Merge pull request #121 from armosec/dev

Fixed issues, update windows support
Merge pull request #120 from dwertent/master
2026-04-15 06:58:11 +00:00 · 2021-10-06 18:20:37 +03:00 · 2021-10-06 18:16:51 +03:00 · 2021-10-06 18:14:24 +03:00 · 2021-10-06 18:12:48 +03:00 · 2021-10-06 18:12:33 +03:00
4 changed files with 20 additions and 14 deletions
--- a/README.md
+++ b/README.md
@@ -78,6 +78,12 @@ Set-ExecutionPolicy RemoteSigned -scope CurrentUser
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public
 ```

+
+* Scan a running Kubernetes cluster with [`mitre`](https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/) framework
+```
+kubescape scan framework mitre --exclude-namespaces kube-system,kube-public
+```
+
 * Scan local `yaml`/`json` files before deploying
 ```
 kubescape scan framework nsa *.yaml
@@ -115,7 +121,7 @@ for example:
 ```
 helm template bitnami/mysql --generate-name --dry-run | kubescape scan framework nsa -
 ```
-### Offline Support <img src="docs/new-feature.svg">
+### Offline Support

 It is possible to run Kubescape offline!

@@ -140,7 +146,7 @@ Kubescape is an open source project, we welcome your feedback and ideas for impr
 Kubescpae can be built using:

 ``` sh
-python built.py
+python build.py
 ```

 Note: In order to built using the above script, one must set the environment
--- a/build.py
+++ b/build.py
@@ -28,7 +28,7 @@ def getBuildDir():

 def getPackageName():
    packageName = "kubescape"
-    if platform.system() == "Windows": packageName += ".exe"
+    # if platform.system() == "Windows": packageName += ".exe"

    return packageName

@@ -56,10 +56,10 @@ def main():
    # Get dependencies
    try:
        status = subprocess.call(["go", "mod", "tidy"])
-        checkStatus(status, "Faild to get dependancies")
+        checkStatus(status, "Failed to get dependencies")

    except OSError:
-        print("An error occure:  (Hint: check if go is installed)")
+        print("An error occured:  (Hint: check if go is installed)")
        raise

    # Build kubescape
@@ -67,7 +67,7 @@ def main():
        % (buildUrl, releaseVersion, BE_SERVER_CONST, ArmoBEServer,
           ER_SERVER_CONST, ArmoERServer, WEBSITE_CONST, ArmoWebsite)
    status = subprocess.call(["go", "build", "-o", "%s/%s" % (buildDir, packageName), "-ldflags" ,ldflags])
-    checkStatus(status, "Faild to build kubescape")
+    checkStatus(status, "Failed to build kubescape")


    sha1 = hashlib.sha1()
@@ -76,7 +76,7 @@ def main():
        with open(buildDir + "/" + packageName + ".sha1", "w") as kube_sha:
            kube_sha.write(sha1.hexdigest())

-    print("Build Done.")
+    print("Build Done")

 if __name__ == "__main__":
    main()
--- a/cautils/customerloader.go
+++ b/cautils/customerloader.go
@@ -189,20 +189,20 @@ func (c *ClusterConfig) SetKeyValueInConfigmap(key string, value string) error {

 func (c *ClusterConfig) SetCustomerGUID() error {

-	// get from file
-	if existsConfigJson() {
-		c.configObj, _ = loadConfigFromFile()
-	} else if c.existsConfigMap() {
+	// get from configMap
+	if c.existsConfigMap() {
 		c.configObj, _ = c.loadConfigFromConfigMap()
+	} else if existsConfigJson() { // get from file
+		c.configObj, _ = loadConfigFromFile()
 	} else {
 		c.createConfigMap()
 		createConfigJson()
 	}

 	customerGUID := c.GetCustomerGUID()
+
 	// get from armoBE
 	tenantResponse, err := c.armoAPI.GetCustomerGUID(customerGUID)
-
 	if err == nil && tenantResponse != nil {
 		if tenantResponse.AdminMail != "" { // this customer already belongs to some user
 			if existsConfigJson() {
@@ -222,7 +222,7 @@ func (c *ClusterConfig) SetCustomerGUID() error {
 			}
 		}
 	} else {
-		if err != nil && strings.Contains(err.Error(), "Invitation for tenant already exists") {
+		if err != nil && strings.Contains(err.Error(), "already exists") {
 			return nil
 		}
 		return err
--- a/scapepkg/exceptions/exceptionprocessor.go
+++ b/scapepkg/exceptions/exceptionprocessor.go
@@ -98,7 +98,7 @@ func hasException(designator *armotypes.PortalDesignator, workload k8sinterface.
 		return false // if designators are empty
 	}

-	if cluster != "" && cautils.ClusterName != "" && regexCompare(cluster, cautils.ClusterName) { // TODO - where do we receive cluster name from?
+	if cluster != "" && cautils.ClusterName != "" && !regexCompare(cluster, cautils.ClusterName) { // TODO - where do we receive cluster name from?
 		return false // cluster name does not match
 	}
Author	SHA1	Message	Date
Ben Hirschberg	ca49bc1ddd	Merge pull request #121 from armosec/dev Fixed issues, update windows support	2021-10-06 18:20:37 +03:00
David Wertenteil	1229c73ddc	Merge pull request #120 from dwertent/master Fixing exception cluster name support	2021-10-06 18:16:51 +03:00
dwertent	7416202555	adding mitre example	2021-10-06 18:14:24 +03:00
dwertent	a0ba683eea	Merge remote-tracking branch 'upstream/dev'	2021-10-06 18:12:48 +03:00
dwertent	89654eb26f	update exception cluster name compare	2021-10-06 18:12:33 +03:00
Bezbran	9d1736a141	Typo in readme built.py -->> build.py	2021-10-06 15:22:38 +03:00
David Wertenteil	eaa4ed3da5	Merge pull request #118 from xdavidel/master Update windows support in build	2021-10-06 15:10:02 +03:00
David Delarosa	0db3f65312	Merge remote-tracking branch 'upstream/dev'	2021-10-06 15:05:07 +03:00
David Wertenteil	1ea0a3ccc5	Merge pull request #117 from dwertent/master load configMap configuration before file configuration	2021-10-06 14:24:30 +03:00
dwertent	16cd30bea8	load configMap before file	2021-10-06 14:06:36 +03:00
David Delarosa	075ba4c603	Comment out this windows exe The build workflow relay on the same binary name - so we won't change that right now.	2021-10-06 11:23:56 +03:00
David Delarosa	2d898822df	Merge branch 'dev-win'	2021-10-06 10:36:11 +03:00
David Delarosa	25b8ec82e8	Cannot use both 'uses' and 'run'	2021-10-06 10:21:29 +03:00
David Delarosa	44b74e2681	Change workflow to use build.py script	2021-10-05 17:28:38 +03:00
David Wertenteil	485e171008	Merge pull request #116 from dwertent/master Revert python script build	2021-10-05 17:17:13 +03:00
dwertent	c12eb83b4b	remove comment	2021-10-05 17:12:43 +03:00
dwertent	84060e7823	revert python build	2021-10-05 17:07:30 +03:00
David Wertenteil	d80d50b59d	Merge pull request #115 from dwertent/master fixed in cluster crash - #114	2021-10-05 16:56:00 +03:00
dwertent	f11f054fea	offline not new feature	2021-10-05 16:51:03 +03:00
Ben Hirschberg	ccbc11408b	Merge pull request #109 from armosec/dev Update master with fixed issues #95 #96	2021-10-05 09:25:35 +03:00