:07 +02:00
suhasgumma	15f7b9f954	Add Comment	2023-01-13 12:47:07 +02:00
suhasgumma	92a2704fa6	Fix RelSource for Files	2023-01-13 12:47:07 +02:00
Matthias Bertschy	1757c891aa	add support for Bitbucket scanning	2023-01-13 07:35:07 +01:00
Anubhav Gupta	284c8c737b	Merge branch 'dev' of https://github.com/anubhav06/kubescape into azure-scanning	2023-01-10 23:30:11 +05:30
Anubhav Gupta	3441a65290	added Azure repo scanning support Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>	2023-01-10 23:29:35 +05:30

1 2 3 4

172 Commits