* fixed flaky loop(cautils): loadpolicy getter
We should not inject pointers to the variable iterated over by the
"range" operator.
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* fixed more flaky pointers in loops (registryadaptors, opaprocessor)
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* fixed more flaky pointers in loops (resultshandling)
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* enabled golangci linter in CI
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* fixed linting issues with minimal linters config
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
* bump go version to 1.19
* English and typos
* Support AKS parser (#994)
* support GKE parser
* update go mod
* support GKE parser
* update go mod
* update k8s-interface pkg
* Added KS desgin.drawio
* revert k8s.io to v0.25.3
* ran go mod tidy
* update sign-up url
* [wip] Adding CreateAccount support
* revert to docs URL
* update opa-utils pkg
* Print attack tree (optional, with argument) (#997)
* Print attack tree with the argument
Signed-off-by: Frédéric BIDON <fredbi@yahoo.com>
Co-authored-by: Frédéric BIDON <frederic@oneconcern.com>
Co-authored-by: Frédéric BIDON <fredbi@yahoo.com>
Co-authored-by: Oshrat Nir <45561829+Oshratn@users.noreply.github.com>
Co-authored-by: Amir Malka <amirm@armosec.io>
Co-authored-by: David Wertenteil <dwertent@armosec.io>
* feat: unify severity threshold into one CLI flag
Before this commit, severity threshold flags were separated by severity.
This commit unifies these thresholds into one flag that forces Kubescape
to terminate with an exit code 1 if there was at least one failed
control at the specified severity threshold or above.
* chore: update opa utils version
* chore: update opa-utils in httphandler
* feat: dont enforce severity by default
Previous iteration of supporting the severity threshold enforced it even
if the severity threshold was not explicitly specified.
This change enforces the severity threshold only if it has been
explicitly set.
* refactor: clarify flagValidationFramework func name
This change clarifies the meaning of the function that validates the
scan info for the `scan framework` command.
It achieves this by renaming the `flagValidationFramework` function to
`validateFrameworkScanInfo`.
* Scan Kustomize Files
* update 'scam Kustomize Directory' documentation in Readme.md
* go get
* go get inside httphandler
* SourceTypeKustomizeDirectory
* Added Scan for Kustomization File
Co-authored-by: David Wertenteil <dwertent@armosec.io>
