remove sudo

Merge remote-tracking branch 'upstream/dev'
Add input table to readme
2026-02-19 20:39:56 +00:00 · 2021-08-31 16:42:12 +03:00 · 2021-08-31 16:41:44 +03:00 · 2021-08-31 16:29:11 +03:00 · 2021-08-31 13:00:17 +03:00 · 2021-08-31 11:47:44 +03:00
4 changed files with 26 additions and 29 deletions
--- a/README.md
+++ b/README.md
@@ -28,20 +28,17 @@ If you wish to scan all namespaces in your cluster, remove the `--exclude-namesp
 <img src="docs/summary.png">


+### Flags
+
+| flag |  default | description | options |
+| --- | --- | --- | --- |
+| `-e`/`--exclude-namespaces` | Scan all namespaces | Namespaces to exclude from scanning, Recommended to exclude `kube-system` and `kube-public` namespaces |
+| `-s`/`--silent` | Display progress messages | Silent progress messages |
+| `-f`/`--format` | `pretty-printer` | Output format | `pretty-printer`/`json`/`junit` | 
+| `-o`/`--output` | print to stdout | Save scan result in file |
+
 ## Usage & Examples
-
-### Pre-Deployment Testing
-Check your YAML files before you're deploying, simply add them at the end of command line:
-```
-kubescape scan framework nsa *.yaml
-```
-
-### Integration with other tools
-
-Kubescape can produce output fitting for later processing:
-* JSON (`-f json`)
-* JUnit XML (`-f junit`)
-
+ 
 ### Examples

 * Scan a running Kubernetes cluster with [`nsa`](https://www.nsa.gov/News-Features/Feature-Stories/Article-View/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/) framework
@@ -49,32 +46,32 @@ Kubescape can produce output fitting for later processing:
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public
 ```

-* Scan local `yaml`/`json` files
+* Scan local `yaml`/`json` files before deploying <img src="docs/new-feature.svg">
 ```
-kubescape scan framework nsa examples/online-boutique/*
+kubescape scan framework nsa *.yaml
 ```


-* Scan `yaml`/`json` files from url
+* Scan `yaml`/`json` files from url  <img src="docs/new-feature.svg">
 ```
 kubescape scan framework nsa https://raw.githubusercontent.com/GoogleCloudPlatform/microservices-demo/master/release/kubernetes-manifests.yaml
 ```

-* Output in `json` format
+* Output in `json` format  <img src="docs/new-feature.svg">
 ```
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public --format json --output results.json
 ```

-* Output in `junit xml` format
+* Output in `junit xml` format  <img src="docs/new-feature.svg">
 ```
 kubescape scan framework nsa --exclude-namespaces kube-system,kube-public --format junit --output results.xml
 ```

 ### Helm Support

-Render the helm template and pass as stdout
+* Render the helm chart using [`helm template`](https://helm.sh/docs/helm/helm_template/) and pass to stdout   <img src="docs/new-feature.svg">
 ```
-helm template [CHART] [flags] --generate-name --dry-run | kubescape scan framework nsa -
+helm template [NAME] [CHART] [flags] --dry-run | kubescape scan framework nsa -
 ```

 for example:
@@ -126,7 +123,7 @@ Kubescape is running the following tests according to what is defined by [Kubern
 * Linux hardening
 * Ingress and Egress blocked
 * Container hostPort
-* Anonymous requests
+


 ## Technology
--- a/cmd/framework.go
+++ b/cmd/framework.go
@@ -75,10 +75,10 @@ func isValidFramework(framework string) bool {
 func init() {
 	scanCmd.AddCommand(frameworkCmd)
 	scanInfo = opapolicy.ScanInfo{}
-	frameworkCmd.Flags().StringVarP(&scanInfo.ExcludedNamespaces, "exclude-namespaces", "e", "", "namespaces to exclude from check")
-	frameworkCmd.Flags().StringVarP(&scanInfo.Format, "format", "f", "pretty-printer", `output format. supported formats: "pretty-printer"/"json"/"junit"`)
-	frameworkCmd.Flags().StringVarP(&scanInfo.Output, "output", "o", "", "output file. print output to file and not stdout")
-	frameworkCmd.Flags().BoolVarP(&scanInfo.Silent, "silent", "s", false, "silent progress output")
+	frameworkCmd.Flags().StringVarP(&scanInfo.ExcludedNamespaces, "exclude-namespaces", "e", "", "Namespaces to exclude from check")
+	frameworkCmd.Flags().StringVarP(&scanInfo.Format, "format", "f", "pretty-printer", `Output format. supported formats: "pretty-printer"/"json"/"junit"`)
+	frameworkCmd.Flags().StringVarP(&scanInfo.Output, "output", "o", "", "Output file. print output to file and not stdout")
+	frameworkCmd.Flags().BoolVarP(&scanInfo.Silent, "silent", "s", false, "Silent progress messages")
 }

 func CliSetup() error {
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -9,7 +9,7 @@ var cfgFile string
 var rootCmd = &cobra.Command{
 	Use:   "kubescape",
 	Short: "Kubescape is a tool for testing Kubernetes security posture",
-	Long:  `Kubescape is a tool for testing Kubernetes security posture based on NSA and MITRE specifications.`,
+	Long:  `Kubescape is a tool for testing Kubernetes security posture based on NSA specifications.`,
 }

 func Execute() {
--- a/install.sh
+++ b/install.sh
@@ -29,9 +29,9 @@ OUTPUT=$BASE_DIR/$KUBESCAPE_EXEC
 curl --progress-bar -L $DOWNLOAD_URL -o $OUTPUT
 echo -e "\033[32m[V] Downloaded Kubescape"

-sudo chmod +x $OUTPUT
-sudo rm -f /usr/local/bin/$KUBESCAPE_EXEC
-sudo cp $OUTPUT /usr/local/bin
+chmod +x $OUTPUT | sudo chmod +x $OUTPUT
+rm -f /usr/local/bin/$KUBESCAPE_EXEC | sudo rm -f /usr/local/bin/$KUBESCAPE_EXEC
+cp $OUTPUT /usr/local/bin | sudo cp $OUTPUT /usr/local/bin
 rm -rf $BASE_DIR

 echo -e "[V] Finished Installation"
Author	SHA1	Message	Date
dwertent	c6241fab38	remove sudo	2021-08-31 16:42:12 +03:00
dwertent	afbc69c6d2	Merge remote-tracking branch 'upstream/dev'	2021-08-31 16:41:44 +03:00
dwertent	8a00a5c54b	Add input table to readme	2021-08-31 16:29:11 +03:00
Daniel Grunberger	8f8aaf70d9	Update README.md	2021-08-31 13:00:17 +03:00
dwertent	2779cb4e25	update module	2021-08-31 11:47:44 +03:00
dwertent	f46ee93539	update modul name	2021-08-31 11:39:27 +03:00
dwertent	3eb087e5c1	Merge remote-tracking branch 'upstream/dev'	2021-08-31 11:38:14 +03:00
dwertent	59c935e723	update output f	2021-08-31 09:00:52 +03:00
dwertent	bae45d277f	Merge remote-tracking branch 'upstream/dev'	2021-08-31 08:47:37 +03:00
dwertent	0b6dfa9cd0	Merge remote-tracking branch 'upstream/dev'	2021-08-30 18:47:07 +03:00
dwertent	1ff3a6c92c	support output to file	2021-08-30 18:44:42 +03:00
dwertent	f75cee0d78	support stdin input	2021-08-30 14:54:01 +03:00
dwertent	229f16cb01	Merge remote-tracking branch 'upstream/dev'	2021-08-30 13:52:58 +03:00
dwertent	2c6b1a440f	update glob function	2021-08-30 08:53:34 +03:00
dwertent	37afc1352f	adding helm support to readme	2021-08-29 13:34:40 +03:00
dwertent	9943119033	recursive glob	2021-08-29 13:15:34 +03:00
dwertent	41457ff551	Merge remote-tracking branch 'upstream/dev'	2021-08-29 10:38:42 +03:00
dwertent	82b64b5828	Merge remote-tracking branch 'origin/dev'	2021-08-29 10:35:59 +03:00
dwertent	229e8acc74	Merge remote-tracking branch 'origin/yamlsupport'	2021-08-29 10:35:32 +03:00
David Wertenteil	30324e1c01	Merge branch 'dev' into yamlsupport	2021-08-29 10:19:09 +03:00
dwertent	8ca356eae7	Merge remote-tracking branch 'upstream/master'	2021-08-29 10:09:54 +03:00
dwertent	29f4ae368d	support url input, update readme	2021-08-29 10:08:49 +03:00
dwertent	409080f51b	update package name o kubescape	2021-08-29 08:17:09 +03:00
dwertent	0b24c46279	Merge remote-tracking branch 'upstream/dev'	2021-08-26 18:30:50 +03:00
dwertent	49596c5ac1	split to function	2021-08-26 18:29:32 +03:00
dwertent	9bf79db8f8	Merge branch 'Daniel-GrunbergerCA-master' into dev	2021-08-26 12:22:34 +03:00