kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00

Author	SHA1	Message	Date
Matthias Bertschy	57addd493f	fix all linter errors Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2026-02-02 17:32:08 +01:00
copilot-swe-agent[bot]	872c0c9fab	Fix workload scan to include allcontrols framework Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>	2026-01-16 14:58:58 +00:00
majiayu000	46eb266064	feat: add labels-to-copy flag to copy workload labels to reports Add a new --labels-to-copy CLI flag that allows users to specify which labels from Kubernetes workloads should be extracted and included in scan reports. This makes it easier to tie scan results back to app teams or repositories by including relevant labels like 'app', 'team', or 'environment' in the report output. Changes: - Add LabelsToCopy field to ScanInfo and OPASessionObj structs - Add --labels-to-copy flag to scan command - Add ResourceLabels field to PostureReportWithSeverity for JSON output - Implement extractResourceLabels function to extract specified labels - Add unit tests for label extraction functionality Fixes #1660 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: majiayu000 <1835304752@qq.com>	2025-12-31 06:20:29 +08:00
Matthias Bertschy	ff96edae4d	use grype v0.99.1 Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-17 10:11:19 +02:00
Matthias Bertschy	88b9b22bca	Merge pull request #1857 from aadarsh-nagrath/default-matchers feat: add default matchers option to image scanning	2025-09-02 14:25:29 +02:00
Matthias Bertschy	182162d521	gofmt Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-09-02 13:51:45 +02:00
Matthias Bertschy	011fc0689d	return error on image when severity threshold exceeded Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-08-14 14:38:59 +02:00
aadarsh-nagrath	db30020c95	feat: add default matchers option to image scanning hey! added the default matchers option for image scanning as requested in #1838. now you can choose between stock matchers and CPE matchers when scanning images. what's new: - added --use-default-matchers flag to scan/image/patch commands - true = stock matchers (default behavior) - false = CPE matchers (more precise) usage: # use CPE matchers for more precise detection kubescape scan image nginx:latest --use-default-matchers=false # or in scan command kubescape scan --scan-images --use-default-matchers=false everything's backward compatible - existing code works exactly the same. just added the new option for folks who want more control over their vulnerability detection. fixes #1838 Signed-off-by: aadarsh-nagrath <anagrath1@gmail.com>	2025-08-06 21:48:40 +05:30
Yehudah Tor	5b351d5eec	Done URL ref's before problematic ones Signed-off-by: Yehudah Tor <yehudahtor@gmail.com>	2025-07-24 12:11:31 +03:00
Matthias Bertschy	6ed3e408be	check scanInfo.Submit in HandleResults to not submit by default Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-06-30 08:16:41 +02:00
Ruslan Semagin	218e3914b1	test: increase test coverage Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-04-01 10:12:35 +03:00
Ruslan Semagin	835bcbeb12	fix: format imports with goimports Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-02-12 12:15:14 +03:00
Ruslan Semagin	2e4f7c4477	fix: add error handling and context propagation Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-02-12 09:02:01 +03:00
Ruslan Semagin	fe7dad4560	Refactor: propagate context from main to avoid redundant context creation - Introduced a single context in main() to handle interrupt signals (os.Interrupt, syscall.SIGTERM). - Removed repetitive context creation in the program by reusing the propagated context. - Improved code readability and maintainability by centralizing context management. - Ensured consistent handling of graceful shutdown across the program. Signed-off-by: Ruslan Semagin <pixel.365.24@gmail.com>	2025-02-11 19:52:48 +03:00
VaibhavMalik4187	0545818f82	Added tests and improvements for image exceptions Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2025-02-07 10:26:53 +01:00
VaibhavMalik4187	199c57be30	WIP: Load image exceptions from file Added initial commit to start loading image exceptions from json files. Currently, it supports vulnerability exceptions using their CVE-IDs. Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2025-02-07 10:26:53 +01:00
VaibhavMalik4187	7d55c79f11	Feature: Added exceptions flag in scan image cmd This commit introduces the "exceptions" flag in the scan image command. Users can pass a list of vulnerabilities they ignore while scanning an image using this flag. Also added tests for the same. Fixes: https://github.com/kubescape/kubescape/issues/1564 Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2025-02-07 10:26:53 +01:00
Eng Zer Jun	2005010568	Replace `golang.org/x/exp/slices` with `slices` from stdlib (#1783 )	2025-01-17 20:51:08 +02:00
Amir Malka	14ffe35437	add trigger by indication in posture report Signed-off-by: Amir Malka <amirm@armosec.io>	2025-01-09 16:13:29 +02:00
Matthias Bertschy	70a9380966	fix go imports Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2025-01-09 12:14:56 +01:00
Ben	4f3ef49f99	Implementing capability to print out the "print" statements of the rego Signed-off-by: Ben <ben@armosec.io>	2024-11-20 00:10:18 +02:00
Matthias Bertschy	2d77ea7b62	use pager.EachListItem to filter parented resources Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2024-07-03 16:41:12 +02:00
David Wertenteil	522cc3a454	Merge pull request #1305 from hoorayman/fix/cmd-framework-redundant-code fix(cmd/scan/framework.go): remove redundant code	2024-03-03 15:16:44 +02:00
David Wertenteil	ea7a8bef94	Fix/backlog (#1613 ) * Many minor improvements Signed-off-by: David Wertenteil <dwertent@armosec.io> * Handle fw scan error Signed-off-by: David Wertenteil <dwertent@armosec.io> * Remove prometheus docs Signed-off-by: David Wertenteil <dwertent@armosec.io> * fix workload threshold Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed units Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2024-02-26 22:42:41 +02:00
hoorayman	f1eaf09570	fix(cmd/scan/framework.go): remove redundant code Signed-off-by: hoorayman <813458665@qq.com>	2024-02-20 10:40:17 +08:00
Daniel Grunberger	7cda7346b7	set default Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-11-27 08:56:33 +02:00
Matthias Bertschy	5ef720bfee	Merge pull request #1533 from Umair0343/patch-4 Update framework_test.go (Add Test Case for Non-Existent Framework in…	2023-11-26 11:56:25 +01:00
Umair	5172ce30d1	Update framework_test.go (Add Test Case for Non-Existent Framework in GetFrameworkCmd) Description: This pull request introduces a new test case TestGetFrameworkCmdWithNonExistentFramework in the framework_test.go file. The purpose of this test case is to verify the behavior of the getFrameworkCmd function when it's run with a non-existent framework argument. In this test case, we: Create a mock Kubescape interface and a ScanInfo object Call the getFrameworkCmd function with the mock interface and ScanInfo object Run the command with a non-existent framework argument Check that there is an error and the error message is "bad argument: account ID must be a valid UUID" This test case enhances the test coverage of the getFrameworkCmd function and ensures that it correctly handles non-existent framework arguments. Signed-off-by: Umair <58398786+Umair0343@users.noreply.github.com>	2023-11-26 13:29:20 +05:00
Umair	4e24ad87dd	Update control_test.go (Add Test Case for Non-Existent Control in GetControlCmd) Description: This pull request introduces a new test case TestGetControlCmdWithNonExistentControl in the control_test.go file. The purpose of this test case is to verify the behavior of the getControlCmd function when it's run with a non-existent control argument. In this test case, we: Create a mock Kubescape interface and a ScanInfo object Call the getControlCmd function with the mock interface and ScanInfo object Run the command with a non-existent control argument Check that there is an error and the error message is "bad argument: account ID must be a valid UUID" This test case enhances the test coverage of the getControlCmd function and ensures that it correctly handles non-existent control arguments. Signed-off-by: Umair <58398786+Umair0343@users.noreply.github.com>	2023-11-26 13:20:00 +05:00
VaibhavMalik4187	69bbf7f72e	Added Test Suite for the cmd packages Wrote new tests for the following packages - operator - patch - scan Also fixed potential crash in the RunE function of the image subcommand in the scan package. Signed-off-by: VaibhavMalik4187 <vaibhavmalik2018@gmail.com>	2023-11-25 16:57:14 +05:30
Craig Box	c9ccef90f3	Pretty up the pretty-printer. (#1451 ) * Pretty up the pretty-printer. Signed-off-by: Craig Box <craigb@armosec.io> * add some text fixes for the Operator also Signed-off-by: Craig Box <craigb@armosec.io> * fix another verb Signed-off-by: Craig Box <craigb@armosec.io> * fixed unit tests Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed test Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: Craig Box <craigb@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-10-31 18:07:43 +02:00
David Wertenteil	3b2feca0dd	Update flags (#1462 ) * add access key flag to the scan command Signed-off-by: David Wertenteil <dwertent@armosec.io> * support triggering ns Signed-off-by: David Wertenteil <dwertent@armosec.io> * Fixed json keys Signed-off-by: David Wertenteil <dwertent@armosec.io> * get k8s config Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-31 15:41:18 +02:00
David Wertenteil	3e2314a269	Bump v3 (#1449 ) * bump version Signed-off-by: David Wertenteil <dwertent@armosec.io> * change default view Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed tests Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed go mod Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-22 17:43:51 +03:00
David Wertenteil	d5407466d5	Preparing Kubescape for v3 (#1403 ) * wip: minor cli fixes Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: change default view Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: reduce default topWorkloadsNumber to 3 Signed-off-by: David Wertenteil <dwertent@armosec.io> * update gif Signed-off-by: David Wertenteil <dwertent@armosec.io> * default view for controls and frameworks --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-22 15:39:58 +03:00
Daniel Grunberger	72b64127c7	Restructure img cmd (#1398 ) * feat: add kubescape patch command Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * update patch command output format Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * fix patch command logic Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * update docs & minor changes Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * restructure cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix tests Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * readme Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix version code Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * go mod Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Anubhav Gupta <mail.anubhav06@gmail.com> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-10-22 14:51:39 +03:00
Daniel Grunberger	96337edc67	add new line (#1389 ) * add new line Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * rename ks-cloud-operator Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-09-13 14:26:11 +03:00
Daniel Grunberger	df035ea5fc	Fix scan command (#1369 ) * bump version Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * bump version for httphandler Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix args validation Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * errors as const Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-09-03 17:22:14 +03:00
Daniel Grunberger	26c47d501c	move context flag to root (#1367 ) * move context flag to root Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * rm from httphandler Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-09-03 10:39:15 +03:00
Daniel Grunberger	53f23b663b	Logger fixes (#1362 ) * fix rbac log Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix logger logic Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * use const Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * use const for zap Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-30 19:17:41 +03:00
Amir Malka	592e0e2b43	Service discovery (#1359 ) * remove hardcoded urls Signed-off-by: Amir Malka <amirm@armosec.io> * update Signed-off-by: Amir Malka <amirm@armosec.io> * fix test Signed-off-by: Amir Malka <amirm@armosec.io> * update providers docs Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * hardcoded systests branch Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * added logs Signed-off-by: Amir Malka <amirm@armosec.io> * added logs Signed-off-by: Amir Malka <amirm@armosec.io> * create config path if it does not exist Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-30 09:54:50 +03:00
David Wertenteil	92449bf564	core(cmd): adding corrections to cmd (#1357 ) * adding corrections to cmd Signed-off-by: David Wertenteil <dwertent@armosec.io> * remove decorative line Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: changed results indicator Signed-off-by: David Wertenteil <dwertent@armosec.io> * replace status test with icons Signed-off-by: David Wertenteil <dwertent@armosec.io> * print workloads in a different line Signed-off-by: David Wertenteil <dwertent@armosec.io> * update display Signed-off-by: David Wertenteil <dwertent@armosec.io> * deprecate commands Signed-off-by: David Wertenteil <dwertent@armosec.io> * removed unused functions Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed tests Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cloud provider detection Signed-off-by: David Wertenteil <dwertent@armosec.io> * rename column name Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-29 09:50:22 +03:00
Amir Malka	150967eae8	Refactor backend integration (#1355 ) * refactor BE integration Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-23 15:36:08 +03:00
Daniel Grunberger	7b46cdd480	Improve cluster scan cli (#1352 ) * start improvements Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * cta Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * refactor Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fixes Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * http handler go mod Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * set control type Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * move to func Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * move to func Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * use color for vuln summary Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-22 15:21:01 +03:00
Daniel Grunberger	f7b3cdcf35	Improve logs (#1349 ) * use stop-success Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * improve logger Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * RBAC Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-17 14:18:40 +03:00
Daniel Grunberger	936cb26c06	fix panic and improve logs (#1344 ) Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-16 13:00:52 +03:00
David Wertenteil	51b37d5cbf	Update logs (#1340 ) * update logger Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> * bump go-logger version Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-10 19:15:14 +03:00
DRAGON2002	225a923006	feat: improve pretty logger (#1311 ) * feat: improve pretty logger Signed-off-by: DRAGON <anantvijay3@gmail.com> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: DRAGON <anantvijay3@gmail.com> Signed-off-by: Craig Box <craigb@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Craig Box <craigb@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-09 17:30:04 +03:00
David Wertenteil	cf08daf7fb	scan per namespace (#1337 ) * scan per namespace Signed-off-by: David Wertenteil <dwertent@armosec.io> * disable unit test Signed-off-by: David Wertenteil <dwertent@armosec.io> * Adding build image wf Signed-off-by: David Wertenteil <dwertent@armosec.io> * removing unused channels Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scopes Signed-off-by: David Wertenteil <dwertent@armosec.io> * update Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed cluster size Signed-off-by: David Wertenteil <dwertent@armosec.io> * update rbac deps Signed-off-by: David Wertenteil <dwertent@armosec.io> * aggregate resources Signed-off-by: David Wertenteil <dwertent@armosec.io> * Delete build-image.yaml Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scan image logs Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cmd message Signed-off-by: David Wertenteil <dwertent@armosec.io> * update logs Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-08 10:47:15 +03:00
Amir Malka	e2f96200e0	Code refactor (follow up to PR #1300 ) (#1323 ) * code refactor Signed-off-by: Amir Malka <amirm@armosec.io> * use scaninfo object in resource handler Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-03 17:50:33 +03:00
Daniel Grunberger	5379b9b0a6	New output (#1320 ) * phase-1 Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * factory Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * wip: feat(cli): add an image scanning command Add a CLI command that launches an image scan. Does not scan images yet. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: add image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore: include dependencies Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: adjust image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: use scanning service in CLI Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * use iface Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * touches Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * continue Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * identifiers * go mod * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * merge * more * integrate img scan * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * changes * changes * fixes * changes * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): create vuln db with dedicated function Remove commented out code, too. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * docs(imagescan): provide package-level docs Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * finish merge * image scan tests * continue * fixes * refactor * rm duplicate * start fixes * update gh actions Signed-off-by: David Wertenteil <dwertent@armosec.io> * pr fixes * fix test * improvements --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> Signed-off-by: Amir Malka <amirm@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Vlad Klokun <vklokun@protonmail.ch> Co-authored-by: Amir Malka <amirm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-03 12:09:33 +03:00

1 2 3

114 Commits