kubescape

mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00

Author	SHA1	Message	Date
Matthias Bertschy	dc6d85bc34	bump for security fixes Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-11-14 09:55:53 +01:00
David Wertenteil	9a098c59df	Merge pull request #1457 from johnfercher/master Update maroto version from 0.42.0 to 1.0.0	2023-11-01 21:57:28 +02:00
John Fercher	a027a3d3d5	* Update maroto version from 0.42.0 to 1.0.0 Signed-off-by: John Fercher <johnathanfercher22@gmail.com>	2023-10-31 23:02:59 -03:00
David Wertenteil	450df679cd	bump logger version Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-31 18:22:03 +02:00
David Wertenteil	3b2feca0dd	Update flags (#1462 ) * add access key flag to the scan command Signed-off-by: David Wertenteil <dwertent@armosec.io> * support triggering ns Signed-off-by: David Wertenteil <dwertent@armosec.io> * Fixed json keys Signed-off-by: David Wertenteil <dwertent@armosec.io> * get k8s config Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-31 15:41:18 +02:00
David Wertenteil	5111bb541a	bump pkg Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-26 18:10:40 +03:00
David Wertenteil	3e2314a269	Bump v3 (#1449 ) * bump version Signed-off-by: David Wertenteil <dwertent@armosec.io> * change default view Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed tests Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed go mod Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-22 17:43:51 +03:00
David Wertenteil	c143d10130	Cloud provider detection (#1448 ) * set cloud provider using nodes * use scan metadata for scanning scope * code cleanup Signed-off-by: David Wertenteil <dwertent@armosec.io> * handle error Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-10-22 15:47:57 +03:00
rcohencyberarmor	052c042dac	Support backend access key (#1404 ) Support backend access key Signed-off-by: Amir Malka <amirm@armosec.io>	2023-10-22 15:10:08 +03:00
Daniel Grunberger	72b64127c7	Restructure img cmd (#1398 ) * feat: add kubescape patch command Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * update patch command output format Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * fix patch command logic Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * update docs & minor changes Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> * restructure cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix tests Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * readme Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fix version code Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * go mod Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com> Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Anubhav Gupta <mail.anubhav06@gmail.com> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-10-22 14:51:39 +03:00
Matthias Bertschy	f31304db7e	bump deps for vulnerabilities Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-10-17 14:36:26 +02:00
Matthias Bertschy	3efa40e808	use go-gitlog as an alternative to git2go (#1393 ) * use go-gitlog as an alternative to git2go Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> * set RELEASE to something to avoid failing binary-build step Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> --------- Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-10-15 15:16:05 +03:00
YiscahLevySilas1	31a0bd9266	use ControlConfigInputs, deprecate ConfigInputs (#1419 ) * use ControlConfigInputs, deprecate ConfigInputs Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update opa-utils version Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-10-15 11:58:10 +03:00
dependabot[bot]	7aa7a9bbda	Bump golang.org/x/net from 0.14.0 to 0.17.0 in /httphandler Bumps [golang.org/x/net](https://github.com/golang/net) from 0.14.0 to 0.17.0. - [Commits](https://github.com/golang/net/compare/v0.14.0...v0.17.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-12 12:25:57 +00:00
dependabot[bot]	fd6347fac2	Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.2.3 to 0.2.4. - [Release notes](https://github.com/cyphar/filepath-securejoin/releases) - [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4) --- updated-dependencies: - dependency-name: github.com/cyphar/filepath-securejoin dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-10-02 17:41:05 +02:00
YiscahLevySilas1	269945c08c	split failedPath to deletePaths and reviewPaths (#1402 ) * support delete paths and review paths Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update armoapi + opa-utils Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * go mod tidy Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * support failedPaths until all controls replace with review/delete paths Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-10-02 17:03:02 +03:00
Matthias Bertschy	34f0b64946	Merge pull request #1399 from kubescape/noratelimit disable rate limiting for storage client	2023-09-27 17:07:45 +02:00
rcohencyberarmor	884af50c0b	Support control cluster from cli (#1391 ) * adding operator CLI to kubescape Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * support http requet for trigger in cluster operator Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * create interface for create request payload Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * logs + go mod update Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * docs Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add relevant system tests Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * linter corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * code review corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * remove non relevant system tests - after code review corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * PR corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * PR corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * change log Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * remove from examples Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * change log Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * test correction Signed-off-by: rcohencyberarmor <rcohen@armosec.io> --------- Signed-off-by: rcohencyberarmor <rcohen@armosec.io> Co-authored-by: rcohencyberarmor <rcohen@armosec.io>	2023-09-27 16:31:04 +03:00
Matthias Bertschy	e97103494f	disable rate limiting for storage client Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-09-21 16:32:28 +02:00
Matthias Bertschy	3e7a6b516b	Separate docker builds for kubescape and kubescape-cli (#1390 ) * create a separate Dockerfile for httphandler Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> * add Dockerfile for cli, edit README Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> * modify gh action to use new cli Dockerfile Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> --------- Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-09-18 17:13:08 +03:00
Amir Malka	8257e31232	Save scan results in storage and support scanning a deleted resource (#1376 ) * store scan results in storage Signed-off-by: Amir Malka <amirm@armosec.io> * store scan results in storage Signed-off-by: Amir Malka <amirm@armosec.io> * save resources in their namespaces, load namespace from env var, extend the config obj Signed-off-by: Amir Malka <amirm@armosec.io> * setting context name Signed-off-by: Amir Malka <amirm@armosec.io> * updated k8s-interface Signed-off-by: Amir Malka <amirm@armosec.io> * scanning a deleted resource Signed-off-by: Amir Malka <amirm@armosec.io> * cr changes Signed-off-by: Amir Malka <amirm@armosec.io> * cr changes Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * remove unused constants Signed-off-by: Amir Malka <amirm@armosec.io> * use t.Setenv Signed-off-by: Amir Malka <amirm@armosec.io> * added tests for rbac triplet slugs Signed-off-by: Amir Malka <amirm@armosec.io> * updated namespace logic Signed-off-by: Amir Malka <amirm@armosec.io> * fix test Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-09-14 10:03:36 +03:00
DRAGON	c74c5f1970	feat: darken table borders Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-09-10 21:48:15 +05:30
Amir Malka	4372ca320a	fix setting context name in httphandler Signed-off-by: Amir Malka <amirm@armosec.io>	2023-09-10 16:16:01 +03:00
Daniel Grunberger	776173653d	bump version (#1368 ) * bump version Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * bump version for httphandler Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-09-03 15:31:57 +03:00
Daniel Grunberger	26c47d501c	move context flag to root (#1367 ) * move context flag to root Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * rm from httphandler Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-09-03 10:39:15 +03:00
Amir Malka	592e0e2b43	Service discovery (#1359 ) * remove hardcoded urls Signed-off-by: Amir Malka <amirm@armosec.io> * update Signed-off-by: Amir Malka <amirm@armosec.io> * fix test Signed-off-by: Amir Malka <amirm@armosec.io> * update providers docs Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * hardcoded systests branch Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * added logs Signed-off-by: Amir Malka <amirm@armosec.io> * added logs Signed-off-by: Amir Malka <amirm@armosec.io> * create config path if it does not exist Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-30 09:54:50 +03:00
David Wertenteil	92449bf564	core(cmd): adding corrections to cmd (#1357 ) * adding corrections to cmd Signed-off-by: David Wertenteil <dwertent@armosec.io> * remove decorative line Signed-off-by: David Wertenteil <dwertent@armosec.io> * wip: changed results indicator Signed-off-by: David Wertenteil <dwertent@armosec.io> * replace status test with icons Signed-off-by: David Wertenteil <dwertent@armosec.io> * print workloads in a different line Signed-off-by: David Wertenteil <dwertent@armosec.io> * update display Signed-off-by: David Wertenteil <dwertent@armosec.io> * deprecate commands Signed-off-by: David Wertenteil <dwertent@armosec.io> * removed unused functions Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed tests Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cloud provider detection Signed-off-by: David Wertenteil <dwertent@armosec.io> * rename column name Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-29 09:50:22 +03:00
Amir Malka	150967eae8	Refactor backend integration (#1355 ) * refactor BE integration Signed-off-by: Amir Malka <amirm@armosec.io>	2023-08-23 15:36:08 +03:00
Daniel Grunberger	7b46cdd480	Improve cluster scan cli (#1352 ) * start improvements Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * cta Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * refactor Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * fixes Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * http handler go mod Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * set control type Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * move to func Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * move to func Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * use color for vuln summary Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-22 15:21:01 +03:00
Daniel Grunberger	f7b3cdcf35	Improve logs (#1349 ) * use stop-success Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * improve logger Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * RBAC Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-17 14:18:40 +03:00
DRAGON2002	9265a5d6d0	fix: icons formatting (#1343 ) Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-16 12:58:55 +03:00
Daniel Grunberger	e6f5c7e0dd	bump k8s-interface version (#1345 ) * bump version Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * bump httphandler Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-15 10:34:45 +03:00
David Wertenteil	51b37d5cbf	Update logs (#1340 ) * update logger Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> * bump go-logger version Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-10 19:15:14 +03:00
Matthias Bertschy	1d64522607	use distroless base image (#1338 ) * use distroless base image Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> * bump cosign to v2 Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com> --------- Signed-off-by: Matthias Bertschy <matthias.bertschy@gmail.com>	2023-08-10 15:46:07 +03:00
DRAGON2002	225a923006	feat: improve pretty logger (#1311 ) * feat: improve pretty logger Signed-off-by: DRAGON <anantvijay3@gmail.com> * fixed logger Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: DRAGON <anantvijay3@gmail.com> Signed-off-by: Craig Box <craigb@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Craig Box <craigb@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-09 17:30:04 +03:00
DRAGON2002	df5f7db51d	feat: change colors library (#1316 ) Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-09 09:48:34 +03:00
DRAGON2002	869f0ea109	feat: add unicode table (#1285 ) Signed-off-by: DRAGON <anantvijay3@gmail.com>	2023-08-09 09:26:37 +03:00
David Wertenteil	cf08daf7fb	scan per namespace (#1337 ) * scan per namespace Signed-off-by: David Wertenteil <dwertent@armosec.io> * disable unit test Signed-off-by: David Wertenteil <dwertent@armosec.io> * Adding build image wf Signed-off-by: David Wertenteil <dwertent@armosec.io> * removing unused channels Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scopes Signed-off-by: David Wertenteil <dwertent@armosec.io> * update Signed-off-by: David Wertenteil <dwertent@armosec.io> * fixed cluster size Signed-off-by: David Wertenteil <dwertent@armosec.io> * update rbac deps Signed-off-by: David Wertenteil <dwertent@armosec.io> * aggregate resources Signed-off-by: David Wertenteil <dwertent@armosec.io> * Delete build-image.yaml Signed-off-by: David Wertenteil <dwertent@armosec.io> * adding scan image logs Signed-off-by: David Wertenteil <dwertent@armosec.io> * update cmd message Signed-off-by: David Wertenteil <dwertent@armosec.io> * update logs Signed-off-by: David Wertenteil <dwertent@armosec.io> --------- Signed-off-by: David Wertenteil <dwertent@armosec.io>	2023-08-08 10:47:15 +03:00
rcohencyberarmor	4c9fec8ef4	Support scanning scope (#1293 ) * support scanning scope Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go mod Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update white list Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go mod Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * scope empty return control should tested Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update rego scope for system test Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update test + mock Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add comment Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update rego library Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update k8s-interface Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update opa utils - lots of file changes in this commit since armoapi-go bump up in opa-utils Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * move to temp k8s-interface - till PR in k8s-interface repo will approved Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update k8s-interface with released tag Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go mod in httphandler Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * PR review corrections Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * change test name Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * scanning scope support for framework Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * test/mock adjustments after merge Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add more informative log to the user Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * update go.mod and go.sum of the http handler Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * remove framework just scanning scope not matched to framework config scope Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add system tests to workflow Signed-off-by: rcohencyberarmor <rcohen@armosec.io> * add system test to github workflow Signed-off-by: rcohencyberarmor <rcohen@armosec.io> --------- Signed-off-by: rcohencyberarmor <rcohen@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: rcohencyberarmor <rcohen@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-07 19:11:14 +03:00
Vlad Klokun	a088219954	fix(httphandler): pin breaking anchore dependency Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-03 17:36:27 +03:00
Daniel Grunberger	5379b9b0a6	New output (#1320 ) * phase-1 Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * factory Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * wip: feat(cli): add an image scanning command Add a CLI command that launches an image scan. Does not scan images yet. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: add image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore: include dependencies Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: adjust image scanning service Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * wip: feat: use scanning service in CLI Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * use iface Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * touches Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * continue Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * identifiers * go mod * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * merge * more * integrate img scan * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * changes * changes * fixes * changes * feat(imagescan): add an image scanning command This commit adds a CLI command and an associated package that scan images for vulnerabilities. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> feat(imagescan): fail on exceeding the severity threshold Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): include dependencies This commit adds the dependencies necessary for image scanning. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * chore(imagescan): create vuln db with dedicated function Remove commented out code, too. Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * docs(imagescan): provide package-level docs Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> * finish merge * image scan tests * continue * fixes * refactor * rm duplicate * start fixes * update gh actions Signed-off-by: David Wertenteil <dwertent@armosec.io> * pr fixes * fix test * improvements --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Vlad Klokun <vklokun@protonmail.ch> Signed-off-by: Amir Malka <amirm@armosec.io> Signed-off-by: David Wertenteil <dwertent@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io> Co-authored-by: Vlad Klokun <vklokun@protonmail.ch> Co-authored-by: Amir Malka <amirm@armosec.io> Co-authored-by: David Wertenteil <dwertent@armosec.io>	2023-08-03 12:09:33 +03:00
Vlad Klokun	704de5bfc1	chore(imagescan): add dependencies to httphandler Signed-off-by: Vlad Klokun <vklokun@protonmail.ch>	2023-08-02 09:50:17 +03:00
Amir Malka	0c019819ff	Scanning a single resource (#1300 ) * add cmd Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> * support single workload scan Signed-off-by: Amir Malka <amirm@armosec.io> * fix conflict Signed-off-by: Amir Malka <amirm@armosec.io> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * added unit tests Signed-off-by: Amir Malka <amirm@armosec.io> * more refactoring Signed-off-by: Amir Malka <amirm@armosec.io> * add scanned workload reference to opasessionobj Signed-off-by: Amir Malka <amirm@armosec.io> * fix GetWorkloadParentKind Signed-off-by: Amir Malka <amirm@armosec.io> * remove namespace argument from pullSingleResource, using field selector instead Signed-off-by: Amir Malka <amirm@armosec.io> * removed designators (unused) field from PolicyIdentifier, and designators argument from GetResources function Signed-off-by: Amir Malka <amirm@armosec.io> * fix tests Signed-off-by: Amir Malka <amirm@armosec.io> * use ScanObject instead of workload identifier Signed-off-by: Amir Malka <amirm@armosec.io> * refactor logic after CR Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Daniel Grunberger <danielgrunberger@armosec.io> Signed-off-by: Amir Malka <amirm@armosec.io> Co-authored-by: Daniel Grunberger <danielgrunberger@armosec.io>	2023-08-01 14:07:31 +03:00
Amir Malka	981430d65f	bump opa-utils Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 12:00:52 +03:00
Amir Malka	bbfa5d356a	bump opa-utils, k8s-interface and armoapi-go Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-31 10:39:03 +03:00
YiscahLevySilas1	17c43fd366	support related objects (#1272 ) * support related objects Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update pkg versions Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * update go mod Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix test Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * only add ids of related resource Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fixes following review Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * add test for processRule Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-07-20 16:23:58 +03:00
YiscahLevySilas1	d44746cb85	allow adding a fw name when running all (#1286 ) * allow adding a fw name when running all Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> clean code Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> * fix following review Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io> --------- Signed-off-by: YiscahLevySilas1 <yiscahls@armosec.io>	2023-07-20 14:07:38 +03:00
Amir Malka	e470fce6ed	initial implementation of OpenTelemetry metrics collection (#1269 ) Signed-off-by: Amir Malka <amirm@armosec.io>	2023-07-10 14:22:26 +03:00
Victor Login	84b43d2b03	Update grafana-kubescape-dashboard.json Signed-off-by: Victor Login <batazor@evrone.com>	2023-07-05 19:03:27 +02:00
David Wertenteil	492b08c995	Merge pull request #1259 from kubescape/update_regolibrary_version Update regolibrary version	2023-07-05 17:46:35 +03:00

1 2 3 4 5 ...

270 Commits