Update README.md

Add input table to readme
Update README.md
2026-04-15 06:58:11 +00:00 · 2021-08-31 16:31:06 +03:00 · 2021-08-31 16:29:11 +03:00 · 2021-08-31 13:00:17 +03:00 · 2021-08-31 12:00:42 +03:00
28 changed files with 91 additions and 84 deletions
--- a/README.md
+++ b/README.md
@@ -28,20 +28,17 @@ If you wish to scan all namespaces in your cluster, remove the `--exclude-namesp
 <img src="docs/summary.png">


+### Flags
+
+| flag |  default | description | options |
+| --- | --- | --- | --- |
+| `-e`/`--exclude-namespaces` | Scan all namespaces | Namespaces to exclude from scanning. Recommended to exclude `kube-system` and `kube-public` namespaces |
+| `-s`/`--silent` | Display progress messages | Silent progress messages |
+| `-f`/`--format` | `pretty-printer` | Output format | `pretty-printer`/`json`/`junit` | 
+| `-o`/`--output` | print to stdout | Save scan result in file |
+
 ## Usage & Examples
-
-### Pre-Deployment Testing
-Check your YAML files before you're deploying, simply add them at the end of command line:
-```
-kubescape scan framework nsa *.yaml
-```
-
-### Integration with other tools
-
-Kubescape can produce output fitting for later processing:
-* JSON (`-f json`)
-* JUnit XML (`-f junit`)
-
+ 
 ### Examples

 * Scan a running Kubernetes cluster with [`nsa`](https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/) framework
@@ -49,32 +46,32 @@ Kubescape can produce output fitting for later processing:
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public
 ```

-* Scan local `yaml`/`json` files
+* Scan local `yaml`/`json` files before deploying <img src="docs/new-feature.svg">
 ```
-kubescape scan framework nsa examples/online-boutique/*
+kubescape scan framework nsa *.yaml
 ```


-* Scan `yaml`/`json` files from url
+* Scan `yaml`/`json` files from url  <img src="docs/new-feature.svg">
 ```
 kubescape scan framework nsa https://raw.githubusercontent.com/GoogleCloudPlatform/microservices-demo/master/release/kubernetes-manifests.yaml
 ```

-* Output in `json` format
+* Output in `json` format  <img src="docs/new-feature.svg">
 ```
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public --format json --output results.json
 ```

-* Output in `junit xml` format
+* Output in `junit xml` format  <img src="docs/new-feature.svg">
 ```
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public --format junit --output results.xml
 ```

 ### Helm Support

-Render the helm template and pass as stdout
+* Render the helm chart using [`helm template`](https://helm.sh/docs/helm/helm_template/) and pass to stdout   <img src="docs/new-feature.svg">
 ```
-helm template [CHART] [flags] --generate-name --dry-run | kubescape scan framework nsa -
+helm template [NAME] [CHART] [flags] --dry-run | kubescape scan framework nsa -
 ```

 for example:
@@ -126,7 +123,7 @@ Kubescape is running the following tests according to what is defined by [Kubern
 * Linux hardening
 * Ingress and Egress blocked
 * Container hostPort
-* Anonymous requests
+


 ## Technology
--- a/cautils/datastructures.go
+++ b/cautils/datastructures.go
@@ -1,7 +1,7 @@
 package cautils

 import (
-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/opapolicy"
 )

 // K8SResources map[<api group>/<api version>/<resource>]<resource object>
--- a/cautils/k8sinterface/k8sconfig_test.go
+++ b/cautils/k8sinterface/k8sconfig_test.go
@@ -3,7 +3,7 @@ package k8sinterface
 import (
 	"testing"

-	"kubescape/cautils/cautils"
+	"github.com/armosec/kubescape/cautils/cautils"
 )

 func TestGetGroupVersionResource(t *testing.T) {
--- a/cautils/k8sinterface/k8sdynamic.go
+++ b/cautils/k8sinterface/k8sdynamic.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"

-	"kubescape/cautils/cautils"
+	"github.com/armosec/kubescape/cautils/cautils"

 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
--- a/cautils/k8sinterface/k8sstatic.go
+++ b/cautils/k8sinterface/k8sstatic.go
@@ -3,7 +3,7 @@ package k8sinterface
 import (
 	"context"

-	"kubescape/cautils/cautils"
+	"github.com/armosec/kubescape/cautils/cautils"

 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
--- a/cautils/k8sinterface/workload.go
+++ b/cautils/k8sinterface/workload.go
@@ -3,7 +3,7 @@ package k8sinterface
 import (
 	"encoding/json"

-	"kubescape/cautils/apis"
+	"github.com/armosec/kubescape/cautils/apis"

 	corev1 "k8s.io/api/core/v1"

--- a/cautils/k8sinterface/workloadmethods.go
+++ b/cautils/k8sinterface/workloadmethods.go
@@ -7,8 +7,8 @@ import (
 	"strings"
 	"time"

-	"kubescape/cautils/apis"
-	"kubescape/cautils/cautils"
+	"github.com/armosec/kubescape/cautils/apis"
+	"github.com/armosec/kubescape/cautils/cautils"

 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
--- a/cautils/opapolicy/datastructures.go
+++ b/cautils/opapolicy/datastructures.go
@@ -4,7 +4,7 @@ import (
 	"path/filepath"
 	"time"

-	armotypes "kubescape/cautils/armotypes"
+	armotypes "github.com/armosec/kubescape/cautils/armotypes"
 )

 type AlertScore float32
--- a/cautils/opapolicy/datastructures_mock.go
+++ b/cautils/opapolicy/datastructures_mock.go
@@ -3,7 +3,7 @@ package opapolicy
 import (
 	"time"

-	armotypes "kubescape/cautils/armotypes"
+	armotypes "github.com/armosec/kubescape/cautils/armotypes"
 )

 // Mock A
--- a/cautils/opapolicy/resources/resourcesutils.go
+++ b/cautils/opapolicy/resources/resourcesutils.go
@@ -8,7 +8,7 @@ import (
 	"path/filepath"
 	"strings"

-	"kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/k8sinterface"

 	"github.com/golang/glog"
 	"github.com/open-policy-agent/opa/storage"
--- a/cmd/framework.go
+++ b/cmd/framework.go
@@ -5,16 +5,17 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
-	"kubescape/cautils"
-	"kubescape/cautils/armotypes"
-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
-	"kubescape/opaprocessor"
-	"kubescape/policyhandler"
-	"kubescape/printer"
 	"os"
 	"strings"

+	"github.com/armosec/kubescape/cautils"
+	"github.com/armosec/kubescape/cautils/armotypes"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/opaprocessor"
+	"github.com/armosec/kubescape/policyhandler"
+	"github.com/armosec/kubescape/printer"
+
 	"github.com/spf13/cobra"
 )

@@ -74,10 +75,10 @@ func isValidFramework(framework string) bool {
 func init() {
 	scanCmd.AddCommand(frameworkCmd)
 	scanInfo = opapolicy.ScanInfo{}
-	frameworkCmd.Flags().StringVarP(&scanInfo.ExcludedNamespaces, "exclude-namespaces", "e", "", "namespaces to exclude from check")
-	frameworkCmd.Flags().StringVarP(&scanInfo.Format, "format", "f", "pretty-printer", `output format. supported formats: "pretty-printer"/"json"/"junit"`)
-	frameworkCmd.Flags().StringVarP(&scanInfo.Output, "output", "o", "", "output file. print output to file and not stdout")
-	frameworkCmd.Flags().BoolVarP(&scanInfo.Silent, "silent", "s", false, "silent progress output")
+	frameworkCmd.Flags().StringVarP(&scanInfo.ExcludedNamespaces, "exclude-namespaces", "e", "", "Namespaces to exclude from check")
+	frameworkCmd.Flags().StringVarP(&scanInfo.Format, "format", "f", "pretty-printer", `Output format. supported formats: "pretty-printer"/"json"/"junit"`)
+	frameworkCmd.Flags().StringVarP(&scanInfo.Output, "output", "o", "", "Output file. print output to file and not stdout")
+	frameworkCmd.Flags().BoolVarP(&scanInfo.Silent, "silent", "s", false, "Silent progress messages")
 }

 func CliSetup() error {
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -9,7 +9,7 @@ var cfgFile string
 var rootCmd = &cobra.Command{
 	Use:   "kubescape",
 	Short: "Kubescape is a tool for testing Kubernetes security posture",
-	Long:  `Kubescape is a tool for testing Kubernetes security posture based on NSA and MITRE specifications.`,
+	Long:  `Kubescape is a tool for testing Kubernetes security posture based on NSA specifications.`,
 }

 func Execute() {
--- a/go.mod
+++ b/go.mod
@@ -1,4 +1,4 @@
-module kubescape
+module github.com/armosec/kubescape

 go 1.16

--- a/main.go
+++ b/main.go
@@ -1,6 +1,6 @@
 package main

-import "kubescape/cmd"
+import "github.com/armosec/kubescape/cmd"

 func main() {
 	cmd.Execute()
--- a/opaprocessor/processorhandler.go
+++ b/opaprocessor/processorhandler.go
@@ -3,13 +3,14 @@ package opaprocessor
 import (
 	"context"
 	"fmt"
-	"kubescape/cautils"
 	"time"

-	"kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils"

-	"kubescape/cautils/opapolicy"
-	"kubescape/cautils/opapolicy/resources"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+
+	"github.com/armosec/kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/opapolicy/resources"

 	"github.com/golang/glog"
 	"github.com/open-policy-agent/opa/ast"
--- a/opaprocessor/processorhandler_test.go
+++ b/opaprocessor/processorhandler_test.go
@@ -3,18 +3,19 @@ package opaprocessor
 import (
 	"context"
 	"encoding/json"
-	"kubescape/cautils"
 	"os"
 	"path"
 	"strings"
 	"testing"

-	"kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils"
+
+	"github.com/armosec/kubescape/cautils/k8sinterface"
 	// _ "k8s.io/client-go/plugin/pkg/client/auth"
 	restclient "k8s.io/client-go/rest"

-	"kubescape/cautils/opapolicy"
-	"kubescape/cautils/opapolicy/resources"
+	"github.com/armosec/kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/opapolicy/resources"

 	"github.com/open-policy-agent/opa/ast"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
--- a/opaprocessor/processorhandlerutils.go
+++ b/opaprocessor/processorhandlerutils.go
@@ -1,12 +1,12 @@
 package opaprocessor

 import (
-	"kubescape/cautils"
+	"github.com/armosec/kubescape/cautils"

-	pkgcautils "kubescape/cautils/cautils"
-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
-	resources "kubescape/cautils/opapolicy/resources"
+	pkgcautils "github.com/armosec/kubescape/cautils/cautils"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"
+	resources "github.com/armosec/kubescape/cautils/opapolicy/resources"

 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
--- a/policyhandler/filesloader.go
+++ b/policyhandler/filesloader.go
@@ -5,13 +5,14 @@ import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
-	"kubescape/cautils"
-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
 	"os"
 	"path/filepath"
 	"strings"

+	"github.com/armosec/kubescape/cautils"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"
+
 	"gopkg.in/yaml.v2"
 )

--- a/policyhandler/filesloader_test.go
+++ b/policyhandler/filesloader_test.go
@@ -2,11 +2,12 @@ package policyhandler

 import (
 	"fmt"
-	"kubescape/cautils"
 	"os"
 	"path/filepath"
 	"strings"
 	"testing"
+
+	"github.com/armosec/kubescape/cautils"
 )

 func combine(base, rel string) string {
@@ -24,7 +25,7 @@ func combine(base, rel string) string {
 }
 func onlineBoutiquePath() string {
 	o, _ := os.Getwd()
-	return combine(o, "kubescape/examples/online-boutique/*")
+	return combine(o, "github.com/armosec/kubescape/examples/online-boutique/*")
 }
 func TestListFiles(t *testing.T) {
 	files, errs := listFiles([]string{onlineBoutiquePath()})
--- a/policyhandler/handlenotification.go
+++ b/policyhandler/handlenotification.go
@@ -2,11 +2,12 @@ package policyhandler

 import (
 	"fmt"
-	"kubescape/cautils"

-	"kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils"

-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+
+	"github.com/armosec/kubescape/cautils/opapolicy"
 )

 // PolicyHandler -
--- a/policyhandler/handlepullpolicies.go
+++ b/policyhandler/handlepullpolicies.go
@@ -8,7 +8,7 @@ import (
 	"net/url"
 	"strings"

-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/opapolicy"
 )

 // URLEncoder encode url
--- a/policyhandler/k8sresources.go
+++ b/policyhandler/k8sresources.go
@@ -2,13 +2,14 @@ package policyhandler

 import (
 	"fmt"
-	"kubescape/cautils"
 	"strings"

-	"kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils"

-	"kubescape/cautils/armotypes"
-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+
+	"github.com/armosec/kubescape/cautils/armotypes"
+	"github.com/armosec/kubescape/cautils/opapolicy"

 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
--- a/policyhandler/k8sresourcesutils.go
+++ b/policyhandler/k8sresourcesutils.go
@@ -1,10 +1,10 @@
 package policyhandler

 import (
-	"kubescape/cautils"
+	"github.com/armosec/kubescape/cautils"

-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"
 )

 func setResourceMap(frameworks []opapolicy.Framework) *cautils.K8SResources {
--- a/policyhandler/k8sresourcesutils_test.go
+++ b/policyhandler/k8sresourcesutils_test.go
@@ -1,8 +1,8 @@
 package policyhandler

 import (
-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"

 	"testing"
 )
--- a/policyhandler/urlloader.go
+++ b/policyhandler/urlloader.go
@@ -4,10 +4,11 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"kubescape/cautils"
-	"kubescape/cautils/k8sinterface"
 	"net/http"
 	"strings"
+
+	"github.com/armosec/kubescape/cautils"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
 )

 func loadResourcesFromUrl(inputPatterns []string) ([]k8sinterface.IWorkload, error) {
--- a/printer/junit.go
+++ b/printer/junit.go
@@ -3,7 +3,8 @@ package printer
 import (
 	"encoding/xml"
 	"fmt"
-	"kubescape/cautils/opapolicy"
+
+	"github.com/armosec/kubescape/cautils/opapolicy"
 )

 type JUnitTestSuites struct {
--- a/printer/printresults.go
+++ b/printer/printresults.go
@@ -4,12 +4,13 @@ import (
 	"encoding/json"
 	"encoding/xml"
 	"fmt"
-	"kubescape/cautils"
 	"os"
 	"sort"

-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils"
+
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"

 	"github.com/enescakir/emoji"
 	"github.com/olekukonko/tablewriter"
--- a/printer/summeryhelpers.go
+++ b/printer/summeryhelpers.go
@@ -3,8 +3,8 @@ package printer
 import (
 	"fmt"

-	"kubescape/cautils/k8sinterface"
-	"kubescape/cautils/opapolicy"
+	"github.com/armosec/kubescape/cautils/k8sinterface"
+	"github.com/armosec/kubescape/cautils/opapolicy"
 )

 // Group workloads by namespace - return {"namespace": <[]WorkloadSummary>}
Author	SHA1	Message	Date
David Wertenteil	571a15bee8	Update README.md	2021-08-31 16:31:06 +03:00
dwertent	8a00a5c54b	Add input table to readme	2021-08-31 16:29:11 +03:00
Daniel Grunberger	8f8aaf70d9	Update README.md	2021-08-31 13:00:17 +03:00
David Wertenteil	d3f4af0f9c	Update module to github (#47 ) * update module	2021-08-31 12:00:42 +03:00