github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,468 Commits 20 Branches 551 Tags
dc65bd4ccc0fcd36ead0a1d587051150eac8a15a
Commit Graph

3468 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matthias Bertschy
3b6bc00b03 Merge pull request #1914 from majiayu000/fix-1617-kustomize-directory-analysis-n-1231-0603 
fix: Kustomize directory analysis not working
 2026-01-05 06:45:06 +00:00
Matthias Bertschy
8984f941ab Update README to include GoReleaser installation and usage instructions 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2026-01-05 07:27:39 +01:00
majiayu000
46eb266064 feat: add labels-to-copy flag to copy workload labels to reports 
Add a new --labels-to-copy CLI flag that allows users to specify which
labels from Kubernetes workloads should be extracted and included in
scan reports. This makes it easier to tie scan results back to app
teams or repositories by including relevant labels like 'app', 'team',
or 'environment' in the report output.

Changes:
- Add LabelsToCopy field to ScanInfo and OPASessionObj structs
- Add --labels-to-copy flag to scan command
- Add ResourceLabels field to PostureReportWithSeverity for JSON output
- Implement extractResourceLabels function to extract specified labels
- Add unit tests for label extraction functionality

Fixes #1660

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: majiayu000 <1835304752@qq.com>
 2025-12-31 06:20:29 +08:00
majiayu000
0f2125817b fix: enable kustomize overlays to load base configurations 
Fixes #1617. The kustomize build was failing for overlays that reference
base configurations in parent directories (e.g., ../../base). This was
because krusty.MakeDefaultOptions() defaults to LoadRestrictionsRootOnly,
which prevents loading resources from outside the kustomize directory.

Changed LoadRestrictions to LoadRestrictionsNone to allow overlays to
properly resolve and merge base configurations during scanning.

Added tests to verify:
- Overlay directories can successfully load resources from base directories
- Base directories continue to work as before
- The merged configuration includes resources from both base and overlay

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Signed-off-by: majiayu000 <1835304752@qq.com>
 2025-12-31 06:14:10 +08:00
Matthias Bertschy
1225540590 Merge pull request #1913 from oglok/fix-typos-in-docs 
Fix typos in documentation
 2025-12-30 21:55:50 +01:00
Ricardo Noriega De Soto
0e4ff13276 Fix typos in documentation 
Signed-off-by: Ricardo Noriega De Soto <rnoriega@redhat.com>
 2025-12-30 21:03:50 +01:00
Matthias Bertschy
5fed9cc507 Enhance installation scripts for cross-platform support and improve error handling 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
v3.0.47 		2025-12-15 08:52:05 +01:00
Matthias Bertschy
06241fce03 Refactor release workflow to simplify tagging and remove unnecessary inputs 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-15 08:08:07 +01:00
Matthias Bertschy
2b91023c6b Update release workflow to include tagging in arguments 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-15 07:59:26 +01:00
Matthias Bertschy
082edf52d9 Refactor GitHub Actions workflow for system tests and update smoke test logging 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-15 07:47:09 +01:00
Matthias Bertschy
be250ff090 Add debug listing and adjust JUnit report options 2025-12-12 22:50:32 +01:00
Matthias Bertschy
d74803af28 Add skip flag and collect system test results 
Add workflow input skip_system_tests and make RUN_E2E respect it. Add
System Tests Report step to publish JUnit XMLs. Update
goreleaser-post-e2e.sh to add GitHub Actions log grouping, capture
per-test logs under test-results/system-tests, and copy JUnit XML
results while preserving directory structure.
 2025-12-12 22:24:30 +01:00
Matthias Bertschy
893bb86035 Add production secrets to release workflow 2025-12-12 21:40:29 +01:00
Matthias Bertschy
314a74b817 Require Python 3.9 for system tests 
Update CI workflow and goreleaser post-e2e script to use Python 3.9.
Rename SYSTEST_REQUIRE_PY311 to SYSTEST_REQUIRE_PY39, prefer python3.9,
and change version checks to refuse venvs created with Python 3.10+. If
python3.9 is missing or wrong, honor E2E_FAIL_ON_ERROR: either fail the
release or skip system tests and clean up.
 2025-12-12 21:25:01 +01:00
Matthias Bertschy
997bc2d23b Use python3-dev in release workflow 2025-12-12 21:10:24 +01:00
Matthias Bertschy
5d1699291a Install system dependencies in release workflow 
Add apt-get step to install libpq5, libpq-dev, gcc, and python3.11-dev
for system tests and clean apt lists
 2025-12-12 16:16:48 +01:00
Matthias Bertschy
bfca19bf25 Remove pip cache from release workflow 2025-12-12 15:59:11 +01:00
Matthias Bertschy
1b94d27fd6 Require Python 3.11 for system tests 2025-12-12 15:56:12 +01:00
Matthias Bertschy
acf7ad04ed fix go mod tidy 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 15:36:56 +01:00
Matthias Bertschy
0f5775065e fix: prefer Python 3.11 for system-tests and update environment setup 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 15:36:37 +01:00
Matthias Bertschy
66fbca8f24 Merge pull request #1911 from kubescape/copilot/fix-local-file-path-issue 
Fix: Prevent self-hosted git URLs from being treated as local file paths
 2025-12-12 15:14:43 +01:00
Matthias Bertschy
1f8de23a65 fix: update post-build hook to conditionally execute script for amd64 architecture 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 14:56:03 +01:00
Matthias Bertschy
89478eabcc fix: add k8s Kind cluster creation step and clean up post-e2e script 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 14:51:43 +01:00
Matthias Bertschy
6be9aec5b0 fix: update test_command and test_scan to remove deprecated scan commands and adjust file paths 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 14:39:11 +01:00
Matthias Bertschy
32551275ba fix: correct post-build hook syntax for setting GOARCH environment variable 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 14:31:27 +01:00
Matthias Bertschy
4ee6238244 fix: update post-build hook to set GOARCH environment variable 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 14:22:07 +01:00
Matthias Bertschy
54dda8bf31 fix: enable end-to-end tests in release workflow 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 14:09:26 +01:00
Matthias Bertschy
270b3b320d fix: enhance release workflow with optional skip publish input and add system tests execution 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 13:19:52 +01:00
Matthias Bertschy
fa17ca26e1 fix: enhance release workflow with optional skip publish input and add system tests execution 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-12 12:47:23 +01:00
copilot-swe-agent[bot]
66e970a3dc Update go-git-url to v0.0.31 for improved URL parsing 
Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>
 2025-12-11 16:59:59 +00:00
Matthias Bertschy
d10d08c02b fix: update e2e script to enforce fatal failures and improve artifact detection 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-11 15:22:48 +01:00
copilot-swe-agent[bot]
8d7c595a76 Address code review feedback: Extract helper function and improve comments 
- Add isHTTPURL helper function for better code reusability
- Improve comments to clarify why ContextDir is returned
- Enhance error message for unrecognized git repositories

Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>
 2025-12-11 09:16:12 +00:00
copilot-swe-agent[bot]
621ffd3ead Fix: Prevent URLs from being treated as local file paths 
- Add URL detection (http:// and https://) in getScanningContext
- Prevent URLs from being joined with current working directory
- Add test cases for self-hosted GitLab URLs
- Ensure proper error handling when git clone fails

Co-authored-by: matthyx <20683409+matthyx@users.noreply.github.com>
 2025-12-11 09:08:12 +00:00
copilot-swe-agent[bot]
5dee6d0e4f Initial plan 2025-12-11 08:57:35 +00:00
Matthias Bertschy
f516853af8 fix: update kubescape krew configuration to skip upload 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-11 07:42:00 +01:00
Matthias Bertschy
0d01329683 fix: add commit author information to goreleaser configuration 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-11 07:12:40 +01:00
Matthias Bertschy
5a0f5f98c1 fix: update krew index pull request configuration to specify owner and name 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 22:49:11 +01:00
Matthias Bertschy
771fc4acca fix: correct kubescape repository owner in goreleaser configuration 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 22:30:54 +01:00
Matthias Bertschy
68a9d0cf60 fix: update GITHUB_TOKEN handling and correct kubescape repository owner in configuration 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 22:06:49 +01:00
Matthias Bertschy
d2bc957500 fix: update kubescape krew configuration to use repository field 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 21:52:32 +01:00
Matthias Bertschy
d20ec9e471 feat: add kubescape krew index to goreleaser configuration 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 21:47:48 +01:00
Matthias Bertschy
d3824028c5 feat: add QEMU and Docker Buildx setup steps in release workflow 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 21:30:40 +01:00
Matthias Bertschy
5013f91814 feat: add Syft setup step in release workflow 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 21:16:24 +01:00
Matthias Bertschy
41e47c3ad3 fix: update runner to ubuntu-large in release configuration 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 19:15:48 +01:00
Matthias Bertschy
acfe986863 fix: add cosign.key to .gitignore 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 18:41:39 +01:00
Matthias Bertschy
abafa9eafa fix: remove unnecessary secrets inheritance in release configuration 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 18:35:10 +01:00
Matthias Bertschy
dce1ee4dc6 cleaning up release action 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 18:31:25 +01:00
Matthias Bertschy
62a143326c Merge pull request #1816 from kubescape/goreleaser 
use goreleaser for all builds and release publication
 2025-12-10 07:58:52 +01:00
Matthias Bertschy
d72a6005bb use goreleaser for all builds and release publication 
Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>
 2025-12-10 07:43:21 +01:00
Matthias Bertschy
adb9b80442 Merge pull request #1903 from Mujib-Ahasan/skip-persistence 
Add `skipPersistence` query parameter to `/v1/metrics`
 2025-12-09 17:46:12 +01:00