Merge pull request #991 from kubescape/dev

Release
Merge pull request #962 from anubhav06/gitlab-scan
2026-04-15 06:58:11 +00:00 · 2022-12-22 18:12:37 +02:00 · 2022-12-22 17:29:57 +02:00 · 2022-12-22 17:07:47 +02:00 · 2022-12-22 16:56:40 +02:00 · 2022-12-22 16:55:11 +02:00
91 changed files with 1248 additions and 716 deletions
--- a/.github/workflows/build-image.yaml
+++ b/.github/workflows/build-image.yaml
@@ -26,14 +26,24 @@ on:
        type: boolean
        description: 'support amd64/arm64'

-    secrets:
-      QUAYIO_REGISTRY_USERNAME:
-        required: true
-      QUAYIO_REGISTRY_PASSWORD:
-        required: true
-
 jobs:
+  check-secret:
+    name: check if QUAYIO_REGISTRY_USERNAME & QUAYIO_REGISTRY_PASSWORD is set in github secrets
+    runs-on: ubuntu-latest
+    outputs:
+      is-secret-set: ${{ steps.check-secret-set.outputs.is-secret-set }}
+    steps:
+      - name: Check whether unity activation requests should be done
+        id: check-secret-set
+        env:
+            QUAYIO_REGISTRY_USERNAME: ${{ secrets.QUAYIO_REGISTRY_USERNAME }}
+            QUAYIO_REGISTRY_PASSWORD: ${{ secrets.QUAYIO_REGISTRY_PASSWORD }}
+        run: |
+            echo "is-secret-set=${{ env.QUAYIO_REGISTRY_USERNAME != '' && env.QUAYIO_REGISTRY_PASSWORD != '' }}" >> $GITHUB_OUTPUT
+
  build-image:
+    needs: [check-secret]
+    if: needs.check-secret.outputs.is-secret-set == 'true'
    name: Build image and upload to registry
    runs-on: ubuntu-latest
    permissions:
@@ -61,10 +71,10 @@ jobs:
      - name: Build and push image
        if: ${{ inputs.support_platforms }}
        run: docker buildx build . --file build/Dockerfile --tag ${{ inputs.image_name }}:${{ inputs.image_tag }} --tag ${{ inputs.image_name }}:latest --build-arg image_version=${{ inputs.image_tag }} --build-arg client=${{ inputs.client }} --push --platform linux/amd64,linux/arm64
-     
+
      - name: Build and push image without amd64/arm64 support
        if: ${{ !inputs.support_platforms }}
-        run: docker buildx build . --file build/Dockerfile --tag ${{ inputs.image_name }}:${{ inputs.image_tag }} --tag ${{ inputs.image_name }}:latest --build-arg image_version=${{ inputs.image_tag }} --build-arg client=${{ inputs.client }} --push
+        run: docker buildx build . --file build/Dockerfile --tag ${{ inputs.image_name }}:${{ inputs.image_tag }} --tag ${{ inputs.image_name }}:latest --build-arg image_version=${{ inputs.image_tag }} --build-arg client=${{ inputs.client }} --push 

      - name: Install cosign
        uses: sigstore/cosign-installer@main
@@ -75,6 +85,5 @@ jobs:
        env:
          COSIGN_EXPERIMENTAL: "true"
        run: |
-            cosign sign --force ${{ inputs.image_name }}:latest
-            cosign sign --force ${{ inputs.image_name }}:${{ inputs.image_tag }}
+            cosign sign --force ${{ inputs.image_name }}

--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -4,7 +4,6 @@ on:
  push:
    branches: [ master ]
    paths-ignore:
-      # Do not run the pipeline if only Markdown files changed
      - '**.md'
 jobs:
  test:
@@ -29,7 +28,7 @@ jobs:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    strategy:
      matrix:
-        os: [ubuntu-latest, macos-latest, windows-latest]
+        os: [ubuntu-20.04, macos-latest, windows-latest]
    steps:
      - uses: actions/checkout@v3
        with:
@@ -56,8 +55,8 @@ jobs:
          CGO_ENABLED: 1
        run: python3 --version && python3 build.py
 
-      - name: Upload release binaries
-        id: upload-release-asset
+      - name: Upload release binaries (Windows / MacOS)
+        id: upload-release-asset-win-macos
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -66,9 +65,22 @@ jobs:
          asset_path: build/${{ matrix.os }}/kubescape
          asset_name: kubescape-${{ matrix.os }}
          asset_content_type: application/octet-stream
+        if: matrix.os != 'ubuntu-20.04'

-      - name: Upload release hash
-        id: upload-release-hash
+      - name: Upload release binaries (Linux)
+        id: upload-release-asset-linux
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: build/ubuntu-latest/kubescape
+          asset_name: kubescape-ubuntu-latest
+          asset_content_type: application/octet-stream
+        if: matrix.os == 'ubuntu-20.04'
+
+      - name: Upload release hash (Windows / MacOS)
+        id: upload-release-hash-win-macos
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -77,9 +89,21 @@ jobs:
          asset_path: build/${{ matrix.os }}/kubescape.sha256
          asset_name: kubescape-${{ matrix.os }}-sha256
          asset_content_type: application/octet-stream
-  
+        if: matrix.os != 'ubuntu-20.04'
+
+      - name: Upload release hash (Linux)
+        id: upload-release-hash-linux
+        uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ needs.create-release.outputs.upload_url }}
+          asset_path: build/ubuntu-latest/kubescape.sha256
+          asset_name: kubescape-ubuntu-latest-sha256
+          asset_content_type: application/octet-stream     
+        if: matrix.os == 'ubuntu-20.04'
+
  publish-image:
-    if: ${{ github.repository == 'kubescape/kubescape' }} # TODO
    uses: ./.github/workflows/build-image.yaml
    needs: create-release
    with:
--- a/.github/workflows/build_dev.yaml
+++ b/.github/workflows/build_dev.yaml
@@ -13,14 +13,13 @@ jobs:
      release: "v2.0.${{ github.run_number }}"
      client: test
 
-  publish-dev-image:
-    if: ${{ github.repository == 'kubescape/kubescape' }} # TODO
-    uses: ./.github/workflows/build-image.yaml
-    needs: test
-    with:
-      client: "image-dev"
-      image_name: "quay.io/${{ github.repository_owner }}/kubescape"
-      image_tag: "dev-v2.0.${{ github.run_number }}"
-      support_platforms: true
-      cosign: true
-    secrets: inherit
+  # publish-dev-image:
+  #   uses: ./.github/workflows/build-image.yaml
+  #   needs: test
+  #   with:
+  #     client: "image-dev"
+  #     image_name: "quay.io/${{ github.repository_owner }}/kubescape"
+  #     image_tag: "dev-v2.0.${{ github.run_number }}"
+  #     support_platforms: true
+  #     cosign: true
+  #   secrets: inherit
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -19,14 +19,14 @@ jobs:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    strategy:
      matrix:
-        os: [ubuntu-latest, macos-latest, windows-latest]
+        os: [ubuntu-20.04, macos-latest, windows-latest]
    steps:
      - uses: actions/checkout@v3
        with:
          submodules: recursive

      - name: Cache Go modules (Linux)
-        if: matrix.os == 'ubuntu-latest' 
+        if: matrix.os == 'ubuntu-20.04'
        uses: actions/cache@v3
        with:
          path: |
@@ -85,9 +85,16 @@ jobs:
          CGO_ENABLED: 1
        run: python3 --version && python3 build.py

-      - name: Smoke Testing
+      - name: Smoke Testing (Windows / MacOS)
        env:
          RELEASE: ${{ inputs.release }} 
          KUBESCAPE_SKIP_UPDATE_CHECK: "true"
        run: python3 smoke_testing/init.py ${PWD}/build/${{ matrix.os }}/kubescape
-        
+        if: matrix.os != 'ubuntu-20.04'
+
+      - name: Smoke Testing (Linux)
+        env:
+          RELEASE: ${{ inputs.release }} 
+          KUBESCAPE_SKIP_UPDATE_CHECK: "true"
+        run: python3 smoke_testing/init.py ${PWD}/build/ubuntu-latest/kubescape
+        if: matrix.os == 'ubuntu-20.04'        
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -1,127 +1,3 @@
-# Contributor Covenant Code of Conduct
+## Code of Conduct

-## Our Pledge
-
-We as members, contributors, and leaders pledge to make participation in our
-community a harassment-free experience for everyone, regardless of age, body
-size, visible or invisible disability, ethnicity, sex characteristics, gender
-identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, religion, or sexual identity
-and orientation.
-
-We pledge to act and interact in ways that contribute to an open, welcoming,
-diverse, inclusive, and healthy community.
-
-## Our Standards
-
-Examples of behavior that contributes to a positive environment for our
-community include:
-
-* Demonstrating empathy and kindness toward other people
-* Being respectful of differing opinions, viewpoints, and experiences
-* Giving and gracefully accepting constructive feedback
-* Accepting responsibility and apologizing to those affected by our mistakes,
-  and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the
-  overall community
-
-Examples of unacceptable behavior include:
-
-* The use of sexualized language or imagery, and sexual attention or
-  advances of any kind
-* Trolling, insulting or derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or email
-  address, without their explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
-
-## Enforcement Responsibilities
-
-Community leaders are responsible for clarifying and enforcing our standards of
-acceptable behavior and will take appropriate and fair corrective action in
-response to any behavior that they deem inappropriate, threatening, offensive,
-or harmful.
-
-Community leaders have the right and responsibility to remove, edit, or reject
-comments, commits, code, wiki edits, issues, and other contributions that are
-not aligned to this Code of Conduct, and will communicate reasons for moderation
-decisions when appropriate.
-
-## Scope
-
-This Code of Conduct applies within all community spaces, and also applies when
-an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
-posting via an official social media account, or acting as an appointed
-representative at an online or offline event.
-
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported to the community leaders responsible for enforcement [here](mailto:ben@armosec.io).
-All complaints will be reviewed and investigated promptly and fairly.
-
-All community leaders are obligated to respect the privacy and security of the
-reporter of any incident.
-
-## Enforcement Guidelines
-
-Community leaders will follow these Community Impact Guidelines in determining
-the consequences for any action they deem in violation of this Code of Conduct:
-
-### 1. Correction
-
-**Community Impact**: Use of inappropriate language or other behavior deemed
-unprofessional or unwelcome in the community.
-
-**Consequence**: A private, written warning from community leaders, providing
-clarity around the nature of the violation and an explanation of why the
-behavior was inappropriate. A public apology may be requested.
-
-### 2. Warning
-
-**Community Impact**: A violation through a single incident or series
-of actions.
-
-**Consequence**: A warning with consequences for continued behavior. No
-interaction with the people involved, including unsolicited interaction with
-those enforcing the Code of Conduct, for a specified period of time. This
-includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or
-permanent ban.
-
-### 3. Temporary Ban
-
-**Community Impact**: A serious violation of community standards, including
-sustained inappropriate behavior.
-
-**Consequence**: A temporary ban from any sort of interaction or public
-communication with the community for a specified period of time. No public or
-private interaction with the people involved, including unsolicited interaction
-with those enforcing the Code of Conduct, is allowed during this period.
-Violating these terms may lead to a permanent ban.
-
-### 4. Permanent Ban
-
-**Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior,  harassment of an
-individual, or aggression toward or disparagement of classes of individuals.
-
-**Consequence**: A permanent ban from any sort of public interaction within
-the community.
-
-## Attribution
-
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
-
-Community Impact Guidelines were inspired by [Mozilla's code of conduct
-enforcement ladder](https://github.com/mozilla/diversity).
-
-[homepage]: https://www.contributor-covenant.org
-
-For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
+The Kubescape project follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md).
--- a/MAINTAINERS.md
+++ b/MAINTAINERS.md
@@ -1,10 +1,11 @@
 # Maintainers

-The following table lists Kubescape project maintainers 
+The following table lists the Kubescape project maintainers:

-| Name | GitHub | Email | Organization | Role | Added/Renewed On |
-| --- | --- | --- | --- | --- | --- |
-| [Ben Hirschberg](https://www.linkedin.com/in/benyamin-ben-hirschberg-66141890) | [@slashben](https://github.com/slashben) | ben@armosec.io | [ARMO](https://www.armosec.io/) | VP R&D | 2021-09-01 |
-| [Rotem Refael](https://www.linkedin.com/in/rotem-refael) | [@rotemamsa](https://github.com/rotemamsa) | rrefael@armosec.io | [ARMO](https://www.armosec.io/) | Team Leader | 2021-10-11 |
-| [David Wertenteil](https://www.linkedin.com/in/david-wertenteil-0ba277b9) | [@dwertent](https://github.com/dwertent) | dwertent@armosec.io | [ARMO](https://www.armosec.io/) | Kubescape CLI Developer | 2021-09-01 |
-| [Bezalel Brandwine](https://www.linkedin.com/in/bezalel-brandwine) | [@Bezbran](https://github.com/Bezbran) | bbrandwine@armosec.io | [ARMO](https://www.armosec.io/) | Kubescape SaaS Developer | 2021-09-01 |
+| Name | GitHub | Organization | Added/Renewed On |
+| --- | --- | --- | --- |
+| [Ben Hirschberg](https://www.linkedin.com/in/benyamin-ben-hirschberg-66141890) | [@slashben](https://github.com/slashben) | [ARMO](https://www.armosec.io/) | 2021-09-01 |
+| [Rotem Refael](https://www.linkedin.com/in/rotem-refael) | [@rotemamsa](https://github.com/rotemamsa) | [ARMO](https://www.armosec.io/) | 2021-10-11 |
+| [David Wertenteil](https://www.linkedin.com/in/david-wertenteil-0ba277b9) | [@dwertent](https://github.com/dwertent) | [ARMO](https://www.armosec.io/) | 2021-09-01 |
+| [Bezalel Brandwine](https://www.linkedin.com/in/bezalel-brandwine) | [@Bezbran](https://github.com/Bezbran) | [ARMO](https://www.armosec.io/) | 2021-09-01 |
+| [Craig Box](https://www.linkedin.com/in/crbnz/) | [@craigbox](https://github.com/craigbox) | [ARMO](https://www.armosec.io/) | 2022-10-31 |
--- a/README.md
+++ b/README.md
@@ -52,6 +52,9 @@ kubescape scan --enable-host-scan --verbose
 </br>

 ## Architecture in short
+
+[Component architecture](docs/architecture.drawio.svg)
+
 ### [CLI](#kubescape-cli)
 <div align="center">
    <img src="docs/ks-cli-arch.png" width="300" alt="cli-diagram">
--- a/cmd/download/download.go
+++ b/cmd/download/download.go
@@ -24,8 +24,8 @@ var (
  # Download the NSA framework. Run 'kubescape list frameworks' for all frameworks names
  kubescape download framework nsa

-  # Download the "HostPath mount" control. Run 'kubescape list controls' for all controls names
-  kubescape download control "HostPath mount"
+  # Download the "C-0001" control. Run 'kubescape list controls --id' for all controls ids
+  kubescape download control "C-0001"

  # Download the "C-0001" control. Run 'kubescape list controls --id' for all controls ids
  kubescape download control C-0001
@@ -36,6 +36,8 @@ var (
  # Download the configured controls-inputs 
  kubescape download controls-inputs 

+  # Download the attack tracks
+  kubescape download attack-tracks
 `
 )

@@ -68,7 +70,9 @@ func GeDownloadCmd(ks meta.IKubescape) *cobra.Command {
 			}
 			downloadInfo.Target = args[0]
 			if len(args) >= 2 {
-				downloadInfo.Name = args[1]
+
+				downloadInfo.Identifier = args[1]
+
 			}
 			if err := ks.Download(&downloadInfo); err != nil {
 				logger.L().Fatal(err.Error())
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -27,7 +27,7 @@ var rootInfo cautils.RootInfo

 var ksExamples = `
  # Scan command
-  kubescape scan --submit
+  kubescape scan

  # List supported frameworks
  kubescape list frameworks
--- a/cmd/scan/control.go
+++ b/cmd/scan/control.go
@@ -109,7 +109,7 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 			if results.GetRiskScore() > float32(scanInfo.FailThreshold) {
 				logger.L().Fatal("scan risk-score is above permitted threshold", helpers.String("risk-score", fmt.Sprintf("%.2f", results.GetRiskScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
 			}
-			enforceSeverityThresholds(&results.GetResults().SummaryDetails.SeverityCounters, scanInfo, terminateOnExceedingSeverity)
+			enforceSeverityThresholds(results.GetResults().SummaryDetails.GetResourcesSeverityCounters(), scanInfo, terminateOnExceedingSeverity)

 			return nil
 		},
@@ -120,6 +120,10 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 func validateControlScanInfo(scanInfo *cautils.ScanInfo) error {
 	severity := scanInfo.FailThresholdSeverity

+	if scanInfo.Submit && scanInfo.OmitRawResources {
+		return fmt.Errorf("you can use `omit-raw-resources` or `submit`, but not both")
+	}
+
 	if err := validateSeverity(severity); severity != "" && err != nil {
 		return err
 	}
--- a/cmd/scan/framework.go
+++ b/cmd/scan/framework.go
@@ -16,14 +16,13 @@ import (
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/kubescape/v2/core/meta"

-	"github.com/enescakir/emoji"
 	"github.com/spf13/cobra"
 )

 var (
 	frameworkExample = `
-  # Scan all frameworks and submit the results
-  kubescape scan framework all --submit
+  # Scan all frameworks
+  kubescape scan framework all
  
  # Scan the NSA framework
  kubescape scan framework nsa
@@ -35,7 +34,7 @@ var (
  kubescape scan framework all

  # Scan kubernetes YAML manifest files (single file or glob)
-  kubescape scan framework nsa *.yaml
+  kubescape scan framework nsa .

  Run 'kubescape list frameworks' for the list of supported frameworks
 `
@@ -113,13 +112,13 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 				logger.L().Fatal(err.Error())
 			}
 			if !scanInfo.VerboseMode {
-				cautils.SimpleDisplay(os.Stderr, "%s  Run with '--verbose'/'-v' flag for detailed resources view\n\n", emoji.Detective)
+				cautils.SimpleDisplay(os.Stderr, "Run with '--verbose'/'-v' flag for detailed resources view\n\n")
 			}
 			if results.GetRiskScore() > float32(scanInfo.FailThreshold) {
 				logger.L().Fatal("scan risk-score is above permitted threshold", helpers.String("risk-score", fmt.Sprintf("%.2f", results.GetRiskScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
 			}

-			enforceSeverityThresholds(&results.GetData().Report.SummaryDetails.SeverityCounters, scanInfo, terminateOnExceedingSeverity)
+			enforceSeverityThresholds(results.GetData().Report.SummaryDetails.GetResourcesSeverityCounters(), scanInfo, terminateOnExceedingSeverity)
 			return nil
 		},
 	}
@@ -136,10 +135,10 @@ func countersExceedSeverityThreshold(severityCounters reportsummary.ISeverityCou
 		SeverityName       string
 		GetFailedResources func() int
 	}{
-		{reporthandlingapis.SeverityLowString, severityCounters.NumberOfResourcesWithLowSeverity},
-		{reporthandlingapis.SeverityMediumString, severityCounters.NumberOfResourcesWithMediumSeverity},
-		{reporthandlingapis.SeverityHighString, severityCounters.NumberOfResourcesWithHighSeverity},
-		{reporthandlingapis.SeverityCriticalString, severityCounters.NumberOfResourcesWithCriticalSeverity},
+		{reporthandlingapis.SeverityLowString, severityCounters.NumberOfLowSeverity},
+		{reporthandlingapis.SeverityMediumString, severityCounters.NumberOfMediumSeverity},
+		{reporthandlingapis.SeverityHighString, severityCounters.NumberOfHighSeverity},
+		{reporthandlingapis.SeverityCriticalString, severityCounters.NumberOfCriticalSeverity},
 	}

 	targetSeverityIdx := 0
@@ -201,7 +200,9 @@ func validateFrameworkScanInfo(scanInfo *cautils.ScanInfo) error {
 	if 100 < scanInfo.FailThreshold || 0 > scanInfo.FailThreshold {
 		return fmt.Errorf("bad argument: out of range threshold")
 	}
-
+	if scanInfo.Submit && scanInfo.OmitRawResources {
+		return fmt.Errorf("you can use `omit-raw-resources` or `submit`, but not both")
+	}
 	severity := scanInfo.FailThresholdSeverity
 	if err := validateSeverity(severity); severity != "" && err != nil {
 		return err
--- a/cmd/scan/scan.go
+++ b/cmd/scan/scan.go
@@ -17,10 +17,10 @@ var scanCmdExamples = `
  kubescape scan --enable-host-scan --verbose

  # Scan kubernetes YAML manifest files
-  kubescape scan *.yaml
+  kubescape scan .

  # Scan and save the results in the JSON format
-  kubescape scan --format json --output results.json
+  kubescape scan --format json --output results.json --format-version=v2

  # Display all resources
  kubescape scan --verbose
@@ -76,7 +76,7 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().Float32VarP(&scanInfo.FailThreshold, "fail-threshold", "t", 100, "Failure threshold is the percent above which the command fails and returns exit code 1")

 	scanCmd.PersistentFlags().StringVar(&scanInfo.FailThresholdSeverity, "severity-threshold", "", "Severity threshold is the severity of failed controls at which the command fails and returns exit code 1")
-	scanCmd.PersistentFlags().StringVarP(&scanInfo.Format, "format", "f", "pretty-printer", `Output format. Supported formats: "pretty-printer", "json", "junit", "prometheus", "pdf", "html", "sarif"`)
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Format, "format", "f", "", `Output file format. Supported formats: "pretty-printer", "json", "junit", "prometheus", "pdf", "html", "sarif"`)
 	scanCmd.PersistentFlags().StringVar(&scanInfo.IncludeNamespaces, "include-namespaces", "", "scan specific namespaces. e.g: --include-namespaces ns-a,ns-b")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Local, "keep-local", "", false, "If you do not want your Kubescape results reported to configured backend.")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Output, "output", "o", "", "Output file. Print output to file and not stdout")
@@ -88,11 +88,13 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().StringVar(&scanInfo.FormatVersion, "format-version", "v1", "Output object can be different between versions, this is for maintaining backward and forward compatibility. Supported:'v1'/'v2'")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.CustomClusterName, "cluster-name", "", "Set the custom name of the cluster. Not same as the kube-context flag")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Submit, "submit", "", false, "Submit the scan results to Kubescape SaaS where you can see the results in a user-friendly UI, choose your preferred compliance framework, check risk results history and trends, manage exceptions, get remediation recommendations and much more. By default the results are not submitted")
+	scanCmd.PersistentFlags().BoolVarP(&scanInfo.OmitRawResources, "omit-raw-resources", "", false, "Omit raw resources from the output. By default the raw resources are included in the output")

 	scanCmd.PersistentFlags().MarkDeprecated("silent", "use '--logger' flag instead. Flag will be removed at 1.May.2022")

 	// hidden flags
 	scanCmd.PersistentFlags().MarkHidden("host-scan-yaml") // this flag should be used very cautiously. We prefer users will not use it at all unless the DaemonSet can not run pods on the nodes
+	scanCmd.PersistentFlags().MarkHidden("omit-raw-resources")

 	// Retrieve --kubeconfig flag from https://github.com/kubernetes/kubectl/blob/master/pkg/cmd/cmd.go
 	scanCmd.PersistentFlags().AddGoFlag(flag.Lookup("kubeconfig"))
--- a/cmd/scan/scan_test.go
+++ b/cmd/scan/scan_test.go
@@ -24,91 +24,91 @@ func TestExceedsSeverity(t *testing.T) {
 		{
 			Description:      "Critical failed resource should exceed Critical threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "critical"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithCriticalSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{CriticalSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Critical failed resource should exceed Critical threshold set as constant",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: apis.SeverityCriticalString},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithCriticalSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{CriticalSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "High failed resource should not exceed Critical threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "critical"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithHighSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{HighSeverityCounter: 1},
 			Want:             false,
 		},
 		{
 			Description:      "Critical failed resource exceeds High threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "high"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithCriticalSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{CriticalSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "High failed resource exceeds High threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "high"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithHighSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{HighSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Medium failed resource does not exceed High threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "high"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithMediumSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{MediumSeverityCounter: 1},
 			Want:             false,
 		},
 		{
 			Description:      "Critical failed resource exceeds Medium threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "medium"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithCriticalSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{CriticalSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "High failed resource exceeds Medium threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "medium"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithHighSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{HighSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Medium failed resource exceeds Medium threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "medium"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithMediumSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{MediumSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Low failed resource does not exceed Medium threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "medium"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithLowSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{LowSeverityCounter: 1},
 			Want:             false,
 		},
 		{
 			Description:      "Critical failed resource exceeds Low threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "low"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithCriticalSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{CriticalSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "High failed resource exceeds Low threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "low"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithHighSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{HighSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Medium failed resource exceeds Low threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "low"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithMediumSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{MediumSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Low failed resource exceeds Low threshold",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "low"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithLowSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{LowSeverityCounter: 1},
 			Want:             true,
 		},
 		{
 			Description:      "Unknown severity returns an error",
 			ScanInfo:         &cautils.ScanInfo{FailThresholdSeverity: "unknown"},
-			SeverityCounters: &reportsummary.SeverityCounters{ResourcesWithLowSeverityCounter: 1},
+			SeverityCounters: &reportsummary.SeverityCounters{LowSeverityCounter: 1},
 			Want:             false,
 			Error:            ErrUnknownSeverity,
 		},
@@ -139,7 +139,7 @@ func Test_enforceSeverityThresholds(t *testing.T) {
 	}{
 		{
 			"Exceeding Critical severity counter should call the terminating function",
-			&reportsummary.SeverityCounters{ResourcesWithCriticalSeverityCounter: 1},
+			&reportsummary.SeverityCounters{CriticalSeverityCounter: 1},
 			&cautils.ScanInfo{FailThresholdSeverity: apis.SeverityCriticalString},
 			true,
 		},
--- a/core/cautils/datastructures.go
+++ b/core/cautils/datastructures.go
@@ -18,18 +18,19 @@ type OPASessionObj struct {
 	K8SResources          *K8SResources                                 // input k8s objects
 	ArmoResource          *KSResources                                  // input ARMO objects
 	AllPolicies           *Policies                                     // list of all frameworks
-	Policies              []reporthandling.Framework                    // list of frameworks to scan
 	AllResources          map[string]workloadinterface.IMetadata        // all scanned resources, map[<resource ID>]<resource>
 	ResourcesResult       map[string]resourcesresults.Result            // resources scan results, map[<resource ID>]<resource result>
 	ResourceSource        map[string]reporthandling.Source              // resources sources, map[<resource ID>]<resource result>
 	ResourcesPrioritized  map[string]prioritization.PrioritizedResource // resources prioritization information, map[<resource ID>]<prioritized resource>
 	Report                *reporthandlingv2.PostureReport               // scan results v2 - Remove
-	Exceptions            []armotypes.PostureExceptionPolicy            // list of exceptions to apply on scan results
 	RegoInputData         RegoInputData                                 // input passed to rego for scanning. map[<control name>][<input arguments>]
 	Metadata              *reporthandlingv2.Metadata
-	InfoMap               map[string]apis.StatusInfo // Map errors of resources to StatusInfo
-	ResourceToControlsMap map[string][]string        // map[<apigroup/apiversion/resource>] = [<control_IDs>]
-	SessionID             string                     // SessionID
+	InfoMap               map[string]apis.StatusInfo         // Map errors of resources to StatusInfo
+	ResourceToControlsMap map[string][]string                // map[<apigroup/apiversion/resource>] = [<control_IDs>]
+	SessionID             string                             // SessionID
+	Policies              []reporthandling.Framework         // list of frameworks to scan
+	Exceptions            []armotypes.PostureExceptionPolicy // list of exceptions to apply on scan results
+	OmitRawResources      bool                               // omit raw resources from output
 }

 func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SResources, scanInfo *ScanInfo) *OPASessionObj {
@@ -45,6 +46,7 @@ func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SRe
 		ResourceSource:        make(map[string]reporthandling.Source),
 		SessionID:             scanInfo.ScanID,
 		Metadata:              scanInfoToScanMetadata(scanInfo),
+		OmitRawResources:      scanInfo.OmitRawResources,
 	}
 }

@@ -94,6 +96,7 @@ type Exception struct {

 type RegoInputData struct {
 	PostureControlInputs map[string][]string `json:"postureControlInputs"`
+	DataControlInputs    map[string]string   `json:"dataControlInputs"`
 	// ClusterName          string              `json:"clusterName"`
 	// K8sConfig            RegoK8sConfig       `json:"k8sconfig"`
 }
--- a/core/cautils/getter/downloadreleasedpolicy.go
+++ b/core/cautils/getter/downloadreleasedpolicy.go
@@ -25,11 +25,11 @@ func NewDownloadReleasedPolicy() *DownloadReleasedPolicy {
 	}
 }

-func (drp *DownloadReleasedPolicy) GetControl(policyName string) (*reporthandling.Control, error) {
+func (drp *DownloadReleasedPolicy) GetControl(ID string) (*reporthandling.Control, error) {
 	var control *reporthandling.Control
 	var err error

-	control, err = drp.gs.GetOPAControl(policyName)
+	control, err = drp.gs.GetOPAControlByID(ID)
 	if err != nil {
 		return nil, err
 	}
@@ -65,12 +65,20 @@ func (drp *DownloadReleasedPolicy) ListControls() ([]string, error) {
 	if err != nil {
 		return []string{}, err
 	}
-	controlsNamesWithIDsList := make([]string, len(controlsIDsList))
-	// by design both slices have the same length
-	for i := range controlsIDsList {
-		controlsNamesWithIDsList[i] = fmt.Sprintf("%v|%v", controlsIDsList[i], controlsNamesList[i])
+	controls, err := drp.gs.GetOPAControls()
+	if err != nil {
+		return []string{}, err
 	}
-	return controlsNamesWithIDsList, nil
+	var controlsFrameworksList [][]string
+	for _, control := range controls {
+		controlsFrameworksList = append(controlsFrameworksList, control.FrameworkNames)
+	}
+	controlsNamesWithIDsandFrameworksList := make([]string, len(controlsIDsList))
+	// by design all slices have the same lengt
+	for i := range controlsIDsList {
+		controlsNamesWithIDsandFrameworksList[i] = fmt.Sprintf("%v|%v|%v", controlsIDsList[i], controlsNamesList[i], strings.Join(controlsFrameworksList[i], ","))
+	}
+	return controlsNamesWithIDsandFrameworksList, nil
 }

 func (drp *DownloadReleasedPolicy) GetControlsInputs(clusterName string) (map[string][]string, error) {
--- a/core/cautils/getter/getpolicies.go
+++ b/core/cautils/getter/getpolicies.go
@@ -9,7 +9,7 @@ import (
 type IPolicyGetter interface {
 	GetFramework(name string) (*reporthandling.Framework, error)
 	GetFrameworks() ([]reporthandling.Framework, error)
-	GetControl(name string) (*reporthandling.Control, error)
+	GetControl(ID string) (*reporthandling.Control, error)

 	ListFrameworks() ([]string, error)
 	ListControls() ([]string, error)
--- a/core/cautils/getter/kscloudapi.go
+++ b/core/cautils/getter/kscloudapi.go
@@ -192,7 +192,7 @@ func (api *KSCloudAPI) GetFrameworks() ([]reporthandling.Framework, error) {
 	return frameworks, err
 }

-func (api *KSCloudAPI) GetControl(policyName string) (*reporthandling.Control, error) {
+func (api *KSCloudAPI) GetControl(ID string) (*reporthandling.Control, error) {
 	return nil, fmt.Errorf("control api is not public")
 }

--- a/core/cautils/getter/loadpolicy.go
+++ b/core/cautils/getter/loadpolicy.go
@@ -9,6 +9,7 @@ import (

 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/kubescape/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling/attacktrack/v1alpha1"
 )

 // =======================================================================================================================
@@ -36,7 +37,7 @@ func NewLoadPolicy(filePaths []string) *LoadPolicy {
 }

 // Return control from file
-func (lp *LoadPolicy) GetControl(controlName string) (*reporthandling.Control, error) {
+func (lp *LoadPolicy) GetControl(controlID string) (*reporthandling.Control, error) {

 	control := &reporthandling.Control{}
 	filePath := lp.filePath()
@@ -48,13 +49,13 @@ func (lp *LoadPolicy) GetControl(controlName string) (*reporthandling.Control, e
 	if err = json.Unmarshal(f, control); err != nil {
 		return control, err
 	}
-	if controlName != "" && !strings.EqualFold(controlName, control.Name) && !strings.EqualFold(controlName, control.ControlID) {
+	if controlID != "" && !strings.EqualFold(controlID, control.ControlID) && !strings.EqualFold(controlID, control.ControlID) {
 		framework, err := lp.GetFramework(control.Name)
 		if err != nil {
 			return nil, fmt.Errorf("control from file not matching")
 		} else {
 			for _, ctrl := range framework.Controls {
-				if strings.EqualFold(ctrl.Name, controlName) || strings.EqualFold(ctrl.ControlID, controlName) {
+				if strings.EqualFold(ctrl.ControlID, controlID) || strings.EqualFold(ctrl.ControlID, controlID) {
 					control = &ctrl
 					break
 				}
@@ -152,3 +153,18 @@ func (lp *LoadPolicy) filePath() string {
 	}
 	return ""
 }
+
+func (lp *LoadPolicy) GetAttackTracks() ([]v1alpha1.AttackTrack, error) {
+	attackTracks := []v1alpha1.AttackTrack{}
+
+	f, err := os.ReadFile(lp.filePath())
+
+	if err != nil {
+		return nil, err
+	}
+
+	if err := json.Unmarshal(f, &attackTracks); err != nil {
+		return nil, err
+	}
+	return attackTracks, nil
+}
--- a/core/cautils/gitparse_test.go
+++ b/core/cautils/gitparse_test.go
@@ -0,0 +1,16 @@
+package cautils
+
+import (
+	"testing"
+
+	giturl "github.com/kubescape/go-git-url"
+	"github.com/stretchr/testify/require"
+)
+
+func TestEnsureRemoteParsed(t *testing.T) {
+	const remote = "git@gitlab.com:foobar/gitlab-tests/sample-project.git"
+
+	require.NotPanics(t, func() {
+		_, _ = giturl.NewGitURL(remote)
+	})
+}
--- a/core/cautils/localgitrepository.go
+++ b/core/cautils/localgitrepository.go
@@ -6,10 +6,10 @@ import (
 	"strings"
 	"time"

-	"github.com/armosec/go-git-url/apis"
 	gitv5 "github.com/go-git/go-git/v5"
 	configv5 "github.com/go-git/go-git/v5/config"
 	plumbingv5 "github.com/go-git/go-git/v5/plumbing"
+	"github.com/kubescape/go-git-url/apis"
 	git2go "github.com/libgit2/git2go/v33"
 )

--- a/core/cautils/scaninfo.go
+++ b/core/cautils/scaninfo.go
@@ -10,7 +10,7 @@ import (
 	"github.com/armosec/armoapi-go/armotypes"
 	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"

-	giturl "github.com/armosec/go-git-url"
+	giturl "github.com/kubescape/go-git-url"
 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/go-logger/helpers"
 	"github.com/kubescape/k8s-interface/k8sinterface"
@@ -39,7 +39,8 @@ const (
 	// ScanCluster                string = "cluster"
 	// ScanLocalFiles             string = "yaml"
 	localControlInputsFilename string = "controls-inputs.json"
-	localExceptionsFilename    string = "exceptions.json"
+	LocalExceptionsFilename    string = "exceptions.json"
+	LocalAttackTracksFilename  string = "attack-tracks.json"
 )

 type BoolPtrFlag struct {
@@ -93,7 +94,7 @@ const (
 )

 type PolicyIdentifier struct {
-	Name        string                        // policy name e.g. nsa,mitre,c-0012
+	Identifier  string                        // policy Identifier e.g. c-0012 for control, nsa,mitre for frameworks
 	Kind        apisv1.NotificationPolicyKind // policy kind e.g. Framework,Control,Rule
 	Designators armotypes.PortalDesignator
 }
@@ -127,6 +128,7 @@ type ScanInfo struct {
 	KubeContext           string             // context name
 	FrameworkScan         bool               // false if scanning control
 	ScanAll               bool               // true if scan all frameworks
+	OmitRawResources      bool               // true if omit raw resources from the output
 }

 type Getters struct {
@@ -138,7 +140,6 @@ type Getters struct {

 func (scanInfo *ScanInfo) Init() {
 	scanInfo.setUseFrom()
-	scanInfo.setOutputFile()
 	scanInfo.setUseArtifactsFrom()
 	if scanInfo.ScanID == "" {
 		scanInfo.ScanID = uuid.NewString()
@@ -175,35 +176,24 @@ func (scanInfo *ScanInfo) setUseArtifactsFrom() {
 	// set config-inputs file
 	scanInfo.ControlsInputs = filepath.Join(scanInfo.UseArtifactsFrom, localControlInputsFilename)
 	// set exceptions
-	scanInfo.UseExceptions = filepath.Join(scanInfo.UseArtifactsFrom, localExceptionsFilename)
+	scanInfo.UseExceptions = filepath.Join(scanInfo.UseArtifactsFrom, LocalExceptionsFilename)
 }

 func (scanInfo *ScanInfo) setUseFrom() {
 	if scanInfo.UseDefault {
 		for _, policy := range scanInfo.PolicyIdentifier {
-			scanInfo.UseFrom = append(scanInfo.UseFrom, getter.GetDefaultPath(policy.Name+".json"))
+			scanInfo.UseFrom = append(scanInfo.UseFrom, getter.GetDefaultPath(policy.Identifier+".json"))
 		}
 	}
 }

-func (scanInfo *ScanInfo) setOutputFile() {
-	if scanInfo.Output == "" {
-		return
-	}
-	if scanInfo.Format == "json" {
-		if filepath.Ext(scanInfo.Output) != ".json" {
-			scanInfo.Output += ".json"
-		}
-	}
-	if scanInfo.Format == "junit" {
-		if filepath.Ext(scanInfo.Output) != ".xml" {
-			scanInfo.Output += ".xml"
-		}
-	}
-	if scanInfo.Format == "pdf" {
-		if filepath.Ext(scanInfo.Output) != ".pdf" {
-			scanInfo.Output += ".pdf"
-		}
+// Formats returns a slice of output formats that have been requested for a given scan
+func (scanInfo *ScanInfo) Formats() []string {
+	formatString := scanInfo.Format
+	if formatString != "" {
+		return strings.Split(scanInfo.Format, ",")
+	} else {
+		return []string{}
 	}
 }

@@ -212,7 +202,7 @@ func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind apisv1.No
 		if !scanInfo.contains(policy) {
 			newPolicy := PolicyIdentifier{}
 			newPolicy.Kind = kind
-			newPolicy.Name = policy
+			newPolicy.Identifier = policy
 			scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
 		}
 	}
@@ -220,7 +210,7 @@ func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind apisv1.No

 func (scanInfo *ScanInfo) contains(policyName string) bool {
 	for _, policy := range scanInfo.PolicyIdentifier {
-		if policy.Name == policyName {
+		if policy.Identifier == policyName {
 			return true
 		}
 	}
@@ -248,7 +238,7 @@ func scanInfoToScanMetadata(scanInfo *ScanInfo) *reporthandlingv2.Metadata {
 	}
 	// append frameworks
 	for _, policy := range scanInfo.PolicyIdentifier {
-		metadata.ScanMetadata.TargetNames = append(metadata.ScanMetadata.TargetNames, policy.Name)
+		metadata.ScanMetadata.TargetNames = append(metadata.ScanMetadata.TargetNames, policy.Identifier)
 	}

 	metadata.ScanMetadata.KubescapeVersion = BuildNumber
@@ -418,7 +408,7 @@ func metadataGitLocal(input string) (*reporthandlingv2.RepoContextMetadata, erro
 		Date:          commit.Committer.Date,
 		CommitterName: commit.Committer.Name,
 	}
-	context.LocalRootPath = getAbsPath(input)
+	context.LocalRootPath, _ = gitParser.GetRootDir()

 	return context, nil
 }
--- a/core/cautils/scaninfo_test.go
+++ b/core/cautils/scaninfo_test.go
@@ -43,3 +43,30 @@ func TestGetScanningContext(t *testing.T) {
 	assert.Equal(t, ContextCluster, GetScanningContext(""))
 	assert.Equal(t, ContextGitURL, GetScanningContext("https://github.com/kubescape/kubescape"))
 }
+
+func TestScanInfoFormats(t *testing.T) {
+	testCases := []struct {
+		Input string
+		Want  []string
+	}{
+		{"", []string{}},
+		{"json", []string{"json"}},
+		{"pdf", []string{"pdf"}},
+		{"html", []string{"html"}},
+		{"sarif", []string{"sarif"}},
+		{"html,pdf,sarif", []string{"html", "pdf", "sarif"}},
+		{"pretty-printer,pdf,sarif", []string{"pretty-printer", "pdf", "sarif"}},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.Input, func(t *testing.T) {
+			input := tc.Input
+			want := tc.Want
+			scanInfo := &ScanInfo{Format: input}
+
+			got := scanInfo.Formats()
+
+			assert.Equal(t, want, got)
+		})
+	}
+}
--- a/core/cautils/versioncheck.go
+++ b/core/cautils/versioncheck.go
@@ -14,8 +14,9 @@ import (
 	"golang.org/x/mod/semver"
 )

-const SKIP_VERSION_CHECK_DEPRECATED = "KUBESCAPE_SKIP_UPDATE_CHECK"
-const SKIP_VERSION_CHECK = "KS_SKIP_UPDATE_CHECK"
+const SKIP_VERSION_CHECK_DEPRECATED_ENV = "KUBESCAPE_SKIP_UPDATE_CHECK"
+const SKIP_VERSION_CHECK_ENV = "KS_SKIP_UPDATE_CHECK"
+const CLIENT_ENV = "KS_CLIENT"

 var BuildNumber string
 var Client string
@@ -31,9 +32,14 @@ func NewIVersionCheckHandler() IVersionCheckHandler {
 	if BuildNumber == "" {
 		logger.L().Warning("unknown build number, this might affect your scan results. Please make sure you are updated to latest version")
 	}
-	if v, ok := os.LookupEnv(SKIP_VERSION_CHECK); ok && boolutils.StringToBool(v) {
+
+	if v, ok := os.LookupEnv(CLIENT_ENV); ok && v != "" {
+		Client = v
+	}
+
+	if v, ok := os.LookupEnv(SKIP_VERSION_CHECK_ENV); ok && boolutils.StringToBool(v) {
 		return NewVersionCheckHandlerMock()
-	} else if v, ok := os.LookupEnv(SKIP_VERSION_CHECK_DEPRECATED); ok && boolutils.StringToBool(v) {
+	} else if v, ok := os.LookupEnv(SKIP_VERSION_CHECK_DEPRECATED_ENV); ok && boolutils.StringToBool(v) {
 		return NewVersionCheckHandlerMock()
 	}
 	return NewVersionCheckHandler()
--- a/core/cautils/workloadmappingutils.go
+++ b/core/cautils/workloadmappingutils.go
@@ -19,6 +19,7 @@ var (
 		"KubeletInfo",
 		"KubeProxyInfo",
 		"ControlPlaneInfo",
+		"CloudProviderInfo",
 	}
 	CloudResources = []string{
 		"ClusterDescribe",
--- a/core/core/download.go
+++ b/core/core/download.go
@@ -13,12 +13,22 @@ import (
 	metav1 "github.com/kubescape/kubescape/v2/core/meta/datastructures/v1"
 )

+const (
+	TargetControlsInputs = "controls-inputs"
+	TargetExceptions     = "exceptions"
+	TargetControl        = "control"
+	TargetFramework      = "framework"
+	TargetArtifacts      = "artifacts"
+	TargetAttackTracks   = "attack-tracks"
+)
+
 var downloadFunc = map[string]func(*metav1.DownloadInfo) error{
-	"controls-inputs": downloadConfigInputs,
-	"exceptions":      downloadExceptions,
-	"control":         downloadControl,
-	"framework":       downloadFramework,
-	"artifacts":       downloadArtifacts,
+	TargetControlsInputs: downloadConfigInputs,
+	TargetExceptions:     downloadExceptions,
+	TargetControl:        downloadControl,
+	TargetFramework:      downloadFramework,
+	TargetArtifacts:      downloadArtifacts,
+	TargetAttackTracks:   downloadAttackTracks,
 }

 func DownloadSupportCommands() []string {
@@ -70,6 +80,7 @@ func downloadArtifacts(downloadInfo *metav1.DownloadInfo) error {
 		"controls-inputs": downloadConfigInputs,
 		"exceptions":      downloadExceptions,
 		"framework":       downloadFramework,
+		"attack-tracks":   downloadAttackTracks,
 	}
 	for artifact := range artifacts {
 		if err := downloadArtifact(&metav1.DownloadInfo{Target: artifact, Path: downloadInfo.Path, FileName: fmt.Sprintf("%s.json", artifact)}, artifacts); err != nil {
@@ -82,7 +93,7 @@ func downloadArtifacts(downloadInfo *metav1.DownloadInfo) error {
 func downloadConfigInputs(downloadInfo *metav1.DownloadInfo) error {
 	tenant := getTenantConfig(&downloadInfo.Credentials, "", "", getKubernetesApi())

-	controlsInputsGetter := getConfigInputsGetter(downloadInfo.Name, tenant.GetAccountID(), nil)
+	controlsInputsGetter := getConfigInputsGetter(downloadInfo.Identifier, tenant.GetAccountID(), nil)
 	controlInputs, err := controlsInputsGetter.GetControlsInputs(tenant.GetContextName())
 	if err != nil {
 		return err
@@ -108,12 +119,12 @@ func downloadExceptions(downloadInfo *metav1.DownloadInfo) error {

 	exceptionsGetter := getExceptionsGetter("", tenant.GetAccountID(), nil)
 	exceptions := []armotypes.PostureExceptionPolicy{}
-	if tenant.GetAccountID() != "" {
-		exceptions, err = exceptionsGetter.GetExceptions(tenant.GetContextName())
-		if err != nil {
-			return err
-		}
+
+	exceptions, err = exceptionsGetter.GetExceptions(tenant.GetContextName())
+	if err != nil {
+		return err
 	}
+
 	if downloadInfo.FileName == "" {
 		downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Target)
 	}
@@ -126,13 +137,37 @@ func downloadExceptions(downloadInfo *metav1.DownloadInfo) error {
 	return nil
 }

+func downloadAttackTracks(downloadInfo *metav1.DownloadInfo) error {
+	var err error
+	tenant := getTenantConfig(&downloadInfo.Credentials, "", "", getKubernetesApi())
+
+	attackTracksGetter := getAttackTracksGetter(tenant.GetAccountID(), nil)
+
+	attackTracks, err := attackTracksGetter.GetAttackTracks()
+	if err != nil {
+		return err
+	}
+
+	if downloadInfo.FileName == "" {
+		downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Target)
+	}
+	// save in file
+	err = getter.SaveInFile(attackTracks, filepath.Join(downloadInfo.Path, downloadInfo.FileName))
+	if err != nil {
+		return err
+	}
+	logger.L().Success("Downloaded", helpers.String("attack tracks", downloadInfo.Target), helpers.String("path", filepath.Join(downloadInfo.Path, downloadInfo.FileName)))
+	return nil
+
+}
+
 func downloadFramework(downloadInfo *metav1.DownloadInfo) error {

 	tenant := getTenantConfig(&downloadInfo.Credentials, "", "", getKubernetesApi())

 	g := getPolicyGetter(nil, tenant.GetTenantEmail(), true, nil)

-	if downloadInfo.Name == "" {
+	if downloadInfo.Identifier == "" {
 		// if framework name not specified - download all frameworks
 		frameworks, err := g.GetFrameworks()
 		if err != nil {
@@ -149,9 +184,9 @@ func downloadFramework(downloadInfo *metav1.DownloadInfo) error {
 		// return fmt.Errorf("missing framework name")
 	} else {
 		if downloadInfo.FileName == "" {
-			downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Name)
+			downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Identifier)
 		}
-		framework, err := g.GetFramework(downloadInfo.Name)
+		framework, err := g.GetFramework(downloadInfo.Identifier)
 		if err != nil {
 			return err
 		}
@@ -174,25 +209,25 @@ func downloadControl(downloadInfo *metav1.DownloadInfo) error {

 	g := getPolicyGetter(nil, tenant.GetTenantEmail(), false, nil)

-	if downloadInfo.Name == "" {
+	if downloadInfo.Identifier == "" {
 		// TODO - support
-		return fmt.Errorf("missing control name")
+		return fmt.Errorf("missing control ID")
 	}
 	if downloadInfo.FileName == "" {
-		downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Name)
+		downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Identifier)
 	}
-	controls, err := g.GetControl(downloadInfo.Name)
+	controls, err := g.GetControl(downloadInfo.Identifier)
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to download control id '%s',  %s", downloadInfo.Identifier, err.Error())
 	}
 	if controls == nil {
-		return fmt.Errorf("failed to download control - received an empty objects")
+		return fmt.Errorf("failed to download control id '%s' - received an empty objects", downloadInfo.Identifier)
 	}
 	downloadTo := filepath.Join(downloadInfo.Path, downloadInfo.FileName)
 	err = getter.SaveInFile(controls, downloadTo)
 	if err != nil {
 		return err
 	}
-	logger.L().Success("Downloaded", helpers.String("artifact", downloadInfo.Target), helpers.String("name", downloadInfo.Name), helpers.String("path", downloadTo))
+	logger.L().Success("Downloaded", helpers.String("artifact", downloadInfo.Target), helpers.String("ID", downloadInfo.Identifier), helpers.String("path", downloadTo))
 	return nil
 }
--- a/core/core/initutils.go
+++ b/core/core/initutils.go
@@ -2,6 +2,7 @@ package core

 import (
 	"fmt"
+	"os"

 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/go-logger/helpers"
@@ -10,6 +11,8 @@ import (
 	"github.com/kubescape/kubescape/v2/core/cautils/getter"
 	"github.com/kubescape/kubescape/v2/core/pkg/hostsensorutils"
 	"github.com/kubescape/kubescape/v2/core/pkg/resourcehandler"
+	"github.com/kubescape/kubescape/v2/core/pkg/resultshandling/printer"
+	printerv2 "github.com/kubescape/kubescape/v2/core/pkg/resultshandling/printer/v2"
 	"github.com/kubescape/kubescape/v2/core/pkg/resultshandling/reporter"
 	reporterv2 "github.com/kubescape/kubescape/v2/core/pkg/resultshandling/reporter/v2"

@@ -45,8 +48,9 @@ func getExceptionsGetter(useExceptions string, accountID string, downloadRelease
 	if downloadReleasedPolicy == nil {
 		downloadReleasedPolicy = getter.NewDownloadReleasedPolicy()
 	}
-	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil {
-		logger.L().Warning("failed to get exceptions from github release, this may affect the scanning results", helpers.Error(err))
+	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil { // if failed to pull attack tracks, fallback to cache
+		logger.L().Warning("failed to get exceptions from github release, loading attack tracks from cache", helpers.Error(err))
+		return getter.NewLoadPolicy([]string{getter.GetDefaultPath(cautils.LocalExceptionsFilename)})
 	}
 	return downloadReleasedPolicy

@@ -98,7 +102,7 @@ func getHostSensorHandler(scanInfo *cautils.ScanInfo, k8s *k8sinterface.Kubernet
 	// we need to determined which controls needs host scanner
 	if scanInfo.HostSensorEnabled.Get() == nil && hasHostSensorControls {
 		scanInfo.HostSensorEnabled.SetBool(false) // default - do not run host scanner
-		logger.L().Warning("Kubernetes cluster nodes scanning is disabled. This is required to collect valuable data for certain controls. You can enable it using  the --enable-host-scan flag")
+		logger.L().Warning("Kubernetes cluster nodes scanning is disabled. This is required to collect valuable data for certain controls. You can enable it using the --enable-host-scan flag")
 	}
 	if hostSensorVal := scanInfo.HostSensorEnabled.Get(); hostSensorVal != nil && *hostSensorVal {
 		hostSensorHandler, err := hostsensorutils.NewHostSensorHandler(k8s, scanInfo.HostSensorYamlPath)
@@ -121,18 +125,18 @@ func getFieldSelector(scanInfo *cautils.ScanInfo) resourcehandler.IFieldSelector
 	return &resourcehandler.EmptySelector{}
 }

-func policyIdentifierNames(pi []cautils.PolicyIdentifier) string {
-	policiesNames := ""
+func policyIdentifierIdentities(pi []cautils.PolicyIdentifier) string {
+	policiesIdentities := ""
 	for i := range pi {
-		policiesNames += pi[i].Name
+		policiesIdentities += pi[i].Identifier
 		if i+1 < len(pi) {
-			policiesNames += ","
+			policiesIdentities += ","
 		}
 	}
-	if policiesNames == "" {
-		policiesNames = "all"
+	if policiesIdentities == "" {
+		policiesIdentities = "all"
 	}
-	return policiesNames
+	return policiesIdentities
 }

 // setSubmitBehavior - Setup the desired cluster behavior regarding submitting to the Kubescape Cloud BE
@@ -247,8 +251,19 @@ func getAttackTracksGetter(accountID string, downloadReleasedPolicy *getter.Down
 	if downloadReleasedPolicy == nil {
 		downloadReleasedPolicy = getter.NewDownloadReleasedPolicy()
 	}
-	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil {
-		logger.L().Warning("failed to get attack tracks from github release, this may affect the scanning results", helpers.Error(err))
+	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil { // if failed to pull attack tracks, fallback to cache
+		logger.L().Warning("failed to get attack tracks from github release, loading attack tracks from cache", helpers.Error(err))
+		return getter.NewLoadPolicy([]string{getter.GetDefaultPath(cautils.LocalAttackTracksFilename)})
 	}
 	return downloadReleasedPolicy
 }
+
+// getUIPrinter returns a printer that will be used to print to the program’s UI (terminal)
+func getUIPrinter(verboseMode bool, formatVersion string, viewType cautils.ViewTypes) printer.IPrinter {
+	p := printerv2.NewPrettyPrinter(verboseMode, formatVersion, viewType)
+
+	// Since the UI of the program is a CLI (Stdout), it means that it should always print to Stdout
+	p.SetWriter(os.Stdout.Name())
+
+	return p
+}
--- a/core/core/initutils_test.go
+++ b/core/core/initutils_test.go
@@ -0,0 +1,39 @@
+package core
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/kubescape/kubescape/v2/core/cautils"
+)
+
+func Test_getUIPrinter(t *testing.T) {
+	scanInfo := &cautils.ScanInfo{
+		FormatVersion: "v2",
+		VerboseMode:   true,
+		View:          "control",
+	}
+	wantFormatVersion := scanInfo.FormatVersion
+	wantVerboseMode := scanInfo.VerboseMode
+	wantViewType := cautils.ViewTypes(scanInfo.View)
+
+	got := getUIPrinter(scanInfo.VerboseMode, scanInfo.FormatVersion, cautils.ViewTypes(scanInfo.View))
+
+	gotValue := reflect.ValueOf(got).Elem()
+	gotFormatVersion := gotValue.FieldByName("formatVersion").String()
+	gotVerboseMode := gotValue.FieldByName("verboseMode").Bool()
+	gotViewType := cautils.ViewTypes(gotValue.FieldByName("viewType").String())
+
+	if gotFormatVersion != wantFormatVersion {
+		t.Errorf("Got: %s, want: %s", gotFormatVersion, wantFormatVersion)
+	}
+
+	if gotVerboseMode != wantVerboseMode {
+		t.Errorf("Got: %t, want: %t", gotVerboseMode, wantVerboseMode)
+	}
+
+	if gotViewType != wantViewType {
+		t.Errorf("Got: %v, want: %v", gotViewType, wantViewType)
+	}
+
+}
--- a/core/core/list.go
+++ b/core/core/list.go
@@ -112,7 +112,7 @@ func jsonListFormat(targetPolicy string, policies []string) {
 func prettyPrintControls(policies []string) {
 	controlsTable := tablewriter.NewWriter(printer.GetWriter(""))
 	controlsTable.SetAutoWrapText(true)
-	controlsTable.SetHeader([]string{"Control ID", "Control Name", "Docs"})
+	controlsTable.SetHeader([]string{"Control ID", "Control Name", "Docs", "Frameworks"})
 	controlsTable.SetHeaderLine(true)
 	controlsTable.SetRowLine(true)
 	data := v2.Matrix{}
@@ -128,12 +128,12 @@ func generateControlRows(policies []string) [][]string {
 	rows := [][]string{}

 	for _, control := range policies {
-		idAndControl := strings.Split(control, "|")
-		id, control := idAndControl[0], idAndControl[1]
+		idAndControlAndFrameworks := strings.Split(control, "|")
+		id, control, framework := idAndControlAndFrameworks[0], idAndControlAndFrameworks[1], idAndControlAndFrameworks[2]

 		docs := cautils.GetControlLink(id)

-		currentRow := []string{id, control, docs}
+		currentRow := []string{id, control, docs, framework}

 		rows = append(rows, currentRow)
 	}
--- a/core/core/scan.go
+++ b/core/core/scan.go
@@ -27,7 +27,8 @@ type componentInterfaces struct {
 	tenantConfig      cautils.ITenantConfig
 	resourceHandler   resourcehandler.IResourceHandler
 	report            reporter.IReport
-	printerHandler    printer.IPrinter
+	outputPrinters    []printer.IPrinter
+	uiPrinter         printer.IPrinter
 	hostSensorHandler hostsensorutils.IHostSensor
 }

@@ -54,12 +55,16 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 		if err := tenantConfig.SetTenant(); err != nil {
 			logger.L().Error(err.Error())
 		}
+
+		if scanInfo.OmitRawResources {
+			logger.L().Warning("omit-raw-resources flag will be ignored in submit mode")
+		}
 	}

 	// ================== version testing ======================================

 	v := cautils.NewIVersionCheckHandler()
-	v.CheckLatestVersion(cautils.NewVersionCheckRequest(cautils.BuildNumber, policyIdentifierNames(scanInfo.PolicyIdentifier), "", cautils.ScanningContextToScanningScope(scanInfo.GetScanningContext())))
+	v.CheckLatestVersion(cautils.NewVersionCheckRequest(cautils.BuildNumber, policyIdentifierIdentities(scanInfo.PolicyIdentifier), "", cautils.ScanningContextToScanningScope(scanInfo.GetScanningContext())))

 	// ================== setup host scanner object ======================================

@@ -89,9 +94,17 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 	// reporting behavior - setup reporter
 	reportHandler := getReporter(tenantConfig, scanInfo.ScanID, scanInfo.Submit, scanInfo.FrameworkScan, scanInfo.GetScanningContext())

-	// setup printer
-	printerHandler := resultshandling.NewPrinter(scanInfo.Format, scanInfo.FormatVersion, scanInfo.VerboseMode, cautils.ViewTypes(scanInfo.View))
-	printerHandler.SetWriter(scanInfo.Output)
+	// setup printers
+	formats := scanInfo.Formats()
+
+	outputPrinters := make([]printer.IPrinter, 0)
+	for _, format := range formats {
+		printerHandler := resultshandling.NewPrinter(format, scanInfo.FormatVersion, scanInfo.VerboseMode, cautils.ViewTypes(scanInfo.View))
+		printerHandler.SetWriter(scanInfo.Output)
+		outputPrinters = append(outputPrinters, printerHandler)
+	}
+
+	uiPrinter := getUIPrinter(scanInfo.VerboseMode, scanInfo.FormatVersion, cautils.ViewTypes(scanInfo.View))

 	// ================== return interface ======================================

@@ -99,7 +112,8 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 		tenantConfig:      tenantConfig,
 		resourceHandler:   resourceHandler,
 		report:            reportHandler,
-		printerHandler:    printerHandler,
+		outputPrinters:    outputPrinters,
+		uiPrinter:         uiPrinter,
 		hostSensorHandler: hostSensorHandler,
 	}
 }
@@ -137,7 +151,7 @@ func (ks *Kubescape) Scan(scanInfo *cautils.ScanInfo) (*resultshandling.ResultsH
 		}
 	}()

-	resultsHandling := resultshandling.NewResultsHandler(interfaces.report, interfaces.printerHandler)
+	resultsHandling := resultshandling.NewResultsHandler(interfaces.report, interfaces.outputPrinters, interfaces.uiPrinter)

 	// ===================== policies & resources =====================
 	policyHandler := policyhandler.NewPolicyHandler(interfaces.resourceHandler)
--- a/core/meta/datastructures/v1/download.go
+++ b/core/meta/datastructures/v1/download.go
@@ -6,6 +6,6 @@ type DownloadInfo struct {
 	Path        string // directory to save artifact. Default is "~/.kubescape/"
 	FileName    string // can be empty
 	Target      string // type of artifact to download
-	Name        string // name of artifact to download
+	Identifier  string // identifier of artifact to download
 	Credentials cautils.Credentials
 }
--- a/core/pkg/hostsensorutils/hostsensor.yaml
+++ b/core/pkg/hostsensorutils/hostsensor.yaml
@@ -36,8 +36,9 @@ spec:
        effect: NoSchedule
      containers:
      - name: host-sensor
-        image: quay.io/kubescape/host-scanner:v1.0.32
+        image: quay.io/kubescape/host-scanner:v1.0.39
        securityContext:
+          allowPrivilegeEscalation: true
          privileged: true
          readOnlyRootFilesystem: true
          procMount: Unmasked
--- a/core/pkg/hostsensorutils/hostsensorgetfrompod.go
+++ b/core/pkg/hostsensorutils/hostsensorgetfrompod.go
@@ -3,6 +3,7 @@ package hostsensorutils
 import (
 	"encoding/json"
 	"fmt"
+	"strings"
 	"sync"

 	logger "github.com/kubescape/go-logger"
@@ -99,6 +100,30 @@ func (hsh *HostSensorHandler) sendAllPodsHTTPGETRequest(path, requestKind string
 	return res, nil
 }

+// return host-scanner version
+func (hsh *HostSensorHandler) GetVersion() (string, error) {
+	// loop over pods and port-forward it to each of them
+	podList, err := hsh.getPodList()
+	if err != nil {
+		return "", fmt.Errorf("failed to sendAllPodsHTTPGETRequest: %v", err)
+	}
+
+	// initialization of the channels
+	hsh.workerPool.init(len(podList))
+	hsh.workerPool.hostSensorApplyJobs(podList, "/version", "version")
+	for job := range hsh.workerPool.jobs {
+		resBytes, err := hsh.HTTPGetToPod(job.podName, job.path)
+		if err != nil {
+			return "", err
+		} else {
+			version := strings.ReplaceAll(string(resBytes), "\"", "")
+			version = strings.ReplaceAll(version, "\n", "")
+			return version, nil
+		}
+	}
+	return "", nil
+}
+
 // return list of LinuxKernelVariables
 func (hsh *HostSensorHandler) GetKernelVariables() ([]hostsensor.HostSensorDataEnvelope, error) {
 	// loop over pods and port-forward it to each of them
@@ -135,6 +160,12 @@ func (hsh *HostSensorHandler) GetControlPlaneInfo() ([]hostsensor.HostSensorData
 	return hsh.sendAllPodsHTTPGETRequest("/controlPlaneInfo", ControlPlaneInfo)
 }

+// return list of KubeProxyInfo
+func (hsh *HostSensorHandler) GetCloudProviderInfo() ([]hostsensor.HostSensorDataEnvelope, error) {
+	// loop over pods and port-forward it to each of them
+	return hsh.sendAllPodsHTTPGETRequest("/cloudProviderInfo", CloudProviderInfo)
+}
+
 // return list of KubeletCommandLine
 func (hsh *HostSensorHandler) GetKubeletCommandLine() ([]hostsensor.HostSensorDataEnvelope, error) {
 	// loop over pods and port-forward it to each of them
@@ -192,6 +223,16 @@ func (hsh *HostSensorHandler) CollectResources() ([]hostsensor.HostSensorDataEnv
 	var kcData []hostsensor.HostSensorDataEnvelope
 	var err error
 	logger.L().Debug("Accessing host scanner")
+	version, err := hsh.GetVersion()
+	if err != nil {
+		logger.L().Warning(err.Error())
+	}
+	if len(version) > 0 {
+		logger.L().Info("Host scanner version : " + version)
+	} else {
+		logger.L().Info("Unknown host scanner version")
+	}
+	//
 	kcData, err = hsh.GetKubeletConfigurations()
 	if err != nil {
 		addInfoToMap(KubeletConfiguration, infoMap, err)
@@ -285,6 +326,16 @@ func (hsh *HostSensorHandler) CollectResources() ([]hostsensor.HostSensorDataEnv
 		res = append(res, kcData...)
 	}

+	// GetCloudProviderInfo
+	kcData, err = hsh.GetCloudProviderInfo()
+	if err != nil {
+		addInfoToMap(CloudProviderInfo, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
+	}
+
 	logger.L().Debug("Done reading information from host scanner")
 	return res, infoMap, nil
 }
--- a/core/pkg/hostsensorutils/utils.go
+++ b/core/pkg/hostsensorutils/utils.go
@@ -16,6 +16,7 @@ var (
 	KubeletInfo                  = "KubeletInfo"
 	KubeProxyInfo                = "KubeProxyInfo"
 	ControlPlaneInfo             = "ControlPlaneInfo"
+	CloudProviderInfo            = "CloudProviderInfo"

 	MapHostSensorResourceToApiGroup = map[string]string{
 		KubeletConfiguration:         "hostdata.kubescape.cloud/v1beta0",
@@ -28,6 +29,7 @@ var (
 		KubeletInfo:                  "hostdata.kubescape.cloud/v1beta0",
 		KubeProxyInfo:                "hostdata.kubescape.cloud/v1beta0",
 		ControlPlaneInfo:             "hostdata.kubescape.cloud/v1beta0",
+		CloudProviderInfo:            "hostdata.kubescape.cloud/v1beta0",
 	}
 )

--- a/core/pkg/opaprocessor/processorhandler.go
+++ b/core/pkg/opaprocessor/processorhandler.go
@@ -35,6 +35,7 @@ type OPAProcessor struct {
 func NewOPAProcessor(sessionObj *cautils.OPASessionObj, regoDependenciesData *resources.RegoDependenciesData) *OPAProcessor {
 	if regoDependenciesData != nil && sessionObj != nil {
 		regoDependenciesData.PostureControlInputs = sessionObj.RegoInputData.PostureControlInputs
+		regoDependenciesData.DataControlInputs = sessionObj.RegoInputData.DataControlInputs
 	}
 	return &OPAProcessor{
 		OPASessionObj:        sessionObj,
@@ -153,12 +154,16 @@ func (opap *OPAProcessor) processControl(control *reporthandling.Control) (map[s
 func (opap *OPAProcessor) processRule(rule *reporthandling.PolicyRule, fixedControlInputs map[string][]string) (map[string]*resourcesresults.ResourceAssociatedRule, error) {

 	postureControlInputs := opap.regoDependenciesData.GetFilteredPostureControlInputs(rule.ConfigInputs) // get store
+	dataControlInputs := map[string]string{"cloudProvider": opap.OPASessionObj.Report.ClusterCloudProvider}

 	// Merge configurable control input and fixed control input
 	for k, v := range fixedControlInputs {
 		postureControlInputs[k] = v
 	}

+	RuleRegoDependenciesData := resources.RegoDependenciesData{DataControlInputs: dataControlInputs,
+		PostureControlInputs: postureControlInputs}
+
 	inputResources, err := reporthandling.RegoResourcesAggregator(rule, getAllSupportedObjects(opap.K8SResources, opap.ArmoResource, opap.AllResources, rule))
 	if err != nil {
 		return nil, fmt.Errorf("error getting aggregated k8sObjects: %s", err.Error())
@@ -185,7 +190,7 @@ func (opap *OPAProcessor) processRule(rule *reporthandling.PolicyRule, fixedCont
 		opap.AllResources[inputResources[i].GetID()] = inputResources[i]
 	}

-	ruleResponses, err := opap.runOPAOnSingleRule(rule, inputRawResources, ruleData, postureControlInputs)
+	ruleResponses, err := opap.runOPAOnSingleRule(rule, inputRawResources, ruleData, RuleRegoDependenciesData)
 	if err != nil {
 		// TODO - Handle error
 		logger.L().Error(err.Error())
@@ -217,16 +222,16 @@ func (opap *OPAProcessor) processRule(rule *reporthandling.PolicyRule, fixedCont
 	return resources, err
 }

-func (opap *OPAProcessor) runOPAOnSingleRule(rule *reporthandling.PolicyRule, k8sObjects []map[string]interface{}, getRuleData func(*reporthandling.PolicyRule) string, postureControlInputs map[string][]string) ([]reporthandling.RuleResponse, error) {
+func (opap *OPAProcessor) runOPAOnSingleRule(rule *reporthandling.PolicyRule, k8sObjects []map[string]interface{}, getRuleData func(*reporthandling.PolicyRule) string, ruleRegoDependenciesData resources.RegoDependenciesData) ([]reporthandling.RuleResponse, error) {
 	switch rule.RuleLanguage {
 	case reporthandling.RegoLanguage, reporthandling.RegoLanguage2:
-		return opap.runRegoOnK8s(rule, k8sObjects, getRuleData, postureControlInputs)
+		return opap.runRegoOnK8s(rule, k8sObjects, getRuleData, ruleRegoDependenciesData)
 	default:
 		return nil, fmt.Errorf("rule: '%s', language '%v' not supported", rule.Name, rule.RuleLanguage)
 	}
 }

-func (opap *OPAProcessor) runRegoOnK8s(rule *reporthandling.PolicyRule, k8sObjects []map[string]interface{}, getRuleData func(*reporthandling.PolicyRule) string, postureControlInputs map[string][]string) ([]reporthandling.RuleResponse, error) {
+func (opap *OPAProcessor) runRegoOnK8s(rule *reporthandling.PolicyRule, k8sObjects []map[string]interface{}, getRuleData func(*reporthandling.PolicyRule) string, ruleRegoDependenciesData resources.RegoDependenciesData) ([]reporthandling.RuleResponse, error) {

 	// compile modules
 	modules, err := getRuleDependencies()
@@ -239,7 +244,7 @@ func (opap *OPAProcessor) runRegoOnK8s(rule *reporthandling.PolicyRule, k8sObjec
 		return nil, fmt.Errorf("in 'runRegoOnSingleRule', failed to compile rule, name: %s, reason: %s", rule.Name, err.Error())
 	}

-	store, err := resources.TOStorage(postureControlInputs)
+	store, err := ruleRegoDependenciesData.TOStorage()
 	if err != nil {
 		return nil, err
 	}
@@ -282,8 +287,12 @@ func (opap *OPAProcessor) enumerateData(rule *reporthandling.PolicyRule, k8sObje
 		return k8sObjects, nil
 	}
 	postureControlInputs := opap.regoDependenciesData.GetFilteredPostureControlInputs(rule.ConfigInputs)
+	dataControlInputs := map[string]string{"cloudProvider": opap.OPASessionObj.Report.ClusterCloudProvider}

-	ruleResponse, err := opap.runOPAOnSingleRule(rule, k8sObjects, ruleEnumeratorData, postureControlInputs)
+	RuleRegoDependenciesData := resources.RegoDependenciesData{DataControlInputs: dataControlInputs,
+		PostureControlInputs: postureControlInputs}
+
+	ruleResponse, err := opap.runOPAOnSingleRule(rule, k8sObjects, ruleEnumeratorData, RuleRegoDependenciesData)
 	if err != nil {
 		return nil, err
 	}
--- a/core/pkg/policyhandler/handlenotification.go
+++ b/core/pkg/policyhandler/handlenotification.go
@@ -3,9 +3,16 @@ package policyhandler
 import (
 	"fmt"

+	cloudsupportv1 "github.com/kubescape/k8s-interface/cloudsupport/v1"
+	helpersv1 "github.com/kubescape/opa-utils/reporthandling/helpers/v1"
+	reportv2 "github.com/kubescape/opa-utils/reporthandling/v2"
+
 	"github.com/armosec/armoapi-go/armotypes"
+	"github.com/kubescape/k8s-interface/cloudsupport"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/kubescape/v2/core/pkg/resourcehandler"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
 )

 // PolicyHandler -
@@ -49,6 +56,10 @@ func (policyHandler *PolicyHandler) CollectResources(policyIdentifier []cautils.
 func (policyHandler *PolicyHandler) getResources(policyIdentifier []cautils.PolicyIdentifier, opaSessionObj *cautils.OPASessionObj, scanInfo *cautils.ScanInfo) error {
 	opaSessionObj.Report.ClusterAPIServerInfo = policyHandler.resourceHandler.GetClusterAPIServerInfo()

+	if cloudMetadata := getCloudMetadata(opaSessionObj); cloudMetadata != nil {
+		opaSessionObj.Metadata.ContextMetadata.ClusterContextMetadata.CloudMetadata = reportv2.NewCloudMetadata(cloudMetadata)
+	}
+
 	resourcesMap, allResources, ksResources, err := policyHandler.resourceHandler.GetResources(opaSessionObj, &policyIdentifier[0].Designators)
 	if err != nil {
 		return err
@@ -67,3 +78,40 @@ func getDesignator(policyIdentifier []cautils.PolicyIdentifier) *armotypes.Porta
 	}
 	return &armotypes.PortalDesignator{}
 }
+
+func setCloudMetadata(opaSessionObj *cautils.OPASessionObj) {
+	cloudMetadata := getCloudMetadata(opaSessionObj)
+	if cloudMetadata == nil {
+		return
+
+	}
+	opaSessionObj.Report.Metadata.ClusterMetadata.CloudMetadata = reportv2.NewCloudMetadata(cloudMetadata)
+	opaSessionObj.Report.Metadata.ContextMetadata.ClusterContextMetadata.CloudMetadata = reportv2.NewCloudMetadata(cloudMetadata)
+	opaSessionObj.Report.ClusterCloudProvider = string(cloudMetadata.Provider()) // Fallback
+}
+
+func getCloudMetadata(opaSessionObj *cautils.OPASessionObj) apis.ICloudParser {
+
+	var provider string
+	context := k8sinterface.GetContextName()
+
+	// attempting to get cloud provider from API server git version
+	if opaSessionObj.Report.ClusterAPIServerInfo != nil {
+		provider = cloudsupport.GetCloudProvider(opaSessionObj.Report.ClusterAPIServerInfo.GitVersion)
+	}
+
+	if provider == "" {
+		// Fallback - get provider from context
+		provider = cloudsupport.GetCloudProvider(context)
+	}
+
+	switch provider {
+	case cloudsupportv1.GKE:
+		return helpersv1.NewGKEMetadata(context)
+	case cloudsupportv1.EKS:
+		return helpersv1.NewEKSMetadata(context)
+		// case cloudsupportv1.AKS: TODO: Implement AKS support
+		// 	return helpersv1.NewAKSMetadata()
+	}
+	return nil
+}
--- a/core/pkg/policyhandler/handlenotification_test.go
+++ b/core/pkg/policyhandler/handlenotification_test.go
@@ -0,0 +1,45 @@
+package policyhandler
+
+import (
+	"testing"
+
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
+
+	"github.com/kubescape/opa-utils/reporthandling/apis"
+	helpersv1 "github.com/kubescape/opa-utils/reporthandling/helpers/v1"
+
+	"github.com/kubescape/kubescape/v2/core/cautils"
+	"k8s.io/apimachinery/pkg/version"
+)
+
+func Test_getCloudMetadata(t *testing.T) {
+	type args struct {
+		opaSessionObj *cautils.OPASessionObj
+	}
+	tests := []struct {
+		want apis.ICloudParser
+		args args
+		name string
+	}{
+		{
+			name: "Test_getCloudMetadata",
+			args: args{
+				opaSessionObj: &cautils.OPASessionObj{
+					Report: &reporthandlingv2.PostureReport{
+						ClusterAPIServerInfo: &version.Info{
+							GitVersion: "v1.25.4-gke.1600",
+						},
+					},
+				},
+			},
+			want: helpersv1.NewGKEMetadata(""),
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if got := getCloudMetadata(tt.args.opaSessionObj); got.Provider() != tt.want.Provider() {
+				t.Errorf("getCloudMetadata() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
--- a/core/pkg/policyhandler/handlepullpolicies.go
+++ b/core/pkg/policyhandler/handlepullpolicies.go
@@ -56,14 +56,16 @@ func (policyHandler *PolicyHandler) getScanPolicies(policyIdentifier []cautils.P
 	switch getScanKind(policyIdentifier) {
 	case apisv1.KindFramework: // Download frameworks
 		for _, rule := range policyIdentifier {
-			receivedFramework, err := policyHandler.getters.PolicyGetter.GetFramework(rule.Name)
+			receivedFramework, err := policyHandler.getters.PolicyGetter.GetFramework(rule.Identifier)
 			if err != nil {
 				return frameworks, policyDownloadError(err)
 			}
+			if err := validateFramework(receivedFramework); err != nil {
+				return frameworks, err
+			}
 			if receivedFramework != nil {
 				frameworks = append(frameworks, *receivedFramework)
-
-				cache := getter.GetDefaultPath(rule.Name + ".json")
+				cache := getter.GetDefaultPath(rule.Identifier + ".json")
 				if err := getter.SaveInFile(receivedFramework, cache); err != nil {
 					logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
 				}
@@ -73,15 +75,15 @@ func (policyHandler *PolicyHandler) getScanPolicies(policyIdentifier []cautils.P
 		f := reporthandling.Framework{}
 		var receivedControl *reporthandling.Control
 		var err error
-		for _, rule := range policyIdentifier {
-			receivedControl, err = policyHandler.getters.PolicyGetter.GetControl(rule.Name)
+		for _, policy := range policyIdentifier {
+			receivedControl, err = policyHandler.getters.PolicyGetter.GetControl(policy.Identifier)
 			if err != nil {
 				return frameworks, policyDownloadError(err)
 			}
 			if receivedControl != nil {
 				f.Controls = append(f.Controls, *receivedControl)

-				cache := getter.GetDefaultPath(rule.Name + ".json")
+				cache := getter.GetDefaultPath(policy.Identifier + ".json")
 				if err := getter.SaveInFile(receivedControl, cache); err != nil {
 					logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
 				}
@@ -98,7 +100,7 @@ func (policyHandler *PolicyHandler) getScanPolicies(policyIdentifier []cautils.P
 func policyIdentifierToSlice(rules []cautils.PolicyIdentifier) []string {
 	s := []string{}
 	for i := range rules {
-		s = append(s, fmt.Sprintf("%s: %s", rules[i].Kind, rules[i].Name))
+		s = append(s, fmt.Sprintf("%s: %s", rules[i].Kind, rules[i].Identifier))
 	}
 	return s
 }
--- a/core/pkg/policyhandler/handlepullpolicies_test.go
+++ b/core/pkg/policyhandler/handlepullpolicies_test.go
@@ -1,23 +0,0 @@
-package policyhandler
-
-// func TestGetPoliciesFromBackend(t *testing.T) {
-// 	notification := reporthandling.PolicyNotification{
-// 		Rules: []reporthandling.PolicyIdentifier{
-// 			{
-// 				Kind: reporthandling.KindFramework,
-// 				Name: "mitretest",
-// 			},
-// 		},
-// 	}
-// 	// os.Setenv(cacli., "")
-// 	ph := PolicyHandler{
-// 		cacli: &cacli.Cacli{},
-// 	}
-// 	f, err := ph.GetPoliciesFromBackend(&notification)
-// 	if err != nil {
-// 		t.Error(err)
-// 	}
-// 	if len(f) == 0 {
-// 		t.Errorf("empty")
-// 	}
-// }
--- a/core/pkg/policyhandler/handlepullpoliciesutils.go
+++ b/core/pkg/policyhandler/handlepullpoliciesutils.go
@@ -5,6 +5,7 @@ import (
 	"strings"

 	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
+	"github.com/kubescape/opa-utils/reporthandling"

 	"github.com/kubescape/kubescape/v2/core/cautils"
 )
@@ -21,3 +22,16 @@ func policyDownloadError(err error) error {
 	}
 	return err
 }
+
+// validate the framework
+func validateFramework(framework *reporthandling.Framework) error {
+	if framework == nil {
+		return fmt.Errorf("received empty framework")
+	}
+
+	// validate the controls are not empty
+	if len(framework.Controls) == 0 {
+		return fmt.Errorf("failed to load controls for framework: %s: empty list of controls", framework.Name)
+	}
+	return nil
+}
--- a/core/pkg/policyhandler/handlepullpoliciesutils_test.go
+++ b/core/pkg/policyhandler/handlepullpoliciesutils_test.go
@@ -0,0 +1,48 @@
+package policyhandler
+
+import (
+	"testing"
+
+	"github.com/kubescape/opa-utils/reporthandling"
+)
+
+func Test_validateFramework(t *testing.T) {
+	type args struct {
+		framework *reporthandling.Framework
+	}
+	tests := []struct {
+		name    string
+		args    args
+		wantErr bool
+	}{
+		{
+			name: "empty framework",
+			args: args{
+				framework: &reporthandling.Framework{
+					Controls: []reporthandling.Control{},
+				},
+			},
+			wantErr: true,
+		},
+		{
+			name: "none empty framework",
+			args: args{
+				framework: &reporthandling.Framework{
+					Controls: []reporthandling.Control{
+						{
+							ControlID: "c-0001",
+						},
+					},
+				},
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if err := validateFramework(tt.args.framework); (err != nil) != tt.wantErr {
+				t.Errorf("validateControls() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}
--- a/core/pkg/registryadaptors/registryvulnerabilities/datastructures.go
+++ b/core/pkg/registryadaptors/registryvulnerabilities/datastructures.go
@@ -43,7 +43,7 @@ type Vulnerability struct {
 	Categories               Categories  `json:"categories"`
 	NoteName                 string      `json:",omitempty"`
 	CreateTime               time.Time   `json:",omitempty"`
-	UpdateTime               time.Time      `json:",omitempty"` // Vulnerablity started
+	UpdateTime               time.Time   `json:",omitempty"` // Vulnerablity started
 	CVSS                     float32     `json:",omitempty"` // other cvss versions are available
 	AffectedCPEURI           string      `json:",omitempty"` // Package issue
 	AffectedPackage          string      `json:",omitempty"`
--- a/core/pkg/resourcehandler/filesloader.go
+++ b/core/pkg/resourcehandler/filesloader.go
@@ -76,9 +76,10 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess

 	}

-	if err := fileHandler.registryAdaptors.collectImagesVulnerabilities(k8sResources, allResources, ksResources); err != nil {
-		logger.L().Warning("failed to collect images vulnerabilities", helpers.Error(err))
-	}
+	// Should Kubescape scan image related controls when scanning local files?
+	// if err := fileHandler.registryAdaptors.collectImagesVulnerabilities(k8sResources, allResources, ksResources); err != nil {
+	// 	logger.L().Warning("failed to collect images vulnerabilities", helpers.Error(err))
+	// }

 	cautils.StopSpinner()
 	logger.L().Success("Done accessing local objects")
@@ -103,6 +104,8 @@ func getResourcesFromPath(path string) (map[string]reporthandling.Source, []work
 	gitRepo, err := cautils.NewLocalGitRepository(path)
 	if err == nil && gitRepo != nil {
 		repoRoot, _ = gitRepo.GetRootDir()
+	} else {
+		repoRoot, _ = filepath.Abs(path)
 	}

 	// load resource from local file system
@@ -141,7 +144,7 @@ func getResourcesFromPath(path string) (map[string]reporthandling.Source, []work
 		}

 		workloadSource := reporthandling.Source{
-			RelativePath: source,
+			RelativePath: relSource,
 			FileType:     filetype,
 			LastCommit:   lastCommit,
 		}
--- a/core/pkg/resourcehandler/filesloaderutils.go
+++ b/core/pkg/resourcehandler/filesloaderutils.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"path/filepath"

-	giturl "github.com/armosec/go-git-url"
+	giturl "github.com/kubescape/go-git-url"
 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/go-logger/helpers"
 	"github.com/kubescape/k8s-interface/k8sinterface"
--- a/core/pkg/resourcehandler/k8sresources.go
+++ b/core/pkg/resourcehandler/k8sresources.go
@@ -88,7 +88,6 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 		logger.L().Info("Requesting images vulnerabilities results")
 		cautils.StartSpinner()
 		if err := k8sHandler.registryAdaptors.collectImagesVulnerabilities(k8sResourcesMap, allResources, ksResourceMap); err != nil {
-			logger.L().Warning("failed to collect image vulnerabilities", helpers.Error(err))
 			cautils.SetInfoMapForResources(fmt.Sprintf("failed to pull image scanning data: %s. for more information: https://hub.armosec.io/docs/configuration-of-image-vulnerabilities", err.Error()), imgVulnResources, sessionObj.InfoMap)
 		} else {
 			if isEmptyImgVulns(*ksResourceMap) {
--- a/core/pkg/resourcehandler/k8sresourcesutils.go
+++ b/core/pkg/resourcehandler/k8sresourcesutils.go
@@ -23,6 +23,7 @@ var (
 	KubeletInfo                  = "KubeletInfo"
 	KubeProxyInfo                = "KubeProxyInfo"
 	ControlPlaneInfo             = "ControlPlaneInfo"
+	CloudProviderInfo            = "CloudProviderInfo"

 	MapResourceToApiGroup = map[string]string{
 		KubeletConfiguration:         "hostdata.kubescape.cloud/v1beta0",
@@ -35,6 +36,7 @@ var (
 		KubeletInfo:                  "hostdata.kubescape.cloud/v1beta0",
 		KubeProxyInfo:                "hostdata.kubescape.cloud/v1beta0",
 		ControlPlaneInfo:             "hostdata.kubescape.cloud/v1beta0",
+		CloudProviderInfo:            "hostdata.kubescape.cloud/v1beta0",
 	}
 	MapResourceToApiGroupVuln = map[string][]string{
 		ImageVulnerabilities: {"armo.vuln.images/v1", "image.vulnscan.com/v1"}}
--- a/core/pkg/resourcehandler/registrydata.go
+++ b/core/pkg/resourcehandler/registrydata.go
@@ -8,8 +8,8 @@ import (
 	"github.com/kubescape/k8s-interface/workloadinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/kubescape/v2/core/cautils/getter"
-	gcpadaptorv1 "github.com/kubescape/kubescape/v2/core/pkg/registryadaptors/gcp/v1"
 	armosecadaptorv1 "github.com/kubescape/kubescape/v2/core/pkg/registryadaptors/armosec/v1"
+	gcpadaptorv1 "github.com/kubescape/kubescape/v2/core/pkg/registryadaptors/gcp/v1"
 	"github.com/kubescape/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"

 	"github.com/kubescape/opa-utils/shared"
--- a/core/pkg/resourcehandler/remotegitutils.go
+++ b/core/pkg/resourcehandler/remotegitutils.go
@@ -6,11 +6,11 @@ import (
 	nethttp "net/http"
 	"os"

-	giturl "github.com/armosec/go-git-url"
 	"github.com/go-git/go-git/v5"
 	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/go-git/go-git/v5/plumbing/transport"
 	"github.com/go-git/go-git/v5/plumbing/transport/http"
+	giturl "github.com/kubescape/go-git-url"
 )

 // To Check if the given repository is Public(No Authentication needed), send a HTTP GET request to the URL
@@ -38,6 +38,17 @@ func isGitTokenPresent(gitURL giturl.IGitAPI) bool {
 	return true
 }

+// Get the error message according to the provider
+func getProviderError(gitURL giturl.IGitAPI) error {
+	switch gitURL.GetProvider(){
+	case "github":
+		return fmt.Errorf("%w", errors.New("GITHUB_TOKEN is not present"))
+	case "gitlab":
+		return fmt.Errorf("%w", errors.New("GITLAB_TOKEN is not present"))
+	}
+	return fmt.Errorf("%w", errors.New("unable to find the host name"))
+}
+
 // cloneRepo clones a repository to a local temporary directory and returns the directory
 func cloneRepo(gitURL giturl.IGitAPI) (string, error) {

@@ -60,9 +71,9 @@ func cloneRepo(gitURL giturl.IGitAPI) (string, error) {
 		auth = nil
 	} else {

-		// Return Error if the GITHUB_TOKEN is not present
+		// Return Error if the AUTH_TOKEN is not present
 		if isGitTokenPresent := isGitTokenPresent(gitURL); !isGitTokenPresent {
-			return "", fmt.Errorf("%w", errors.New("GITHUB_TOKEN is not present"))
+			return "", getProviderError(gitURL)
 		}
 		auth = &http.BasicAuth{
 			Username: "anything Except Empty String",
--- a/core/pkg/resourcehandler/urlloader.go
+++ b/core/pkg/resourcehandler/urlloader.go
@@ -1,7 +1,7 @@
 package resourcehandler

 import (
-	giturl "github.com/armosec/go-git-url"
+	giturl "github.com/kubescape/go-git-url"
 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/go-logger/helpers"
 	"github.com/kubescape/k8s-interface/workloadinterface"
--- a/core/pkg/resourcesprioritization/prioritizationhandler.go
+++ b/core/pkg/resourcesprioritization/prioritizationhandler.go
@@ -21,7 +21,8 @@ func NewResourcesPrioritizationHandler(attackTracksGetter getter.IAttackTracksGe
 		attackTracks: make([]v1alpha1.IAttackTrack, 0),
 	}

-	if tracks, err := attackTracksGetter.GetAttackTracks(); err != nil {
+	tracks, err := attackTracksGetter.GetAttackTracks()
+	if err != nil {
 		return nil, err
 	} else {
 		for _, attackTrack := range tracks {
@@ -38,6 +39,12 @@ func NewResourcesPrioritizationHandler(attackTracksGetter getter.IAttackTracksGe
 		return nil, fmt.Errorf("expected to find at least one attack track")
 	}

+	// Store attack tracks in cache
+	cache := getter.GetDefaultPath(cautils.LocalAttackTracksFilename)
+	if err := getter.SaveInFile(tracks, cache); err != nil {
+		logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
+	}
+
 	return handler, nil
 }

--- a/core/pkg/resultshandling/printer/printresults.go
+++ b/core/pkg/resultshandling/printer/printresults.go
@@ -6,6 +6,7 @@ import (
 	"path/filepath"

 	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 )

@@ -43,3 +44,9 @@ func GetWriter(outputFile string) *os.File {
 	return os.Stdout

 }
+
+func LogOutputFile(fileName string) {
+	if fileName != os.Stdout.Name() && fileName != os.Stderr.Name() {
+		logger.L().Success("Scan results saved", helpers.String("filename", fileName))
+	}
+}
--- a/core/pkg/resultshandling/printer/v1/jsonprinter.go
+++ b/core/pkg/resultshandling/printer/v1/jsonprinter.go
@@ -1,15 +1,22 @@
-package v1
+package printer

 import (
 	"encoding/json"
 	"fmt"
 	"os"
+	"path/filepath"
+	"strings"

 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/kubescape/v2/core/pkg/resultshandling/printer"
 )

+const (
+	jsonOutputFile = "report"
+	jsonOutputExt  = ".json"
+)
+
 type JsonPrinter struct {
 	writer *os.File
 }
@@ -19,6 +26,12 @@ func NewJsonPrinter() *JsonPrinter {
 }

 func (jsonPrinter *JsonPrinter) SetWriter(outputFile string) {
+	if strings.TrimSpace(outputFile) == "" {
+		outputFile = jsonOutputFile
+	}
+	if filepath.Ext(strings.TrimSpace(outputFile)) != jsonOutputExt {
+		outputFile = outputFile + jsonOutputExt
+	}
 	jsonPrinter.writer = printer.GetWriter(outputFile)
 }

@@ -41,5 +54,12 @@ func (jsonPrinter *JsonPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj
 	if err != nil {
 		logger.L().Fatal("failed to convert posture report object")
 	}
-	jsonPrinter.writer.Write(postureReportStr)
+
+	_, err = jsonPrinter.writer.Write(postureReportStr)
+
+	if err != nil {
+		logger.L().Fatal("failed to Write posture report object into JSON output")
+	} else {
+		printer.LogOutputFile(jsonPrinter.writer.Name())
+	}
 }
--- a/core/pkg/resultshandling/printer/v1/prometheusprinter.go
+++ b/core/pkg/resultshandling/printer/v1/prometheusprinter.go
@@ -1,4 +1,4 @@
-package v1
+package printer

 import (
 	"fmt"
@@ -22,23 +22,23 @@ func NewPrometheusPrinter(verboseMode bool) *PrometheusPrinter {
 	}
 }

-func (prometheusPrinter *PrometheusPrinter) SetWriter(outputFile string) {
-	prometheusPrinter.writer = printer.GetWriter(outputFile)
+func (p *PrometheusPrinter) SetWriter(outputFile string) {
+	p.writer = printer.GetWriter(outputFile)
 }

-func (prometheusPrinter *PrometheusPrinter) Score(score float32) {
+func (p *PrometheusPrinter) Score(score float32) {
 	fmt.Printf("\n# Overall risk-score (0- Excellent, 100- All failed)\nkubescape_score %d\n", cautils.Float32ToInt(score))
 }

-func (printer *PrometheusPrinter) printResources(allResources map[string]workloadinterface.IMetadata, resourcesIDs *reporthandling.ResourcesIDs, frameworkName, controlName string) {
-	printer.printDetails(allResources, resourcesIDs.GetFailedResources(), frameworkName, controlName, "failed")
-	printer.printDetails(allResources, resourcesIDs.GetWarningResources(), frameworkName, controlName, "excluded")
-	if printer.verboseMode {
-		printer.printDetails(allResources, resourcesIDs.GetPassedResources(), frameworkName, controlName, "passed")
+func (p *PrometheusPrinter) printResources(allResources map[string]workloadinterface.IMetadata, resourcesIDs *reporthandling.ResourcesIDs, frameworkName, controlName string) {
+	p.printDetails(allResources, resourcesIDs.GetFailedResources(), frameworkName, controlName, "failed")
+	p.printDetails(allResources, resourcesIDs.GetWarningResources(), frameworkName, controlName, "excluded")
+	if p.verboseMode {
+		p.printDetails(allResources, resourcesIDs.GetPassedResources(), frameworkName, controlName, "passed")
 	}

 }
-func (printer *PrometheusPrinter) printDetails(allResources map[string]workloadinterface.IMetadata, resourcesIDs []string, frameworkName, controlName, status string) {
+func (p *PrometheusPrinter) printDetails(allResources map[string]workloadinterface.IMetadata, resourcesIDs []string, frameworkName, controlName, status string) {
 	objs := make(map[string]map[string]map[string]int)
 	for _, resourceID := range resourcesIDs {
 		resource := allResources[resourceID]
@@ -56,18 +56,18 @@ func (printer *PrometheusPrinter) printDetails(allResources map[string]workloadi
 	for gvk, namespaces := range objs {
 		for namespace, names := range namespaces {
 			for name, value := range names {
-				fmt.Fprintf(printer.writer, "# Failed object from \"%s\" control \"%s\"\n", frameworkName, controlName)
+				fmt.Fprintf(p.writer, "# Failed object from \"%s\" control \"%s\"\n", frameworkName, controlName)
 				if namespace != "" {
-					fmt.Fprintf(printer.writer, "kubescape_object_failed_count{framework=\"%s\",control=\"%s\",namespace=\"%s\",name=\"%s\",groupVersionKind=\"%s\"} %d\n", frameworkName, controlName, namespace, name, gvk, value)
+					fmt.Fprintf(p.writer, "kubescape_object_failed_count{framework=\"%s\",control=\"%s\",namespace=\"%s\",name=\"%s\",groupVersionKind=\"%s\"} %d\n", frameworkName, controlName, namespace, name, gvk, value)
 				} else {
-					fmt.Fprintf(printer.writer, "kubescape_object_failed_count{framework=\"%s\",control=\"%s\",name=\"%s\",groupVersionKind=\"%s\"} %d\n", frameworkName, controlName, name, gvk, value)
+					fmt.Fprintf(p.writer, "kubescape_object_failed_count{framework=\"%s\",control=\"%s\",name=\"%s\",groupVersionKind=\"%s\"} %d\n", frameworkName, controlName, name, gvk, value)
 				}
 			}
 		}
 	}
 }

-func (printer *PrometheusPrinter) printReports(allResources map[string]workloadinterface.IMetadata, frameworks []reporthandling.FrameworkReport) error {
+func (p *PrometheusPrinter) printReports(allResources map[string]workloadinterface.IMetadata, frameworks []reporthandling.FrameworkReport) error {
 	for _, frameworkReport := range frameworks {
 		for _, controlReport := range frameworkReport.ControlReports {
 			if controlReport.GetNumberOfResources() == 0 {
@@ -76,21 +76,24 @@ func (printer *PrometheusPrinter) printReports(allResources map[string]workloadi
 			if controlReport.Passed() {
 				continue // control passed, do not print results
 			}
-			fmt.Fprintf(printer.writer, "# Number of resources found as part of %s control %s\nkubescape_resources_found_count{framework=\"%s\",control=\"%s\"} %d\n", frameworkReport.Name, controlReport.Name, frameworkReport.Name, controlReport.Name, controlReport.GetNumberOfResources())
-			fmt.Fprintf(printer.writer, "# Number of resources excluded as part of %s control %s\nkubescape_resources_excluded_count{framework=\"%s\",control=\"%s\"} %d\n", frameworkReport.Name, controlReport.Name, frameworkReport.Name, controlReport.Name, controlReport.GetNumberOfWarningResources())
-			fmt.Fprintf(printer.writer, "# Number of resources failed as part of %s control %s\nkubescape_resources_failed_count{framework=\"%s\",control=\"%s\"} %d\n", frameworkReport.Name, controlReport.Name, frameworkReport.Name, controlReport.Name, controlReport.GetNumberOfFailedResources())
+			fmt.Fprintf(p.writer, "# Number of resources found as part of %s control %s\nkubescape_resources_found_count{framework=\"%s\",control=\"%s\"} %d\n", frameworkReport.Name, controlReport.Name, frameworkReport.Name, controlReport.Name, controlReport.GetNumberOfResources())
+			fmt.Fprintf(p.writer, "# Number of resources excluded as part of %s control %s\nkubescape_resources_excluded_count{framework=\"%s\",control=\"%s\"} %d\n", frameworkReport.Name, controlReport.Name, frameworkReport.Name, controlReport.Name, controlReport.GetNumberOfWarningResources())
+			fmt.Fprintf(p.writer, "# Number of resources failed as part of %s control %s\nkubescape_resources_failed_count{framework=\"%s\",control=\"%s\"} %d\n", frameworkReport.Name, controlReport.Name, frameworkReport.Name, controlReport.Name, controlReport.GetNumberOfFailedResources())

-			printer.printResources(allResources, controlReport.ListResourcesIDs(), frameworkReport.Name, controlReport.Name)
+			p.printResources(allResources, controlReport.ListResourcesIDs(), frameworkReport.Name, controlReport.Name)
 		}
 	}
 	return nil
 }

-func (printer *PrometheusPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+func (p *PrometheusPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
 	report := cautils.ReportV2ToV1(opaSessionObj)

-	err := printer.printReports(opaSessionObj.AllResources, report.FrameworkReports)
+	err := p.printReports(opaSessionObj.AllResources, report.FrameworkReports)
 	if err != nil {
 		logger.L().Fatal(err.Error())
+	} else {
+		printer.LogOutputFile(p.writer.Name())
 	}
+
 }
--- a/core/pkg/resultshandling/printer/v2/controltable.go
+++ b/core/pkg/resultshandling/printer/v2/controltable.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"fmt"
@@ -78,6 +78,19 @@ func getColor(controlSeverity int) color.Attribute {
 	}
 }

+func getSortedControlsIDs(controls reportsummary.ControlSummaries) [][]string {
+	controlIDs := make([][]string, 5)
+	for k := range controls {
+		c := controls[k]
+		i := apis.ControlSeverityToInt(c.GetScoreFactor())
+		controlIDs[i] = append(controlIDs[i], c.GetID())
+	}
+	for i := range controlIDs {
+		sort.Strings(controlIDs[i])
+	}
+	return controlIDs
+}
+
 func getSortedControlsNames(controls reportsummary.ControlSummaries) [][]string {
 	controlNames := make([][]string, 5)
 	for k := range controls {
--- a/core/pkg/resultshandling/printer/v2/html/report.gohtml
+++ b/core/pkg/resultshandling/printer/v2/html/report.gohtml
@@ -142,7 +142,7 @@
        <tr>
          <td class="resourceSeverityCell">{{ .Severity }}</td>
          <td class="resourceNameCell">{{ .Name }}</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/{{ lower .URL }}">{{ .URL }}</a></td>
+          <td class="resourceURLCell"><a href="{{ lower .URL }}">{{ .ID }}</a></td>
          <td class="resourceRemediationCell">{{ range .FailedPaths }} <p>{{ . }}</p> {{ end }}</td>
        </tr>
        {{ end }}
--- a/core/pkg/resultshandling/printer/v2/htmlprinter.go
+++ b/core/pkg/resultshandling/printer/v2/htmlprinter.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	_ "embed"
@@ -38,17 +38,17 @@ func NewHtmlPrinter() *HtmlPrinter {
 	return &HtmlPrinter{}
 }

-func (htmlPrinter *HtmlPrinter) SetWriter(outputFile string) {
-	if outputFile == "" {
+func (hp *HtmlPrinter) SetWriter(outputFile string) {
+	if strings.TrimSpace(outputFile) == "" {
 		outputFile = htmlOutputFile
 	}
 	if filepath.Ext(strings.TrimSpace(outputFile)) != htmlOutputExt {
 		outputFile = outputFile + htmlOutputExt
 	}
-	htmlPrinter.writer = printer.GetWriter(outputFile)
+	hp.writer = printer.GetWriter(outputFile)
 }

-func (htmlPrinter *HtmlPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+func (hp *HtmlPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
 	tplFuncMap := template.FuncMap{
 		"sum": func(nums ...int) int {
 			total := 0
@@ -104,13 +104,16 @@ func (htmlPrinter *HtmlPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj

 	resourceTableView := buildResourceTableView(opaSessionObj)
 	reportingCtx := HTMLReportingCtx{opaSessionObj, resourceTableView}
-	err := tpl.Execute(htmlPrinter.writer, reportingCtx)
+	err := tpl.Execute(hp.writer, reportingCtx)
 	if err != nil {
 		logger.L().Error("failed to render template", helpers.Error(err))
+	} else {
+		printer.LogOutputFile(hp.writer.Name())
 	}
+
 }

-func (htmlPrinter *HtmlPrinter) Score(score float32) {
+func (hp *HtmlPrinter) Score(score float32) {
 	return
 }

@@ -130,17 +133,18 @@ func buildResourceTableView(opaSessionObj *cautils.OPASessionObj) ResourceTableV
 func buildResourceControlResult(resourceControl resourcesresults.ResourceAssociatedControl, control reportsummary.IControlSummary) ResourceControlResult {
 	ctlSeverity := apis.ControlSeverityToString(control.GetScoreFactor())
 	ctlName := resourceControl.GetName()
-	ctlURL := resourceControl.GetID()
+	ctlID := resourceControl.GetID()
+	ctlURL := cautils.GetControlLink(resourceControl.GetID())
 	failedPaths := append(failedPathsToString(&resourceControl), fixPathsToString(&resourceControl)...)

-	return ResourceControlResult{ctlSeverity, ctlName, ctlURL, failedPaths}
+	return ResourceControlResult{ctlSeverity, ctlName, ctlID, ctlURL, failedPaths}
 }

 func buildResourceControlResultTable(resourceControls []resourcesresults.ResourceAssociatedControl, summaryDetails *reportsummary.SummaryDetails) []ResourceControlResult {
 	var ctlResults []ResourceControlResult
 	for _, resourceControl := range resourceControls {
 		if resourceControl.GetStatus(nil).IsFailed() {
-			control := summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaName, resourceControl.GetName())
+			control := summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaID, resourceControl.GetID())
 			ctlResult := buildResourceControlResult(resourceControl, control)

 			ctlResults = append(ctlResults, ctlResult)
--- a/core/pkg/resultshandling/printer/v2/jsonprinter.go
+++ b/core/pkg/resultshandling/printer/v2/jsonprinter.go
@@ -1,9 +1,11 @@
-package v2
+package printer

 import (
 	"encoding/json"
 	"fmt"
 	"os"
+	"path/filepath"
+	"strings"

 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/go-logger/helpers"
@@ -11,6 +13,11 @@ import (
 	"github.com/kubescape/kubescape/v2/core/pkg/resultshandling/printer"
 )

+const (
+	jsonOutputFile = "report"
+	jsonOutputExt  = ".json"
+)
+
 type JsonPrinter struct {
 	writer *os.File
 }
@@ -19,22 +26,29 @@ func NewJsonPrinter() *JsonPrinter {
 	return &JsonPrinter{}
 }

-func (jsonPrinter *JsonPrinter) SetWriter(outputFile string) {
-	jsonPrinter.writer = printer.GetWriter(outputFile)
+func (jp *JsonPrinter) SetWriter(outputFile string) {
+	if strings.TrimSpace(outputFile) == "" {
+		outputFile = jsonOutputFile
+	}
+	if filepath.Ext(strings.TrimSpace(outputFile)) != jsonOutputExt {
+		outputFile = outputFile + jsonOutputExt
+	}
+	jp.writer = printer.GetWriter(outputFile)
 }

-func (jsonPrinter *JsonPrinter) Score(score float32) {
+func (jp *JsonPrinter) Score(score float32) {
 	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
 }

-func (jsonPrinter *JsonPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+func (jp *JsonPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
 	r, err := json.Marshal(FinalizeResults(opaSessionObj))
 	if err != nil {
 		logger.L().Fatal("failed to Marshal posture report object")
 	}

-	logOUtputFile(jsonPrinter.writer.Name())
-	if _, err := jsonPrinter.writer.Write(r); err != nil {
+	if _, err := jp.writer.Write(r); err != nil {
 		logger.L().Error("failed to write results", helpers.Error(err))
+	} else {
+		printer.LogOutputFile(jp.writer.Name())
 	}
 }
--- a/core/pkg/resultshandling/printer/v2/junit.go
+++ b/core/pkg/resultshandling/printer/v2/junit.go
@@ -1,9 +1,11 @@
-package v2
+package printer

 import (
 	"encoding/xml"
 	"fmt"
 	"os"
+	"path/filepath"
+	"sort"
 	"strings"

 	logger "github.com/kubescape/go-logger"
@@ -11,9 +13,13 @@ import (
 	"github.com/kubescape/k8s-interface/workloadinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/kubescape/v2/core/pkg/resultshandling/printer"
-	"github.com/kubescape/opa-utils/reporthandling/apis"
 	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
-	"github.com/kubescape/opa-utils/reporthandling/results/v1/resourcesresults"
+	"github.com/kubescape/opa-utils/shared"
+)
+
+const (
+	junitOutputFile = "report"
+	junitOutputExt  = ".xml"
 )

 /*
@@ -36,7 +42,6 @@ type JUnitTestSuites struct {
 	XMLName  xml.Name         `xml:"testsuites"`
 	Suites   []JUnitTestSuite `xml:"testsuite"`     // list of controls
 	Errors   int              `xml:"errors,attr"`   // total number of tests with error result from all testsuites
-	Disabled int              `xml:"disabled,attr"` // total number of disabled tests from all testsuites
 	Failures int              `xml:"failures,attr"` // total number of failed tests from all testsuites
 	Tests    int              `xml:"tests,attr"`    // total number of tests from all testsuites. Some software may expect to only see the number of successful tests from all testsuites though
 	Time     string           `xml:"time,attr"`     // time in seconds to execute all test suites
@@ -46,8 +51,8 @@ type JUnitTestSuites struct {
 // JUnitTestSuite represents a single control
 type JUnitTestSuite struct {
 	XMLName    xml.Name        `xml:"testsuite"`
+	Tests      int             `xml:"tests,attr"`     // total number of tests from this testsuite. Some software may expect to only see the number of successful tests though
 	Name       string          `xml:"name,attr"`      // Full (class) name of the test for non-aggregated testsuite documents. Class name without the package for aggregated testsuites documents. Required
-	Disabled   int             `xml:"disabled,attr"`  // The total number of disabled tests in the suite. optional. not supported by maven surefire.
 	Errors     int             `xml:"errors,attr"`    // The total number of tests in the suite that errors
 	Failures   int             `xml:"failures,attr"`  // The total number of tests in the suite that failed
 	Hostname   string          `xml:"hostname,attr"`  // Host on which the tests were executed ? cluster name ?
@@ -55,7 +60,6 @@ type JUnitTestSuite struct {
 	Skipped    string          `xml:"skipped,attr"`   // The total number of skipped tests
 	Time       string          `xml:"time,attr"`      // Time taken (in seconds) to execute the tests in the suite
 	Timestamp  string          `xml:"timestamp,attr"` // when the test was executed in ISO 8601 format (2014-01-21T16:17:18)
-	File       string          `xml:"file,attr"`      // The file be tested
 	Properties []JUnitProperty `xml:"properties>property,omitempty"`
 	TestCases  []JUnitTestCase `xml:"testcase"`
 }
@@ -64,7 +68,6 @@ type JUnitTestSuite struct {
 type JUnitTestCase struct {
 	XMLName     xml.Name          `xml:"testcase"`
 	Classname   string            `xml:"classname,attr"` // Full class name for the class the test method is in. required
-	Status      string            `xml:"status,attr"`    // Status
 	Name        string            `xml:"name,attr"`      // Name of the test method, required
 	Time        string            `xml:"time,attr"`      // Time taken (in seconds) to execute the test. optional
 	SkipMessage *JUnitSkipMessage `xml:"skipped,omitempty"`
@@ -89,153 +92,141 @@ type JUnitFailure struct {
 	Contents string `xml:",chardata"`
 }

-const (
-	lineSeparator         = "\n===================================================================================================================\n\n"
-	testCaseTypeResources = "Resources"
-)
-
 func NewJunitPrinter(verbose bool) *JunitPrinter {
 	return &JunitPrinter{
 		verbose: verbose,
 	}
 }

-func (junitPrinter *JunitPrinter) SetWriter(outputFile string) {
-	junitPrinter.writer = printer.GetWriter(outputFile)
+func (jp *JunitPrinter) SetWriter(outputFile string) {
+	if strings.TrimSpace(outputFile) == "" {
+		outputFile = junitOutputFile
+	}
+	if filepath.Ext(strings.TrimSpace(outputFile)) != junitOutputExt {
+		outputFile = outputFile + junitOutputExt
+	}
+	jp.writer = printer.GetWriter(outputFile)
 }

-func (junitPrinter *JunitPrinter) Score(score float32) {
+func (jp *JunitPrinter) Score(score float32) {
 	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
 }

-func (junitPrinter *JunitPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+func (jp *JunitPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
 	junitResult := testsSuites(opaSessionObj)
 	postureReportStr, err := xml.Marshal(junitResult)
 	if err != nil {
 		logger.L().Fatal("failed to Marshal xml result object", helpers.Error(err))
 	}

-	logOUtputFile(junitPrinter.writer.Name())
-	if _, err := junitPrinter.writer.Write(postureReportStr); err != nil {
+	if _, err := jp.writer.Write(postureReportStr); err != nil {
 		logger.L().Error("failed to write results", helpers.Error(err))
+	} else {
+		printer.LogOutputFile(jp.writer.Name())
 	}
 }

 func testsSuites(results *cautils.OPASessionObj) *JUnitTestSuites {
 	return &JUnitTestSuites{
 		Suites:   listTestsSuite(results),
-		Tests:    results.Report.SummaryDetails.NumberOfResources().All(),
+		Tests:    results.Report.SummaryDetails.NumberOfControls().All(),
 		Name:     "Kubescape Scanning",
-		Failures: results.Report.SummaryDetails.NumberOfResources().Failed(),
+		Failures: results.Report.SummaryDetails.NumberOfControls().Failed(),
 	}
 }
-
-// aggregate resources source to a list of resources results
-func sourceToResourcesResults(results *cautils.OPASessionObj) map[string][]resourcesresults.Result {
-	resourceResults := make(map[string][]resourcesresults.Result)
-	for i := range results.ResourceSource {
-		if r, ok := results.ResourcesResult[i]; ok {
-			if _, ok := resourceResults[results.ResourceSource[i].RelativePath]; !ok {
-				resourceResults[results.ResourceSource[i].RelativePath] = []resourcesresults.Result{}
-			}
-			resourceResults[results.ResourceSource[i].RelativePath] = append(resourceResults[results.ResourceSource[i].RelativePath], r)
-		}
-	}
-	return resourceResults
-}
-
-// listTestsSuite returns a list of testsuites
 func listTestsSuite(results *cautils.OPASessionObj) []JUnitTestSuite {
 	var testSuites []JUnitTestSuite
-	resourceResults := sourceToResourcesResults(results)
-	counter := 0
+
 	// control scan
-	for path, resourcesResult := range resourceResults {
+	if len(results.Report.SummaryDetails.ListFrameworks()) == 0 {
 		testSuite := JUnitTestSuite{}
+		testSuite.Tests = results.Report.SummaryDetails.NumberOfControls().All()
+		testSuite.Failures = results.Report.SummaryDetails.NumberOfControls().Failed()
 		testSuite.Timestamp = results.Report.ReportGenerationTime.String()
-		testSuite.ID = counter
-		counter++
-		testSuite.File = path
-		testSuite.TestCases = testsCases(results, resourcesResult)
-		if len(testSuite.TestCases) > 0 {
-			testSuites = append(testSuites, testSuite)
-		}
+		testSuite.ID = 0
+		testSuite.Name = "kubescape"
+		testSuite.Properties = properties(results.Report.SummaryDetails.Score)
+		testSuite.TestCases = testsCases(results, &results.Report.SummaryDetails.Controls, "Kubescape")
+		testSuites = append(testSuites, testSuite)
+		return testSuites
+	}
+
+	for i, f := range results.Report.SummaryDetails.Frameworks {
+		testSuite := JUnitTestSuite{}
+		testSuite.Tests = f.NumberOfControls().All()
+		testSuite.Failures = f.NumberOfControls().Failed()
+		testSuite.Timestamp = results.Report.ReportGenerationTime.String()
+		testSuite.ID = i
+		testSuite.Name = f.Name
+		testSuite.Properties = properties(f.Score)
+		testSuite.TestCases = testsCases(results, f.GetControls(), f.GetName())
+		testSuites = append(testSuites, testSuite)
 	}

 	return testSuites
 }
-
-func failedControlsToFailureMessage(results *cautils.OPASessionObj, controls []resourcesresults.ResourceAssociatedControl, severityCounter []int) string {
-	msg := ""
-	for _, c := range controls {
-		control := results.Report.SummaryDetails.Controls.GetControl(reportsummary.EControlCriteriaID, c.GetID())
-		if c.GetStatus(nil).IsFailed() {
-			msg += fmt.Sprintf("Test: %s\n", control.GetName())
-			msg += fmt.Sprintf("Severity: %s\n", apis.ControlSeverityToString(control.GetScoreFactor()))
-			msg += fmt.Sprintf("Remediation: %s\n", control.GetRemediation())
-			msg += fmt.Sprintf("Link: %s\n", cautils.GetControlLink(control.GetID()))
-			if failedPaths := failedPathsToString(&c); len(failedPaths) > 0 {
-				msg += fmt.Sprintf("Failed paths: \n - %s\n", strings.Join(failedPaths, "\n - "))
-			}
-			if fixPaths := fixPathsToString(&c); len(fixPaths) > 0 {
-				msg += fmt.Sprintf("Available fix: \n - %s\n", strings.Join(fixPaths, "\n - "))
-			}
-			msg += "\n"
-
-			severityCounter[apis.ControlSeverityToInt(control.GetScoreFactor())] += 1
-		}
-	}
-	return msg
-}
-
-// Every testCase includes a file (even if the file contains several resources)
-func testsCases(results *cautils.OPASessionObj, resourcesResult []resourcesresults.Result) []JUnitTestCase {
+func testsCases(results *cautils.OPASessionObj, controls reportsummary.IControlsSummaries, classname string) []JUnitTestCase {
 	var testCases []JUnitTestCase
-	testCase := JUnitTestCase{}
-	testCaseFailure := JUnitFailure{}
-	testCaseFailure.Type = testCaseTypeResources
-	message := ""

-	// severityCounter represents the severities, 0: Unknown, 1: Low, 2: Medium, 3: High, 4: Critical
-	severityCounter := make([]int, apis.NumberOfSeverities, apis.NumberOfSeverities)
+	iter := controls.ListControlsIDs().All()
+	for iter.HasNext() {
+		cID := iter.Next()
+		testCase := JUnitTestCase{}
+		control := results.Report.SummaryDetails.Controls.GetControl(reportsummary.EControlCriteriaID, cID)
+
+		testCase.Name = control.GetName()
+		testCase.Classname = classname
+
+		if control.GetStatus().IsFailed() {
+			resources := map[string]interface{}{}
+			resourceIDs := control.ListResourcesIDs().Failed()
+			for j := range resourceIDs {
+				resource := results.AllResources[resourceIDs[j]]
+				sourcePath := ""
+				if ResourceSourcePath, ok := results.ResourceSource[resourceIDs[j]]; ok {
+					sourcePath = ResourceSourcePath.RelativePath
+				}
+				resources[resourceToString(resource, sourcePath)] = nil
+			}
+			resourcesStr := shared.MapStringToSlice(resources)
+			sort.Strings(resourcesStr)
+			testCaseFailure := JUnitFailure{}
+			testCaseFailure.Type = "Control"
+			// testCaseFailure.Contents =
+			testCaseFailure.Message = fmt.Sprintf("Remediation: %s\nMore details: %s\n\n%s", control.GetRemediation(), cautils.GetControlLink(control.GetID()), strings.Join(resourcesStr, "\n"))
+
+			testCase.Failure = &testCaseFailure
+		} else if control.GetStatus().IsSkipped() {
+			testCase.SkipMessage = &JUnitSkipMessage{
+				Message: "", // TODO - fill after statusInfo is supported
+			}

-	for i := range resourcesResult {
-		if failedControls := failedControlsToFailureMessage(results, resourcesResult[i].ListControls(), severityCounter); failedControls != "" {
-			message += fmt.Sprintf("%sResource: %s\n\n%s", lineSeparator, resourceNameToString(results.AllResources[resourcesResult[i].GetResourceID()]), failedControls)
 		}
-	}
-	testCaseFailure.Message += fmt.Sprintf("%s\n%s", getSummaryMessage(severityCounter), message)
-
-	testCase.Failure = &testCaseFailure
-	if testCase.Failure.Message != "" {
 		testCases = append(testCases, testCase)
 	}
-
 	return testCases
 }

-func getSummaryMessage(severityCounter []int) string {
-	total := 0
-	severities := ""
-	for i, count := range severityCounter {
-		if apis.SeverityNumberToString(i) == apis.SeverityNumberToString(apis.SeverityUnknown) {
-			continue
-		}
-		severities += fmt.Sprintf("%s: %d, ", apis.SeverityNumberToString(i), count)
-		total += count
-	}
-	if len(severities) == 0 {
-		return ""
-	}
-	return fmt.Sprintf("Total: %d (%s)", total, severities[:len(severities)-2])
-}
-
-func resourceNameToString(resource workloadinterface.IMetadata) string {
+func resourceToString(resource workloadinterface.IMetadata, sourcePath string) string {
+	sep := "; "
 	s := ""
-	s += fmt.Sprintf("kind=%s/", resource.GetKind())
+	s += fmt.Sprintf("apiVersion: %s", resource.GetApiVersion()) + sep
+	s += fmt.Sprintf("kind: %s", resource.GetKind()) + sep
 	if resource.GetNamespace() != "" {
-		s += fmt.Sprintf("namespace=%s/", resource.GetNamespace())
+		s += fmt.Sprintf("namespace: %s", resource.GetNamespace()) + sep
+	}
+	s += fmt.Sprintf("name: %s", resource.GetName())
+	if sourcePath != "" {
+		s += sep + fmt.Sprintf("sourcePath: %s", sourcePath)
 	}
-	s += fmt.Sprintf("name=%s", resource.GetName())
 	return s
 }
+
+func properties(riskScore float32) []JUnitProperty {
+	return []JUnitProperty{
+		{
+			Name:  "riskScore",
+			Value: fmt.Sprintf("%.2f", riskScore),
+		},
+	}
+}
--- a/core/pkg/resultshandling/printer/v2/pdf.go
+++ b/core/pkg/resultshandling/printer/v2/pdf.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	_ "embed"
@@ -39,22 +39,22 @@ func NewPdfPrinter() *PdfPrinter {
 	return &PdfPrinter{}
 }

-func (pdfPrinter *PdfPrinter) SetWriter(outputFile string) {
+func (pp *PdfPrinter) SetWriter(outputFile string) {
 	// Ensure to have an available output file, otherwise create it.
-	if outputFile == "" {
+	if strings.TrimSpace(outputFile) == "" {
 		outputFile = pdfOutputFile
 	}
 	// Ensure to have the right file extension.
 	if filepath.Ext(strings.TrimSpace(outputFile)) != pdfOutputExt {
 		outputFile = outputFile + pdfOutputExt
 	}
-	pdfPrinter.writer = printer.GetWriter(outputFile)
+	pp.writer = printer.GetWriter(outputFile)
 }

-func (pdfPrinter *PdfPrinter) Score(score float32) {
+func (pp *PdfPrinter) Score(score float32) {
 	fmt.Fprintf(os.Stderr, "\nOverall risk-score (0- Excellent, 100- All failed): %d\n", cautils.Float32ToInt(score))
 }
-func (pdfPrinter *PdfPrinter) printInfo(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails, infoMap []infoStars) {
+func (pp *PdfPrinter) printInfo(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails, infoMap []infoStars) {
 	emptyRowCounter := 1
 	for i := range infoMap {
 		if infoMap[i].info != "" {
@@ -75,16 +75,16 @@ func (pdfPrinter *PdfPrinter) printInfo(m pdf.Maroto, summaryDetails *reportsumm

 }

-func (pdfPrinter *PdfPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
-	sortedControlNames := getSortedControlsNames(opaSessionObj.Report.SummaryDetails.Controls)
+func (pp *PdfPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+	sortedControlIDs := getSortedControlsIDs(opaSessionObj.Report.SummaryDetails.Controls)

 	infoToPrintInfo := mapInfoToPrintInfo(opaSessionObj.Report.SummaryDetails.Controls)
 	m := pdf.NewMaroto(consts.Portrait, consts.A4)
-	pdfPrinter.printHeader(m)
-	pdfPrinter.printFramework(m, opaSessionObj.Report.SummaryDetails.ListFrameworks())
-	pdfPrinter.printTable(m, &opaSessionObj.Report.SummaryDetails, sortedControlNames)
-	pdfPrinter.printFinalResult(m, &opaSessionObj.Report.SummaryDetails)
-	pdfPrinter.printInfo(m, &opaSessionObj.Report.SummaryDetails, infoToPrintInfo)
+	pp.printHeader(m)
+	pp.printFramework(m, opaSessionObj.Report.SummaryDetails.ListFrameworks())
+	pp.printTable(m, &opaSessionObj.Report.SummaryDetails, sortedControlIDs)
+	pp.printFinalResult(m, &opaSessionObj.Report.SummaryDetails)
+	pp.printInfo(m, &opaSessionObj.Report.SummaryDetails, infoToPrintInfo)

 	// Extrat output buffer.
 	outBuff, err := m.Output()
@@ -93,14 +93,15 @@ func (pdfPrinter *PdfPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj)
 		return
 	}

-	logOUtputFile(pdfPrinter.writer.Name())
-	if _, err := pdfPrinter.writer.Write(outBuff.Bytes()); err != nil {
+	if _, err := pp.writer.Write(outBuff.Bytes()); err != nil {
 		logger.L().Error("failed to write results", helpers.Error(err))
+	} else {
+		printer.LogOutputFile(pp.writer.Name())
 	}
 }

-// Print Kubescape logo and report date.
-func (pdfPrinter *PdfPrinter) printHeader(m pdf.Maroto) {
+// printHeader prints the Kubescape logo and report date
+func (pp *PdfPrinter) printHeader(m pdf.Maroto) {
 	// Retrieve current time (we need it for the report timestamp).
 	t := time.Now()
 	// Enconde PNG into Base64 to embed it into the pdf.
@@ -136,8 +137,8 @@ func (pdfPrinter *PdfPrinter) printHeader(m pdf.Maroto) {
 	m.Line(1)
 }

-// Print pdf frameworks after pdf header.
-func (pdfPrinter *PdfPrinter) printFramework(m pdf.Maroto, frameworks []reportsummary.IFrameworkSummary) {
+// printFramework prints the PDF frameworks after the PDF header
+func (pp *PdfPrinter) printFramework(m pdf.Maroto, frameworks []reportsummary.IFrameworkSummary) {
 	m.Row(10, func() {
 		m.Text(frameworksScoresToString(frameworks), props.Text{
 			Align:  consts.Center,
@@ -148,17 +149,17 @@ func (pdfPrinter *PdfPrinter) printFramework(m pdf.Maroto, frameworks []reportsu
 	})
 }

-// Create pdf table
-func (pdfPrinter *PdfPrinter) printTable(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails, sortedControlNames [][]string) {
+// printTable creates the PDF table
+func (pp *PdfPrinter) printTable(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails, sortedControlIDs [][]string) {
 	headers := getControlTableHeaders()
 	infoToPrintInfoMap := mapInfoToPrintInfo(summaryDetails.Controls)
-	controls := make([][]string, len(sortedControlNames))
+	controls := make([][]string, len(sortedControlIDs))
 	for i := range controls {
 		controls[i] = make([]string, len(headers))
 	}
-	for i := len(sortedControlNames) - 1; i >= 0; i-- {
-		for _, c := range sortedControlNames[i] {
-			controls[i] = generateRow(summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaName, c), infoToPrintInfoMap, true)
+	for i := len(sortedControlIDs) - 1; i >= 0; i-- {
+		for _, c := range sortedControlIDs[i] {
+			controls[i] = generateRow(summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaID, c), infoToPrintInfoMap, true)
 		}
 	}

@@ -186,8 +187,8 @@ func (pdfPrinter *PdfPrinter) printTable(m pdf.Maroto, summaryDetails *reportsum
 	m.Row(2, func() {})
 }

-// Add final results.
-func (pdfPrinter *PdfPrinter) printFinalResult(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails) {
+// printFinalResult adds the final results
+func (pp *PdfPrinter) printFinalResult(m pdf.Maroto, summaryDetails *reportsummary.SummaryDetails) {
 	m.Row(_rowLen, func() {
 		m.Col(3, func() {
 			m.Text("Resource summary", props.Text{
--- a/core/pkg/resultshandling/printer/v2/prettyprinter.go
+++ b/core/pkg/resultshandling/printer/v2/prettyprinter.go
@@ -1,9 +1,11 @@
-package v2
+package printer

 import (
 	"fmt"
 	"os"
+	"path/filepath"
 	"sort"
+	"strings"

 	"github.com/enescakir/emoji"
 	"github.com/kubescape/k8s-interface/workloadinterface"
@@ -16,6 +18,11 @@ import (
 	"github.com/olekukonko/tablewriter"
 )

+const (
+	prettyPrinterOutputFile = "report"
+	prettyPrinterOutputExt  = ".txt"
+)
+
 type PrettyPrinter struct {
 	formatVersion string
 	viewType      cautils.ViewTypes
@@ -31,79 +38,100 @@ func NewPrettyPrinter(verboseMode bool, formatVersion string, viewType cautils.V
 	}
 }

-func (prettyPrinter *PrettyPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
-	fmt.Fprintf(prettyPrinter.writer, "\n"+getSeparator("^")+"\n")
+func (pp *PrettyPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+	fmt.Fprintf(pp.writer, "\n"+getSeparator("^")+"\n")

-	sortedControlNames := getSortedControlsNames(opaSessionObj.Report.SummaryDetails.Controls) // ListControls().All())
+	sortedControlIDs := getSortedControlsIDs(opaSessionObj.Report.SummaryDetails.Controls) // ListControls().All())

-	switch prettyPrinter.viewType {
+	switch pp.viewType {
 	case cautils.ControlViewType:
-		prettyPrinter.printResults(&opaSessionObj.Report.SummaryDetails.Controls, opaSessionObj.AllResources, sortedControlNames)
+		pp.printResults(&opaSessionObj.Report.SummaryDetails.Controls, opaSessionObj.AllResources, sortedControlIDs)
 	case cautils.ResourceViewType:
-		if prettyPrinter.verboseMode {
-			prettyPrinter.resourceTable(opaSessionObj)
+		if pp.verboseMode {
+			pp.resourceTable(opaSessionObj)
 		}
 	}

-	prettyPrinter.printSummaryTable(&opaSessionObj.Report.SummaryDetails, sortedControlNames)
+	pp.printSummaryTable(&opaSessionObj.Report.SummaryDetails, sortedControlIDs)
+
+	// When writing to Stdout, we aren’t really writing to an output file,
+	// so no need to print that we are
+	if pp.writer.Name() != os.Stdout.Name() {
+		printer.LogOutputFile(pp.writer.Name())
+	}

 }

-func (prettyPrinter *PrettyPrinter) SetWriter(outputFile string) {
-	prettyPrinter.writer = printer.GetWriter(outputFile)
+func (pp *PrettyPrinter) SetWriter(outputFile string) {
+	// PrettyPrinter should accept Stdout at least by its full name (path)
+	// and follow the common behavior of outputting to a default filename
+	// otherwise
+	if outputFile == os.Stdout.Name() {
+		pp.writer = printer.GetWriter("")
+		return
+	}
+
+	if strings.TrimSpace(outputFile) == "" {
+		outputFile = prettyPrinterOutputFile
+	}
+	if filepath.Ext(strings.TrimSpace(outputFile)) != junitOutputExt {
+		outputFile = outputFile + prettyPrinterOutputExt
+	}
+
+	pp.writer = printer.GetWriter(outputFile)
 }

-func (prettyPrinter *PrettyPrinter) Score(score float32) {
+func (pp *PrettyPrinter) Score(score float32) {
 }

-func (prettyPrinter *PrettyPrinter) printResults(controls *reportsummary.ControlSummaries, allResources map[string]workloadinterface.IMetadata, sortedControlNames [][]string) {
-	for i := len(sortedControlNames) - 1; i >= 0; i-- {
-		for _, c := range sortedControlNames[i] {
-			controlSummary := controls.GetControl(reportsummary.EControlCriteriaName, c) //  summaryDetails.Controls ListControls().All() Controls.GetControl(ca)
-			prettyPrinter.printTitle(controlSummary)
-			prettyPrinter.printResources(controlSummary, allResources)
-			prettyPrinter.printSummary(c, controlSummary)
+func (pp *PrettyPrinter) printResults(controls *reportsummary.ControlSummaries, allResources map[string]workloadinterface.IMetadata, sortedControlIDs [][]string) {
+	for i := len(sortedControlIDs) - 1; i >= 0; i-- {
+		for _, c := range sortedControlIDs[i] {
+			controlSummary := controls.GetControl(reportsummary.EControlCriteriaID, c) //  summaryDetails.Controls ListControls().All() Controls.GetControl(ca)
+			pp.printTitle(controlSummary)
+			pp.printResources(controlSummary, allResources)
+			pp.printSummary(c, controlSummary)
 		}
 	}
 }

-func (prettyPrinter *PrettyPrinter) printSummary(controlName string, controlSummary reportsummary.IControlSummary) {
+func (pp *PrettyPrinter) printSummary(controlName string, controlSummary reportsummary.IControlSummary) {
 	if controlSummary.GetStatus().IsSkipped() {
 		return
 	}
-	cautils.SimpleDisplay(prettyPrinter.writer, "Summary - ")
-	cautils.SuccessDisplay(prettyPrinter.writer, "Passed:%v   ", controlSummary.NumberOfResources().Passed())
-	cautils.WarningDisplay(prettyPrinter.writer, "Excluded:%v   ", controlSummary.NumberOfResources().Excluded())
-	cautils.FailureDisplay(prettyPrinter.writer, "Failed:%v   ", controlSummary.NumberOfResources().Failed())
-	cautils.InfoDisplay(prettyPrinter.writer, "Total:%v\n", controlSummary.NumberOfResources().All())
+	cautils.SimpleDisplay(pp.writer, "Summary - ")
+	cautils.SuccessDisplay(pp.writer, "Passed:%v   ", controlSummary.NumberOfResources().Passed())
+	cautils.WarningDisplay(pp.writer, "Excluded:%v   ", controlSummary.NumberOfResources().Excluded())
+	cautils.FailureDisplay(pp.writer, "Failed:%v   ", controlSummary.NumberOfResources().Failed())
+	cautils.InfoDisplay(pp.writer, "Total:%v\n", controlSummary.NumberOfResources().All())
 	if controlSummary.GetStatus().IsFailed() {
-		cautils.DescriptionDisplay(prettyPrinter.writer, "Remediation: %v\n", controlSummary.GetRemediation())
+		cautils.DescriptionDisplay(pp.writer, "Remediation: %v\n", controlSummary.GetRemediation())
 	}
-	cautils.DescriptionDisplay(prettyPrinter.writer, "\n")
+	cautils.DescriptionDisplay(pp.writer, "\n")

 }
-func (prettyPrinter *PrettyPrinter) printTitle(controlSummary reportsummary.IControlSummary) {
-	cautils.InfoDisplay(prettyPrinter.writer, "[control: %s - %s] ", controlSummary.GetName(), cautils.GetControlLink(controlSummary.GetID()))
+func (pp *PrettyPrinter) printTitle(controlSummary reportsummary.IControlSummary) {
+	cautils.InfoDisplay(pp.writer, "[control: %s - %s] ", controlSummary.GetName(), cautils.GetControlLink(controlSummary.GetID()))
 	switch controlSummary.GetStatus().Status() {
 	case apis.StatusSkipped:
-		cautils.InfoDisplay(prettyPrinter.writer, "skipped %v\n", emoji.ConfusedFace)
+		cautils.InfoDisplay(pp.writer, "skipped %v\n", emoji.ConfusedFace)
 	case apis.StatusFailed:
-		cautils.FailureDisplay(prettyPrinter.writer, "failed %v\n", emoji.SadButRelievedFace)
+		cautils.FailureDisplay(pp.writer, "failed %v\n", emoji.SadButRelievedFace)
 	case apis.StatusExcluded:
-		cautils.WarningDisplay(prettyPrinter.writer, "excluded %v\n", emoji.NeutralFace)
+		cautils.WarningDisplay(pp.writer, "excluded %v\n", emoji.NeutralFace)
 	case apis.StatusIrrelevant:
-		cautils.SuccessDisplay(prettyPrinter.writer, "irrelevant %v\n", emoji.ConfusedFace)
+		cautils.SuccessDisplay(pp.writer, "irrelevant %v\n", emoji.ConfusedFace)
 	case apis.StatusError:
-		cautils.WarningDisplay(prettyPrinter.writer, "error %v\n", emoji.ConfusedFace)
+		cautils.WarningDisplay(pp.writer, "error %v\n", emoji.ConfusedFace)
 	default:
-		cautils.SuccessDisplay(prettyPrinter.writer, "passed %v\n", emoji.ThumbsUp)
+		cautils.SuccessDisplay(pp.writer, "passed %v\n", emoji.ThumbsUp)
 	}
-	cautils.DescriptionDisplay(prettyPrinter.writer, "Description: %s\n", controlSummary.GetDescription())
+	cautils.DescriptionDisplay(pp.writer, "Description: %s\n", controlSummary.GetDescription())
 	if controlSummary.GetStatus().Info() != "" {
-		cautils.WarningDisplay(prettyPrinter.writer, "Reason: %v\n", controlSummary.GetStatus().Info())
+		cautils.WarningDisplay(pp.writer, "Reason: %v\n", controlSummary.GetStatus().Info())
 	}
 }
-func (prettyPrinter *PrettyPrinter) printResources(controlSummary reportsummary.IControlSummary, allResources map[string]workloadinterface.IMetadata) {
+func (pp *PrettyPrinter) printResources(controlSummary reportsummary.IControlSummary, allResources map[string]workloadinterface.IMetadata) {

 	workloadsSummary := listResultSummary(controlSummary, allResources)

@@ -111,35 +139,35 @@ func (prettyPrinter *PrettyPrinter) printResources(controlSummary reportsummary.
 	excludedWorkloads := groupByNamespaceOrKind(workloadsSummary, workloadSummaryExclude)

 	var passedWorkloads map[string][]WorkloadSummary
-	if prettyPrinter.verboseMode {
+	if pp.verboseMode {
 		passedWorkloads = groupByNamespaceOrKind(workloadsSummary, workloadSummaryPassed)
 	}
 	if len(failedWorkloads) > 0 {
-		cautils.FailureDisplay(prettyPrinter.writer, "Failed:\n")
-		prettyPrinter.printGroupedResources(failedWorkloads)
+		cautils.FailureDisplay(pp.writer, "Failed:\n")
+		pp.printGroupedResources(failedWorkloads)
 	}
 	if len(excludedWorkloads) > 0 {
-		cautils.WarningDisplay(prettyPrinter.writer, "Excluded:\n")
-		prettyPrinter.printGroupedResources(excludedWorkloads)
+		cautils.WarningDisplay(pp.writer, "Excluded:\n")
+		pp.printGroupedResources(excludedWorkloads)
 	}
 	if len(passedWorkloads) > 0 {
-		cautils.SuccessDisplay(prettyPrinter.writer, "Passed:\n")
-		prettyPrinter.printGroupedResources(passedWorkloads)
+		cautils.SuccessDisplay(pp.writer, "Passed:\n")
+		pp.printGroupedResources(passedWorkloads)
 	}

 }

-func (prettyPrinter *PrettyPrinter) printGroupedResources(workloads map[string][]WorkloadSummary) {
+func (pp *PrettyPrinter) printGroupedResources(workloads map[string][]WorkloadSummary) {
 	indent := "  "
 	for title, rsc := range workloads {
-		prettyPrinter.printGroupedResource(indent, title, rsc)
+		pp.printGroupedResource(indent, title, rsc)
 	}
 }

-func (prettyPrinter *PrettyPrinter) printGroupedResource(indent string, title string, rsc []WorkloadSummary) {
+func (pp *PrettyPrinter) printGroupedResource(indent string, title string, rsc []WorkloadSummary) {
 	preIndent := indent
 	if title != "" {
-		cautils.SimpleDisplay(prettyPrinter.writer, "%s%s\n", indent, title)
+		cautils.SimpleDisplay(pp.writer, "%s%s\n", indent, title)
 		indent += indent
 	}

@@ -151,7 +179,7 @@ func (prettyPrinter *PrettyPrinter) printGroupedResource(indent string, title st

 	sort.Strings(resources)
 	for i := range resources {
-		cautils.SimpleDisplay(prettyPrinter.writer, resources[i]+"\n")
+		cautils.SimpleDisplay(pp.writer, resources[i]+"\n")
 	}

 	indent = preIndent
@@ -185,33 +213,33 @@ func generateFooter(summaryDetails *reportsummary.SummaryDetails) []string {

 	return row
 }
-func (prettyPrinter *PrettyPrinter) printSummaryTable(summaryDetails *reportsummary.SummaryDetails, sortedControlNames [][]string) {
+func (pp *PrettyPrinter) printSummaryTable(summaryDetails *reportsummary.SummaryDetails, sortedControlIDs [][]string) {

 	if summaryDetails.NumberOfControls().All() == 0 {
-		fmt.Fprintf(prettyPrinter.writer, "\nKubescape did not scan any of the resources, make sure you are scanning valid kubernetes manifests (Deployments, Pods, etc.)\n")
+		fmt.Fprintf(pp.writer, "\nKubescape did not scan any of the resources, make sure you are scanning valid kubernetes manifests (Deployments, Pods, etc.)\n")
 		return
 	}
-	cautils.InfoTextDisplay(prettyPrinter.writer, "\n"+controlCountersForSummary(summaryDetails.NumberOfControls())+"\n")
-	cautils.InfoTextDisplay(prettyPrinter.writer, renderSeverityCountersSummary(&summaryDetails.SeverityCounters)+"\n\n")
+	cautils.InfoTextDisplay(pp.writer, "\n"+controlCountersForSummary(summaryDetails.NumberOfControls())+"\n")
+	cautils.InfoTextDisplay(pp.writer, renderSeverityCountersSummary(summaryDetails.GetResourcesSeverityCounters())+"\n\n")

 	// cautils.InfoTextDisplay(prettyPrinter.writer, "\n"+"Severities: SOME OTHER"+"\n\n")

-	summaryTable := tablewriter.NewWriter(prettyPrinter.writer)
+	summaryTable := tablewriter.NewWriter(pp.writer)
 	summaryTable.SetAutoWrapText(false)
 	summaryTable.SetHeader(getControlTableHeaders())
 	summaryTable.SetHeaderLine(true)
 	summaryTable.SetColumnAlignment(getColumnsAlignments())

-	printAll := prettyPrinter.verboseMode
+	printAll := pp.verboseMode
 	if summaryDetails.NumberOfResources().Failed() == 0 {
 		// if there are no failed controls, print the resource table and detailed information
 		printAll = true
 	}

 	infoToPrintInfo := mapInfoToPrintInfo(summaryDetails.Controls)
-	for i := len(sortedControlNames) - 1; i >= 0; i-- {
-		for _, c := range sortedControlNames[i] {
-			row := generateRow(summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaName, c), infoToPrintInfo, printAll)
+	for i := len(sortedControlIDs) - 1; i >= 0; i-- {
+		for _, c := range sortedControlIDs[i] {
+			row := generateRow(summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaID, c), infoToPrintInfo, printAll)
 			if len(row) > 0 {
 				summaryTable.Append(row)
 			}
@@ -223,16 +251,16 @@ func (prettyPrinter *PrettyPrinter) printSummaryTable(summaryDetails *reportsumm
 	summaryTable.Render()

 	// When scanning controls the framework list will be empty
-	cautils.InfoTextDisplay(prettyPrinter.writer, frameworksScoresToString(summaryDetails.ListFrameworks()))
+	cautils.InfoTextDisplay(pp.writer, frameworksScoresToString(summaryDetails.ListFrameworks()))

-	prettyPrinter.printInfo(infoToPrintInfo)
+	pp.printInfo(infoToPrintInfo)

 }

-func (prettyPrinter *PrettyPrinter) printInfo(infoToPrintInfo []infoStars) {
+func (pp *PrettyPrinter) printInfo(infoToPrintInfo []infoStars) {
 	fmt.Println()
 	for i := range infoToPrintInfo {
-		cautils.InfoDisplay(prettyPrinter.writer, fmt.Sprintf("%s %s\n", infoToPrintInfo[i].stars, infoToPrintInfo[i].info))
+		cautils.InfoDisplay(pp.writer, fmt.Sprintf("%s %s\n", infoToPrintInfo[i].stars, infoToPrintInfo[i].info))
 	}
 }

@@ -256,10 +284,10 @@ func frameworksScoresToString(frameworks []reportsummary.IFrameworkSummary) stri

 // renderSeverityCountersSummary renders the string that reports severity counters summary
 func renderSeverityCountersSummary(counters reportsummary.ISeverityCounters) string {
-	critical := counters.NumberOfResourcesWithCriticalSeverity()
-	high := counters.NumberOfResourcesWithHighSeverity()
-	medium := counters.NumberOfResourcesWithMediumSeverity()
-	low := counters.NumberOfResourcesWithLowSeverity()
+	critical := counters.NumberOfCriticalSeverity()
+	high := counters.NumberOfHighSeverity()
+	medium := counters.NumberOfMediumSeverity()
+	low := counters.NumberOfLowSeverity()

 	return fmt.Sprintf(
 		"Failed Resources by Severity: Critical — %d, High — %d, Medium — %d, Low — %d",
--- a/core/pkg/resultshandling/printer/v2/printresults.go
+++ b/core/pkg/resultshandling/printer/v2/printresults.go
@@ -1,3 +1,3 @@
-package v2
+package printer

 var INDENT = "   "
--- a/core/pkg/resultshandling/printer/v2/prometheus.go
+++ b/core/pkg/resultshandling/printer/v2/prometheus.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"fmt"
@@ -24,15 +24,15 @@ func NewPrometheusPrinter(verboseMode bool) *PrometheusPrinter {
 	}
 }

-func (prometheusPrinter *PrometheusPrinter) SetWriter(outputFile string) {
-	prometheusPrinter.writer = printer.GetWriter(outputFile)
+func (pp *PrometheusPrinter) SetWriter(outputFile string) {
+	pp.writer = printer.GetWriter(outputFile)
 }

-func (prometheusPrinter *PrometheusPrinter) Score(score float32) {
+func (pp *PrometheusPrinter) Score(score float32) {
 	fmt.Printf("\n# Overall risk-score (0- Excellent, 100- All failed)\nkubescape_score %d\n", cautils.Float32ToInt(score))
 }

-func (printer *PrometheusPrinter) generatePrometheusFormat(
+func (pp *PrometheusPrinter) generatePrometheusFormat(
 	resources map[string]workloadinterface.IMetadata,
 	results map[string]resourcesresults.Result,
 	summaryDetails *reportsummary.SummaryDetails) *Metrics {
@@ -44,12 +44,13 @@ func (printer *PrometheusPrinter) generatePrometheusFormat(
 	return m
 }

-func (printer *PrometheusPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
+func (pp *PrometheusPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {

-	metrics := printer.generatePrometheusFormat(opaSessionObj.AllResources, opaSessionObj.ResourcesResult, &opaSessionObj.Report.SummaryDetails)
+	metrics := pp.generatePrometheusFormat(opaSessionObj.AllResources, opaSessionObj.ResourcesResult, &opaSessionObj.Report.SummaryDetails)

-	logOUtputFile(printer.writer.Name())
-	if _, err := printer.writer.Write([]byte(metrics.String())); err != nil {
+	if _, err := pp.writer.Write([]byte(metrics.String())); err != nil {
 		logger.L().Error("failed to write results", helpers.Error(err))
+	} else {
+		printer.LogOutputFile(pp.writer.Name())
 	}
 }
--- a/core/pkg/resultshandling/printer/v2/prometheusutils.go
+++ b/core/pkg/resultshandling/printer/v2/prometheusutils.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"fmt"
--- a/core/pkg/resultshandling/printer/v2/reportingstructs.go
+++ b/core/pkg/resultshandling/printer/v2/reportingstructs.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"github.com/kubescape/k8s-interface/workloadinterface"
@@ -14,6 +14,7 @@ type ResourceResult struct {
 type ResourceControlResult struct {
 	Severity    string
 	Name        string
+	ID          string
 	URL         string
 	FailedPaths []string
 }
--- a/core/pkg/resultshandling/printer/v2/resourcetable.go
+++ b/core/pkg/resultshandling/printer/v2/resourcetable.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"fmt"
@@ -77,7 +77,7 @@ func generateResourceRows(controls []resourcesresults.ResourceAssociatedControl,
 		row[resourceColumnPath] = strings.Join(append(failedPathsToString(&controls[i]), fixPathsToString(&controls[i])...), "\n")
 		row[resourceColumnName] = controls[i].GetName()

-		if c := summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaName, controls[i].GetName()); c != nil {
+		if c := summaryDetails.Controls.GetControl(reportsummary.EControlCriteriaID, controls[i].GetID()); c != nil {
 			row[resourceColumnSeverity] = getSeverityColumn(c)
 		}

--- a/core/pkg/resultshandling/printer/v2/sarifprinter.go
+++ b/core/pkg/resultshandling/printer/v2/sarifprinter.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"fmt"
@@ -66,7 +66,7 @@ func (sp *SARIFPrinter) Score(score float32) {
 }

 func (sp *SARIFPrinter) SetWriter(outputFile string) {
-	if outputFile == "" {
+	if strings.TrimSpace(outputFile) == "" {
 		outputFile = sarifOutputFile
 	}
 	if filepath.Ext(strings.TrimSpace(outputFile)) != sarifOutputExt {
@@ -144,6 +144,8 @@ func (sp *SARIFPrinter) ActionPrint(opaSessionObj *cautils.OPASessionObj) {
 	report.AddRun(run)

 	report.PrettyWrite(sp.writer)
+
+	printer.LogOutputFile(sp.writer.Name())
 }

 func (sp *SARIFPrinter) resolveFixLocation(opaSessionObj *cautils.OPASessionObj, locationResolver *locationresolver.FixPathLocationResolver, ac *resourcesresults.ResourceAssociatedControl, resourceID string) locationresolver.Location {
--- a/core/pkg/resultshandling/printer/v2/sarifprinter_test.go
+++ b/core/pkg/resultshandling/printer/v2/sarifprinter_test.go
@@ -1,11 +1,11 @@
-package v2
+package printer

 import "testing"

 func Test_scoreToSeverityLevel(t *testing.T) {
 	tc := []struct {
 		Name               string
-		ScoreFactor              float32
+		ScoreFactor        float32
 		ExpectedSARIFLevel sarifSeverityLevel
 	}{
 		{"Score factor 1.0 should map to 'note' SARIF level", 1.0, sarifSeverityLevelNote},
--- a/core/pkg/resultshandling/printer/v2/silentprinter.go
+++ b/core/pkg/resultshandling/printer/v2/silentprinter.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"github.com/kubescape/kubescape/v2/core/cautils"
--- a/core/pkg/resultshandling/printer/v2/summaryhelpers.go
+++ b/core/pkg/resultshandling/printer/v2/summaryhelpers.go
@@ -1,4 +1,4 @@
-package v2
+package printer

 import (
 	"github.com/kubescape/k8s-interface/k8sinterface"
--- a/core/pkg/resultshandling/printer/v2/utils.go
+++ b/core/pkg/resultshandling/printer/v2/utils.go
@@ -1,8 +1,6 @@
-package v2
+package printer

 import (
-	logger "github.com/kubescape/go-logger"
-	"github.com/kubescape/go-logger/helpers"
 	"github.com/kubescape/k8s-interface/workloadinterface"
 	"github.com/kubescape/kubescape/v2/core/cautils"
 	"github.com/kubescape/opa-utils/reporthandling"
@@ -27,7 +25,9 @@ func FinalizeResults(data *cautils.OPASessionObj) *reporthandlingv2.PostureRepor
 	report.Results = make([]resourcesresults.Result, len(data.ResourcesResult))
 	finalizeResults(report.Results, data.ResourcesResult, data.ResourcesPrioritized)

-	report.Resources = finalizeResources(report.Results, data.AllResources, data.ResourceSource)
+	if !data.OmitRawResources {
+		report.Resources = finalizeResources(report.Results, data.AllResources, data.ResourceSource)
+	}

 	return &report
 }
@@ -81,10 +81,3 @@ func finalizeResources(results []resourcesresults.Result, allResources map[strin
 	}
 	return resources
 }
-
-func logOUtputFile(fileName string) {
-	if fileName != "/dev/stdout" && fileName != "/dev/stderr" {
-		logger.L().Success("Scan results saved", helpers.String("filename", fileName))
-	}
-
-}
--- a/core/pkg/resultshandling/reporter/v2/mockreporter.go
+++ b/core/pkg/resultshandling/reporter/v2/mockreporter.go
@@ -1,4 +1,4 @@
-package v2
+package reporter

 import (
 	"fmt"
--- a/core/pkg/resultshandling/reporter/v2/reporteventreceiver.go
+++ b/core/pkg/resultshandling/reporter/v2/reporteventreceiver.go
@@ -1,4 +1,4 @@
-package v2
+package reporter

 import (
 	"encoding/json"
@@ -85,10 +85,18 @@ func (report *ReportEventReceiver) SetClusterName(clusterName string) {
 }

 func (report *ReportEventReceiver) prepareReport(opaSessionObj *cautils.OPASessionObj) error {
-	// All scans whose target is not a cluster, currently their target is a file, which is what the backend expects
-	// (e.g. local-git, directory, etc)
+	// The backend for Kubescape expects scanning targets to be either
+	// Clusters or Files, not other types we support (GitLocal, Directory
+	// etc). So, to submit a compatible report to the backend, we have to
+	// override the scanning target, submit the report and then restore the
+	// original value.
+	originalScanningTarget := opaSessionObj.Metadata.ScanMetadata.ScanningTarget
+
 	if opaSessionObj.Metadata.ScanMetadata.ScanningTarget != reporthandlingv2.Cluster {
 		opaSessionObj.Metadata.ScanMetadata.ScanningTarget = reporthandlingv2.File
+		defer func() {
+			opaSessionObj.Metadata.ScanMetadata.ScanningTarget = originalScanningTarget
+		}()
 	}

 	report.initEventReceiverURL()
@@ -142,7 +150,7 @@ func (report *ReportEventReceiver) setResults(reportObj *reporthandlingv2.Postur
 		// set result.RawResource
 		resourceID := v.GetResourceID()
 		if _, ok := allResources[resourceID]; !ok {
-			return fmt.Errorf("expected to find raw resource object for '%s'", resourceID)
+			continue
 		}
 		resource := reporthandling.NewResourceIMetadata(allResources[resourceID])
 		if r, ok := resourcesSource[resourceID]; ok {
@@ -260,11 +268,11 @@ func (report *ReportEventReceiver) addPathURL(urlObj *url.URL) {
 	if report.customerAdminEMail != "" || report.token == "" { // data has been submitted
 		switch report.submitContext {
 		case SubmitContextScan:
-			urlObj.Path = fmt.Sprintf("configuration-scanning/%s", report.clusterName)
+			urlObj.Path = fmt.Sprintf("config-scanning/%s", report.clusterName)
 		case SubmitContextRBAC:
 			urlObj.Path = "rbac-visualizer"
 		case SubmitContextRepository:
-			urlObj.Path = fmt.Sprintf("repositories-scan/%s", report.reportID)
+			urlObj.Path = fmt.Sprintf("repository-scanning/%s", report.reportID)
 		default:
 			urlObj.Path = "dashboard"
 		}
--- a/core/pkg/resultshandling/reporter/v2/reporteventreceiver_test.go
+++ b/core/pkg/resultshandling/reporter/v2/reporteventreceiver_test.go
@@ -1,10 +1,11 @@
-package v2
+package reporter

 import (
 	"net/url"
 	"testing"

 	"github.com/kubescape/kubescape/v2/core/cautils"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
 	"github.com/stretchr/testify/assert"
 )

@@ -32,7 +33,7 @@ func TestReportEventReceiver_addPathURL(t *testing.T) {
 			want: &url.URL{
 				Scheme: "https",
 				Host:   "localhost:8080",
-				Path:   "configuration-scanning/test",
+				Path:   "config-scanning/test",
 			},
 		},
 	}
@@ -58,7 +59,7 @@ func TestGetURL(t *testing.T) {
 			"",
 			SubmitContextScan,
 		)
-		assert.Equal(t, "https://cloud.armosec.io/configuration-scanning/test?utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
+		assert.Equal(t, "https://cloud.armosec.io/config-scanning/test?utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
 	}

 	// Test rbac submit and registered url
@@ -88,7 +89,7 @@ func TestGetURL(t *testing.T) {
 			"XXXX",
 			SubmitContextRepository,
 		)
-		assert.Equal(t, "https://cloud.armosec.io/repositories-scan/XXXX?utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
+		assert.Equal(t, "https://cloud.armosec.io/repository-scanning/XXXX?utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
 	}

 	// Test submit and NOT registered url
@@ -106,3 +107,49 @@ func TestGetURL(t *testing.T) {
 		assert.Equal(t, "https://cloud.armosec.io/account/sign-up?customerGUID=1234&invitationToken=token&utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
 	}
 }
+
+func Test_prepareReportKeepsOriginalScanningTarget(t *testing.T) {
+
+	// prepareReport should keep the original scanning target it received, and not mutate it
+	testCases := []struct {
+		Name string
+		Want reporthandlingv2.ScanningTarget
+	}{
+		{"Cluster", reporthandlingv2.Cluster},
+		{"File", reporthandlingv2.File},
+		{"Repo", reporthandlingv2.Repo},
+		{"GitLocal", reporthandlingv2.GitLocal},
+		{"Directory", reporthandlingv2.Directory},
+	}
+
+	reporter := NewReportEventReceiver(
+		&cautils.ConfigObj{
+			AccountID:   "1e3ae7c4-a8bb-4d7c-9bdf-eb86bc25e6bb",
+			Token:       "token",
+			ClusterName: "test",
+		},
+		"",
+		SubmitContextScan,
+	)
+
+	for _, tc := range testCases {
+		t.Run(tc.Name, func(t *testing.T) {
+			want := tc.Want
+
+			opaSessionObj := &cautils.OPASessionObj{
+				Report: &reporthandlingv2.PostureReport{},
+				Metadata: &reporthandlingv2.Metadata{
+					ScanMetadata: reporthandlingv2.ScanMetadata{ScanningTarget: want},
+				},
+			}
+
+			reporter.prepareReport(opaSessionObj)
+
+			got := opaSessionObj.Metadata.ScanMetadata.ScanningTarget
+			if got != want {
+				t.Errorf("Scanning targets don’t match after preparing report. Got: %v, want %v", got, want)
+			}
+		},
+		)
+	}
+}
--- a/core/pkg/resultshandling/reporter/v2/reporteventreceiverutils.go
+++ b/core/pkg/resultshandling/reporter/v2/reporteventreceiverutils.go
@@ -1,4 +1,4 @@
-package v2
+package reporter

 import (
 	"net/url"
@@ -45,8 +45,7 @@ func (report *ReportEventReceiver) setSubReport(opaSessionObj *cautils.OPASessio
 	if opaSessionObj.Metadata != nil {
 		reportObj.Metadata = *opaSessionObj.Metadata
 		if opaSessionObj.Metadata.ContextMetadata.ClusterContextMetadata != nil {
-			reportObj.ClusterCloudProvider = opaSessionObj.Metadata.ContextMetadata.ClusterContextMetadata.CloudProvider // DEPRECATED
-			reportObj.Metadata.ClusterMetadata = *opaSessionObj.Metadata.ContextMetadata.ClusterContextMetadata
+			reportObj.ClusterCloudProvider = opaSessionObj.Metadata.ContextMetadata.ClusterContextMetadata.CloudProvider // DEPRECATED - left here as fallback
 		}
 	}
 	return reportObj
--- a/core/pkg/resultshandling/reporter/v2/reporteventreceiverutils_test.go
+++ b/core/pkg/resultshandling/reporter/v2/reporteventreceiverutils_test.go
@@ -1,4 +1,4 @@
-package v2
+package reporter

 import (
 	"net/url"
--- a/core/pkg/resultshandling/reporter/v2/utils.go
+++ b/core/pkg/resultshandling/reporter/v2/utils.go
@@ -1,4 +1,4 @@
-package v2
+package reporter

 import (
 	"net/url"
--- a/core/pkg/resultshandling/reporter/v2/utils_test.go
+++ b/core/pkg/resultshandling/reporter/v2/utils_test.go
@@ -1,4 +1,4 @@
-package v2
+package reporter

 import (
 	"net/url"
--- a/core/pkg/resultshandling/results.go
+++ b/core/pkg/resultshandling/results.go
@@ -2,6 +2,7 @@ package resultshandling

 import (
 	"encoding/json"
+	"fmt"

 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/go-logger/helpers"
@@ -15,69 +16,82 @@ import (

 type ResultsHandler struct {
 	reporterObj reporter.IReport
-	printerObj  printer.IPrinter
+	printerObjs []printer.IPrinter
+	uiPrinter   printer.IPrinter
 	scanData    *cautils.OPASessionObj
 }

-func NewResultsHandler(reporterObj reporter.IReport, printerObj printer.IPrinter) *ResultsHandler {
+func NewResultsHandler(reporterObj reporter.IReport, printerObjs []printer.IPrinter, uiPrinter printer.IPrinter) *ResultsHandler {
 	return &ResultsHandler{
 		reporterObj: reporterObj,
-		printerObj:  printerObj,
+		printerObjs: printerObjs,
+		uiPrinter:   uiPrinter,
 	}
 }

-// GetScore return scan risk-score
-func (resultsHandler *ResultsHandler) GetRiskScore() float32 {
-	return resultsHandler.scanData.Report.SummaryDetails.Score
+// GetScore returns the result’s risk score
+func (rh *ResultsHandler) GetRiskScore() float32 {
+	return rh.scanData.Report.SummaryDetails.Score
 }

-// GetData get scan/action related data (policies, resources, results, etc.). Call ToJson function if you wish the json representation of the data
-func (resultsHandler *ResultsHandler) GetData() *cautils.OPASessionObj {
-	return resultsHandler.scanData
+// GetData returns scan/action related data (policies, resources, results, etc.)
+//
+// Call the ToJson() method if you want the JSON representation of the data
+func (rh *ResultsHandler) GetData() *cautils.OPASessionObj {
+	return rh.scanData
 }

-// SetData set scan/action related data
-func (resultsHandler *ResultsHandler) SetData(data *cautils.OPASessionObj) {
-	resultsHandler.scanData = data
+// SetData sets the scan/action related data
+func (rh *ResultsHandler) SetData(data *cautils.OPASessionObj) {
+	rh.scanData = data
 }

-// GetPrinter get printer object
-func (resultsHandler *ResultsHandler) GetPrinter() printer.IPrinter {
-	return resultsHandler.printerObj
+// GetPrinter returns all printers
+func (rh *ResultsHandler) GetPrinters() []printer.IPrinter {
+	return rh.printerObjs
 }

-// GetReporter get reporter object
-func (resultsHandler *ResultsHandler) GetReporter() reporter.IReport {
-	return resultsHandler.reporterObj
+// GetReporter returns the reporter object
+func (rh *ResultsHandler) GetReporter() reporter.IReport {
+	return rh.reporterObj
 }

-// ToJson return results in json format
-func (resultsHandler *ResultsHandler) ToJson() ([]byte, error) {
-	return json.Marshal(printerv2.FinalizeResults(resultsHandler.scanData))
+// ToJson returns the results in the JSON format
+func (rh *ResultsHandler) ToJson() ([]byte, error) {
+	return json.Marshal(printerv2.FinalizeResults(rh.scanData))
 }

-// GetResults return results
-func (resultsHandler *ResultsHandler) GetResults() *reporthandlingv2.PostureReport {
-	return printerv2.FinalizeResults(resultsHandler.scanData)
+// GetResults returns the results
+func (rh *ResultsHandler) GetResults() *reporthandlingv2.PostureReport {
+	return printerv2.FinalizeResults(rh.scanData)
 }

-// HandleResults handle the scan results according to the pre defined interfaces
-func (resultsHandler *ResultsHandler) HandleResults() error {
+// HandleResults handles all necessary actions for the scan results
+func (rh *ResultsHandler) HandleResults() error {
+	// Display scan results in the UI first to give immediate value.
+	// First we output the results and then the score, so the
+	// score - a summary of the results—can always be seen at the end
+	// of output
+	rh.uiPrinter.ActionPrint(rh.scanData)
+	rh.uiPrinter.Score(rh.GetRiskScore())

-	resultsHandler.printerObj.ActionPrint(resultsHandler.scanData)
+	// Then print to output files
+	for _, printer := range rh.printerObjs {
+		printer.ActionPrint(rh.scanData)
+		printer.Score(rh.GetRiskScore())
+	}

-	if err := resultsHandler.reporterObj.Submit(resultsHandler.scanData); err != nil {
+	// We should submit only after printing results, so a user can see
+	// results at all times, even if submission fails
+	if err := rh.reporterObj.Submit(rh.scanData); err != nil {
 		return err
 	}
-
-	resultsHandler.printerObj.Score(resultsHandler.GetRiskScore())
-
-	resultsHandler.reporterObj.DisplayReportURL()
+	rh.reporterObj.DisplayReportURL()

 	return nil
 }

-// NewPrinter defined output format
+// NewPrinter returns a new printer for a given format and configuration options
 func NewPrinter(printFormat, formatVersion string, verboseMode bool, viewType cautils.ViewTypes) printer.IPrinter {

 	switch printFormat {
@@ -100,6 +114,9 @@ func NewPrinter(printFormat, formatVersion string, verboseMode bool, viewType ca
 	case printer.SARIFFormat:
 		return printerv2.NewSARIFPrinter()
 	default:
+		if printFormat != printer.PrettyFormat {
+			logger.L().Error(fmt.Sprintf("Invalid format \"%s\", default format \"pretty-printer\" is applied", printFormat))
+		}
 		return printerv2.NewPrettyPrinter(verboseMode, formatVersion, viewType)
 	}
 }
--- a/core/pkg/resultshandling/results_test.go
+++ b/core/pkg/resultshandling/results_test.go
--- a/docs/Kubescape
+++ b/docs/Kubescape
@@ -0,0 +1 @@
+<mxfile host="app.diagrams.net" modified="2022-12-06T13:44:27.567Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" etag="82Ze98LIXdxZb4qKuLJX" version="20.6.0" type="github"><diagram id="-fs2xgBgB6aFH82wrd4-" name="Page-1">5Vpdc5s4FP01fkzGIAT2o2OndabpxLNuZ9tHGRRQC4gRIrbz61cyAgOisXdqDG0ekkgXIUvnnvvpjMA82n1kKAk+Uw+HI3Ps7UZgMTJNAwJD/JGSfS4BxjQX+Ix4atFRsCavWAnHSpoRD6e1hZzSkJOkLnRpHGOX12SIMbqtL3umYf1TE+RjTbB2UahL/yUeD3LpBI6P8iUmflB8sjFWTyJULFaCNEAe3VZE4H4E5oxSno+i3RyHErwCl/y9D794Wh6M4Zif88Jk+fDt6y57/Ofl5uud/4pm2XR5Y4B8mxcUZurG6rR8X0CwDQjH6wS5cr4Vah6Bu4BHoZgZYqg2wIzj3S+PZpQXFkzBNMKc7cWS4gWgMFIkMaZqvj1CbheMCKpwFy8ipWa/3PuIhBgoMP4HMMXGFRywJ5ihppTxgPo0RuH9UXrHaBZ7WG47FrPjmkdKE4XWD8z5XtEcZZzWsRR4sf039f5h8l1ObmExXeyqDxd7NcvPKg/4tgbEfWjGXPwWIyxlZYj5mJ+kjq5ThkPEyUv9JBfXT3HMCnHnnxeazuoa6Z7JN1aDybbO5EkLkZ2ueGxO3yuP4Z/BY6jxePnly2pwRC5Z2xeRDVsD6lO2wamLEjwybRRJDOJNmpT3r6AncOB1iFBI/FiMXYEHZkIg0SIi7s/Ug4h4Xm4MOCWvaHPYSmKfUBLzw+3g3Qgu5F6C/2luCnLrlDP6E89pSMW+i5jGcpdnEoYN0QW0ZFqw7m4g1LQ0bdFSZ2GzSHbeyieuTWWjSeWxTuVSFtSTua7I7GgwiQT2mfgZEz6HxqkG2gmYUJrk2e8z2UlodX5fAki7AaQ50YB0ruoTJhqMT5sfAoj0UCbIXzjlv43lJQwVwmFBV1xhSIYKmiC1GKrhwGsaaoFKBaaHOMl0Tv21EcY47TzhVSOMXrGuGHVxqvvMv1UnYOrcnraUNnfSnVb0cqx3dwIt57Q7acuOOnQnerb/lPH35E/g1DqDu/ZVuatXFnnaML4RP0+r2RASCOA0/DA4z+K7SyD0FHadbSIyiHQLwobpF6etomW2oGV2hZaeqa6YsEqx2QcigBoAZjbULLOwjL5QK6rbvppXx37V9+qz7ptX4OzmldOu0+s0r4AezjSFpYFs0IiwtQ+J0AsDp2P/Jtfg46YUIPenf9CriJZimzJuqRAGL2MBDRcLWlpeRpuPLRsMlzcAvUqbU0E6GurZ7tXbKo1ugOWcF5G6A0uv1fDOxUl7Q+XqcDWKW8vUW3VtDdXO0h5LL6TyHtRt71hNhsYsvbpBnAunNDikzJ6RKloB7y5iW/a5EXvSZ8S29FrnT47Ypj28kK3XRZ8mayGYrR56dxfNFKd3f2HpddGSytq7+YWeHcp2yIaJkS9HqYviGLPeEQVwaIhONUQfIuRj+ZXISxbG/SNmDCy6Qz3Jnvk+wz7igyjMrQbFOmz9iOnxH9IOzyr/1gfu/wM=</diagram></mxfile>
--- a/docs/architecture.drawio.svg
+++ b/docs/architecture.drawio.svg
@@ -0,0 +1 @@
+<mxfile host="app.diagrams.net" modified="2022-12-06T07:59:31.961Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" etag="dboVwkfdjNikGFJag3q6" version="20.6.0" type="device"><diagram id="-fs2xgBgB6aFH82wrd4-" name="Page-1">5Vpdc5s4FP01fkzGIAT2o2OndabpxLNuZ9tHGRRQC4gRIrbz61cyAgOisXdqDG0e4qArkKVzz/00IzCPdh8ZSoLP1MPhyBx7uxFYjEzTcGxL/JOSfS4Blp0LfEY8ddNRsCavWAnHSpoRD6e1GzmlISdJXejSOMYur8kQY3Rbv+2ZhvVvTZCPNcHaRaEu/Zd4PMilEzg+ypeY+EHxzcZYzUSouFkJ0gB5dFsRgfsRmDNKeX4V7eY4lOAVuOTPffjFbLkxhmN+zgOT5cO3r7vs8Z+Xm693/iuaZdPljQHyZV5QmKkTq93yfQHBNiAcrxPkyvFWqHkE7gIehWJkiEu1AGYc7365NaM8sGAKphHmbC9uKR4ACiNFEmOqxtsj5HbBiKAKd/EgUmr2y7WPSIgLBcb/AKZYuIID9gQz1JAyHlCfxii8P0rvGM1iD8tlx2J0vOeR0kSh9QNzvlc0RxmndSwFXmz/TT1/GHyXg1tYDBe76uRir0b5XuUG39aAOA/NmIvfYoQyWI6Yj/lJ6ug6ZThEnLzUd3Jx/RTbrBB3/nmh6ayuke6ZfGM1mGzrTJ60ENnpisfm9L3yGP4ZPIYaj5dfvqwGR+SStX0R2bA1oD5lG5y6KMEj00aRxCDepEl5/gp6AgdehwiFxI/FtSvwwEwIJFpExP2ZmoiI5+XGgFPyijaHpST2CSUxP5wO3o3gQq4l+J/mpiCXTjmjP/GchlSsu4hpLFd5JmHYEF1AS6YF6+4GQk1L0xYtdRY2i2TnrXzi2lQ2mlQe61QuZUE9meuKzI4Gk0hgn4mfMeFzaJxqoJ2ACaVJnv0+k52EVuf3JYC0G0CaEw1I56o+YaLB+LT5IYBID2WC/MAp/20sL2GoEA4LuuIIQzJU0ASpxVANB17TUAtUKjA9xEmmc+qvjTDGaecJrxph9Ip1xaiLU91n/q06AVPn9rSltLmT7rSil2O9uxNoOafdSVt21KE70bP9p4y/J38Cp9YZ3LWvyl29ssjThvGN+HtazYaQQACn4YfBeRbfXQKhp7DrbBORQaRbEDZMv9htFS2zBS2zK7T0THXFhFWKxT4QAdQAMLOhZpmFZfSFWlHd9tW8Ovarvlfnum9egbObV067Tq/TvAJ6ONMUlgayQSPC1j4kQi8MnI79m1yDj5tSgNyf/kGvIlqKZcq4pUIYvIwFNFwsaGl5GW0+tmwwXN4A9CptTgXpaKhnu1dvqzS6AZZzXkTqDiy9VsM7FyftDZWrw9Uobi1Tb9W1NVQ7S3ssvZDKe1C3vWM1GRqz9OoGcS6c0uCQMntGqmgFvLuIXbzWcDpiT/qM2JZe6/zJEdu0hxey9bro02QtBLPVQ+/uopni9O4vLL0uWlJZezd/0LND2Q7ZMHHly6vURXGMWe+IAjg0RKcaog8R8rH8SeQlC+P+ETMGFt2hnmTPfJ9hH/FBFOZWg2Idtn7E8PhC2mGu8lofuP8P</diagram></mxfile>
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,6 @@ go 1.18
 require (
 	cloud.google.com/go/containeranalysis v0.4.0
 	github.com/armosec/armoapi-go v0.0.119
-	github.com/armosec/go-git-url v0.0.15
 	github.com/armosec/utils-go v0.0.12
 	github.com/armosec/utils-k8s-go v0.0.12
 	github.com/briandowns/spinner v1.18.1
@@ -15,9 +14,10 @@ require (
 	github.com/go-git/go-git/v5 v5.4.2
 	github.com/google/uuid v1.3.0
 	github.com/johnfercher/maroto v0.37.0
+	github.com/kubescape/go-git-url v0.0.20
 	github.com/kubescape/go-logger v0.0.6
 	github.com/kubescape/k8s-interface v0.0.89
-	github.com/kubescape/opa-utils v0.0.200
+	github.com/kubescape/opa-utils v0.0.218
 	github.com/kubescape/rbac-utils v0.0.19
 	github.com/libgit2/git2go/v33 v33.0.9
 	github.com/mattn/go-isatty v0.0.14
@@ -38,7 +38,7 @@ require (
 	k8s.io/api v0.25.3
 	k8s.io/apimachinery v0.25.3
 	k8s.io/client-go v0.25.3
-	k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed
+	k8s.io/utils v0.0.0-20221128185143-99ec85e7a448
 	sigs.k8s.io/kustomize/api v0.11.4
 	sigs.k8s.io/kustomize/kyaml v0.13.6
 	sigs.k8s.io/yaml v1.3.0
@@ -181,7 +181,7 @@ require (
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	k8s.io/apiextensions-apiserver v0.24.2 // indirect
-	k8s.io/klog/v2 v2.70.1 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
 	sigs.k8s.io/controller-runtime v0.12.3 // indirect
 	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
--- a/go.sum
+++ b/go.sum
@@ -134,7 +134,7 @@ github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ
 github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8=
 github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo=
 github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
-github.com/alecthomas/assert/v2 v2.0.3 h1:WKqJODfOiQG0nEJKFKzDIG3E29CN2/4zR9XGJzKIkbg=
+github.com/alecthomas/assert/v2 v2.2.0 h1:f6L/b7KE2bfA+9O4FL3CM/xJccDEwPVYd5fALBiuwvw=
 github.com/alecthomas/participle/v2 v2.0.0-beta.5 h1:y6dsSYVb1G5eK6mgmy+BgI3Mw35a3WghArZ/Hbebrjo=
 github.com/alecthomas/participle/v2 v2.0.0-beta.5/go.mod h1:RC764t6n4L8D8ITAJv0qdokritYSNR3wV5cVwmIEaMM=
 github.com/alecthomas/repr v0.1.1 h1:87P60cSmareLAxMc4Hro0r2RBY4ROm0dYwkJNpS4pPs=
@@ -157,8 +157,6 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/armosec/armoapi-go v0.0.119 h1:7XbvBbOKp26Bpp72LQ8Spw4FBpbXu3+qZFQyPEwTPFk=
 github.com/armosec/armoapi-go v0.0.119/go.mod h1:2zoNzb3Fy9ZByeczJZ47ftDRLRzTykVdTISS3GTc/JU=
-github.com/armosec/go-git-url v0.0.15 h1:sDtu0WNvAhrDJ2begTyWP8T4tE1j1K6D0ZJ6t3Cx8k4=
-github.com/armosec/go-git-url v0.0.15/go.mod h1:GzfssG3IW9KiURSpK7c/bySBRTlghpObQ7NQ1O4hcMI=
 github.com/armosec/utils-go v0.0.12 h1:NXkG/BhbSVAmTVXr0qqsK02CmxEiXuJyPmdTRcZ4jAo=
 github.com/armosec/utils-go v0.0.12/go.mod h1:F/K1mI/qcj7fNuJl7xktoCeHM83azOF0Zq6eC2WuPyU=
 github.com/armosec/utils-k8s-go v0.0.12 h1:u7kHSUp4PpvPP3hEaRXMbM0Vw23IyLhAzzE+2TW6Jkk=
@@ -585,12 +583,14 @@ github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kubescape/go-git-url v0.0.20 h1:oTtmF4c4Vmt0Og3Qbnjkz18sdu4ZdHubQlO6JsOXXsg=
+github.com/kubescape/go-git-url v0.0.20/go.mod h1:IbVT7Wsxlghsa+YxI5KOx4k9VQJaa3z0kTaQz5D3nKM=
 github.com/kubescape/go-logger v0.0.6 h1:ynhAmwrz0O7Jtqq1CdmCZUrKveji25hVP+B/FAb3QrA=
 github.com/kubescape/go-logger v0.0.6/go.mod h1:DnVWEvC90LFY1nNMaNo6nBVOcqkLMK3S0qzXP1fzRvI=
 github.com/kubescape/k8s-interface v0.0.89 h1:OtlvZosHpjlbHfsilfQk2wRbuBnxwF0e+WZX6GbkfLU=
 github.com/kubescape/k8s-interface v0.0.89/go.mod h1:pgFRs20mHiavf6+fFWY7h/f8HuKlwuZwirvjxiKJlu0=
-github.com/kubescape/opa-utils v0.0.200 h1:7EhE9FTabzkUxicvxdchXuaTWW0J2mFj04vK4jTrxN0=
-github.com/kubescape/opa-utils v0.0.200/go.mod h1:rDC3PANuk8gU5lSDO/WPFTluypBQ+/6qiuZLye+slYg=
+github.com/kubescape/opa-utils v0.0.218 h1:3YFloD8NYn0iKeheIaJAr7QynWQJsAjD2o4hlI3RFjE=
+github.com/kubescape/opa-utils v0.0.218/go.mod h1:sNCabe+qZmZLSs/T76fPewEZnl5TSzGq4vhmPd1tP3o=
 github.com/kubescape/rbac-utils v0.0.19 h1:7iydgVxlMLW15MgHORfMBMqNj9jHtFGACd744fdtrFs=
 github.com/kubescape/rbac-utils v0.0.19/go.mod h1:t57AhSrjuNGQ+mpZWQM/hBzrCOeKBDHegFoVo4tbikQ=
 github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
@@ -1552,16 +1552,16 @@ k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAE
 k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
 k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
 k8s.io/klog/v2 v2.60.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ=
-k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
+k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4=
+k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
 k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk=
 k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA=
 k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU=
 k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
-k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4=
-k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
+k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y=
+k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
--- a/httphandler/docs/swagger.yaml
+++ b/httphandler/docs/swagger.yaml
@@ -75,7 +75,6 @@ definitions:
        description: |-
          Submit results to Kubescape Cloud.

-          Same as `kubescape scan --submit`.
        type: boolean
        x-go-name: Submit
      targetNames:
--- a/httphandler/go.mod
+++ b/httphandler/go.mod
@@ -12,9 +12,9 @@ require (
 	github.com/gorilla/schema v1.2.0
 	github.com/kubescape/go-logger v0.0.6
 	github.com/kubescape/kubescape/v2 v2.0.0-00010101000000-000000000000
-	github.com/kubescape/opa-utils v0.0.200
+	github.com/kubescape/opa-utils v0.0.218
 	github.com/stretchr/testify v1.8.0
-	k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed
+	k8s.io/utils v0.0.0-20221128185143-99ec85e7a448
 )

 require (
@@ -47,7 +47,6 @@ require (
 	github.com/agnivade/levenshtein v1.1.1 // indirect
 	github.com/alecthomas/participle/v2 v2.0.0-beta.5 // indirect
 	github.com/armosec/armoapi-go v0.0.119 // indirect
-	github.com/armosec/go-git-url v0.0.15 // indirect
 	github.com/armosec/utils-k8s-go v0.0.12 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/aws/aws-sdk-go v1.44.51 // indirect
@@ -119,6 +118,7 @@ require (
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/jung-kurt/gofpdf v1.16.2 // indirect
 	github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect
+	github.com/kubescape/go-git-url v0.0.20 // indirect
 	github.com/kubescape/k8s-interface v0.0.89 // indirect
 	github.com/kubescape/rbac-utils v0.0.19 // indirect
 	github.com/libgit2/git2go/v33 v33.0.9 // indirect
@@ -191,7 +191,7 @@ require (
 	k8s.io/apiextensions-apiserver v0.24.2 // indirect
 	k8s.io/apimachinery v0.25.3 // indirect
 	k8s.io/client-go v0.25.3 // indirect
-	k8s.io/klog/v2 v2.70.1 // indirect
+	k8s.io/klog/v2 v2.80.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
 	sigs.k8s.io/controller-runtime v0.12.3 // indirect
 	sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
--- a/httphandler/go.sum
+++ b/httphandler/go.sum
@@ -134,7 +134,7 @@ github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ
 github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8=
 github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo=
 github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
-github.com/alecthomas/assert/v2 v2.0.3 h1:WKqJODfOiQG0nEJKFKzDIG3E29CN2/4zR9XGJzKIkbg=
+github.com/alecthomas/assert/v2 v2.2.0 h1:f6L/b7KE2bfA+9O4FL3CM/xJccDEwPVYd5fALBiuwvw=
 github.com/alecthomas/participle/v2 v2.0.0-beta.5 h1:y6dsSYVb1G5eK6mgmy+BgI3Mw35a3WghArZ/Hbebrjo=
 github.com/alecthomas/participle/v2 v2.0.0-beta.5/go.mod h1:RC764t6n4L8D8ITAJv0qdokritYSNR3wV5cVwmIEaMM=
 github.com/alecthomas/repr v0.1.1 h1:87P60cSmareLAxMc4Hro0r2RBY4ROm0dYwkJNpS4pPs=
@@ -157,8 +157,6 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/armosec/armoapi-go v0.0.119 h1:7XbvBbOKp26Bpp72LQ8Spw4FBpbXu3+qZFQyPEwTPFk=
 github.com/armosec/armoapi-go v0.0.119/go.mod h1:2zoNzb3Fy9ZByeczJZ47ftDRLRzTykVdTISS3GTc/JU=
-github.com/armosec/go-git-url v0.0.15 h1:sDtu0WNvAhrDJ2begTyWP8T4tE1j1K6D0ZJ6t3Cx8k4=
-github.com/armosec/go-git-url v0.0.15/go.mod h1:GzfssG3IW9KiURSpK7c/bySBRTlghpObQ7NQ1O4hcMI=
 github.com/armosec/utils-go v0.0.12 h1:NXkG/BhbSVAmTVXr0qqsK02CmxEiXuJyPmdTRcZ4jAo=
 github.com/armosec/utils-go v0.0.12/go.mod h1:F/K1mI/qcj7fNuJl7xktoCeHM83azOF0Zq6eC2WuPyU=
 github.com/armosec/utils-k8s-go v0.0.12 h1:u7kHSUp4PpvPP3hEaRXMbM0Vw23IyLhAzzE+2TW6Jkk=
@@ -641,12 +639,14 @@ github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kubescape/go-git-url v0.0.20 h1:oTtmF4c4Vmt0Og3Qbnjkz18sdu4ZdHubQlO6JsOXXsg=
+github.com/kubescape/go-git-url v0.0.20/go.mod h1:IbVT7Wsxlghsa+YxI5KOx4k9VQJaa3z0kTaQz5D3nKM=
 github.com/kubescape/go-logger v0.0.6 h1:ynhAmwrz0O7Jtqq1CdmCZUrKveji25hVP+B/FAb3QrA=
 github.com/kubescape/go-logger v0.0.6/go.mod h1:DnVWEvC90LFY1nNMaNo6nBVOcqkLMK3S0qzXP1fzRvI=
 github.com/kubescape/k8s-interface v0.0.89 h1:OtlvZosHpjlbHfsilfQk2wRbuBnxwF0e+WZX6GbkfLU=
 github.com/kubescape/k8s-interface v0.0.89/go.mod h1:pgFRs20mHiavf6+fFWY7h/f8HuKlwuZwirvjxiKJlu0=
-github.com/kubescape/opa-utils v0.0.200 h1:7EhE9FTabzkUxicvxdchXuaTWW0J2mFj04vK4jTrxN0=
-github.com/kubescape/opa-utils v0.0.200/go.mod h1:rDC3PANuk8gU5lSDO/WPFTluypBQ+/6qiuZLye+slYg=
+github.com/kubescape/opa-utils v0.0.218 h1:3YFloD8NYn0iKeheIaJAr7QynWQJsAjD2o4hlI3RFjE=
+github.com/kubescape/opa-utils v0.0.218/go.mod h1:sNCabe+qZmZLSs/T76fPewEZnl5TSzGq4vhmPd1tP3o=
 github.com/kubescape/rbac-utils v0.0.19 h1:7iydgVxlMLW15MgHORfMBMqNj9jHtFGACd744fdtrFs=
 github.com/kubescape/rbac-utils v0.0.19/go.mod h1:t57AhSrjuNGQ+mpZWQM/hBzrCOeKBDHegFoVo4tbikQ=
 github.com/leodido/go-urn v1.2.0/go.mod h1:+8+nEpDfqqsY+g338gtMEUOtuK+4dEMhiQEgxpxOKII=
@@ -1643,16 +1643,16 @@ k8s.io/gengo v0.0.0-20211129171323-c02415ce4185/go.mod h1:FiNAH4ZV3gBg2Kwh89tzAE
 k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
 k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y=
 k8s.io/klog/v2 v2.60.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
-k8s.io/klog/v2 v2.70.1 h1:7aaoSdahviPmR+XkS7FyxlkkXs6tHISSG03RxleQAVQ=
-k8s.io/klog/v2 v2.70.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
+k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4=
+k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
 k8s.io/kube-openapi v0.0.0-20220328201542-3ee0da9b0b42/go.mod h1:Z/45zLw8lUo4wdiUkI+v/ImEGAvu3WatcZl3lPMR4Rk=
 k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 h1:MQ8BAZPZlWk3S9K4a9NCkIFQtZShWqoha7snGixVgEA=
 k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1/go.mod h1:C/N6wCaBHeBHkHUesQOQy2/MZqGgMAFPqGsGQLdbZBU=
 k8s.io/utils v0.0.0-20210802155522-efc7438f0176/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
 k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
-k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed h1:jAne/RjBTyawwAy0utX5eqigAwz/lQhTmy+Hr/Cpue4=
-k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
+k8s.io/utils v0.0.0-20221128185143-99ec85e7a448 h1:KTgPnR10d5zhztWptI952TNtt/4u5h3IzDXkdIMuo2Y=
+k8s.io/utils v0.0.0-20221128185143-99ec85e7a448/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
--- a/httphandler/handlerequests/v1/datastructuremethods_test.go
+++ b/httphandler/handlerequests/v1/datastructuremethods_test.go
@@ -32,9 +32,9 @@ func TestToScanInfo(t *testing.T) {
 		assert.False(t, s.Submit)
 		assert.False(t, s.ScanAll)
 		assert.True(t, s.FrameworkScan)
-		assert.Equal(t, "nsa", s.PolicyIdentifier[0].Name)
+		assert.Equal(t, "nsa", s.PolicyIdentifier[0].Identifier)
 		assert.Equal(t, apisv1.KindFramework, s.PolicyIdentifier[0].Kind)
-		assert.Equal(t, "mitre", s.PolicyIdentifier[1].Name)
+		assert.Equal(t, "mitre", s.PolicyIdentifier[1].Identifier)
 		assert.Equal(t, apisv1.KindFramework, s.PolicyIdentifier[1].Kind)
 	}
 	{
@@ -49,7 +49,7 @@ func TestToScanInfo(t *testing.T) {
 		assert.Equal(t, "kube-system,kube-public", s.IncludeNamespaces)
 		assert.Equal(t, "", s.ExcludedNamespaces)
 		assert.Equal(t, 1, len(s.PolicyIdentifier))
-		assert.Equal(t, "c-0001", s.PolicyIdentifier[0].Name)
+		assert.Equal(t, "c-0001", s.PolicyIdentifier[0].Identifier)
 		assert.Equal(t, apisv1.KindControl, s.PolicyIdentifier[0].Kind)
 	}
 	{
--- a/httphandler/handlerequests/v1/requestshandler.go
+++ b/httphandler/handlerequests/v1/requestshandler.go
@@ -16,8 +16,8 @@ import (
 	"github.com/google/uuid"
 )

-var OutputDir = "./results"
-var FailedOutputDir = "./failed"
+var OutputDir = "./results/"
+var FailedOutputDir = "./failed/"

 // A Scan Response object
 //
--- a/httphandler/httphandler
+++ b/httphandler/httphandler
--- a/install.sh
+++ b/install.sh
@@ -66,6 +66,6 @@ echo -e "\033[0m"
 $KUBESCAPE_EXEC version
 echo

-echo -e "\033[35mUsage: $ $KUBESCAPE_EXEC scan --enable-host-scan --verbose"
+echo -e "\033[35mUsage: $ $KUBESCAPE_EXEC scan --enable-host-scan"

 echo -e "\033[0m"
--- a/main.go
+++ b/main.go
@@ -3,7 +3,6 @@ package main
 import (
 	logger "github.com/kubescape/go-logger"
 	"github.com/kubescape/kubescape/v2/cmd"
-	
 )

 func main() {
--- a/smoke_testing/test_scan.py
+++ b/smoke_testing/test_scan.py
@@ -21,7 +21,7 @@ def scan_control_id(kubescape_exec: str):


 def scan_controls(kubescape_exec: str):
-    return smoke_utils.run_command(command=[kubescape_exec, "scan", "control", 'HostPath mount,Allow privilege escalation', all_files, "--enable-host-scan=false"])
+    return smoke_utils.run_command(command=[kubescape_exec, "scan", "control", 'C-0048,C-0016', all_files, "--enable-host-scan=false"])


 def scan_framework(kubescape_exec: str):
@@ -48,10 +48,6 @@ def run(kubescape_exec: str):
    # msg = scan_all(kubescape_exec=kubescape_exec)
    # smoke_utils.assertion(msg)

-    print("Testing scan control name")
-    msg = scan_control_name(kubescape_exec=kubescape_exec)
-    smoke_utils.assertion(msg)
-
    print("Testing scan control id")
    msg = scan_control_id(kubescape_exec=kubescape_exec)
    smoke_utils.assertion(msg)
Author	SHA1	Message	Date
David Wertenteil	08e7108dc0	Merge pull request #991 from kubescape/dev Release	2022-12-22 18:12:37 +02:00
David Wertenteil	108a2d6dd8	Merge pull request #962 from anubhav06/gitlab-scan added GitLab repo scanning support	2022-12-22 17:29:57 +02:00
David Wertenteil	2c28286bb1	update httphandler go mod	2022-12-22 17:07:47 +02:00
David Wertenteil	79858b7ed7	Merge pull request #975 from kooomix/dev control scan and download only by id	2022-12-22 16:56:40 +02:00
David Wertenteil	bb2e83eb3b	update go-git pkg	2022-12-22 16:55:11 +02:00
David Wertenteil	282a29b971	Merge pull request #990 from dwertent/cloud-name-breakdown update config scanning path	2022-12-22 16:37:27 +02:00
David Wertenteil	60b9edc463	update config scanning path	2022-12-22 16:14:44 +02:00
David Wertenteil	0f9a5e3127	Merge pull request #989 from dwertent/cloud-name-breakdown Breakdown cloud-cluster name	2022-12-22 16:03:31 +02:00
David Wertenteil	7c79c14363	Update core/pkg/resultshandling/results.go	2022-12-22 15:00:59 +02:00
Vlad Klokun	fe84225252	feat: notify about writing to an output file in PrettyPrinter	2022-12-22 15:00:59 +02:00
Vlad Klokun	56da8d8d92	style: tidy up the PDFPrinter - Shorten receiver names - Modify comments to follow Go Doc convention	2022-12-22 15:00:59 +02:00
Vlad Klokun	f135e95d2c	style: shorten receiver names in JUnitPrinter	2022-12-22 15:00:59 +02:00
Vlad Klokun	db34183fc1	style: shorten receiver names in JSONPrinter	2022-12-22 15:00:59 +02:00
Vlad Klokun	8f3af71c84	style: shorten receiver names in HTML Printer	2022-12-22 15:00:59 +02:00
Vlad Klokun	116aee0c9c	style: shorten receiver names in PrettyPrinter	2022-12-22 15:00:59 +02:00
Vlad Klokun	e5d44f741d	docs: clarify new meaning of the `--format` CLI flag	2022-12-22 15:00:59 +02:00
Vlad Klokun	f005cb7f80	feat: always print to (T)UI using PrettyPrinter Prior to this change, `pretty-printer` was a special type of Printer that wrote output to `Stdout`, unless explicitly asked to write to a given file. Kubescape used `pretty-printer` as an output format by default. This behavior created the following inconsistencies: - When invoked as `kubescape scan`, Kubescape would use `pretty-printer` by default, and it would output the scan resluts in the `pretty-printer` format to `Stdout`. - When invoked as `kubescape scan --format=pretty-printer`, the behavior would be as above. - When invoked as `kubescape scan --format=FORMAT`, where `FORMAT` is any format except for `pretty-printer`, Kubescape would write the results to a sensible default file for the selected format. This is in contrast to how `--format=pretty-printer` would still output to `os.Stdout`, and not an output file. - When invoked as `kubescape scan --format=ANY_FORMAT --output=FILENAME`, where `ANY_FORMAT` is any format, including `pretty-printer`, Kubescape would write the results to the provided `FILENAME` in the given `ANY_FORMAT`, and not write any results to `Stdout`. The aforementioned situation complicates life for users running Kubescape in CI, where Kubescape would skip writing the results to `Stdout` and only write to the provided output file. Moreover, with the addition of support for multiple output formats and, hence, files, this introduces the following ambiguity: - When invoked as `kubescape scan --format=json,pdf,pretty-printer --output=FILENAME`, should Kubescape treat `pretty-printer` as a format for the output file, or just an instruction to also print the results to `Stdout`? To fix these inconsistencies and ambiguities, this commit introduces the following changes: - Kubescape will always print results to `Stdout` using the PrettyPrinter format. - The `--format` CLI flag will control the format(s) in which the results will be written to one or many output files. This breaks the previous behavior that running `kubescape scan --format=pretty-printer` would not produce an output file, and only write to `Stdout`. After this change, the same invocation will still write to `Stdout`, but also produce a `report.txt` file in the PrettyPrinter format.	2022-12-22 15:00:59 +02:00
Vlad Klokun	9ae9d35ccb	style: `GetFormats` → `Formats`	2022-12-22 15:00:59 +02:00
Vlad Klokun	cb38a4e8a1	style: `go fmt` the project - Fixes style inside the project with `go fmt`	2022-12-22 15:00:59 +02:00
Vlad Klokun	eb6d39be42	style: shorten receiver names in ResultsHandler	2022-12-22 15:00:59 +02:00
Vlad Klokun	3160d74c42	style: shorten receiver names for Prometheus printer	2022-12-22 15:00:59 +02:00
Vlad Klokun	5076c38482	refactor: tidy up printing to multiple outputs This change: - Simplifies printing to multiple outputs. - Adds a comment on why we keep the Print → Score → Submit order when outputting results.	2022-12-22 15:00:59 +02:00
Vlad Klokun	73c55fe253	fix: revert the overriden ScanningTarget when submitting reports Before this change, we used to override a scan info `ScanningTarget` to submit a result that is compatible with the backend for Kubescape. However, previously we forgot to change back to the original value. When printing scan results, if the correct order of events (Print → Score → Submit) was not enforced, this broke the SARIF printer so that it did not output results due to incorrect `basePath` for the results. This change reverts to the original `ScanningTarget` value after submitting the results and fixes the SARIF printer.	2022-12-22 15:00:59 +02:00
suhasgumma	f48f81c0b5	Add logs for some formats	2022-12-22 15:00:59 +02:00
Suhas Gumma	81c1c29b7c	Update core/pkg/resultshandling/printer/printresults.go Co-authored-by: Vlad Klokun <vladklokun@users.noreply.github.com>	2022-12-22 15:00:59 +02:00
suhasgumma	874aa38f68	Handle Output Extensions Gracefully	2022-12-22 15:00:59 +02:00
suhasgumma	b9caaf5025	Add logs for some formats	2022-12-22 15:00:59 +02:00
suhasgumma	61c120de0e	Support getting outputs in multiple formats	2022-12-22 15:00:59 +02:00
kooomix	de3408bf57	minor fix	2022-12-22 14:09:27 +02:00
David Wertenteil	8d32032ec1	Merge branch 'cloud-name-breakdown' of github.com:dwertent/kubescape into cloud-name-breakdown	2022-12-22 13:33:23 +02:00
David Wertenteil	42ed787f7b	update go mod in httphandler	2022-12-22 13:32:27 +02:00
David Wertenteil	ccdba85b3c	Merge branch 'dev' into cloud-name-breakdown	2022-12-22 11:57:47 +02:00
David Wertenteil	c59f7691dc	Breakdown cloud-cluster name	2022-12-22 11:43:45 +02:00
kooomix	cf87c2d30b	Fixed test	2022-12-21 19:25:22 +02:00
kooomix	b547814dec	DownloadInfo, PolicyIdentifier add Identity, remove ID and Name	2022-12-21 19:17:29 +02:00
kooomix	b476a72e04	Merge branch 'dev' of github.com:kooomix/kubescape into dev	2022-12-21 17:02:24 +02:00
kooomix	4f6f85710a	Merge pull request #988 from kooomix/opa_utils-v.0.0.216 opa-utils v0.0.216	2022-12-21 16:06:34 +02:00
kooomix	47c23de160	opa-utils v0.0.216	2022-12-21 15:46:53 +02:00
kooomix	bc85844ec0	Merge branch 'kubescape:dev' into dev	2022-12-21 15:31:07 +02:00
kooomix	134d854722	opa-utils v0.0.216	2022-12-21 15:29:58 +02:00
David Wertenteil	e3522c19cc	Merge pull request #986 from dwertent/master Cosmetic changes	2022-12-20 10:33:21 +02:00
David Wertenteil	967fc3fe81	ignore resource if it is not found	2022-12-19 19:00:21 +02:00
David Wertenteil	896a0699ec	remove image vuln warning	2022-12-18 13:45:43 +02:00
David Wertenteil	a53375204e	remove --verbose flag from default	2022-12-18 13:44:12 +02:00
David Wertenteil	b1392361f8	remove emoji from display	2022-12-18 13:42:58 +02:00
David Wertenteil	7b4fbffae2	Merge pull request #976 from mkilchhofer/explicit_allowPrivilegeEscalation chore: Explicit set allowPrivilegeEscalation=true	2022-12-18 08:09:35 +02:00
David Wertenteil	34e7b9f2ad	Merge pull request #978 from kubescape/maintainers Update maintainers	2022-12-18 08:08:20 +02:00
David Wertenteil	f0080bdeae	Merge pull request #979 from craigbox/code-of-conduct Adopt CNCF Code of Conduct.	2022-12-18 08:07:39 +02:00
Craig Box	0eb27389da	Adopt CNCF Code of Conduct. Signed-off-by: Craig Box <craigb@armosec.io>	2022-12-16 21:46:31 +13:00
craigbox	2c5eed9ee2	Update maintainers - Add self - Remove e-mail addresses & job roles	2022-12-16 21:19:02 +13:00
David Wertenteil	2c1a5bd032	Merge pull request #977 from kubescape/revert-973-dev Revert "Excluding controlPlaneInfo from error message in case no data recieved."	2022-12-15 17:48:32 +02:00
David Wertenteil	298f8346e9	validate downloaded framework	2022-12-15 17:13:14 +02:00
kooomix	1897c5a4ba	Revert "Excluding controlPlaneInfo from error message in case no data recieved."	2022-12-15 16:17:39 +02:00
Marco Kilchhofer	57e435271e	chore: Explicit set allowPrivilegeEscalation=true The value of allowPrivilegeEscalation followed implicit default of Kubernetes: > AllowPrivilegeEscalation is true always when the container is: > 1) run as Privileged > 2) has CAP_SYS_ADMIN For users still using PodSecurityPolicy (or a follow-up product like OPA Gatekeeper or Kyverno), there might be mutating admission controllers which defaults this field to `false` if unset. A value of `false` would then conflict with `privileged: true`. Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>	2022-12-14 22:27:05 +01:00
kooomix	7e9b430347	test fix	2022-12-14 14:22:46 +02:00
kooomix	ca5b3e626b	test fix	2022-12-14 14:08:32 +02:00
kooomix	3a404f29fa	control scan by id	2022-12-14 13:42:52 +02:00
kooomix	16073d6872	download control only by id	2022-12-14 13:06:04 +02:00
Rotem Refael	dce563d2f5	Merge pull request #973 from kooomix/dev Excluding controlPlaneInfo from error message in case no data recieved.	2022-12-14 11:02:55 +02:00
kooomix	8d556a5b84	minor	2022-12-14 10:48:01 +02:00
kooomix	a61063e5b8	revert opa-utils version	2022-12-14 10:45:24 +02:00
kooomix	94973867db	Merge branch 'kubescape:dev' into dev	2022-12-14 10:23:11 +02:00
kooomix	214c2dcae8	patch to filter out "controlPlaneInfo" from error messages in case no data	2022-12-14 10:19:24 +02:00
David Wertenteil	72b36bf012	Merge pull request #968 from fredbi/chore/package-name chore(style): renamed versioned packages to stick to idiomatic conventions	2022-12-13 16:52:57 +02:00
Frederic BIDON	4335e6ceac	chore(style): renamed versioned packages to stick to idiomatic conventions * fixes: #967 Signed-off-by: Frederic BIDON <fredbi@yahoo.com>	2022-12-13 14:27:21 +01:00
kooomix	b5f92a7d54	go mod tidy	2022-12-13 11:32:23 +02:00
kooomix	41ec75d264	update opa-utils v0.0.209	2022-12-13 11:20:17 +02:00
kooomix	6d6ad1f487	Merge pull request #963 from kooomix/outputs_to_get_controls_only_by_ids All prints and outputs to get data only by control ID	2022-12-13 08:32:01 +02:00
kooomix	3ac33d21ac	All prints and outputs to get data by control ID	2022-12-12 15:20:48 +02:00
Anubhav Gupta	04e4b37f6f	added GitLab repo scanning support Signed-off-by: Anubhav Gupta <mail.anubhav06@gmail.com>	2022-12-11 21:39:28 +05:30
David Wertenteil	3e5903de6a	Merge pull request #961 from kubescape/dev change linux runner to 20.04 instead of ubuntu-latest (#960)	2022-12-11 15:02:04 +02:00
Moshe Rappaport	04ea0fe524	change linux runner to 20.04 instead of ubuntu-latest (#960 ) Co-authored-by: Amir Malka <amirm@armosec.io>	2022-12-11 14:20:28 +02:00
David Wertenteil	955d6751a9	Merge pull request #956 from kubescape/dev Enhance `host-scanner`	2022-12-08 22:51:26 +02:00
David Wertenteil	30c43bff10	Merge pull request #958 from Moshe-Rappaport-CA/dev Fix Junit format	2022-12-08 19:41:31 +02:00
Moshe-Rappaport-CA	e009244566	Fix Junit format	2022-12-08 17:56:16 +02:00
David Wertenteil	3d3cd2c2d8	Added Kubescape flow.drawio	2022-12-06 15:44:34 +02:00
David Wertenteil	f5498371ec	Merge pull request #942 from kooomix/eran-dev new host-scanner endpoint - cloudProviderInfo	2022-12-06 15:20:24 +02:00
David Wertenteil	c3b95bed8c	Merge branch 'dev' into eran-dev	2022-12-06 14:17:49 +02:00
David Wertenteil	8ce7d6c0f6	Merge pull request #930 from JusteenR/issue929 Issue929	2022-12-06 14:15:35 +02:00
David Wertenteil	e875f429a9	Merge pull request #948 from YiscahLevySilas1/dev Print host scanner version	2022-12-06 14:13:47 +02:00
David Wertenteil	b6beff0488	Merge pull request #946 from suhasgumma/dev Fixed: CIS control link not working for html output format	2022-12-06 14:13:06 +02:00
David Wertenteil	60c69ac3f0	Merge pull request #950 from fredbi/fix-789 fix(giturlparse): fixes panic on unexpected gitlab remote URL	2022-12-06 14:12:25 +02:00
David Wertenteil	1fb9320421	Merge pull request #941 from dwertent/master Updating examples	2022-12-06 14:11:07 +02:00
David Wertenteil	9a176f6667	remove tag latest	2022-12-06 11:42:34 +02:00
David Wertenteil	96ea9a9e42	fixed scanning example	2022-12-06 11:41:12 +02:00
David Wertenteil	e39fca0c11	do not build dev images	2022-12-06 11:05:21 +02:00
David Wertenteil	2ec035005d	fixed echo command	2022-12-04 15:45:23 +02:00
Frederic BIDON	b734b3aef0	go mod tidy ancillary modules manifest Signed-off-by: Frederic BIDON <fredbi@yahoo.com>	2022-12-04 12:39:34 +01:00
yiscah	0f5635f42d	move parsing of version to GetVersion	2022-12-04 12:17:04 +02:00
Frederic BIDON	8557075b7c	fix(giturlparse): fixes panic on unexpected gitlab remote URL * replaced dependencies to github.com/armosec/go-git-url by github.com/kubescape/go-git-url * fixes #789 NOTE: this requires kubescape/go-git-url#2 to be merged, a new release of that repo to be cut, in order to finalize the dependency update. Signed-off-by: Frederic BIDON <fredbi@yahoo.com>	2022-12-02 16:09:25 +01:00
David Wertenteil	bc0f0e7087	Merge branch 'master' of github.com:dwertent/kubescape	2022-12-02 02:31:14 +02:00
David Wertenteil	8ce5f9aea3	fixed typo	2022-12-02 02:30:35 +02:00
David Wertenteil	050f9d3a4e	Update cmd/scan/framework.go Co-authored-by: craigbox <craig.box@gmail.com>	2022-12-02 02:16:43 +02:00
David Wertenteil	a81bf0deb4	deprecate set-output	2022-12-02 01:43:45 +02:00
David Wertenteil	2059324c27	testing release	2022-12-02 01:35:57 +02:00
David Wertenteil	a09a0a1bca	Merge pull request #9 from dwertent/fix-dev-image run build only if secret is set	2022-12-02 01:32:26 +02:00
David Wertenteil	83712bb9f5	run build only if secret is set	2022-12-02 01:30:24 +02:00
David Wertenteil	728ae47b9a	Merge pull request #8 from dwertent/fix-dev-image Fix dev image	2022-12-02 00:56:12 +02:00
David Wertenteil	2a9b272a14	tagging only main image as latest	2022-12-02 00:54:03 +02:00
David Wertenteil	8662deac43	update repository scanning URL	2022-12-02 00:42:28 +02:00
yiscah	e42644bbd8	update hostscanner version	2022-12-01 08:57:58 +02:00
YiscahLevySilas1	07d30b6272	Merge branch 'kubescape:dev' into dev	2022-11-30 20:52:48 +02:00
yiscah	2a4f8543cc	added logs of host scanner version	2022-11-30 20:51:45 +02:00
suhasgumma	186b293cce	fix link for cis controls in html output	2022-11-30 01:23:45 +05:30
David Wertenteil	2bfe72f39d	Merge pull request #944 from kooomix/dev opa-utils adjustments + dataControlInputs support	2022-11-29 19:11:49 +02:00
kooomix	f99f955223	go mod tidy	2022-11-29 15:26:30 +02:00
kooomix	ec56e69a3c	minor fix	2022-11-29 14:55:30 +02:00
kooomix	3942583b1d	Merge pull request #1 from kooomix/dataControlInputs update opa-utils functions	2022-11-29 14:35:08 +02:00
kooomix	a10b15ba4b	update opa-utils functions	2022-11-29 14:29:33 +02:00
David Wertenteil	5003cbd7a8	Merge pull request #943 from suhasgumma/invalidformat Handle Invalid Formats	2022-11-28 17:39:14 +02:00
kooomix	481a137c23	Update host-scanner image version to v1.0.38	2022-11-28 16:46:32 +02:00
suhasgumma	c3f7f0938d	Handle Invalid Formats	2022-11-28 19:56:27 +05:30
kooomix	b1925fa38d	Support in new host-scanner endpoint - cloudProviderInfo	2022-11-28 09:18:43 +02:00
David Wertenteil	d9f8a7a46f	Merge pull request #918 from suhasgumma/dev1 Store Git Repo's root path as localRootPath	2022-11-27 16:25:24 +02:00
David Wertenteil	846a072bf9	Merge pull request #917 from suhasgumma/dev Fixed: Wrong Relative Path When scanning Local Directory	2022-11-27 16:24:19 +02:00
kooomix	5dd7bbd8a7	Merge pull request #938 from kooomix/eran-dev Added cloudProvider to postureControlInputs	2022-11-27 09:06:56 +02:00
kooomix	e1773acf24	Getting cloud provider from gitversion of discovered API version	2022-11-25 09:27:27 +02:00
kooomix	03a0f97669	Getting cluster name from context	2022-11-24 16:09:05 +02:00
David Wertenteil	917a3f41e8	Merge pull request #925 from amirmalka/dev Omit raw resources flag in json output	2022-11-24 14:47:14 +02:00
David Wertenteil	3c8da1b299	supporting client type from env	2022-11-24 11:09:30 +02:00
David Wertenteil	c61c7edbd0	update examples	2022-11-24 11:06:37 +02:00
kooomix	53402d9a1c	Added "CloudProvider" to postureControlInputs	2022-11-23 11:57:36 +02:00
David Wertenteil	de9278b388	Merge pull request #935 from mkilchhofer/bugfix/use_correct_directory fix: filepath.Dir requires trailing slash	2022-11-23 10:49:16 +02:00
Marco Kilchhofer	4fef6200f8	fix: filepath.Dir requires trailing slash Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>	2022-11-22 21:26:37 +01:00
JusteenR	81771b7bd7	Adding frameworks column to control command	2022-11-20 15:42:13 -08:00
Moshe Rappaport	2fee77c42c	Merge pull request #928 from Moshe-Rappaport-CA/PER-633-support-loading-exceptions-from-cache-kubescape PER-633 support loading exceptions from cache	2022-11-20 14:09:30 +02:00
Moshe-Rappaport-CA	968ecdb31d	PER-633 support loading exceptions from cache	2022-11-20 12:22:15 +02:00
David Wertenteil	af7b36a88b	Merge pull request #927 from Moshe-Rappaport-CA/PER-550-support-loading-attack-tracks-from-cache-kubescape Per 550 support loading attack tracks from cache kubescape	2022-11-20 11:24:38 +02:00
Moshe-Rappaport-CA	6ad58d38e2	PER-550 Support loading attack tracks from cache	2022-11-17 16:31:51 +02:00
Moshe-Rappaport-CA	681b4ce155	stash	2022-11-17 10:49:36 +02:00
Moshe Rappaport	9d21ac1b16	Merge pull request #924 from Moshe-Rappaport-CA/dev revert change in Junit format	2022-11-16 15:36:48 +02:00
Amir Malka	2b3fcca7e8	omit raw resources flag in json output	2022-11-16 12:15:17 +02:00
Moshe-Rappaport-CA	c8df1b8f1f	Merge remote-tracking branch 'armo/dev' into dev	2022-11-15 17:34:45 +02:00
Moshe-Rappaport-CA	4f921ddf6f	Revert PR #802 to the old junit format	2022-11-15 16:59:37 +02:00
suhasgumma	f64d5eab50	Fix RootDir Info	2022-11-15 12:38:57 +05:30
suhasgumma	d773397fe9	replace src with RelSrc	2022-11-15 10:34:36 +05:30
suhasgumma	2e30995bfc	Relative Path When scanning Local Repos	2022-11-15 10:22:04 +05:30
				`@@ -0,0 +1 @@`
				<mxfile host="app.diagrams.net" modified="2022-12-06T13:44:27.567Z" agent="5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" etag="82Ze98LIXdxZb4qKuLJX" version="20.6.0" type="github"><diagram id="-fs2xgBgB6aFH82wrd4-" name="Page-1">5Vpdc5s4FP01fkzGIAT2o2OndabpxLNuZ9tHGRRQC4gRIrbz61cyAgOisXdqDG0ekkgXIUvnnvvpjMA82n1kKAk+Uw+HI3Ps7UZgMTJNAwJD/JGSfS4BxjQX+Ix4atFRsCavWAnHSpoRD6e1hZzSkJOkLnRpHGOX12SIMbqtL3umYf1TE+RjTbB2UahL/yUeD3LpBI6P8iUmflB8sjFWTyJULFaCNEAe3VZE4H4E5oxSno+i3RyHErwCl/y9D794Wh6M4Zif88Jk+fDt6y57/Ofl5uud/4pm2XR5Y4B8mxcUZurG6rR8X0CwDQjH6wS5cr4Vah6Bu4BHoZgZYqg2wIzj3S+PZpQXFkzBNMKc7cWS4gWgMFIkMaZqvj1CbheMCKpwFy8ipWa/3PuIhBgoMP4HMMXGFRywJ5ihppTxgPo0RuH9UXrHaBZ7WG47FrPjmkdKE4XWD8z5XtEcZZzWsRR4sf039f5h8l1ObmExXeyqDxd7NcvPKg/4tgbEfWjGXPwWIyxlZYj5mJ+kjq5ThkPEyUv9JBfXT3HMCnHnnxeazuoa6Z7JN1aDybbO5EkLkZ2ueGxO3yuP4Z/BY6jxePnly2pwRC5Z2xeRDVsD6lO2wamLEjwybRRJDOJNmpT3r6AncOB1iFBI/FiMXYEHZkIg0SIi7s/Ug4h4Xm4MOCWvaHPYSmKfUBLzw+3g3Qgu5F6C/2luCnLrlDP6E89pSMW+i5jGcpdnEoYN0QW0ZFqw7m4g1LQ0bdFSZ2GzSHbeyieuTWWjSeWxTuVSFtSTua7I7GgwiQT2mfgZEz6HxqkG2gmYUJrk2e8z2UlodX5fAki7AaQ50YB0ruoTJhqMT5sfAoj0UCbIXzjlv43lJQwVwmFBV1xhSIYKmiC1GKrhwGsaaoFKBaaHOMl0Tv21EcY47TzhVSOMXrGuGHVxqvvMv1UnYOrcnraUNnfSnVb0cqx3dwIt57Q7acuOOnQnerb/lPH35E/g1DqDu/ZVuatXFnnaML4RP0+r2RASCOA0/DA4z+K7SyD0FHadbSIyiHQLwobpF6etomW2oGV2hZaeqa6YsEqx2QcigBoAZjbULLOwjL5QK6rbvppXx37V9+qz7ptX4OzmldOu0+s0r4AezjSFpYFs0IiwtQ+J0AsDp2P/Jtfg46YUIPenf9CriJZimzJuqRAGL2MBDRcLWlpeRpuPLRsMlzcAvUqbU0E6GurZ7tXbKo1ugOWcF5G6A0uv1fDOxUl7Q+XqcDWKW8vUW3VtDdXO0h5LL6TyHtRt71hNhsYsvbpBnAunNDikzJ6RKloB7y5iW/a5EXvSZ8S29FrnT47Ypj28kK3XRZ8mayGYrR56dxfNFKd3f2HpddGSytq7+YWeHcp2yIaJkS9HqYviGLPeEQVwaIhONUQfIuRj+ZXISxbG/SNmDCy6Qz3Jnvk+wz7igyjMrQbFOmz9iOnxH9IOzyr/1gfu/wM=</diagram></mxfile>