Merge pull request #528 from armosec/rotemamsa-patch-1

Update README.md
2026-04-15 06:58:11 +00:00 · 2022-06-06 13:45:35 +03:00 · 2022-06-06 13:30:22 +03:00 · 2022-06-03 19:43:27 +03:00 · 2022-06-03 19:35:33 +03:00 · 2022-05-26 12:21:29 +03:00
171 changed files with 7551 additions and 2204 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -33,10 +33,16 @@ jobs:
        uses: actions/setup-go@v2
        with:
          go-version: 1.17
-
-      - name: Test
+      # - name: Test cmd pkg
+      #   run: cd cmd && go test -v ./...
+      - name: Test core pkg
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: go test -v ./...

+      - name: Test httphandler pkg
+        run: cd httphandler && go test -v ./...
+
      - name: Build
        env:
          RELEASE: v2.0.${{ github.run_number }} 
@@ -74,9 +80,6 @@ jobs:
          asset_path: build/${{ matrix.os }}/kubescape.sha256
          asset_name: kubescape-${{ matrix.os }}-sha256
          asset_content_type: application/octet-stream
-
-
-
  build-docker:
    name: Build docker container, tag and upload to registry
    needs: build
@@ -98,28 +101,28 @@ jobs:
        id: image-name
        run: echo '::set-output name=IMAGE_NAME::quay.io/${{ github.repository_owner }}/kubescape'

-      - name: Build the Docker image
-        run: docker build . --file build/Dockerfile --tag ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }} --build-arg image_version=${{ steps.image-version.outputs.IMAGE_VERSION }}
-      
-      - name: Re-Tag Image to latest
-        run: docker tag ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }} ${{ steps.image-name.outputs.IMAGE_NAME }}:latest
-      
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
      - name: Login to Quay.io
-        env: # Or as an environment variable
+        env:
          QUAY_PASSWORD: ${{ secrets.QUAYIO_REGISTRY_PASSWORD }}
          QUAY_USERNAME: ${{ secrets.QUAYIO_REGISTRY_USERNAME }}
        run: docker login -u="${QUAY_USERNAME}" -p="${QUAY_PASSWORD}" quay.io
+
+      - name: Build the Docker image
+        run: docker buildx build . --file build/Dockerfile --tag ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }} --tag ${{ steps.image-name.outputs.IMAGE_NAME }}:latest --build-arg image_version=${{ steps.image-version.outputs.IMAGE_VERSION }} --push --platform linux/amd64,linux/arm64
+
      # - name: Login to GitHub Container Registry
      #   uses: docker/login-action@v1
      #   with:
      #     registry: ghcr.io
      #     username: ${{ github.actor }}
      #     password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Push Docker image
-        run: |
-          docker push ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }}
-          docker push ${{ steps.image-name.outputs.IMAGE_NAME }}:latest
-      
+    
      # TODO - Wait for casign to support fixed tags -> https://github.com/sigstore/cosign/issues/1424
      # - name: Install cosign
      #   uses: sigstore/cosign-installer@main
--- a/.github/workflows/build_dev.yaml
+++ b/.github/workflows/build_dev.yaml
@@ -18,9 +18,25 @@ jobs:
        with:
          go-version: 1.17
          
-      - name: Test
+      # - name: Test cmd pkg
+      #   run: cd cmd && go test -v ./...
+      
+      # - name: Test core pkg
+      #   env:
+      #     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      #   run: cd core && go test -v ./...
+
+      # - name: Test cmd pkg
+      #   run: cd cmd && go test -v ./...
+
+      - name: Test core pkg
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: go test -v ./...

+      - name: Test httphandler pkg
+        run: cd httphandler && go test -v ./...
+
      - name: Build
        env:
          RELEASE: v2.0.${{ github.run_number }} 
@@ -64,21 +80,17 @@ jobs:
        id: image-name
        run: echo '::set-output name=IMAGE_NAME::quay.io/${{ github.repository_owner }}/kubescape'

-      - name: Build the Docker image
-        run: docker build . --file build/Dockerfile --tag ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }} --build-arg image_version=${{ steps.image-version.outputs.IMAGE_VERSION }}
-      
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
      - name: Login to Quay.io
        env:
          QUAY_PASSWORD: ${{ secrets.QUAYIO_REGISTRY_PASSWORD }}
          QUAY_USERNAME: ${{ secrets.QUAYIO_REGISTRY_USERNAME }}
        run: docker login -u="${QUAY_USERNAME}" -p="${QUAY_PASSWORD}" quay.io
-      # - name: Login to GitHub Container Registry
-      #   uses: docker/login-action@v1
-      #   with:
-      #     registry: ghcr.io
-      #     username: ${{ github.actor }}
-      #     password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Push Docker image
-        run: |
-          docker push ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }}
-      
+
+      - name: Build the Docker image
+        run: docker buildx build . --file build/Dockerfile --tag ${{ steps.image-name.outputs.IMAGE_NAME }}:${{ steps.image-version.outputs.IMAGE_VERSION }} --build-arg image_version=${{ steps.image-version.outputs.IMAGE_VERSION }} --push --platform linux/amd64,linux/arm64
--- a/.github/workflows/master_pr_checks.yaml
+++ b/.github/workflows/master_pr_checks.yaml
@@ -19,9 +19,17 @@ jobs:
        with:
          go-version: 1.17

-      - name: Test
+      # - name: Test cmd pkg
+      #   run: cd cmd && go test -v ./...
+      
+      - name: Test core pkg
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: go test -v ./...

+      - name: Test httphandler pkg
+        run: cd httphandler && go test -v ./...
+
      - name: Build
        env:
          RELEASE: v2.0.${{ github.run_number }} 
--- a/README.md
+++ b/README.md
@@ -12,8 +12,20 @@ Kubescape integrates natively with other DevOps tools, including Jenkins, Circle

 </br>

+<!-- # Kubescape Coverage
+<img src="docs/ksfromcodetodeploy.png">
+
+</br> -->
+
+
+# Kubescape CLI:
 <img src="docs/demo.gif">

+</br>
+
+<!-- # Kubescape overview:
+<img src="docs/ARMO-header-2022.gif"> -->
+
 # TL;DR
 ## Install:
 ```
@@ -26,7 +38,7 @@ curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh |

 ## Run:
 ```
-kubescape scan --submit --enable-host-scan
+kubescape scan --submit --enable-host-scan --verbose
 ```

 <img src="docs/summary.png">
@@ -103,7 +115,7 @@ Set-ExecutionPolicy RemoteSigned -scope CurrentUser

 #### Scan a running Kubernetes cluster and submit results to the [Kubescape SaaS version](https://portal.armo.cloud/)
 ```
-kubescape scan --submit --enable-host-scan
+kubescape scan --submit --enable-host-scan  --verbose
 ```

 > Read [here](https://hub.armo.cloud/docs/host-sensor) more about the `enable-host-scan` flag
@@ -255,6 +267,19 @@ Now you can submit the results to the Kubescape SaaS version -
 kubescape submit results path/to/results.json
 ```

+
+# Integrations
+
+## VS Code Extension 
+
+![Visual Studio Marketplace Downloads](https://img.shields.io/visual-studio-marketplace/d/kubescape.kubescape?label=VScode) ![Open VSX](https://img.shields.io/open-vsx/dt/kubescape/kubescape?label=openVSX&color=yellowgreen)
+
+Scan the YAML files while writing them using the [vs code extension](https://github.com/armosec/vscode-kubescape/blob/master/README.md) 
+
+## Lens Extension
+
+View Kubescape scan results directly in [Lens IDE](https://k8slens.dev/) using kubescape [Lens extension](https://github.com/armosec/lens-kubescape/blob/master/README.md)
+
 # Under the hood

 ## Technology
--- a/build.py
+++ b/build.py
@@ -4,7 +4,7 @@ import hashlib
 import platform
 import subprocess

-BASE_GETTER_CONST = "github.com/armosec/kubescape/cautils/getter"
+BASE_GETTER_CONST = "github.com/armosec/kubescape/v2/core/cautils/getter"
 BE_SERVER_CONST   = BASE_GETTER_CONST + ".ArmoBEURL"
 ER_SERVER_CONST   = BASE_GETTER_CONST + ".ArmoERURL"
 WEBSITE_CONST     = BASE_GETTER_CONST + ".ArmoFEURL"
@@ -18,7 +18,7 @@ def checkStatus(status, msg):

 def getBuildDir():
    currentPlatform = platform.system()
-    buildDir = "build/"
+    buildDir = "./build/"

    if currentPlatform == "Windows": buildDir += "windows-latest"
    elif currentPlatform == "Linux": buildDir += "ubuntu-latest"
@@ -42,7 +42,7 @@ def main():

    # Set some variables
    packageName = getPackageName()
-    buildUrl = "github.com/armosec/kubescape/cautils.BuildNumber"
+    buildUrl = "github.com/armosec/kubescape/v2/core/cautils.BuildNumber"
    releaseVersion = os.getenv("RELEASE")
    ArmoBEServer = os.getenv("ArmoBEServer")
    ArmoERServer = os.getenv("ArmoERServer")
@@ -70,7 +70,7 @@ def main():
        ldflags += " -X {}={}".format(WEBSITE_CONST, ArmoWebsite)
    if ArmoAuthServer:
        ldflags += " -X {}={}".format(AUTH_SERVER_CONST, ArmoAuthServer)
-
+ 
    build_command = ["go", "build", "-o", ks_file, "-ldflags" ,ldflags]

    print("Building kubescape and saving here: {}".format(ks_file))
--- a/build/Dockerfile
+++ b/build/Dockerfile
@@ -18,14 +18,30 @@ RUN pip3 install --no-cache --upgrade pip setuptools
 WORKDIR /work
 ADD . .

+# build kubescape server
+WORKDIR /work/httphandler
 RUN python build.py
-
 RUN ls -ltr build/ubuntu-latest

+# build kubescape cmd
+WORKDIR /work
+RUN python build.py
+
+RUN /work/build/ubuntu-latest/kubescape download artifacts -o /work/artifacts
+
 FROM alpine
+
+RUN addgroup -S armo && adduser -S armo -G armo
+
+RUN mkdir /home/armo/.kubescape
+COPY --from=builder /work/artifacts/ /home/armo/.kubescape
+
+RUN chown -R armo:armo /home/armo/.kubescape
+
+USER armo
+WORKDIR /home/armo
+
+COPY --from=builder /work/httphandler/build/ubuntu-latest/kubescape /usr/bin/ksserver
 COPY --from=builder /work/build/ubuntu-latest/kubescape /usr/bin/kubescape

-# # Download the frameworks. Use the "--use-default" flag when running kubescape
-# RUN kubescape download framework nsa && kubescape download framework mitre
-
-ENTRYPOINT ["kubescape"]
+ENTRYPOINT ["ksserver"]
--- a/cautils/datastructures.go
+++ b/cautils/datastructures.go
@@ -1,75 +0,0 @@
-package cautils
-
-import (
-	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/resourcesresults"
-	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
-)
-
-// K8SResources map[<api group>/<api version>/<resource>][]<resourceID>
-type K8SResources map[string][]string
-
-type OPASessionObj struct {
-	K8SResources    *K8SResources                          // input k8s objects
-	Policies        []reporthandling.Framework             // list of frameworks to scan
-	AllResources    map[string]workloadinterface.IMetadata // all scanned resources, map[<rtesource ID>]<resource>
-	ResourcesResult map[string]resourcesresults.Result     // resources scan results, map[<rtesource ID>]<resource result>
-	PostureReport   *reporthandling.PostureReport          // scan results v1 - Remove
-	Report          *reporthandlingv2.PostureReport        // scan results v2 - Remove
-	Exceptions      []armotypes.PostureExceptionPolicy     // list of exceptions to apply on scan results
-	RegoInputData   RegoInputData                          // input passed to rgo for scanning. map[<control name>][<input arguments>]
-}
-
-func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SResources) *OPASessionObj {
-	return &OPASessionObj{
-		Report:          &reporthandlingv2.PostureReport{},
-		Policies:        frameworks,
-		K8SResources:    k8sResources,
-		AllResources:    make(map[string]workloadinterface.IMetadata),
-		ResourcesResult: make(map[string]resourcesresults.Result),
-		PostureReport: &reporthandling.PostureReport{
-			ClusterName:  ClusterName,
-			CustomerGUID: CustomerGUID,
-		},
-	}
-}
-
-func NewOPASessionObjMock() *OPASessionObj {
-	return &OPASessionObj{
-		Policies:        nil,
-		K8SResources:    nil,
-		AllResources:    make(map[string]workloadinterface.IMetadata),
-		ResourcesResult: make(map[string]resourcesresults.Result),
-		Report:          &reporthandlingv2.PostureReport{},
-		PostureReport: &reporthandling.PostureReport{
-			ClusterName:  "",
-			CustomerGUID: "",
-			ReportID:     "",
-			JobID:        "",
-		},
-	}
-}
-
-type ComponentConfig struct {
-	Exceptions Exception `json:"exceptions"`
-}
-
-type Exception struct {
-	Ignore        *bool                      `json:"ignore"`        // ignore test results
-	MultipleScore *reporthandling.AlertScore `json:"multipleScore"` // MultipleScore number - float32
-	Namespaces    []string                   `json:"namespaces"`
-	Regex         string                     `json:"regex"` // not supported
-}
-
-type RegoInputData struct {
-	PostureControlInputs map[string][]string `json:"postureControlInputs"`
-	// ClusterName          string              `json:"clusterName"`
-	// K8sConfig            RegoK8sConfig       `json:"k8sconfig"`
-}
-
-type Policies struct {
-	Frameworks []string
-	Controls   map[string]reporthandling.Control // map[<control ID>]<control>
-}
--- a/cautils/environments.go
+++ b/cautils/environments.go
@@ -1,11 +0,0 @@
-package cautils
-
-// CA environment vars
-var (
-	CustomerGUID          = ""
-	ClusterName           = ""
-	EventReceiverURL      = ""
-	NotificationServerURL = ""
-	DashboardBackendURL   = ""
-	RestAPIPort           = "4001"
-)
--- a/cautils/scaninfo.go
+++ b/cautils/scaninfo.go
@@ -1,199 +0,0 @@
-package cautils
-
-import (
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/reporthandling"
-)
-
-const (
-	ScanCluster                string = "cluster"
-	ScanLocalFiles             string = "yaml"
-	localControlInputsFilename string = "controls-inputs.json"
-	localExceptionsFilename    string = "exceptions.json"
-)
-
-type BoolPtrFlag struct {
-	valPtr *bool
-}
-
-func (bpf *BoolPtrFlag) Type() string {
-	return "bool"
-}
-
-func (bpf *BoolPtrFlag) String() string {
-	if bpf.valPtr != nil {
-		return fmt.Sprintf("%v", *bpf.valPtr)
-	}
-	return ""
-}
-func (bpf *BoolPtrFlag) Get() *bool {
-	return bpf.valPtr
-}
-
-func (bpf *BoolPtrFlag) SetBool(val bool) {
-	bpf.valPtr = &val
-}
-
-func (bpf *BoolPtrFlag) Set(val string) error {
-	switch val {
-	case "true":
-		bpf.SetBool(true)
-	case "false":
-		bpf.SetBool(false)
-	}
-	return nil
-}
-
-type RootInfo struct {
-	Logger       string // logger level
-	LoggerName   string // logger name ("pretty"/"zap"/"none")
-	CacheDir     string // cached dir
-	DisableColor bool   // Disable Color
-}
-
-// TODO - UPDATE
-type ScanInfo struct {
-	Getters                                              // TODO - remove from object
-	PolicyIdentifier   []reporthandling.PolicyIdentifier // TODO - remove from object
-	UseExceptions      string                            // Load file with exceptions configuration
-	ControlsInputs     string                            // Load file with inputs for controls
-	UseFrom            []string                          // Load framework from local file (instead of download). Use when running offline
-	UseDefault         bool                              // Load framework from cached file (instead of download). Use when running offline
-	UseArtifactsFrom   string                            // Load artifacts from local path. Use when running offline
-	VerboseMode        bool                              // Display all of the input resources and not only failed resources
-	Format             string                            // Format results (table, json, junit ...)
-	Output             string                            // Store results in an output file, Output file name
-	FormatVersion      string                            // Output object can be differnet between versions, this is for testing and backward compatibility
-	ExcludedNamespaces string                            // used for host sensor namespace
-	IncludeNamespaces  string                            // DEPRECATED?
-	InputPatterns      []string                          // Yaml files input patterns
-	Silent             bool                              // Silent mode - Do not print progress logs
-	FailThreshold      float32                           // Failure score threshold
-	Submit             bool                              // Submit results to Armo BE
-	ReportID           string                            // Report id of the current scan
-	HostSensorEnabled  BoolPtrFlag                       // Deploy ARMO K8s host sensor to collect data from certain controls
-	HostSensorYamlPath string                            // Path to hostsensor file
-	Local              bool                              // Do not submit results
-	Account            string                            // account ID
-	KubeContext        string                            // context name
-	FrameworkScan      bool                              // false if scanning control
-	ScanAll            bool                              // true if scan all frameworks
-}
-
-type Getters struct {
-	ExceptionsGetter     getter.IExceptionsGetter
-	ControlsInputsGetter getter.IControlsInputsGetter
-	PolicyGetter         getter.IPolicyGetter
-}
-
-func (scanInfo *ScanInfo) Init() {
-	scanInfo.setUseFrom()
-	scanInfo.setOutputFile()
-	scanInfo.setUseArtifactsFrom()
-}
-
-func (scanInfo *ScanInfo) setUseArtifactsFrom() {
-	if scanInfo.UseArtifactsFrom == "" {
-		return
-	}
-	// UseArtifactsFrom must be a path without a filename
-	dir, file := filepath.Split(scanInfo.UseArtifactsFrom)
-	if dir == "" {
-		scanInfo.UseArtifactsFrom = file
-	} else if strings.Contains(file, ".json") {
-		scanInfo.UseArtifactsFrom = dir
-	}
-	// set frameworks files
-	files, err := ioutil.ReadDir(scanInfo.UseArtifactsFrom)
-	if err != nil {
-		logger.L().Fatal("failed to read files from directory", helpers.String("dir", scanInfo.UseArtifactsFrom), helpers.Error(err))
-	}
-	framework := &reporthandling.Framework{}
-	for _, f := range files {
-		filePath := filepath.Join(scanInfo.UseArtifactsFrom, f.Name())
-		file, err := os.ReadFile(filePath)
-		if err == nil {
-			if err := json.Unmarshal(file, framework); err == nil {
-				scanInfo.UseFrom = append(scanInfo.UseFrom, filepath.Join(scanInfo.UseArtifactsFrom, f.Name()))
-			}
-		}
-	}
-	// set config-inputs file
-	scanInfo.ControlsInputs = filepath.Join(scanInfo.UseArtifactsFrom, localControlInputsFilename)
-	// set exceptions
-	scanInfo.UseExceptions = filepath.Join(scanInfo.UseArtifactsFrom, localExceptionsFilename)
-}
-
-func (scanInfo *ScanInfo) setUseExceptions() {
-	if scanInfo.UseExceptions != "" {
-		// load exceptions from file
-		scanInfo.ExceptionsGetter = getter.NewLoadPolicy([]string{scanInfo.UseExceptions})
-	} else {
-		scanInfo.ExceptionsGetter = getter.GetArmoAPIConnector()
-	}
-}
-
-func (scanInfo *ScanInfo) setUseFrom() {
-	if scanInfo.UseDefault {
-		for _, policy := range scanInfo.PolicyIdentifier {
-			scanInfo.UseFrom = append(scanInfo.UseFrom, getter.GetDefaultPath(policy.Name+".json"))
-		}
-	}
-}
-
-func (scanInfo *ScanInfo) setOutputFile() {
-	if scanInfo.Output == "" {
-		return
-	}
-	if scanInfo.Format == "json" {
-		if filepath.Ext(scanInfo.Output) != ".json" {
-			scanInfo.Output += ".json"
-		}
-	}
-	if scanInfo.Format == "junit" {
-		if filepath.Ext(scanInfo.Output) != ".xml" {
-			scanInfo.Output += ".xml"
-		}
-	}
-	if scanInfo.Format == "pdf" {
-		if filepath.Ext(scanInfo.Output) != ".pdf" {
-			scanInfo.Output += ".pdf"
-		}
-	}
-}
-
-func (scanInfo *ScanInfo) GetScanningEnvironment() string {
-	if len(scanInfo.InputPatterns) != 0 {
-		return ScanLocalFiles
-	}
-	return ScanCluster
-}
-
-func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind reporthandling.NotificationPolicyKind) {
-	for _, policy := range policies {
-		if !scanInfo.contains(policy) {
-			newPolicy := reporthandling.PolicyIdentifier{}
-			newPolicy.Kind = kind // reporthandling.KindFramework
-			newPolicy.Name = policy
-			scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
-		}
-	}
-}
-
-func (scanInfo *ScanInfo) contains(policyName string) bool {
-	for _, policy := range scanInfo.PolicyIdentifier {
-		if policy.Name == policyName {
-			return true
-		}
-	}
-	return false
-}
--- a/cmd/README.md
+++ b/cmd/README.md
@@ -1 +0,0 @@
-# Kubescape CLI Package
--- a/cmd/config/config.go
+++ b/cmd/config/config.go
@@ -1,7 +1,7 @@
 package config

 import (
-	"github.com/armosec/kubescape/core/meta"
+	"github.com/armosec/kubescape/v2/core/meta"
 	"github.com/spf13/cobra"
 )

@@ -33,7 +33,7 @@ func GetConfigCmd(ks meta.IKubescape) *cobra.Command {
 	// configCmd represents the config command
 	configCmd := &cobra.Command{
 		Use:     "config",
-		Short:   "handle cached configurations",
+		Short:   "Handle cached configurations",
 		Example: configExample,
 	}

--- a/cmd/config/delete.go
+++ b/cmd/config/delete.go
@@ -1,9 +1,9 @@
 package config

 import (
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/meta"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

--- a/cmd/config/set.go
+++ b/cmd/config/set.go
@@ -4,9 +4,9 @@ import (
 	"fmt"
 	"strings"

-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/meta"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

--- a/cmd/config/view.go
+++ b/cmd/config/view.go
@@ -3,9 +3,9 @@ package config
 import (
 	"os"

-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/meta"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

--- a/cmd/delete/delete.go
+++ b/cmd/delete/delete.go
@@ -1,8 +1,8 @@
 package delete

 import (
-	"github.com/armosec/kubescape/core/meta"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/meta"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

@@ -24,7 +24,9 @@ func GetDeleteCmd(ks meta.IKubescape) *cobra.Command {
 		Run: func(cmd *cobra.Command, args []string) {
 		},
 	}
-	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Account, "account", "", "", "Armo portal account ID. Default will load account ID from configMap or config file")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")

 	deleteCmd.AddCommand(getExceptionsCmd(ks, &deleteInfo))

--- a/cmd/delete/exceptions.go
+++ b/cmd/delete/exceptions.go
@@ -4,9 +4,9 @@ import (
 	"fmt"
 	"strings"

-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/meta"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

@@ -26,7 +26,7 @@ func getExceptionsCmd(ks meta.IKubescape, deleteInfo *v1.Delete) *cobra.Command
 			if len(exceptionsNames) == 0 {
 				logger.L().Fatal("missing exceptions names")
 			}
-			if err := ks.DeleteExceptions(&v1.DeleteExceptions{Account: deleteInfo.Account, Exceptions: exceptionsNames}); err != nil {
+			if err := ks.DeleteExceptions(&v1.DeleteExceptions{Credentials: deleteInfo.Credentials, Exceptions: exceptionsNames}); err != nil {
 				logger.L().Fatal(err.Error())
 			}
 		},
--- a/cmd/download/download.go
+++ b/cmd/download/download.go
@@ -5,11 +5,11 @@ import (
 	"path/filepath"
 	"strings"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/core"
-	"github.com/armosec/kubescape/core/meta"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/core"
+	"github.com/armosec/kubescape/v2/core/meta"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

@@ -72,7 +72,10 @@ func GeDownloadCmd(ks meta.IKubescape) *cobra.Command {
 			return nil
 		},
 	}
-	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Account, "account", "", "", "Armo portal account ID. Default will load account ID from configMap or config file")
+
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 	downloadCmd.Flags().StringVarP(&downloadInfo.Path, "output", "o", "", "Output file. If not specified, will save in `~/.kubescape/<policy name>.json`")

 	return downloadCmd
--- a/cmd/list/list.go
+++ b/cmd/list/list.go
@@ -4,11 +4,11 @@ import (
 	"fmt"
 	"strings"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/core"
-	"github.com/armosec/kubescape/core/meta"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/core"
+	"github.com/armosec/kubescape/v2/core/meta"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

@@ -59,7 +59,9 @@ func GetListCmd(ks meta.IKubescape) *cobra.Command {
 			return nil
 		},
 	}
-	listCmd.PersistentFlags().StringVar(&listPolicies.Account, "account", "", "Armo portal account ID. Default will load account ID from configMap or config file")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 	listCmd.PersistentFlags().StringVar(&listPolicies.Format, "format", "pretty-print", "output format. supported: 'pretty-printer'/'json'")
 	listCmd.PersistentFlags().BoolVarP(&listPolicies.ListIDs, "id", "", false, "List control ID's instead of controls names")

--- a/cmd/root.go
+++ b/cmd/root.go
@@ -2,31 +2,27 @@ package cmd

 import (
 	"fmt"
-	"os"
 	"strings"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/cmd/completion"
-	"github.com/armosec/kubescape/cmd/config"
-	"github.com/armosec/kubescape/cmd/delete"
-	"github.com/armosec/kubescape/cmd/download"
-	"github.com/armosec/kubescape/cmd/list"
-	"github.com/armosec/kubescape/cmd/scan"
-	"github.com/armosec/kubescape/cmd/submit"
-	"github.com/armosec/kubescape/cmd/version"
-	"github.com/armosec/kubescape/core/core"
+	"github.com/armosec/kubescape/v2/cmd/completion"
+	"github.com/armosec/kubescape/v2/cmd/config"
+	"github.com/armosec/kubescape/v2/cmd/delete"
+	"github.com/armosec/kubescape/v2/cmd/download"
+	"github.com/armosec/kubescape/v2/cmd/list"
+	"github.com/armosec/kubescape/v2/cmd/scan"
+	"github.com/armosec/kubescape/v2/cmd/submit"
+	"github.com/armosec/kubescape/v2/cmd/version"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/core"
+	"github.com/armosec/kubescape/v2/core/meta"

-	"github.com/mattn/go-isatty"
 	"github.com/spf13/cobra"
 )

-var armoBEURLs = ""
-var armoBEURLsDep = ""
-
-const envFlagUsage = "Send report results to specific URL. Format:<ReportReceiver>,<Backend>,<Frontend>.\n\t\tExample:report.armo.cloud,api.armo.cloud,portal.armo.cloud"
+var rootInfo cautils.RootInfo

 var ksExamples = `
  # Scan command
@@ -42,19 +38,22 @@ var ksExamples = `
  kubescape config view
 `

-func getRootCmd() *cobra.Command {
-	var rootInfo cautils.RootInfo
+func NewDefaultKubescapeCommand() *cobra.Command {
+	ks := core.NewKubescape()
+	return getRootCmd(ks)
+}
+
+func getRootCmd(ks meta.IKubescape) *cobra.Command {

 	rootCmd := &cobra.Command{
 		Use:     "kubescape",
 		Version: cautils.BuildNumber,
-		Short:   "Kubescape is a tool for testing Kubernetes security posture",
-		Long:    `Based on NSA \ MITRE ATT&CK® and other frameworks specifications`,
+		Short:   "Kubescape is a tool for testing Kubernetes security posture. Docs: https://hub.armo.cloud/docs",
 		Example: ksExamples,
 	}

-	rootCmd.PersistentFlags().StringVar(&armoBEURLsDep, "environment", "", envFlagUsage)
-	rootCmd.PersistentFlags().StringVar(&armoBEURLs, "env", "", envFlagUsage)
+	rootCmd.PersistentFlags().StringVar(&rootInfo.ArmoBEURLsDep, "environment", "", envFlagUsage)
+	rootCmd.PersistentFlags().StringVar(&rootInfo.ArmoBEURLs, "env", "", envFlagUsage)
 	rootCmd.PersistentFlags().MarkDeprecated("environment", "use 'env' instead")
 	rootCmd.PersistentFlags().MarkHidden("environment")
 	rootCmd.PersistentFlags().MarkHidden("env")
@@ -66,13 +65,7 @@ func getRootCmd() *cobra.Command {
 	rootCmd.PersistentFlags().StringVar(&rootInfo.CacheDir, "cache-dir", getter.DefaultLocalStore, "Cache directory [$KS_CACHE_DIR]")
 	rootCmd.PersistentFlags().BoolVarP(&rootInfo.DisableColor, "disable-color", "", false, "Disable Color output for logging")

-	// Initialize
-	initLogger(&rootInfo)
-	initLoggerLevel(&rootInfo)
-	initEnvironment(&rootInfo)
-	initCacheDir(&rootInfo)
-
-	ks := core.NewKubescape()
+	cobra.OnInitialize(initLogger, initLoggerLevel, initEnvironment, initCacheDir)

 	// Supported commands
 	rootCmd.AddCommand(scan.GetScanCommand(ks))
@@ -87,81 +80,7 @@ func getRootCmd() *cobra.Command {
 	return rootCmd
 }

-func Execute() {
-	rootCmd := getRootCmd()
-	rootCmd.Execute()
-}
-
-func initLogger(rootInfo *cautils.RootInfo) {
-	logger.DisableColor(rootInfo.DisableColor)
-
-	if rootInfo.LoggerName == "" {
-		if l := os.Getenv("KS_LOGGER_NAME"); l != "" {
-			rootInfo.LoggerName = l
-		} else {
-			if isatty.IsTerminal(os.Stdout.Fd()) {
-				rootInfo.LoggerName = "pretty"
-			} else {
-				rootInfo.LoggerName = "zap"
-			}
-		}
-	}
-
-	logger.InitLogger(rootInfo.LoggerName)
-
-}
-func initLoggerLevel(rootInfo *cautils.RootInfo) {
-	if rootInfo.Logger != helpers.InfoLevel.String() {
-	} else if l := os.Getenv("KS_LOGGER"); l != "" {
-		rootInfo.Logger = l
-	}
-
-	if err := logger.L().SetLevel(rootInfo.Logger); err != nil {
-		logger.L().Fatal(fmt.Sprintf("supported levels: %s", strings.Join(helpers.SupportedLevels(), "/")), helpers.Error(err))
-	}
-}
-
-func initCacheDir(rootInfo *cautils.RootInfo) {
-	if rootInfo.CacheDir == getter.DefaultLocalStore {
-		getter.DefaultLocalStore = rootInfo.CacheDir
-	} else if cacheDir := os.Getenv("KS_CACHE_DIR"); cacheDir != "" {
-		getter.DefaultLocalStore = cacheDir
-	} else {
-		return // using default cache dir location
-	}
-
-	logger.L().Debug("cache dir updated", helpers.String("path", getter.DefaultLocalStore))
-}
-func initEnvironment(rootInfo *cautils.RootInfo) {
-	if armoBEURLsDep != "" {
-		armoBEURLs = armoBEURLsDep
-	}
-	urlSlices := strings.Split(armoBEURLs, ",")
-	if len(urlSlices) != 1 && len(urlSlices) < 3 {
-		logger.L().Fatal("expected at least 3 URLs (report, api, frontend, auth)")
-	}
-	switch len(urlSlices) {
-	case 1:
-		switch urlSlices[0] {
-		case "dev", "development":
-			getter.SetARMOAPIConnector(getter.NewARMOAPIDev())
-		case "stage", "staging":
-			getter.SetARMOAPIConnector(getter.NewARMOAPIStaging())
-		case "":
-			getter.SetARMOAPIConnector(getter.NewARMOAPIProd())
-		default:
-			logger.L().Fatal("--environment flag usage: " + envFlagUsage)
-		}
-	case 2:
-		logger.L().Fatal("--environment flag usage: " + envFlagUsage)
-	case 3, 4:
-		var armoAUTHURL string
-		armoERURL := urlSlices[0] // mandatory
-		armoBEURL := urlSlices[1] // mandatory
-		armoFEURL := urlSlices[2] // mandatory
-		if len(urlSlices) <= 4 {
-			armoAUTHURL = urlSlices[3]
-		}
-		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, armoFEURL, armoAUTHURL))
-	}
+func Execute() error {
+	ks := NewDefaultKubescapeCommand()
+	return ks.Execute()
 }
--- a/cmd/rootutils.go
+++ b/cmd/rootutils.go
@@ -0,0 +1,89 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+
+	"github.com/mattn/go-isatty"
+)
+
+const envFlagUsage = "Send report results to specific URL. Format:<ReportReceiver>,<Backend>,<Frontend>.\n\t\tExample:report.armo.cloud,api.armo.cloud,portal.armo.cloud"
+
+func initLogger() {
+	logger.DisableColor(rootInfo.DisableColor)
+
+	if rootInfo.LoggerName == "" {
+		if l := os.Getenv("KS_LOGGER_NAME"); l != "" {
+			rootInfo.LoggerName = l
+		} else {
+			if isatty.IsTerminal(os.Stdout.Fd()) {
+				rootInfo.LoggerName = "pretty"
+			} else {
+				rootInfo.LoggerName = "zap"
+			}
+		}
+	}
+
+	logger.InitLogger(rootInfo.LoggerName)
+
+}
+func initLoggerLevel() {
+	if rootInfo.Logger == helpers.InfoLevel.String() {
+	} else if l := os.Getenv("KS_LOGGER"); l != "" {
+		rootInfo.Logger = l
+	}
+
+	if err := logger.L().SetLevel(rootInfo.Logger); err != nil {
+		logger.L().Fatal(fmt.Sprintf("supported levels: %s", strings.Join(helpers.SupportedLevels(), "/")), helpers.Error(err))
+	}
+}
+
+func initCacheDir() {
+	if rootInfo.CacheDir != getter.DefaultLocalStore {
+		getter.DefaultLocalStore = rootInfo.CacheDir
+	} else if cacheDir := os.Getenv("KS_CACHE_DIR"); cacheDir != "" {
+		getter.DefaultLocalStore = cacheDir
+	} else {
+		return // using default cache dir location
+	}
+
+	logger.L().Debug("cache dir updated", helpers.String("path", getter.DefaultLocalStore))
+}
+func initEnvironment() {
+	if rootInfo.ArmoBEURLs == "" {
+		rootInfo.ArmoBEURLs = rootInfo.ArmoBEURLsDep
+	}
+	urlSlices := strings.Split(rootInfo.ArmoBEURLs, ",")
+	if len(urlSlices) != 1 && len(urlSlices) < 3 {
+		logger.L().Fatal("expected at least 3 URLs (report, api, frontend, auth)")
+	}
+	switch len(urlSlices) {
+	case 1:
+		switch urlSlices[0] {
+		case "dev", "development":
+			getter.SetARMOAPIConnector(getter.NewARMOAPIDev())
+		case "stage", "staging":
+			getter.SetARMOAPIConnector(getter.NewARMOAPIStaging())
+		case "":
+			getter.SetARMOAPIConnector(getter.NewARMOAPIProd())
+		default:
+			logger.L().Fatal("--environment flag usage: " + envFlagUsage)
+		}
+	case 2:
+		logger.L().Fatal("--environment flag usage: " + envFlagUsage)
+	case 3, 4:
+		var armoAUTHURL string
+		armoERURL := urlSlices[0] // mandatory
+		armoBEURL := urlSlices[1] // mandatory
+		armoFEURL := urlSlices[2] // mandatory
+		if len(urlSlices) >= 4 {
+			armoAUTHURL = urlSlices[3]
+		}
+		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, armoFEURL, armoAUTHURL))
+	}
+}
--- a/cmd/scan/control.go
+++ b/cmd/scan/control.go
@@ -6,10 +6,13 @@ import (
 	"os"
 	"strings"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	"github.com/armosec/opa-utils/reporthandling"
+	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/meta"
+	"github.com/enescakir/emoji"
 	"github.com/spf13/cobra"
 )

@@ -55,18 +58,18 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 		RunE: func(cmd *cobra.Command, args []string) error {

 			// flagValidationControl(scanInfo)
-			scanInfo.PolicyIdentifier = []reporthandling.PolicyIdentifier{}
+			scanInfo.PolicyIdentifier = []cautils.PolicyIdentifier{}

 			if len(args) == 0 {
 				scanInfo.ScanAll = true
 			} else { // expected control or list of control sepparated by ","

 				// Read controls from input args
-				scanInfo.SetPolicyIdentifiers(strings.Split(args[0], ","), reporthandling.KindControl)
+				scanInfo.SetPolicyIdentifiers(strings.Split(args[0], ","), apisv1.KindControl)

 				if len(args) > 1 {
 					if len(args[1:]) == 0 || args[1] != "-" {
-						scanInfo.InputPatterns = args[1:]
+						scanInfo.InputPatterns = []string{args[1]}
 					} else { // store stdin to file - do NOT move to separate function !!
 						tempFile, err := os.CreateTemp(".", "tmp-kubescape*.yaml")
 						if err != nil {
@@ -88,36 +91,16 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 			if err != nil {
 				logger.L().Fatal(err.Error())
 			}
-			results.HandleResults()
+			if err := results.HandleResults(); err != nil {
+				logger.L().Fatal(err.Error())
+			}
+			if !scanInfo.VerboseMode {
+				cautils.SimpleDisplay(os.Stderr, "%s  Run with '--verbose'/'-v' flag for detailed resources view\n\n", emoji.Detective)
+			}
 			if results.GetRiskScore() > float32(scanInfo.FailThreshold) {
-				return fmt.Errorf("scan risk-score %.2f is above permitted threshold %.2f", results.GetRiskScore(), scanInfo.FailThreshold)
+				logger.L().Fatal("scan risk-score is above permitted threshold", helpers.String("risk-score", fmt.Sprintf("%.2f", results.GetRiskScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
 			}
 			return nil
 		},
 	}
 }
-
-// func flagValidationControl() {
-// 	if 100 < scanInfo.FailThreshold {
-// 		logger.L().Fatal("bad argument: out of range threshold")
-// 	}
-// }
-
-// func setScanForFirstControl(scanInfo, controls []string) []reporthandling.PolicyIdentifier {
-// 	newPolicy := reporthandling.PolicyIdentifier{}
-// 	newPolicy.Kind = reporthandling.KindControl
-// 	newPolicy.Name = controls[0]
-// 	scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
-// 	return scanInfo.PolicyIdentifier
-// }
-
-// func SetScanForGivenControls(scanInfo, controls []string) []reporthandling.PolicyIdentifier {
-// 	for _, control := range controls {
-// 		control := strings.TrimLeft(control, " ")
-// 		newPolicy := reporthandling.PolicyIdentifier{}
-// 		newPolicy.Kind = reporthandling.KindControl
-// 		newPolicy.Name = control
-// 		scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
-// 	}
-// 	return scanInfo.PolicyIdentifier
-// }
--- a/cmd/scan/framework.go
+++ b/cmd/scan/framework.go
@@ -6,10 +6,13 @@ import (
 	"os"
 	"strings"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	"github.com/armosec/opa-utils/reporthandling"
+	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/meta"
+	"github.com/enescakir/emoji"
 	"github.com/spf13/cobra"
 )

@@ -27,7 +30,7 @@ var (
  # Scan all frameworks
  kubescape scan framework all

-  # Scan kubernetes YAML manifest files
+  # Scan kubernetes YAML manifest files (single file or glob)
  kubescape scan framework nsa *.yaml

  Run 'kubescape list frameworks' for the list of supported frameworks
@@ -58,7 +61,9 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 		},
 		RunE: func(cmd *cobra.Command, args []string) error {

-			flagValidationFramework(scanInfo)
+			if err := flagValidationFramework(scanInfo); err != nil {
+				return err
+			}
 			scanInfo.FrameworkScan = true

 			var frameworks []string
@@ -74,7 +79,7 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 				}
 				if len(args) > 1 {
 					if len(args[1:]) == 0 || args[1] != "-" {
-						scanInfo.InputPatterns = args[1:]
+						scanInfo.InputPatterns = []string{args[1]}
 					} else { // store stdin to file - do NOT move to separate function !!
 						tempFile, err := os.CreateTemp(".", "tmp-kubescape*.yaml")
 						if err != nil {
@@ -91,40 +96,33 @@ func getFrameworkCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comm
 			}
 			scanInfo.FrameworkScan = true

-			scanInfo.SetPolicyIdentifiers(frameworks, reporthandling.KindFramework)
+			scanInfo.SetPolicyIdentifiers(frameworks, apisv1.KindFramework)

 			results, err := ks.Scan(scanInfo)
 			if err != nil {
 				logger.L().Fatal(err.Error())
 			}
-			results.HandleResults()
+
+			if err = results.HandleResults(); err != nil {
+				logger.L().Fatal(err.Error())
+			}
+			if !scanInfo.VerboseMode {
+				cautils.SimpleDisplay(os.Stderr, "%s  Run with '--verbose'/'-v' flag for detailed resources view\n\n", emoji.Detective)
+			}
 			if results.GetRiskScore() > float32(scanInfo.FailThreshold) {
-				return fmt.Errorf("scan risk-score %.2f is above permitted threshold %.2f", results.GetRiskScore(), scanInfo.FailThreshold)
+				logger.L().Fatal("scan risk-score is above permitted threshold", helpers.String("risk-score", fmt.Sprintf("%.2f", results.GetRiskScore())), helpers.String("fail-threshold", fmt.Sprintf("%.2f", scanInfo.FailThreshold)))
 			}
 			return nil
 		},
 	}
 }

-// func init() {
-// 	scanCmd.AddCommand(frameworkCmd)
-// 	scanInfo = cautils.ScanInfo{}
-
-// }
-
-// func SetScanForFirstFramework(frameworks []string) []reporthandling.PolicyIdentifier {
-// 	newPolicy := reporthandling.PolicyIdentifier{}
-// 	newPolicy.Kind = reporthandling.KindFramework
-// 	newPolicy.Name = frameworks[0]
-// 	scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
-// 	return scanInfo.PolicyIdentifier
-// }
-
-func flagValidationFramework(scanInfo *cautils.ScanInfo) {
+func flagValidationFramework(scanInfo *cautils.ScanInfo) error {
 	if scanInfo.Submit && scanInfo.Local {
-		logger.L().Fatal("you can use `keep-local` or `submit`, but not both")
+		return fmt.Errorf("you can use `keep-local` or `submit`, but not both")
 	}
-	if 100 < scanInfo.FailThreshold {
-		logger.L().Fatal("bad argument: out of range threshold")
+	if 100 < scanInfo.FailThreshold || 0 > scanInfo.FailThreshold {
+		return fmt.Errorf("bad argument: out of range threshold")
 	}
+	return nil
 }
--- a/cmd/scan/scan.go
+++ b/cmd/scan/scan.go
@@ -1,9 +1,11 @@
 package scan

 import (
+	"fmt"
+
 	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/core/meta"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/meta"
 	"github.com/spf13/cobra"
 )

@@ -11,7 +13,7 @@ var scanCmdExamples = `
  Scan command is for scanning an existing cluster or kubernetes manifest files based on pre-defind frameworks 
  
  # Scan current cluster with all frameworks
-  kubescape scan --submit --enable-host-scan
+  kubescape scan --submit --enable-host-scan --verbose

  # Scan kubernetes YAML manifest files
  kubescape scan *.yaml
@@ -61,7 +63,9 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 		},
 	}

-	scanCmd.PersistentFlags().StringVarP(&scanInfo.Account, "account", "", "", "ARMO portal account ID. Default will load account ID from configMap or config file")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.KubeContext, "kube-context", "", "", "Kube context. Default will use the current-context")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.ControlsInputs, "controls-config", "", "Path to an controls-config obj. If not set will download controls-config from ARMO management portal")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.UseExceptions, "exceptions", "", "Path to an exceptions obj. If not set will download exceptions from ARMO management portal")
@@ -72,15 +76,16 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().StringVar(&scanInfo.IncludeNamespaces, "include-namespaces", "", "scan specific namespaces. e.g: --include-namespaces ns-a,ns-b")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Local, "keep-local", "", false, "If you do not want your Kubescape results reported to ARMO backend. Use this flag if you ran with the '--submit' flag in the past and you do not want to submit your current scan results")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Output, "output", "o", "", "Output file. Print output to file and not stdout")
-	scanCmd.PersistentFlags().BoolVar(&scanInfo.VerboseMode, "verbose", false, "Display all of the input resources and not only failed resources")
+	scanCmd.PersistentFlags().BoolVarP(&scanInfo.VerboseMode, "verbose", "v", false, "Display all of the input resources and not only failed resources")
+	scanCmd.PersistentFlags().StringVar(&scanInfo.View, "view", string(cautils.ResourceViewType), fmt.Sprintf("View results based on the %s/%s. default is --view=%s", cautils.ResourceViewType, cautils.ControlViewType, cautils.ResourceViewType))
 	scanCmd.PersistentFlags().BoolVar(&scanInfo.UseDefault, "use-default", false, "Load local policy object from default path. If not used will download latest")
 	scanCmd.PersistentFlags().StringSliceVar(&scanInfo.UseFrom, "use-from", nil, "Load local policy object from specified path. If not used will download latest")
-	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Silent, "silent", "s", false, "Silent progress messages")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Submit, "submit", "", false, "Send the scan results to ARMO management portal where you can see the results in a user-friendly UI, choose your preferred compliance framework, check risk results history and trends, manage exceptions, get remediation recommendations and much more. By default the results are not submitted")
-	scanCmd.PersistentFlags().StringVar(&scanInfo.HostSensorYamlPath, "host-scan-yaml", "", "Override default host sensor DaemonSet. Use this flag cautiously")
+	scanCmd.PersistentFlags().StringVar(&scanInfo.HostSensorYamlPath, "host-scan-yaml", "", "Override default host scanner DaemonSet. Use this flag cautiously")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.FormatVersion, "format-version", "v1", "Output object can be differnet between versions, this is for maintaining backward and forward compatibility. Supported:'v1'/'v2'")

 	// Deprecated flags - remove 1.May.2022
+	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Silent, "silent", "s", false, "Silent progress messages")
 	scanCmd.PersistentFlags().MarkDeprecated("silent", "use '--logger' flag instead. Flag will be removed at 1.May.2022")

 	// hidden flags
@@ -88,7 +93,7 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().MarkHidden("silent")         // this flag should be deprecated since we added the --logger support
 	// scanCmd.PersistentFlags().MarkHidden("format-version") // meant for testing different output approaches and not for common use

-	hostF := scanCmd.PersistentFlags().VarPF(&scanInfo.HostSensorEnabled, "enable-host-scan", "", "Deploy ARMO K8s host-sensor daemonset in the scanned cluster. Deleting it right after we collecting the data. Required to collect valuable data from cluster nodes for certain controls. Yaml file: https://raw.githubusercontent.com/armosec/kubescape/master/hostsensorutils/hostsensor.yaml")
+	hostF := scanCmd.PersistentFlags().VarPF(&scanInfo.HostSensorEnabled, "enable-host-scan", "", "Deploy ARMO K8s host-sensor daemonset in the scanned cluster. Deleting it right after we collecting the data. Required to collect valuable data from cluster nodes for certain controls. Yaml file: https://github.com/armosec/kubescape/blob/master/core/pkg/hostsensorutils/hostsensor.yaml")
 	hostF.NoOptDefVal = "true"
 	hostF.DefValue = "false, for no TTY in stdin"

--- a/cmd/submit/exceptions.go
+++ b/cmd/submit/exceptions.go
@@ -3,9 +3,9 @@ package submit
 import (
 	"fmt"

-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/meta"
-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/meta"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"

 	"github.com/spf13/cobra"
 )
@@ -21,7 +21,7 @@ func getExceptionsCmd(ks meta.IKubescape, submitInfo *metav1.Submit) *cobra.Comm
 			return nil
 		},
 		Run: func(cmd *cobra.Command, args []string) {
-			if err := ks.SubmitExceptions(submitInfo.Account, args[0]); err != nil {
+			if err := ks.SubmitExceptions(&submitInfo.Credentials, args[0]); err != nil {
 				logger.L().Fatal(err.Error())
 			}
 		},
--- a/cmd/submit/rbac.go
+++ b/cmd/submit/rbac.go
@@ -2,15 +2,15 @@ package submit

 import (
 	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/core/meta"
-	"github.com/armosec/kubescape/core/meta/cliinterfaces"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/meta"
+	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"

-	reporterv1 "github.com/armosec/kubescape/core/pkg/resultshandling/reporter/v1"
+	reporterv1 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v1"

 	"github.com/armosec/rbac-utils/rbacscanner"
 	"github.com/spf13/cobra"
@@ -27,13 +27,13 @@ func getRBACCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 			k8s := k8sinterface.NewKubernetesApi()

 			// get config
-			clusterConfig := getTenantConfig(submitInfo.Account, "", k8s)
+			clusterConfig := getTenantConfig(&submitInfo.Credentials, "", k8s)
 			if err := clusterConfig.SetTenant(); err != nil {
 				logger.L().Error("failed setting account ID", helpers.Error(err))
 			}

 			// list RBAC
-			rbacObjects := cautils.NewRBACObjects(rbacscanner.NewRbacScannerFromK8sAPI(k8s, clusterConfig.GetAccountID(), clusterConfig.GetClusterName()))
+			rbacObjects := cautils.NewRBACObjects(rbacscanner.NewRbacScannerFromK8sAPI(k8s, clusterConfig.GetAccountID(), clusterConfig.GetContextName()))

 			// submit resources
 			r := reporterv1.NewReportEventReceiver(clusterConfig.GetConfigObj())
@@ -60,9 +60,9 @@ func getKubernetesApi() *k8sinterface.KubernetesApi {
 	}
 	return k8sinterface.NewKubernetesApi()
 }
-func getTenantConfig(Account, clusterName string, k8s *k8sinterface.KubernetesApi) cautils.ITenantConfig {
+func getTenantConfig(credentials *cautils.Credentials, clusterName string, k8s *k8sinterface.KubernetesApi) cautils.ITenantConfig {
 	if !k8sinterface.IsConnectedToCluster() || k8s == nil {
-		return cautils.NewLocalConfig(getter.GetArmoAPIConnector(), Account, clusterName)
+		return cautils.NewLocalConfig(getter.GetArmoAPIConnector(), credentials, clusterName)
 	}
-	return cautils.NewClusterConfig(k8s, getter.GetArmoAPIConnector(), Account, clusterName)
+	return cautils.NewClusterConfig(k8s, getter.GetArmoAPIConnector(), credentials, clusterName)
 }
--- a/cmd/submit/results.go
+++ b/cmd/submit/results.go
@@ -7,14 +7,14 @@ import (
 	"time"

 	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/core/meta"
-	"github.com/armosec/kubescape/core/meta/cliinterfaces"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
-	"github.com/armosec/kubescape/core/pkg/resultshandling/reporter"
-	reporterv1 "github.com/armosec/kubescape/core/pkg/resultshandling/reporter/v1"
-	reporterv2 "github.com/armosec/kubescape/core/pkg/resultshandling/reporter/v2"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/meta"
+	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
+	reporterv1 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v1"
+	reporterv2 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v2"

 	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/google/uuid"
@@ -69,12 +69,12 @@ func getResultsCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 			k8s := getKubernetesApi()

 			// get config
-			clusterConfig := getTenantConfig(submitInfo.Account, "", k8s)
+			clusterConfig := getTenantConfig(&submitInfo.Credentials, "", k8s)
 			if err := clusterConfig.SetTenant(); err != nil {
 				logger.L().Error("failed setting account ID", helpers.Error(err))
 			}

-			resultsObjects := NewResultsObject(clusterConfig.GetAccountID(), clusterConfig.GetClusterName(), args[0])
+			resultsObjects := NewResultsObject(clusterConfig.GetAccountID(), clusterConfig.GetContextName(), args[0])

 			// submit resources
 			var r reporter.IReport
--- a/cmd/submit/submit.go
+++ b/cmd/submit/submit.go
@@ -1,8 +1,8 @@
 package submit

 import (
-	"github.com/armosec/kubescape/core/meta"
-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/meta"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 	"github.com/spf13/cobra"
 )

@@ -20,7 +20,9 @@ func GetSubmitCmd(ks meta.IKubescape) *cobra.Command {
 		Run: func(cmd *cobra.Command, args []string) {
 		},
 	}
-	submitCmd.PersistentFlags().StringVarP(&submitInfo.Account, "account", "", "", "Armo portal account ID. Default will load account ID from configMap or config file")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")

 	submitCmd.AddCommand(getExceptionsCmd(ks, &submitInfo))
 	submitCmd.AddCommand(getResultsCmd(ks, &submitInfo))
--- a/cmd/version/version.go
+++ b/cmd/version/version.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"os"

-	"github.com/armosec/kubescape/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/spf13/cobra"
 )

--- a/core/README.md
+++ b/core/README.md
@@ -1 +1,14 @@
 # Kubescape core package
+
+```go
+
+// initialize kubescape
+ks := core.NewKubescape()
+
+// scan cluster
+results, err := ks.Scan(&cautils.ScanInfo{})
+
+// convert scan results to json
+jsonRes, err := results.ToJson()
+
+```
--- a/core/cautils/customerloader.go
+++ b/core/cautils/customerloader.go
@@ -10,7 +10,8 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

 	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/kubescape/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	corev1 "k8s.io/api/core/v1"
 )

@@ -66,8 +67,12 @@ type ITenantConfig interface {
 	DeleteCachedConfig() error

 	// getters
-	GetClusterName() string
+	GetContextName() string
 	GetAccountID() string
+	GetTenantEmail() string
+	GetToken() string
+	GetClientID() string
+	GetSecretKey() string
 	GetConfigObj() *ConfigObj
 	// GetBackendAPI() getter.IBackend
 	// GenerateURL()
@@ -85,8 +90,7 @@ type LocalConfig struct {
 }

 func NewLocalConfig(
-	backendAPI getter.IBackend, customerGUID, clusterName string) *LocalConfig {
-	var configObj *ConfigObj
+	backendAPI getter.IBackend, credentials *Credentials, clusterName string) *LocalConfig {

 	lc := &LocalConfig{
 		backendAPI: backendAPI,
@@ -94,20 +98,14 @@ func NewLocalConfig(
 	}
 	// get from configMap
 	if existsConfigFile() { // get from file
-		configObj, _ = loadConfigFromFile()
-	} else {
-		configObj = &ConfigObj{}
-	}
-	if configObj != nil {
-		lc.configObj = configObj
-	}
-	if customerGUID != "" {
-		lc.configObj.AccountID = customerGUID // override config customerGUID
+		loadConfigFromFile(lc.configObj)
 	}
+
+	updateCredentials(lc.configObj, credentials)
+
 	if clusterName != "" {
 		lc.configObj.ClusterName = AdoptClusterName(clusterName) // override config clusterName
 	}
-	getAccountFromEnv(lc.configObj)

 	lc.backendAPI.SetAccountID(lc.configObj.AccountID)
 	lc.backendAPI.SetClientID(lc.configObj.ClientID)
@@ -117,8 +115,12 @@ func NewLocalConfig(
 }

 func (lc *LocalConfig) GetConfigObj() *ConfigObj { return lc.configObj }
+func (lc *LocalConfig) GetTenantEmail() string   { return lc.configObj.CustomerAdminEMail }
 func (lc *LocalConfig) GetAccountID() string     { return lc.configObj.AccountID }
-func (lc *LocalConfig) GetClusterName() string   { return lc.configObj.ClusterName }
+func (lc *LocalConfig) GetClientID() string      { return lc.configObj.ClientID }
+func (lc *LocalConfig) GetSecretKey() string     { return lc.configObj.SecretKey }
+func (lc *LocalConfig) GetContextName() string   { return lc.configObj.ClusterName }
+func (lc *LocalConfig) GetToken() string         { return lc.configObj.Token }
 func (lc *LocalConfig) IsConfigFound() bool      { return existsConfigFile() }
 func (lc *LocalConfig) SetTenant() error {

@@ -135,7 +137,10 @@ func (lc *LocalConfig) UpdateCachedConfig() error {
 }

 func (lc *LocalConfig) DeleteCachedConfig() error {
-	return DeleteConfigFile()
+	if err := DeleteConfigFile(); err != nil {
+		logger.L().Warning(err.Error())
+	}
+	return nil
 }

 func getTenantConfigFromBE(backendAPI getter.IBackend, configObj *ConfigObj) error {
@@ -184,8 +189,8 @@ type ClusterConfig struct {
 	configObj          *ConfigObj
 }

-func NewClusterConfig(k8s *k8sinterface.KubernetesApi, backendAPI getter.IBackend, customerGUID, clusterName string) *ClusterConfig {
-	var configObj *ConfigObj
+func NewClusterConfig(k8s *k8sinterface.KubernetesApi, backendAPI getter.IBackend, credentials *Credentials, clusterName string) *ClusterConfig {
+	// var configObj *ConfigObj
 	c := &ClusterConfig{
 		k8s:                k8s,
 		backendAPI:         backendAPI,
@@ -194,26 +199,23 @@ func NewClusterConfig(k8s *k8sinterface.KubernetesApi, backendAPI getter.IBacken
 		configMapNamespace: getConfigMapNamespace(),
 	}

-	// get from configMap
+	// first, load from configMap
 	if c.existsConfigMap() {
-		configObj, _ = c.loadConfigFromConfigMap()
+		c.loadConfigFromConfigMap()
 	}
-	if configObj == nil && existsConfigFile() { // get from file
-		configObj, _ = loadConfigFromFile()
-	}
-	if configObj != nil {
-		c.configObj = configObj
-	}
-	if customerGUID != "" {
-		c.configObj.AccountID = customerGUID // override config customerGUID
+
+	// second, load from file
+	if existsConfigFile() { // get from file
+		loadConfigFromFile(c.configObj)
 	}
+	updateCredentials(c.configObj, credentials)
+
 	if clusterName != "" {
 		c.configObj.ClusterName = AdoptClusterName(clusterName) // override config clusterName
 	}
-	getAccountFromEnv(c.configObj)

 	if c.configObj.ClusterName == "" {
-		c.configObj.ClusterName = AdoptClusterName(k8sinterface.GetClusterName())
+		c.configObj.ClusterName = AdoptClusterName(k8sinterface.GetContextName())
 	} else { // override the cluster name if it has unwanted characters
 		c.configObj.ClusterName = AdoptClusterName(c.configObj.ClusterName)
 	}
@@ -228,6 +230,10 @@ func NewClusterConfig(k8s *k8sinterface.KubernetesApi, backendAPI getter.IBacken
 func (c *ClusterConfig) GetConfigObj() *ConfigObj { return c.configObj }
 func (c *ClusterConfig) GetDefaultNS() string     { return c.configMapNamespace }
 func (c *ClusterConfig) GetAccountID() string     { return c.configObj.AccountID }
+func (c *ClusterConfig) GetClientID() string      { return c.configObj.ClientID }
+func (c *ClusterConfig) GetSecretKey() string     { return c.configObj.SecretKey }
+func (c *ClusterConfig) GetTenantEmail() string   { return c.configObj.CustomerAdminEMail }
+func (c *ClusterConfig) GetToken() string         { return c.configObj.Token }
 func (c *ClusterConfig) IsConfigFound() bool      { return existsConfigFile() || c.existsConfigMap() }

 func (c *ClusterConfig) SetTenant() error {
@@ -257,14 +263,14 @@ func (c *ClusterConfig) UpdateCachedConfig() error {

 func (c *ClusterConfig) DeleteCachedConfig() error {
 	if err := c.deleteConfigMap(); err != nil {
-		return err
+		logger.L().Warning(err.Error())
 	}
 	if err := DeleteConfigFile(); err != nil {
-		return err
+		logger.L().Warning(err.Error())
 	}
 	return nil
 }
-func (c *ClusterConfig) GetClusterName() string {
+func (c *ClusterConfig) GetContextName() string {
 	return c.configObj.ClusterName
 }

@@ -275,18 +281,26 @@ func (c *ClusterConfig) ToMapString() map[string]interface{} {
 	}
 	return m
 }
-func (c *ClusterConfig) loadConfigFromConfigMap() (*ConfigObj, error) {
+func (c *ClusterConfig) loadConfigFromConfigMap() error {
 	configMap, err := c.k8s.KubernetesClient.CoreV1().ConfigMaps(c.configMapNamespace).Get(context.Background(), c.configMapName, metav1.GetOptions{})
 	if err != nil {
-		return nil, err
+		return err
 	}

-	if bData, err := json.Marshal(configMap.Data); err == nil {
-		return readConfig(bData)
-	}
-	return nil, nil
+	return loadConfigFromData(c.configObj, configMap.Data)
 }

+func loadConfigFromData(co *ConfigObj, data map[string]string) error {
+	var e error
+	if jsonConf, ok := data["config.json"]; ok {
+		e = readConfig([]byte(jsonConf), co)
+	}
+	if bData, err := json.Marshal(data); err == nil {
+		e = readConfig(bData, co)
+	}
+
+	return e
+}
 func (c *ClusterConfig) existsConfigMap() bool {
 	_, err := c.k8s.KubernetesClient.CoreV1().ConfigMaps(c.configMapNamespace).Get(context.Background(), c.configMapName, metav1.GetOptions{})
 	// TODO - check if has customerGUID
@@ -404,28 +418,27 @@ func (c *ClusterConfig) updateConfigData(configMap *corev1.ConfigMap) {
 		}
 	}
 }
-func loadConfigFromFile() (*ConfigObj, error) {
+func loadConfigFromFile(configObj *ConfigObj) error {
 	dat, err := os.ReadFile(ConfigFileFullPath())
 	if err != nil {
-		return nil, err
+		return err
 	}
-
-	return readConfig(dat)
+	return readConfig(dat, configObj)
 }
-func readConfig(dat []byte) (*ConfigObj, error) {
+func readConfig(dat []byte, configObj *ConfigObj) error {

 	if len(dat) == 0 {
-		return nil, nil
+		return nil
 	}
-	configObj := &ConfigObj{}
+
 	if err := json.Unmarshal(dat, configObj); err != nil {
-		return nil, err
+		return err
 	}
 	if configObj.AccountID == "" {
 		configObj.AccountID = configObj.CustomerGUID
 	}
 	configObj.CustomerGUID = ""
-	return configObj, nil
+	return nil
 }

 // Check if the customer is submitted
@@ -472,15 +485,34 @@ func getConfigMapNamespace() string {
 	return "default"
 }

-func getAccountFromEnv(configObj *ConfigObj) {
+func getAccountFromEnv(credentials *Credentials) {
 	// load from env
-	if accountID := os.Getenv("KS_ACCOUNT_ID"); accountID != "" {
-		configObj.AccountID = accountID
+	if accountID := os.Getenv("KS_ACCOUNT_ID"); credentials.Account != "" && accountID != "" {
+		credentials.Account = accountID
 	}
-	if clientID := os.Getenv("KS_CLIENT_ID"); clientID != "" {
-		configObj.ClientID = clientID
+	if clientID := os.Getenv("KS_CLIENT_ID"); credentials.ClientID != "" && clientID != "" {
+		credentials.ClientID = clientID
 	}
-	if secretKey := os.Getenv("KS_SECRET_KEY"); secretKey != "" {
-		configObj.SecretKey = secretKey
+	if secretKey := os.Getenv("KS_SECRET_KEY"); credentials.SecretKey != "" && secretKey != "" {
+		credentials.SecretKey = secretKey
 	}
 }
+
+func updateCredentials(configObj *ConfigObj, credentials *Credentials) {
+
+	if credentials == nil {
+		credentials = &Credentials{}
+	}
+	getAccountFromEnv(credentials)
+
+	if credentials.Account != "" {
+		configObj.AccountID = credentials.Account // override config Account
+	}
+	if credentials.ClientID != "" {
+		configObj.ClientID = credentials.ClientID // override config ClientID
+	}
+	if credentials.SecretKey != "" {
+		configObj.SecretKey = credentials.SecretKey // override config SecretKey
+	}
+
+}
--- a/core/cautils/customerloader_test.go
+++ b/core/cautils/customerloader_test.go
@@ -0,0 +1,193 @@
+package cautils
+
+import (
+	"encoding/json"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	corev1 "k8s.io/api/core/v1"
+)
+
+func mockConfigObj() *ConfigObj {
+	return &ConfigObj{
+		AccountID:          "aaa",
+		ClientID:           "bbb",
+		SecretKey:          "ccc",
+		ClusterName:        "ddd",
+		CustomerAdminEMail: "ab@cd",
+		Token:              "eee",
+	}
+}
+func mockLocalConfig() *LocalConfig {
+	return &LocalConfig{
+		backendAPI: nil,
+		configObj:  mockConfigObj(),
+	}
+}
+
+func mockClusterConfig() *ClusterConfig {
+	return &ClusterConfig{
+		backendAPI: nil,
+		configObj:  mockConfigObj(),
+	}
+}
+func TestConfig(t *testing.T) {
+	co := mockConfigObj()
+	cop := ConfigObj{}
+
+	assert.NoError(t, json.Unmarshal(co.Config(), &cop))
+	assert.Equal(t, co.AccountID, cop.AccountID)
+	assert.Equal(t, co.ClientID, cop.ClientID)
+	assert.Equal(t, co.SecretKey, cop.SecretKey)
+	assert.Equal(t, "", cop.ClusterName)        // Not copied to bytes
+	assert.Equal(t, "", cop.CustomerAdminEMail) // Not copied to bytes
+	assert.Equal(t, "", cop.Token)              // Not copied to bytes
+
+}
+
+func TestITenantConfig(t *testing.T) {
+	var lc ITenantConfig
+	var c ITenantConfig
+	lc = mockLocalConfig()
+	c = mockClusterConfig()
+
+	co := mockConfigObj()
+
+	// test LocalConfig methods
+	assert.Equal(t, co.AccountID, lc.GetAccountID())
+	assert.Equal(t, co.ClientID, lc.GetClientID())
+	assert.Equal(t, co.SecretKey, lc.GetSecretKey())
+	assert.Equal(t, co.ClusterName, lc.GetContextName())
+	assert.Equal(t, co.CustomerAdminEMail, lc.GetTenantEmail())
+	assert.Equal(t, co.Token, lc.GetToken())
+
+	// test ClusterConfig methods
+	assert.Equal(t, co.AccountID, c.GetAccountID())
+	assert.Equal(t, co.ClientID, c.GetClientID())
+	assert.Equal(t, co.SecretKey, c.GetSecretKey())
+	assert.Equal(t, co.ClusterName, c.GetContextName())
+	assert.Equal(t, co.CustomerAdminEMail, c.GetTenantEmail())
+	assert.Equal(t, co.Token, c.GetToken())
+}
+
+func TestUpdateConfigData(t *testing.T) {
+	c := mockClusterConfig()
+
+	configMap := &corev1.ConfigMap{}
+
+	c.updateConfigData(configMap)
+
+	assert.Equal(t, c.GetAccountID(), configMap.Data["accountID"])
+	assert.Equal(t, c.GetClientID(), configMap.Data["clientID"])
+	assert.Equal(t, c.GetSecretKey(), configMap.Data["secretKey"])
+}
+
+func TestReadConfig(t *testing.T) {
+	com := mockConfigObj()
+	co := &ConfigObj{}
+
+	b, e := json.Marshal(com)
+	assert.NoError(t, e)
+
+	readConfig(b, co)
+
+	assert.Equal(t, com.AccountID, co.AccountID)
+	assert.Equal(t, com.ClientID, co.ClientID)
+	assert.Equal(t, com.SecretKey, co.SecretKey)
+	assert.Equal(t, com.ClusterName, co.ClusterName)
+	assert.Equal(t, com.CustomerAdminEMail, co.CustomerAdminEMail)
+	assert.Equal(t, com.Token, co.Token)
+}
+
+func TestLoadConfigFromData(t *testing.T) {
+
+	// use case: all data is in base config
+	{
+		c := mockClusterConfig()
+		co := mockConfigObj()
+
+		configMap := &corev1.ConfigMap{}
+
+		c.updateConfigData(configMap)
+
+		c.configObj = &ConfigObj{}
+
+		loadConfigFromData(c.configObj, configMap.Data)
+
+		assert.Equal(t, c.GetAccountID(), co.AccountID)
+		assert.Equal(t, c.GetClientID(), co.ClientID)
+		assert.Equal(t, c.GetSecretKey(), co.SecretKey)
+		assert.Equal(t, c.GetContextName(), co.ClusterName)
+		assert.Equal(t, c.GetTenantEmail(), co.CustomerAdminEMail)
+		assert.Equal(t, c.GetToken(), co.Token)
+	}
+
+	// use case: all data is in config.json
+	{
+		c := mockClusterConfig()
+
+		co := mockConfigObj()
+		configMap := &corev1.ConfigMap{
+			Data: make(map[string]string),
+		}
+
+		configMap.Data["config.json"] = string(c.GetConfigObj().Config())
+		c.configObj = &ConfigObj{}
+
+		loadConfigFromData(c.configObj, configMap.Data)
+
+		assert.Equal(t, c.GetAccountID(), co.AccountID)
+		assert.Equal(t, c.GetClientID(), co.ClientID)
+		assert.Equal(t, c.GetSecretKey(), co.SecretKey)
+	}
+
+	// use case: some data is in config.json
+	{
+		c := mockClusterConfig()
+		configMap := &corev1.ConfigMap{
+			Data: make(map[string]string),
+		}
+
+		// add to map
+		configMap.Data["clientID"] = c.configObj.ClientID
+		configMap.Data["secretKey"] = c.configObj.SecretKey
+
+		// delete the content
+		c.configObj.ClientID = ""
+		c.configObj.SecretKey = ""
+
+		configMap.Data["config.json"] = string(c.GetConfigObj().Config())
+		loadConfigFromData(c.configObj, configMap.Data)
+
+		assert.NotEmpty(t, c.GetAccountID())
+		assert.NotEmpty(t, c.GetClientID())
+		assert.NotEmpty(t, c.GetSecretKey())
+	}
+
+	// use case: some data is in config.json
+	{
+		c := mockClusterConfig()
+		configMap := &corev1.ConfigMap{
+			Data: make(map[string]string),
+		}
+
+		c.configObj.AccountID = "tttt"
+
+		// add to map
+		configMap.Data["accountID"] = mockConfigObj().AccountID
+		configMap.Data["clientID"] = c.configObj.ClientID
+		configMap.Data["secretKey"] = c.configObj.SecretKey
+
+		// delete the content
+		c.configObj.ClientID = ""
+		c.configObj.SecretKey = ""
+
+		configMap.Data["config.json"] = string(c.GetConfigObj().Config())
+		loadConfigFromData(c.configObj, configMap.Data)
+
+		assert.Equal(t, mockConfigObj().AccountID, c.GetAccountID())
+		assert.NotEmpty(t, c.GetClientID())
+		assert.NotEmpty(t, c.GetSecretKey())
+	}
+
+}
--- a/core/cautils/datastructures.go
+++ b/core/cautils/datastructures.go
@@ -0,0 +1,88 @@
+package cautils
+
+import (
+	"github.com/armosec/armoapi-go/armotypes"
+	"github.com/armosec/k8s-interface/workloadinterface"
+	"github.com/armosec/opa-utils/reporthandling"
+	apis "github.com/armosec/opa-utils/reporthandling/apis"
+	"github.com/armosec/opa-utils/reporthandling/results/v1/resourcesresults"
+	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
+)
+
+// K8SResources map[<api group>/<api version>/<resource>][]<resourceID>
+type K8SResources map[string][]string
+type ArmoResources map[string][]string
+
+type OPASessionObj struct {
+	K8SResources          *K8SResources                          // input k8s objects
+	ArmoResource          *ArmoResources                         // input ARMO objects
+	Policies              []reporthandling.Framework             // list of frameworks to scan
+	AllResources          map[string]workloadinterface.IMetadata // all scanned resources, map[<rtesource ID>]<resource>
+	ResourcesResult       map[string]resourcesresults.Result     // resources scan results, map[<rtesource ID>]<resource result>
+	ResourceSource        map[string]string                      // resources sources, map[<rtesource ID>]<resource result>
+	PostureReport         *reporthandling.PostureReport          // scan results v1 - Remove
+	Report                *reporthandlingv2.PostureReport        // scan results v2 - Remove
+	Exceptions            []armotypes.PostureExceptionPolicy     // list of exceptions to apply on scan results
+	RegoInputData         RegoInputData                          // input passed to rgo for scanning. map[<control name>][<input arguments>]
+	Metadata              *reporthandlingv2.Metadata
+	InfoMap               map[string]apis.StatusInfo // Map errors of resources to StatusInfo
+	ResourceToControlsMap map[string][]string        // map[<apigroup/apiversion/resource>] = [<control_IDs>]
+	SessionID             string                     // SessionID
+}
+
+func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SResources, scanInfo *ScanInfo) *OPASessionObj {
+	return &OPASessionObj{
+		Report:                &reporthandlingv2.PostureReport{},
+		Policies:              frameworks,
+		K8SResources:          k8sResources,
+		AllResources:          make(map[string]workloadinterface.IMetadata),
+		ResourcesResult:       make(map[string]resourcesresults.Result),
+		InfoMap:               make(map[string]apis.StatusInfo),
+		ResourceToControlsMap: make(map[string][]string),
+		ResourceSource:        make(map[string]string),
+		SessionID:             scanInfo.ScanID,
+		PostureReport: &reporthandling.PostureReport{
+			ClusterName:  ClusterName,
+			CustomerGUID: CustomerGUID,
+		},
+		Metadata: scanInfoToScanMetadata(scanInfo),
+	}
+}
+
+func NewOPASessionObjMock() *OPASessionObj {
+	return &OPASessionObj{
+		Policies:        nil,
+		K8SResources:    nil,
+		AllResources:    make(map[string]workloadinterface.IMetadata),
+		ResourcesResult: make(map[string]resourcesresults.Result),
+		Report:          &reporthandlingv2.PostureReport{},
+		PostureReport: &reporthandling.PostureReport{
+			ClusterName:  "",
+			CustomerGUID: "",
+			ReportID:     "",
+			JobID:        "",
+		},
+	}
+}
+
+type ComponentConfig struct {
+	Exceptions Exception `json:"exceptions"`
+}
+
+type Exception struct {
+	Ignore        *bool                      `json:"ignore"`        // ignore test results
+	MultipleScore *reporthandling.AlertScore `json:"multipleScore"` // MultipleScore number - float32
+	Namespaces    []string                   `json:"namespaces"`
+	Regex         string                     `json:"regex"` // not supported
+}
+
+type RegoInputData struct {
+	PostureControlInputs map[string][]string `json:"postureControlInputs"`
+	// ClusterName          string              `json:"clusterName"`
+	// K8sConfig            RegoK8sConfig       `json:"k8sconfig"`
+}
+
+type Policies struct {
+	Frameworks []string
+	Controls   map[string]reporthandling.Control // map[<control ID>]<control>
+}
--- a/core/cautils/datastructuresmethods.go
+++ b/core/cautils/datastructuresmethods.go
@@ -1,10 +1,10 @@
 package cautils

 import (
-	pkgcautils "github.com/armosec/utils-go/utils"
 	"golang.org/x/mod/semver"

 	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/armosec/utils-go/boolutils"
 )

 func NewPolicies() *Policies {
@@ -40,7 +40,7 @@ func ruleWithArmoOpaDependency(attributes map[string]interface{}) bool {
 		return false
 	}
 	if s, ok := attributes["armoOpa"]; ok { // TODO - make global
-		return pkgcautils.StringToBool(s.(string))
+		return boolutils.StringToBool(s.(string))
 	}
 	return false
 }
@@ -51,18 +51,16 @@ func ruleWithArmoOpaDependency(attributes map[string]interface{}) bool {
 func isRuleKubescapeVersionCompatible(attributes map[string]interface{}, version string) bool {
 	if from, ok := attributes["useFromKubescapeVersion"]; ok && from != nil {
 		if version != "" {
-
-			if semver.Compare(from.(string), BuildNumber) > 0 {
+			if semver.Compare(version, from.(string)) == -1 {
 				return false
 			}
 		}
 	}
 	if until, ok := attributes["useUntilKubescapeVersion"]; ok && until != nil {
-		if version != "" {
-			if semver.Compare(BuildNumber, until.(string)) >= 0 {
-				return false
-			}
-		} else {
+		if version == "" {
+			return false
+		}
+		if semver.Compare(version, until.(string)) >= 0 {
 			return false
 		}
 	}
--- a/core/cautils/display.go
+++ b/core/cautils/display.go
@@ -4,7 +4,7 @@ import (
 	"os"
 	"time"

-	"github.com/briandowns/spinner"
+	spinnerpkg "github.com/briandowns/spinner"
 	"github.com/fatih/color"
 	"github.com/mattn/go-isatty"
 )
@@ -18,18 +18,24 @@ var SimpleDisplay = color.New().FprintfFunc()
 var SuccessDisplay = color.New(color.Bold, color.FgHiGreen).FprintfFunc()
 var DescriptionDisplay = color.New(color.Faint, color.FgWhite).FprintfFunc()

-var Spinner *spinner.Spinner
+var spinner *spinnerpkg.Spinner

 func StartSpinner() {
+	if spinner != nil {
+		if !spinner.Active() {
+			spinner.Start()
+		}
+		return
+	}
 	if isatty.IsTerminal(os.Stdout.Fd()) {
-		Spinner = spinner.New(spinner.CharSets[7], 100*time.Millisecond) // Build our new spinner
-		Spinner.Start()
+		spinner = spinnerpkg.New(spinnerpkg.CharSets[7], 100*time.Millisecond) // Build our new spinner
+		spinner.Start()
 	}
 }

 func StopSpinner() {
-	if Spinner == nil {
+	if spinner == nil || !spinner.Active() {
 		return
 	}
-	Spinner.Stop()
+	spinner.Stop()
 }
--- a/core/cautils/environments.go
+++ b/core/cautils/environments.go
@@ -0,0 +1,7 @@
+package cautils
+
+// CA environment vars
+var (
+	CustomerGUID = ""
+	ClusterName  = ""
+)
--- a/core/cautils/fileutils.go
+++ b/core/cautils/fileutils.go
@@ -9,14 +9,14 @@ import (
 	"strings"

 	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/kubescape/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/opa-utils/objectsenvelopes"
 	"gopkg.in/yaml.v2"
 )

 var (
-	YAML_PREFIX = []string{".yaml", ".yml"}
-	JSON_PREFIX = []string{".json"}
+	YAML_PREFIX = []string{"yaml", "yml"}
+	JSON_PREFIX = []string{"json"}
 )

 type FileFormat string
@@ -26,7 +26,7 @@ const (
 	JSON_FILE_FORMAT FileFormat = "json"
 )

-func LoadResourcesFromFiles(inputPatterns []string) ([]workloadinterface.IMetadata, error) {
+func LoadResourcesFromFiles(inputPatterns []string) (map[string][]workloadinterface.IMetadata, error) {
 	files, errs := listFiles(inputPatterns)
 	if len(errs) > 0 {
 		logger.L().Error(fmt.Sprintf("%v", errs))
@@ -42,8 +42,8 @@ func LoadResourcesFromFiles(inputPatterns []string) ([]workloadinterface.IMetada
 	return workloads, nil
 }

-func loadFiles(filePaths []string) ([]workloadinterface.IMetadata, []error) {
-	workloads := []workloadinterface.IMetadata{}
+func loadFiles(filePaths []string) (map[string][]workloadinterface.IMetadata, []error) {
+	workloads := make(map[string][]workloadinterface.IMetadata, 0)
 	errs := []error{}
 	for i := range filePaths {
 		f, err := loadFile(filePaths[i])
@@ -54,7 +54,12 @@ func loadFiles(filePaths []string) ([]workloadinterface.IMetadata, []error) {
 		w, e := ReadFile(f, GetFileFormat(filePaths[i]))
 		errs = append(errs, e...)
 		if w != nil {
-			workloads = append(workloads, w...)
+			if _, ok := workloads[filePaths[i]]; !ok {
+				workloads[filePaths[i]] = []workloadinterface.IMetadata{}
+			}
+			wSlice := workloads[filePaths[i]]
+			wSlice = append(wSlice, w...)
+			workloads[filePaths[i]] = wSlice
 		}
 	}
 	return workloads, errs
@@ -73,7 +78,6 @@ func ReadFile(fileContent []byte, fileFromat FileFormat) ([]workloadinterface.IM
 	default:
 		return nil, nil // []error{fmt.Errorf("file extension %s not supported", fileFromat)}
 	}
-
 }

 func listFiles(patterns []string) ([]string, []error) {
@@ -173,11 +177,11 @@ func convertYamlToJson(i interface{}) interface{} {
 }

 func IsYaml(filePath string) bool {
-	return StringInSlice(YAML_PREFIX, filepath.Ext(filePath)) != ValueNotFound
+	return StringInSlice(YAML_PREFIX, strings.ReplaceAll(filepath.Ext(filePath), ".", "")) != ValueNotFound
 }

 func IsJson(filePath string) bool {
-	return StringInSlice(JSON_PREFIX, filepath.Ext(filePath)) != ValueNotFound
+	return StringInSlice(JSON_PREFIX, strings.ReplaceAll(filepath.Ext(filePath), ".", "")) != ValueNotFound
 }

 func glob(root, pattern string) ([]string, error) {
--- a/core/cautils/fileutils_test.go
+++ b/core/cautils/fileutils_test.go
@@ -11,7 +11,7 @@ import (

 func onlineBoutiquePath() string {
 	o, _ := os.Getwd()
-	return filepath.Join(filepath.Dir(o), "examples/online-boutique/*")
+	return filepath.Join(filepath.Dir(o), "../examples/online-boutique/*")
 }

 func TestListFiles(t *testing.T) {
@@ -23,6 +23,20 @@ func TestListFiles(t *testing.T) {
 	assert.Equal(t, 12, len(files))
 }

+func TestLoadResourcesFromFiles(t *testing.T) {
+	workloads, err := LoadResourcesFromFiles([]string{onlineBoutiquePath()})
+	assert.NoError(t, err)
+	assert.Equal(t, 12, len(workloads))
+
+	for i, w := range workloads {
+		switch filepath.Base(i) {
+		case "adservice.yaml":
+			assert.Equal(t, 2, len(w))
+			assert.Equal(t, "apps/v1//Deployment/adservice", w[0].GetID())
+			assert.Equal(t, "/v1//Service/adservice", w[1].GetID())
+		}
+	}
+}
 func TestLoadFiles(t *testing.T) {
 	files, _ := listFiles([]string{onlineBoutiquePath()})
 	_, err := loadFiles(files)
--- a/core/cautils/floatutils.go
+++ b/core/cautils/floatutils.go
@@ -0,0 +1,18 @@
+package cautils
+
+import "math"
+
+// Float64ToInt convert float64 to int
+func Float64ToInt(x float64) int {
+	return int(math.Round(x))
+}
+
+// Float32ToInt convert float32 to int
+func Float32ToInt(x float32) int {
+	return Float64ToInt(float64(x))
+}
+
+// Float16ToInt convert float16 to int
+func Float16ToInt(x float32) int {
+	return Float64ToInt(float64(x))
+}
--- a/core/cautils/floatutils_test.go
+++ b/core/cautils/floatutils_test.go
@@ -0,0 +1,24 @@
+package cautils
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestFloat64ToInt(t *testing.T) {
+	assert.Equal(t, 3, Float64ToInt(3.49))
+	assert.Equal(t, 4, Float64ToInt(3.5))
+	assert.Equal(t, 4, Float64ToInt(3.51))
+}
+
+func TestFloat32ToInt(t *testing.T) {
+	assert.Equal(t, 3, Float32ToInt(3.49))
+	assert.Equal(t, 4, Float32ToInt(3.5))
+	assert.Equal(t, 4, Float32ToInt(3.51))
+}
+func TestFloat16ToInt(t *testing.T) {
+	assert.Equal(t, 3, Float16ToInt(3.49))
+	assert.Equal(t, 4, Float16ToInt(3.5))
+	assert.Equal(t, 4, Float16ToInt(3.51))
+}
--- a/core/cautils/getter/armoapi.go
+++ b/core/cautils/getter/armoapi.go
@@ -10,8 +10,8 @@ import (
 	"time"

 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/opa-utils/reporthandling"
 )

@@ -147,7 +147,8 @@ func (armoAPI *ArmoAPI) IsLoggedIn() bool              { return armoAPI.loggedIn
 func (armoAPI *ArmoAPI) GetClientID() string           { return armoAPI.clientID }
 func (armoAPI *ArmoAPI) GetSecretKey() string          { return armoAPI.secretKey }
 func (armoAPI *ArmoAPI) GetFrontendURL() string        { return armoAPI.feURL }
-func (armoAPI *ArmoAPI) GetAPIURL() string             { return armoAPI.apiURL }
+func (armoAPI *ArmoAPI) GetApiURL() string             { return armoAPI.apiURL }
+func (armoAPI *ArmoAPI) GetAuthURL() string            { return armoAPI.authURL }
 func (armoAPI *ArmoAPI) GetReportReceiverURL() string  { return armoAPI.erURL }
 func (armoAPI *ArmoAPI) SetAccountID(accountID string) { armoAPI.accountID = accountID }
 func (armoAPI *ArmoAPI) SetClientID(clientID string)   { armoAPI.clientID = clientID }
@@ -163,7 +164,6 @@ func (armoAPI *ArmoAPI) GetFramework(name string) (*reporthandling.Framework, er
 	if err = JSONDecoder(respStr).Decode(framework); err != nil {
 		return nil, err
 	}
-	SaveInFile(framework, GetDefaultPath(name+".json"))

 	return framework, err
 }
@@ -233,7 +233,14 @@ func (armoAPI *ArmoAPI) GetAccountConfig(clusterName string) (*armotypes.Custome
 	}

 	if err = JSONDecoder(respStr).Decode(&accountConfig); err != nil {
-		return nil, err
+		// try with default scope
+		respStr, err = armoAPI.Get(armoAPI.getAccountConfigDefault(clusterName), nil)
+		if err != nil {
+			return nil, err
+		}
+		if err = JSONDecoder(respStr).Decode(&accountConfig); err != nil {
+			return nil, err
+		}
 	}

 	return accountConfig, nil
--- a/core/cautils/getter/armoapiutils.go
+++ b/core/cautils/getter/armoapiutils.go
@@ -13,8 +13,7 @@ var NativeFrameworks = []string{"nsa", "mitre", "armobest", "devopsbest"}

 func (armoAPI *ArmoAPI) getFrameworkURL(frameworkName string) string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/armoFrameworks"
 	q := u.Query()
 	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
@@ -31,8 +30,7 @@ func (armoAPI *ArmoAPI) getFrameworkURL(frameworkName string) string {

 func (armoAPI *ArmoAPI) getListFrameworkURL() string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/armoFrameworks"
 	q := u.Query()
 	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
@@ -42,8 +40,7 @@ func (armoAPI *ArmoAPI) getListFrameworkURL() string {
 }
 func (armoAPI *ArmoAPI) getExceptionsURL(clusterName string) string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/armoPostureExceptions"

 	q := u.Query()
@@ -58,8 +55,7 @@ func (armoAPI *ArmoAPI) getExceptionsURL(clusterName string) string {

 func (armoAPI *ArmoAPI) exceptionsURL(exceptionsPolicyName string) string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/postureExceptionPolicy"

 	q := u.Query()
@@ -73,10 +69,15 @@ func (armoAPI *ArmoAPI) exceptionsURL(exceptionsPolicyName string) string {
 	return u.String()
 }

+func (armoAPI *ArmoAPI) getAccountConfigDefault(clusterName string) string {
+	config := armoAPI.getAccountConfig(clusterName)
+	url := config + "&scope=customer"
+	return url
+}
+
 func (armoAPI *ArmoAPI) getAccountConfig(clusterName string) string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/armoCustomerConfiguration"

 	q := u.Query()
@@ -91,24 +92,21 @@ func (armoAPI *ArmoAPI) getAccountConfig(clusterName string) string {

 func (armoAPI *ArmoAPI) getAccountURL() string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/createTenant"
 	return u.String()
 }

 func (armoAPI *ArmoAPI) getApiToken() string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.authURL
-	u.Path = "frontegg/identity/resources/auth/v1/api-token"
+	u.Scheme, u.Host = parseHost(armoAPI.GetAuthURL())
+	u.Path = "identity/resources/auth/v1/api-token"
 	return u.String()
 }

 func (armoAPI *ArmoAPI) getOpenidCustomers() string {
 	u := url.URL{}
-	u.Scheme = "https"
-	u.Host = armoAPI.apiURL
+	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
 	u.Path = "api/v1/openid_customers"
 	return u.String()
 }
@@ -167,3 +165,12 @@ func (armoAPI *ArmoAPI) getCustomerGUIDFallBack() string {
 	}
 	return "11111111-1111-1111-1111-111111111111"
 }
+
+func parseHost(host string) (string, string) {
+	if strings.HasPrefix(host, "http://") {
+		return "http", strings.Replace(host, "http://", "", 1)
+	}
+
+	// default scheme
+	return "https", strings.Replace(host, "https://", "", 1)
+}
--- a/core/cautils/getter/datastructures.go
+++ b/core/cautils/getter/datastructures.go
--- a/core/cautils/getter/downloadreleasedpolicy.go
+++ b/core/cautils/getter/downloadreleasedpolicy.go
--- a/core/cautils/getter/getpolicies.go
+++ b/core/cautils/getter/getpolicies.go
--- a/core/cautils/getter/getpoliciesutils.go
+++ b/core/cautils/getter/getpoliciesutils.go
--- a/core/cautils/getter/loadpolicy.go
+++ b/core/cautils/getter/loadpolicy.go
--- a/core/cautils/getter/loadpolicy_test.go
+++ b/core/cautils/getter/loadpolicy_test.go
--- a/core/cautils/jsonutils.go
+++ b/core/cautils/jsonutils.go
--- a/core/cautils/logger/helpers/datastructures.go
+++ b/core/cautils/logger/helpers/datastructures.go
--- a/core/cautils/logger/helpers/level.go
+++ b/core/cautils/logger/helpers/level.go
--- a/core/cautils/logger/helpers/methods.go
+++ b/core/cautils/logger/helpers/methods.go
--- a/core/cautils/logger/methods.go
+++ b/core/cautils/logger/methods.go
@@ -4,10 +4,10 @@ import (
 	"os"
 	"strings"

-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/cautils/logger/nonelogger"
-	"github.com/armosec/kubescape/cautils/logger/prettylogger"
-	"github.com/armosec/kubescape/cautils/logger/zaplogger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/nonelogger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/prettylogger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/zaplogger"
 )

 type ILogger interface {
--- a/core/cautils/logger/nonelogger/logger.go
+++ b/core/cautils/logger/nonelogger/logger.go
@@ -3,7 +3,7 @@ package nonelogger
 import (
 	"os"

-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 )

 const LoggerName string = "none"
--- a/core/cautils/logger/prettylogger/colors.go
+++ b/core/cautils/logger/prettylogger/colors.go
@@ -3,7 +3,7 @@ package prettylogger
 import (
 	"io"

-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/fatih/color"
 )

--- a/core/cautils/logger/prettylogger/logger.go
+++ b/core/cautils/logger/prettylogger/logger.go
@@ -5,7 +5,7 @@ import (
 	"os"
 	"sync"

-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 )

 const LoggerName string = "pretty"
--- a/core/cautils/logger/zaplogger/logger.go
+++ b/core/cautils/logger/zaplogger/logger.go
@@ -3,7 +3,7 @@ package zaplogger
 import (
 	"os"

-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"go.uber.org/zap"
 	"go.uber.org/zap/zapcore"
 )
--- a/core/cautils/rbac.go
+++ b/core/cautils/rbac.go
--- a/core/cautils/reportv2tov1.go
+++ b/core/cautils/reportv2tov1.go
@@ -11,8 +11,7 @@ func ReportV2ToV1(opaSessionObj *OPASessionObj) {
 	if len(opaSessionObj.PostureReport.FrameworkReports) > 0 {
 		return // report already converted
 	}
-
-	opaSessionObj.PostureReport.ClusterCloudProvider = opaSessionObj.Report.ClusterCloudProvider
+	//	opaSessionObj.PostureReport.ClusterCloudProvider = opaSessionObj.Report.ClusterCloudProvider

 	frameworks := []reporthandling.FrameworkReport{}

--- a/core/cautils/rootinfo.go
+++ b/core/cautils/rootinfo.go
@@ -0,0 +1,96 @@
+package cautils
+
+type RootInfo struct {
+	Logger       string // logger level
+	LoggerName   string // logger name ("pretty"/"zap"/"none")
+	CacheDir     string // cached dir
+	DisableColor bool   // Disable Color
+
+	ArmoBEURLs    string // armo url
+	ArmoBEURLsDep string // armo url
+
+}
+
+type Credentials struct {
+	Account   string
+	ClientID  string
+	SecretKey string
+}
+
+// func (rootInfo *RootInfo) InitLogger() {
+// 	logger.DisableColor(rootInfo.DisableColor)
+
+// 	if rootInfo.LoggerName == "" {
+// 		if l := os.Getenv("KS_LOGGER_NAME"); l != "" {
+// 			rootInfo.LoggerName = l
+// 		} else {
+// 			if isatty.IsTerminal(os.Stdout.Fd()) {
+// 				rootInfo.LoggerName = "pretty"
+// 			} else {
+// 				rootInfo.LoggerName = "zap"
+// 			}
+// 		}
+// 	}
+
+// 	logger.InitLogger(rootInfo.LoggerName)
+
+// }
+// func (rootInfo *RootInfo) InitLoggerLevel() error {
+// 	if rootInfo.Logger == helpers.InfoLevel.String() {
+// 	} else if l := os.Getenv("KS_LOGGER"); l != "" {
+// 		rootInfo.Logger = l
+// 	}
+
+// 	if err := logger.L().SetLevel(rootInfo.Logger); err != nil {
+// 		return fmt.Errorf("supported levels: %s", strings.Join(helpers.SupportedLevels(), "/"))
+// 	}
+// 	return nil
+// }
+
+// func (rootInfo *RootInfo) InitCacheDir() error {
+// 	if rootInfo.CacheDir == getter.DefaultLocalStore {
+// 		getter.DefaultLocalStore = rootInfo.CacheDir
+// 	} else if cacheDir := os.Getenv("KS_CACHE_DIR"); cacheDir != "" {
+// 		getter.DefaultLocalStore = cacheDir
+// 	} else {
+// 		return nil // using default cache dir location
+// 	}
+
+// 	// TODO create dir if not found exist
+// 	// logger.L().Debug("cache dir updated", helpers.String("path", getter.DefaultLocalStore))
+// 	return nil
+// }
+// func (rootInfo *RootInfo) InitEnvironment() error {
+
+// 	urlSlices := strings.Split(rootInfo.ArmoBEURLs, ",")
+// 	if len(urlSlices) != 1 && len(urlSlices) < 3 {
+// 		return fmt.Errorf("expected at least 2 URLs (report,api,frontend,auth)")
+// 	}
+// 	switch len(urlSlices) {
+// 	case 1:
+// 		switch urlSlices[0] {
+// 		case "dev", "development":
+// 			getter.SetARMOAPIConnector(getter.NewARMOAPIDev())
+// 		case "stage", "staging":
+// 			getter.SetARMOAPIConnector(getter.NewARMOAPIStaging())
+// 		case "":
+// 			getter.SetARMOAPIConnector(getter.NewARMOAPIProd())
+// 		default:
+// 			return fmt.Errorf("unknown environment")
+// 		}
+// 	case 2:
+// 		armoERURL := urlSlices[0] // mandatory
+// 		armoBEURL := urlSlices[1] // mandatory
+// 		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, "", ""))
+// 	case 3, 4:
+// 		var armoAUTHURL string
+// 		armoERURL := urlSlices[0] // mandatory
+// 		armoBEURL := urlSlices[1] // mandatory
+// 		armoFEURL := urlSlices[2] // mandatory
+// 		if len(urlSlices) <= 4 {
+// 			armoAUTHURL = urlSlices[3]
+// 		}
+// 		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, armoFEURL, armoAUTHURL))
+// 	}
+// 	return nil
+// }
--- a/core/cautils/scaninfo.go
+++ b/core/cautils/scaninfo.go
@@ -0,0 +1,318 @@
+package cautils
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/armosec/armoapi-go/armotypes"
+	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+
+	giturl "github.com/armosec/go-git-url"
+	"github.com/armosec/k8s-interface/k8sinterface"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/opa-utils/reporthandling"
+	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
+	"github.com/google/uuid"
+)
+
+const (
+	ScanCluster                string = "cluster"
+	ScanLocalFiles             string = "yaml"
+	localControlInputsFilename string = "controls-inputs.json"
+	localExceptionsFilename    string = "exceptions.json"
+)
+
+type BoolPtrFlag struct {
+	valPtr *bool
+}
+
+func NewBoolPtr(b *bool) BoolPtrFlag {
+	return BoolPtrFlag{valPtr: b}
+}
+
+func (bpf *BoolPtrFlag) Type() string {
+	return "bool"
+}
+
+func (bpf *BoolPtrFlag) String() string {
+	if bpf.valPtr != nil {
+		return fmt.Sprintf("%v", *bpf.valPtr)
+	}
+	return ""
+}
+func (bpf *BoolPtrFlag) Get() *bool {
+	return bpf.valPtr
+}
+func (bpf *BoolPtrFlag) GetBool() bool {
+	if bpf.valPtr == nil {
+		return false
+	}
+	return *bpf.valPtr
+}
+
+func (bpf *BoolPtrFlag) SetBool(val bool) {
+	bpf.valPtr = &val
+}
+
+func (bpf *BoolPtrFlag) Set(val string) error {
+	switch val {
+	case "true":
+		bpf.SetBool(true)
+	case "false":
+		bpf.SetBool(false)
+	}
+	return nil
+}
+
+// TODO - UPDATE
+type ViewTypes string
+
+const (
+	ResourceViewType ViewTypes = "resource"
+	ControlViewType  ViewTypes = "control"
+)
+
+type PolicyIdentifier struct {
+	Name        string                        // policy name e.g. nsa,mitre,c-0012
+	Kind        apisv1.NotificationPolicyKind // policy kind e.g. Framework,Control,Rule
+	Designators armotypes.PortalDesignator
+}
+
+type ScanInfo struct {
+	Getters                               // TODO - remove from object
+	PolicyIdentifier   []PolicyIdentifier // TODO - remove from object
+	UseExceptions      string             // Load file with exceptions configuration
+	ControlsInputs     string             // Load file with inputs for controls
+	UseFrom            []string           // Load framework from local file (instead of download). Use when running offline
+	UseDefault         bool               // Load framework from cached file (instead of download). Use when running offline
+	UseArtifactsFrom   string             // Load artifacts from local path. Use when running offline
+	VerboseMode        bool               // Display all of the input resources and not only failed resources
+	View               string             // Display all of the input resources and not only failed resources
+	Format             string             // Format results (table, json, junit ...)
+	Output             string             // Store results in an output file, Output file name
+	FormatVersion      string             // Output object can be differnet between versions, this is for testing and backward compatibility
+	ExcludedNamespaces string             // used for host scanner namespace
+	IncludeNamespaces  string             //
+	InputPatterns      []string           // Yaml files input patterns
+	Silent             bool               // Silent mode - Do not print progress logs
+	FailThreshold      float32            // Failure score threshold
+	Submit             bool               // Submit results to Armo BE
+	ScanID             string             // Report id of the current scan
+	HostSensorEnabled  BoolPtrFlag        // Deploy ARMO K8s host scanner to collect data from certain controls
+	HostSensorYamlPath string             // Path to hostsensor file
+	Local              bool               // Do not submit results
+	Credentials        Credentials        // account ID
+	KubeContext        string             // context name
+	FrameworkScan      bool               // false if scanning control
+	ScanAll            bool               // true if scan all frameworks
+}
+
+type Getters struct {
+	ExceptionsGetter     getter.IExceptionsGetter
+	ControlsInputsGetter getter.IControlsInputsGetter
+	PolicyGetter         getter.IPolicyGetter
+}
+
+func (scanInfo *ScanInfo) Init() {
+	scanInfo.setUseFrom()
+	scanInfo.setOutputFile()
+	scanInfo.setUseArtifactsFrom()
+	if scanInfo.ScanID == "" {
+		scanInfo.ScanID = uuid.NewString()
+	}
+
+}
+
+func (scanInfo *ScanInfo) setUseArtifactsFrom() {
+	if scanInfo.UseArtifactsFrom == "" {
+		return
+	}
+	// UseArtifactsFrom must be a path without a filename
+	dir, file := filepath.Split(scanInfo.UseArtifactsFrom)
+	if dir == "" {
+		scanInfo.UseArtifactsFrom = file
+	} else if strings.Contains(file, ".json") {
+		scanInfo.UseArtifactsFrom = dir
+	}
+	// set frameworks files
+	files, err := ioutil.ReadDir(scanInfo.UseArtifactsFrom)
+	if err != nil {
+		logger.L().Fatal("failed to read files from directory", helpers.String("dir", scanInfo.UseArtifactsFrom), helpers.Error(err))
+	}
+	framework := &reporthandling.Framework{}
+	for _, f := range files {
+		filePath := filepath.Join(scanInfo.UseArtifactsFrom, f.Name())
+		file, err := os.ReadFile(filePath)
+		if err == nil {
+			if err := json.Unmarshal(file, framework); err == nil {
+				scanInfo.UseFrom = append(scanInfo.UseFrom, filepath.Join(scanInfo.UseArtifactsFrom, f.Name()))
+			}
+		}
+	}
+	// set config-inputs file
+	scanInfo.ControlsInputs = filepath.Join(scanInfo.UseArtifactsFrom, localControlInputsFilename)
+	// set exceptions
+	scanInfo.UseExceptions = filepath.Join(scanInfo.UseArtifactsFrom, localExceptionsFilename)
+}
+
+func (scanInfo *ScanInfo) setUseFrom() {
+	if scanInfo.UseDefault {
+		for _, policy := range scanInfo.PolicyIdentifier {
+			scanInfo.UseFrom = append(scanInfo.UseFrom, getter.GetDefaultPath(policy.Name+".json"))
+		}
+	}
+}
+
+func (scanInfo *ScanInfo) setOutputFile() {
+	if scanInfo.Output == "" {
+		return
+	}
+	if scanInfo.Format == "json" {
+		if filepath.Ext(scanInfo.Output) != ".json" {
+			scanInfo.Output += ".json"
+		}
+	}
+	if scanInfo.Format == "junit" {
+		if filepath.Ext(scanInfo.Output) != ".xml" {
+			scanInfo.Output += ".xml"
+		}
+	}
+	if scanInfo.Format == "pdf" {
+		if filepath.Ext(scanInfo.Output) != ".pdf" {
+			scanInfo.Output += ".pdf"
+		}
+	}
+}
+
+func (scanInfo *ScanInfo) GetScanningEnvironment() string {
+	if len(scanInfo.InputPatterns) != 0 {
+		return ScanLocalFiles
+	}
+	return ScanCluster
+}
+
+func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind apisv1.NotificationPolicyKind) {
+	for _, policy := range policies {
+		if !scanInfo.contains(policy) {
+			newPolicy := PolicyIdentifier{}
+			newPolicy.Kind = kind
+			newPolicy.Name = policy
+			scanInfo.PolicyIdentifier = append(scanInfo.PolicyIdentifier, newPolicy)
+		}
+	}
+}
+
+func (scanInfo *ScanInfo) contains(policyName string) bool {
+	for _, policy := range scanInfo.PolicyIdentifier {
+		if policy.Name == policyName {
+			return true
+		}
+	}
+	return false
+}
+
+func scanInfoToScanMetadata(scanInfo *ScanInfo) *reporthandlingv2.Metadata {
+	metadata := &reporthandlingv2.Metadata{}
+
+	metadata.ScanMetadata.Format = scanInfo.Format
+	metadata.ScanMetadata.FormatVersion = scanInfo.FormatVersion
+	metadata.ScanMetadata.Submit = scanInfo.Submit
+
+	// TODO - Add excluded and included namespaces
+	// if len(scanInfo.ExcludedNamespaces) > 1 {
+	// 	opaSessionObj.Metadata.ScanMetadata.ExcludedNamespaces = strings.Split(scanInfo.ExcludedNamespaces[1:], ",")
+	// }
+	// if len(scanInfo.IncludeNamespaces) > 1 {
+	// 	opaSessionObj.Metadata.ScanMetadata.IncludeNamespaces = strings.Split(scanInfo.IncludeNamespaces[1:], ",")
+	// }
+
+	// scan type
+	if len(scanInfo.PolicyIdentifier) > 0 {
+		metadata.ScanMetadata.TargetType = string(scanInfo.PolicyIdentifier[0].Kind)
+	}
+	// append frameworks
+	for _, policy := range scanInfo.PolicyIdentifier {
+		metadata.ScanMetadata.TargetNames = append(metadata.ScanMetadata.TargetNames, policy.Name)
+	}
+
+	metadata.ScanMetadata.KubescapeVersion = BuildNumber
+	metadata.ScanMetadata.VerboseMode = scanInfo.VerboseMode
+	metadata.ScanMetadata.FailThreshold = scanInfo.FailThreshold
+	metadata.ScanMetadata.HostScanner = scanInfo.HostSensorEnabled.GetBool()
+	metadata.ScanMetadata.VerboseMode = scanInfo.VerboseMode
+	metadata.ScanMetadata.ControlsInputs = scanInfo.ControlsInputs
+
+	metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Cluster
+	if scanInfo.GetScanningEnvironment() == ScanLocalFiles {
+		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.File
+	}
+
+	inputFiles := ""
+	if len(scanInfo.InputPatterns) > 0 {
+		inputFiles = scanInfo.InputPatterns[0]
+	}
+	setContextMetadata(&metadata.ContextMetadata, inputFiles)
+
+	return metadata
+}
+
+func setContextMetadata(contextMetadata *reporthandlingv2.ContextMetadata, input string) {
+	//  cluster
+	if input == "" {
+		contextMetadata.ClusterContextMetadata = &reporthandlingv2.ClusterMetadata{
+			ContextName: k8sinterface.GetContextName(),
+		}
+		return
+	}
+
+	// url
+	if gitParser, err := giturl.NewGitURL(input); err == nil {
+		if gitParser.GetBranch() == "" {
+			gitParser.SetDefaultBranch()
+		}
+		contextMetadata.RepoContextMetadata = &reporthandlingv2.RepoContextMetadata{
+			Repo:   gitParser.GetRepo(),
+			Owner:  gitParser.GetOwner(),
+			Branch: gitParser.GetBranch(),
+		}
+		return
+	}
+
+	if !filepath.IsAbs(input) {
+		if o, err := os.Getwd(); err == nil {
+			input = filepath.Join(o, input)
+		}
+	}
+
+	//  single file
+	if IsFile(input) {
+		contextMetadata.FileContextMetadata = &reporthandlingv2.FileContextMetadata{
+			FilePath: input,
+			HostName: getHostname(),
+		}
+		return
+	}
+
+	//  dir/glob
+	if !IsFile(input) {
+		contextMetadata.DirectoryContextMetadata = &reporthandlingv2.DirectoryContextMetadata{
+			BasePath: input,
+			HostName: getHostname(),
+		}
+		return
+	}
+
+}
+
+func getHostname() string {
+	if h, e := os.Hostname(); e == nil {
+		return h
+	}
+	return ""
+}
--- a/core/cautils/scaninfo_test.go
+++ b/core/cautils/scaninfo_test.go
@@ -0,0 +1,67 @@
+package cautils
+
+import (
+	"testing"
+
+	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestSetContextMetadata(t *testing.T) {
+	{
+		ctx := reporthandlingv2.ContextMetadata{}
+		setContextMetadata(&ctx, "")
+
+		assert.NotNil(t, ctx.ClusterContextMetadata)
+		assert.Nil(t, ctx.DirectoryContextMetadata)
+		assert.Nil(t, ctx.FileContextMetadata)
+		assert.Nil(t, ctx.HelmContextMetadata)
+		assert.Nil(t, ctx.RepoContextMetadata)
+	}
+	{
+		ctx := reporthandlingv2.ContextMetadata{}
+		setContextMetadata(&ctx, "file")
+
+		assert.Nil(t, ctx.ClusterContextMetadata)
+		assert.NotNil(t, ctx.DirectoryContextMetadata)
+		assert.Nil(t, ctx.FileContextMetadata)
+		assert.Nil(t, ctx.HelmContextMetadata)
+		assert.Nil(t, ctx.RepoContextMetadata)
+
+		hostName := getHostname()
+		assert.Contains(t, ctx.DirectoryContextMetadata.BasePath, "file")
+		assert.Equal(t, hostName, ctx.DirectoryContextMetadata.HostName)
+	}
+	{
+		ctx := reporthandlingv2.ContextMetadata{}
+		setContextMetadata(&ctx, "scaninfo_test.go")
+
+		assert.Nil(t, ctx.ClusterContextMetadata)
+		assert.Nil(t, ctx.DirectoryContextMetadata)
+		assert.NotNil(t, ctx.FileContextMetadata)
+		assert.Nil(t, ctx.HelmContextMetadata)
+		assert.Nil(t, ctx.RepoContextMetadata)
+
+		hostName := getHostname()
+		assert.Contains(t, ctx.FileContextMetadata.FilePath, "scaninfo_test.go")
+		assert.Equal(t, hostName, ctx.FileContextMetadata.HostName)
+	}
+	{
+		ctx := reporthandlingv2.ContextMetadata{}
+		setContextMetadata(&ctx, "https://github.com/armosec/kubescape")
+
+		assert.Nil(t, ctx.ClusterContextMetadata)
+		assert.Nil(t, ctx.DirectoryContextMetadata)
+		assert.Nil(t, ctx.FileContextMetadata)
+		assert.Nil(t, ctx.HelmContextMetadata)
+		assert.NotNil(t, ctx.RepoContextMetadata)
+
+		assert.Equal(t, "kubescape", ctx.RepoContextMetadata.Repo)
+		assert.Equal(t, "armosec", ctx.RepoContextMetadata.Owner)
+		assert.Equal(t, "master", ctx.RepoContextMetadata.Branch)
+	}
+}
+
+func TestGetHostname(t *testing.T) {
+	assert.NotEqual(t, "", getHostname())
+}
--- a/core/cautils/strutils.go
+++ b/core/cautils/strutils.go
--- a/core/cautils/strutils_test.go
+++ b/core/cautils/strutils_test.go
--- a/core/cautils/versioncheck.go
+++ b/core/cautils/versioncheck.go
@@ -6,14 +6,15 @@ import (
 	"net/http"
 	"os"

-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	pkgutils "github.com/armosec/utils-go/utils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/utils-go/boolutils"
 	"golang.org/x/mod/semver"
 )

-const SKIP_VERSION_CHECK = "KUBESCAPE_SKIP_UPDATE_CHECK"
+const SKIP_VERSION_CHECK_DEPRECATED = "KUBESCAPE_SKIP_UPDATE_CHECK"
+const SKIP_VERSION_CHECK = "KS_SKIP_UPDATE_CHECK"

 var BuildNumber string

@@ -27,7 +28,9 @@ func NewIVersionCheckHandler() IVersionCheckHandler {
 	if BuildNumber == "" {
 		logger.L().Warning("unknown build number, this might affect your scan results. Please make sure you are updated to latest version")
 	}
-	if v, ok := os.LookupEnv(SKIP_VERSION_CHECK); ok && pkgutils.StringToBool(v) {
+	if v, ok := os.LookupEnv(SKIP_VERSION_CHECK); ok && boolutils.StringToBool(v) {
+		return NewVersionCheckHandlerMock()
+	} else if v, ok := os.LookupEnv(SKIP_VERSION_CHECK_DEPRECATED); ok && boolutils.StringToBool(v) {
 		return NewVersionCheckHandlerMock()
 	}
 	return NewVersionCheckHandler()
@@ -98,7 +101,7 @@ func (v *VersionCheckHandler) CheckLatestVersion(versionData *VersionCheckReques
 	}

 	if latestVersion.ClientUpdate != "" {
-		if BuildNumber != "" && semver.Compare(BuildNumber, latestVersion.ClientUpdate) >= 0 {
+		if BuildNumber != "" && semver.Compare(BuildNumber, latestVersion.ClientUpdate) == -1 {
 			logger.L().Warning(warningMessage(latestVersion.ClientUpdate))
 		}
 	}
--- a/core/cautils/versioncheck_test.go
+++ b/core/cautils/versioncheck_test.go
@@ -6,6 +6,7 @@ import (
 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/stretchr/testify/assert"
+	"golang.org/x/mod/semver"
 )

 func TestGetKubernetesObjects(t *testing.T) {
@@ -30,9 +31,38 @@ func TestIsRuleKubescapeVersionCompatible(t *testing.T) {
 	assert.True(t, isRuleKubescapeVersionCompatible(rule_v1_0_134.Attributes, buildNumberMock))

 	// should only use rules that version is in range of use
-	buildNumberMock = "v1.0.133"
+	buildNumberMock = "v1.0.130"
 	assert.True(t, isRuleKubescapeVersionCompatible(rule_v1_0_131.Attributes, buildNumberMock))
 	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_132.Attributes, buildNumberMock))
 	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_133.Attributes, buildNumberMock))
 	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_134.Attributes, buildNumberMock))
+
+	// should only use rules that version is in range of use
+	buildNumberMock = "v1.0.132"
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_131.Attributes, buildNumberMock))
+	assert.True(t, isRuleKubescapeVersionCompatible(rule_v1_0_132.Attributes, buildNumberMock))
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_133.Attributes, buildNumberMock))
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_134.Attributes, buildNumberMock))
+
+	// should only use rules that version is in range of use
+	buildNumberMock = "v1.0.133"
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_131.Attributes, buildNumberMock))
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_132.Attributes, buildNumberMock))
+	assert.True(t, isRuleKubescapeVersionCompatible(rule_v1_0_133.Attributes, buildNumberMock))
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_134.Attributes, buildNumberMock))
+
+	// should only use rules that version is in range of use
+	buildNumberMock = "v1.0.135"
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_131.Attributes, buildNumberMock))
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_132.Attributes, buildNumberMock))
+	assert.False(t, isRuleKubescapeVersionCompatible(rule_v1_0_133.Attributes, buildNumberMock))
+	assert.True(t, isRuleKubescapeVersionCompatible(rule_v1_0_134.Attributes, buildNumberMock))
+}
+
+func TestCheckLatestVersion(t *testing.T) {
+	assert.Equal(t, -1, semver.Compare("v2.0.150", "v2.0.151"))
+	assert.Equal(t, 0, semver.Compare("v2.0.150", "v2.0.150"))
+	assert.Equal(t, 1, semver.Compare("v2.0.150", "v2.0.149"))
+	assert.Equal(t, -1, semver.Compare("v2.0.150", "v3.0.150"))
+
 }
--- a/core/cautils/workloadmappingutils.go
+++ b/core/cautils/workloadmappingutils.go
@@ -0,0 +1,52 @@
+package cautils
+
+import (
+	"strings"
+
+	"github.com/armosec/opa-utils/reporthandling/apis"
+)
+
+var (
+	ImageVulnResources  = []string{"ImageVulnerabilities"}
+	HostSensorResources = []string{"KubeletConfiguration",
+		"KubeletCommandLine",
+		"OsReleaseFile",
+		"KernelVersion",
+		"LinuxSecurityHardeningStatus",
+		"OpenPortsList",
+		"LinuxKernelVariables"}
+	CloudResources = []string{"ClusterDescribe"}
+)
+
+func MapArmoResource(armoResourceMap *ArmoResources, resources []string) []string {
+	var hostResources []string
+	for k := range *armoResourceMap {
+		for _, resource := range resources {
+			if strings.Contains(k, resource) {
+				hostResources = append(hostResources, k)
+			}
+		}
+	}
+	return hostResources
+}
+
+func MapHostResources(armoResourceMap *ArmoResources) []string {
+	return MapArmoResource(armoResourceMap, HostSensorResources)
+}
+
+func MapImageVulnResources(armoResourceMap *ArmoResources) []string {
+	return MapArmoResource(armoResourceMap, ImageVulnResources)
+}
+
+func MapCloudResources(armoResourceMap *ArmoResources) []string {
+	return MapArmoResource(armoResourceMap, CloudResources)
+}
+
+func SetInfoMapForResources(info string, resources []string, errorMap map[string]apis.StatusInfo) {
+	for _, resource := range resources {
+		errorMap[resource] = apis.StatusInfo{
+			InnerInfo:   info,
+			InnerStatus: apis.StatusSkipped,
+		}
+	}
+}
--- a/core/core/cachedconfig.go
+++ b/core/core/cachedconfig.go
@@ -3,12 +3,12 @@ package core
 import (
 	"fmt"

-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 )

 func (ks *Kubescape) SetCachedConfig(setConfig *metav1.SetConfig) error {

-	tenant := getTenantConfig("", "", getKubernetesApi())
+	tenant := getTenantConfig(nil, "", getKubernetesApi())

 	if setConfig.Account != "" {
 		tenant.GetConfigObj().AccountID = setConfig.Account
@@ -25,13 +25,13 @@ func (ks *Kubescape) SetCachedConfig(setConfig *metav1.SetConfig) error {

 // View cached configurations
 func (ks *Kubescape) ViewCachedConfig(viewConfig *metav1.ViewConfig) error {
-	tenant := getTenantConfig("", "", getKubernetesApi()) // change k8sinterface
+	tenant := getTenantConfig(nil, "", getKubernetesApi()) // change k8sinterface
 	fmt.Fprintf(viewConfig.Writer, "%s\n", tenant.GetConfigObj().Config())
 	return nil
 }

 func (ks *Kubescape) DeleteCachedConfig(deleteConfig *metav1.DeleteConfig) error {

-	tenant := getTenantConfig("", "", getKubernetesApi()) // change k8sinterface
+	tenant := getTenantConfig(nil, "", getKubernetesApi()) // change k8sinterface
 	return tenant.DeleteCachedConfig()
 }
--- a/core/core/delete.go
+++ b/core/core/delete.go
@@ -3,16 +3,16 @@ package core
 import (
 	"fmt"

-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	v1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 )

 func (ks *Kubescape) DeleteExceptions(delExceptions *v1.DeleteExceptions) error {

 	// load cached config
-	getTenantConfig(delExceptions.Account, "", getKubernetesApi())
+	getTenantConfig(&delExceptions.Credentials, "", getKubernetesApi())

 	// login kubescape SaaS
 	armoAPI := getter.GetArmoAPIConnector()
--- a/core/core/download.go
+++ b/core/core/download.go
@@ -2,14 +2,15 @@ package core

 import (
 	"fmt"
+	"os"
 	"path/filepath"
 	"strings"

 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 )

 var downloadFunc = map[string]func(*metav1.DownloadInfo) error{
@@ -30,6 +31,9 @@ func DownloadSupportCommands() []string {

 func (ks *Kubescape) Download(downloadInfo *metav1.DownloadInfo) error {
 	setPathandFilename(downloadInfo)
+	if err := os.MkdirAll(downloadInfo.Path, os.ModePerm); err != nil {
+		return err
+	}
 	if err := downloadArtifact(downloadInfo, downloadFunc); err != nil {
 		return err
 	}
@@ -76,16 +80,19 @@ func downloadArtifacts(downloadInfo *metav1.DownloadInfo) error {
 }

 func downloadConfigInputs(downloadInfo *metav1.DownloadInfo) error {
-	tenant := getTenantConfig(downloadInfo.Account, "", getKubernetesApi())
+	tenant := getTenantConfig(&downloadInfo.Credentials, "", getKubernetesApi())

 	controlsInputsGetter := getConfigInputsGetter(downloadInfo.Name, tenant.GetAccountID(), nil)
-	controlInputs, err := controlsInputsGetter.GetControlsInputs(tenant.GetClusterName())
+	controlInputs, err := controlsInputsGetter.GetControlsInputs(tenant.GetContextName())
 	if err != nil {
 		return err
 	}
 	if downloadInfo.FileName == "" {
 		downloadInfo.FileName = fmt.Sprintf("%s.json", downloadInfo.Target)
 	}
+	if controlInputs == nil {
+		return fmt.Errorf("failed to download controlInputs - received an empty objects")
+	}
 	// save in file
 	err = getter.SaveInFile(controlInputs, filepath.Join(downloadInfo.Path, downloadInfo.FileName))
 	if err != nil {
@@ -97,12 +104,12 @@ func downloadConfigInputs(downloadInfo *metav1.DownloadInfo) error {

 func downloadExceptions(downloadInfo *metav1.DownloadInfo) error {
 	var err error
-	tenant := getTenantConfig(downloadInfo.Account, "", getKubernetesApi())
+	tenant := getTenantConfig(&downloadInfo.Credentials, "", getKubernetesApi())

 	exceptionsGetter := getExceptionsGetter("")
 	exceptions := []armotypes.PostureExceptionPolicy{}
 	if tenant.GetAccountID() != "" {
-		exceptions, err = exceptionsGetter.GetExceptions(tenant.GetClusterName())
+		exceptions, err = exceptionsGetter.GetExceptions(tenant.GetContextName())
 		if err != nil {
 			return err
 		}
@@ -121,9 +128,9 @@ func downloadExceptions(downloadInfo *metav1.DownloadInfo) error {

 func downloadFramework(downloadInfo *metav1.DownloadInfo) error {

-	tenant := getTenantConfig(downloadInfo.Account, "", getKubernetesApi())
+	tenant := getTenantConfig(&downloadInfo.Credentials, "", getKubernetesApi())

-	g := getPolicyGetter(nil, tenant.GetAccountID(), true, nil)
+	g := getPolicyGetter(nil, tenant.GetTenantEmail(), true, nil)

 	if downloadInfo.Name == "" {
 		// if framework name not specified - download all frameworks
@@ -148,6 +155,9 @@ func downloadFramework(downloadInfo *metav1.DownloadInfo) error {
 		if err != nil {
 			return err
 		}
+		if framework == nil {
+			return fmt.Errorf("failed to download framework - received an empty objects")
+		}
 		downloadTo := filepath.Join(downloadInfo.Path, downloadInfo.FileName)
 		err = getter.SaveInFile(framework, downloadTo)
 		if err != nil {
@@ -160,9 +170,9 @@ func downloadFramework(downloadInfo *metav1.DownloadInfo) error {

 func downloadControl(downloadInfo *metav1.DownloadInfo) error {

-	tenant := getTenantConfig(downloadInfo.Account, "", getKubernetesApi())
+	tenant := getTenantConfig(&downloadInfo.Credentials, "", getKubernetesApi())

-	g := getPolicyGetter(nil, tenant.GetAccountID(), false, nil)
+	g := getPolicyGetter(nil, tenant.GetTenantEmail(), false, nil)

 	if downloadInfo.Name == "" {
 		// TODO - support
@@ -175,6 +185,9 @@ func downloadControl(downloadInfo *metav1.DownloadInfo) error {
 	if err != nil {
 		return err
 	}
+	if controls == nil {
+		return fmt.Errorf("failed to download control - received an empty objects")
+	}
 	downloadTo := filepath.Join(downloadInfo.Path, downloadInfo.FileName)
 	err = getter.SaveInFile(controls, downloadTo)
 	if err != nil {
--- a/core/core/initutils.go
+++ b/core/core/initutils.go
@@ -2,19 +2,17 @@ package core

 import (
 	"fmt"
-	"os"

 	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/core/pkg/hostsensorutils"
-	"github.com/armosec/kubescape/core/pkg/resourcehandler"
-	"github.com/armosec/kubescape/core/pkg/resultshandling/reporter"
-	reporterv2 "github.com/armosec/kubescape/core/pkg/resultshandling/reporter/v2"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/pkg/hostsensorutils"
+	"github.com/armosec/kubescape/v2/core/pkg/resourcehandler"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
+	reporterv2 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v2"

-	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/rbac-utils/rbacscanner"
 )

@@ -25,11 +23,11 @@ func getKubernetesApi() *k8sinterface.KubernetesApi {
 	}
 	return k8sinterface.NewKubernetesApi()
 }
-func getTenantConfig(Account, clusterName string, k8s *k8sinterface.KubernetesApi) cautils.ITenantConfig {
+func getTenantConfig(credentials *cautils.Credentials, clusterName string, k8s *k8sinterface.KubernetesApi) cautils.ITenantConfig {
 	if !k8sinterface.IsConnectedToCluster() || k8s == nil {
-		return cautils.NewLocalConfig(getter.GetArmoAPIConnector(), Account, clusterName)
+		return cautils.NewLocalConfig(getter.GetArmoAPIConnector(), credentials, clusterName)
 	}
-	return cautils.NewClusterConfig(k8s, getter.GetArmoAPIConnector(), Account, clusterName)
+	return cautils.NewClusterConfig(k8s, getter.GetArmoAPIConnector(), credentials, clusterName)
 }

 func getExceptionsGetter(useExceptions string) getter.IExceptionsGetter {
@@ -43,16 +41,16 @@ func getExceptionsGetter(useExceptions string) getter.IExceptionsGetter {

 func getRBACHandler(tenantConfig cautils.ITenantConfig, k8s *k8sinterface.KubernetesApi, submit bool) *cautils.RBACObjects {
 	if submit {
-		return cautils.NewRBACObjects(rbacscanner.NewRbacScannerFromK8sAPI(k8s, tenantConfig.GetAccountID(), tenantConfig.GetClusterName()))
+		return cautils.NewRBACObjects(rbacscanner.NewRbacScannerFromK8sAPI(k8s, tenantConfig.GetAccountID(), tenantConfig.GetContextName()))
 	}
 	return nil
 }

-func getReporter(tenantConfig cautils.ITenantConfig, reportID string, submit, fwScan, clusterScan bool) reporter.IReport {
-	if submit && clusterScan {
+func getReporter(tenantConfig cautils.ITenantConfig, reportID string, submit, fwScan bool) reporter.IReport {
+	if submit {
 		return reporterv2.NewReportEventReceiver(tenantConfig.GetConfigObj(), reportID)
 	}
-	if tenantConfig.GetAccountID() == "" && fwScan && clusterScan {
+	if tenantConfig.GetAccountID() == "" {
 		// Add link only when scanning a cluster using a framework
 		return reporterv2.NewReportMock(reporterv2.NO_SUBMIT_QUERY, "run kubescape with the '--submit' flag")
 	}
@@ -60,9 +58,7 @@ func getReporter(tenantConfig cautils.ITenantConfig, reportID string, submit, fw
 	if !fwScan {
 		message = "Kubescape does not submit scan results when scanning controls"
 	}
-	if !clusterScan {
-		message = "Kubescape will submit scan results only when scanning a cluster (not YAML files)"
-	}
+
 	return reporterv2.NewReportMock("", message)
 }

@@ -82,7 +78,7 @@ func getHostSensorHandler(scanInfo *cautils.ScanInfo, k8s *k8sinterface.Kubernet
 	}

 	hasHostSensorControls := true
-	// we need to determined which controls needs host sensor
+	// we need to determined which controls needs host scanner
 	if scanInfo.HostSensorEnabled.Get() == nil && hasHostSensorControls {
 		scanInfo.HostSensorEnabled.SetBool(false) // default - do not run host scanner
 		logger.L().Warning("Kubernetes cluster nodes scanning is disabled. This is required to collect valuable data for certain controls. You can enable it using  the --enable-host-scan flag")
@@ -90,7 +86,7 @@ func getHostSensorHandler(scanInfo *cautils.ScanInfo, k8s *k8sinterface.Kubernet
 	if hostSensorVal := scanInfo.HostSensorEnabled.Get(); hostSensorVal != nil && *hostSensorVal {
 		hostSensorHandler, err := hostsensorutils.NewHostSensorHandler(k8s, scanInfo.HostSensorYamlPath)
 		if err != nil {
-			logger.L().Warning(fmt.Sprintf("failed to create host sensor: %s", err.Error()))
+			logger.L().Warning(fmt.Sprintf("failed to create host scanner: %s", err.Error()))
 			return &hostsensorutils.HostSensorHandlerMock{}
 		}
 		return hostSensorHandler
@@ -108,7 +104,7 @@ func getFieldSelector(scanInfo *cautils.ScanInfo) resourcehandler.IFieldSelector
 	return &resourcehandler.EmptySelector{}
 }

-func policyIdentifierNames(pi []reporthandling.PolicyIdentifier) string {
+func policyIdentifierNames(pi []cautils.PolicyIdentifier) string {
 	policiesNames := ""
 	for i := range pi {
 		policiesNames += pi[i].Name
@@ -153,11 +149,11 @@ func setSubmitBehavior(scanInfo *cautils.ScanInfo, tenantConfig cautils.ITenantC
 }

 // setPolicyGetter set the policy getter - local file/github release/ArmoAPI
-func getPolicyGetter(loadPoliciesFromFile []string, accountID string, frameworkScope bool, downloadReleasedPolicy *getter.DownloadReleasedPolicy) getter.IPolicyGetter {
+func getPolicyGetter(loadPoliciesFromFile []string, tennatEmail string, frameworkScope bool, downloadReleasedPolicy *getter.DownloadReleasedPolicy) getter.IPolicyGetter {
 	if len(loadPoliciesFromFile) > 0 {
 		return getter.NewLoadPolicy(loadPoliciesFromFile)
 	}
-	if accountID != "" && frameworkScope {
+	if tennatEmail != "" && frameworkScope {
 		g := getter.GetArmoAPIConnector() // download policy from ARMO backend
 		return g
 	}
@@ -195,7 +191,7 @@ func getConfigInputsGetter(ControlsInputs string, accountID string, downloadRele
 		downloadReleasedPolicy = getter.NewDownloadReleasedPolicy()
 	}
 	if err := downloadReleasedPolicy.SetRegoObjects(); err != nil { // if failed to pull config inputs, fallback to BE
-		cautils.WarningDisplay(os.Stderr, "Warning: failed to get config inputs from github release, this may affect the scanning results\n")
+		logger.L().Warning("failed to get config inputs from github release, this may affect the scanning results", helpers.Error(err))
 	}
 	return downloadReleasedPolicy
 }
--- a/core/core/list.go
+++ b/core/core/list.go
@@ -6,8 +6,8 @@ import (
 	"sort"
 	"strings"

-	"github.com/armosec/kubescape/cautils/getter"
-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
 )

 var listFunc = map[string]func(*metav1.ListPolicies) ([]string, error){
@@ -44,16 +44,16 @@ func (ks *Kubescape) List(listPolicies *metav1.ListPolicies) error {
 }

 func listFrameworks(listPolicies *metav1.ListPolicies) ([]string, error) {
-	tenant := getTenantConfig(listPolicies.Account, "", getKubernetesApi()) // change k8sinterface
-	g := getPolicyGetter(nil, tenant.GetAccountID(), true, nil)
+	tenant := getTenantConfig(&listPolicies.Credentials, "", getKubernetesApi()) // change k8sinterface
+	g := getPolicyGetter(nil, tenant.GetTenantEmail(), true, nil)

 	return listFrameworksNames(g), nil
 }

 func listControls(listPolicies *metav1.ListPolicies) ([]string, error) {
-	tenant := getTenantConfig(listPolicies.Account, "", getKubernetesApi()) // change k8sinterface
+	tenant := getTenantConfig(&listPolicies.Credentials, "", getKubernetesApi()) // change k8sinterface

-	g := getPolicyGetter(nil, tenant.GetAccountID(), false, nil)
+	g := getPolicyGetter(nil, tenant.GetTenantEmail(), false, nil)
 	l := getter.ListName
 	if listPolicies.ListIDs {
 		l = getter.ListID
@@ -63,7 +63,7 @@ func listControls(listPolicies *metav1.ListPolicies) ([]string, error) {

 func listExceptions(listPolicies *metav1.ListPolicies) ([]string, error) {
 	// load tenant metav1
-	getTenantConfig(listPolicies.Account, "", getKubernetesApi())
+	getTenantConfig(&listPolicies.Credentials, "", getKubernetesApi())

 	var exceptionsNames []string
 	armoAPI := getExceptionsGetter("")
--- a/core/core/scan.go
+++ b/core/core/scan.go
@@ -3,22 +3,22 @@ package core
 import (
 	"fmt"

-	"github.com/armosec/armoapi-go/armotypes"
+	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+
 	"github.com/armosec/k8s-interface/k8sinterface"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/core/pkg/hostsensorutils"
-	"github.com/armosec/kubescape/core/pkg/opaprocessor"
-	"github.com/armosec/kubescape/core/pkg/policyhandler"
-	"github.com/armosec/kubescape/core/pkg/resourcehandler"
-	"github.com/armosec/kubescape/core/pkg/resultshandling"
-	"github.com/armosec/kubescape/core/pkg/resultshandling/printer"
-	"github.com/armosec/kubescape/core/pkg/resultshandling/reporter"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/pkg/hostsensorutils"
+	"github.com/armosec/kubescape/v2/core/pkg/opaprocessor"
+	"github.com/armosec/kubescape/v2/core/pkg/policyhandler"
+	"github.com/armosec/kubescape/v2/core/pkg/resourcehandler"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/printer"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"

-	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/opa-utils/resources"
 )

@@ -43,11 +43,16 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {

 	// ================== setup tenant object ======================================

-	tenantConfig := getTenantConfig(scanInfo.Account, scanInfo.KubeContext, k8s)
+	tenantConfig := getTenantConfig(&scanInfo.Credentials, scanInfo.KubeContext, k8s)

 	// Set submit behavior AFTER loading tenant config
 	setSubmitBehavior(scanInfo, tenantConfig)

+	// Do not submit yaml scanning
+	if len(scanInfo.InputPatterns) > 0 {
+		scanInfo.Submit = false
+	}
+
 	if scanInfo.Submit {
 		// submit - Create tenant & Submit report
 		if err := tenantConfig.SetTenant(); err != nil {
@@ -60,11 +65,11 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 	v := cautils.NewIVersionCheckHandler()
 	v.CheckLatestVersion(cautils.NewVersionCheckRequest(cautils.BuildNumber, policyIdentifierNames(scanInfo.PolicyIdentifier), "", scanInfo.GetScanningEnvironment()))

-	// ================== setup host sensor object ======================================
+	// ================== setup host scanner object ======================================

 	hostSensorHandler := getHostSensorHandler(scanInfo, k8s)
 	if err := hostSensorHandler.Init(); err != nil {
-		logger.L().Error("failed to init host sensor", helpers.Error(err))
+		logger.L().Error("failed to init host scanner", helpers.Error(err))
 		hostSensorHandler = &hostsensorutils.HostSensorHandlerMock{}
 	}
 	// excluding hostsensor namespace
@@ -86,10 +91,10 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 	// ================== setup reporter & printer objects ======================================

 	// reporting behavior - setup reporter
-	reportHandler := getReporter(tenantConfig, scanInfo.ReportID, scanInfo.Submit, scanInfo.FrameworkScan, len(scanInfo.InputPatterns) == 0)
+	reportHandler := getReporter(tenantConfig, scanInfo.ScanID, scanInfo.Submit, scanInfo.FrameworkScan)

 	// setup printer
-	printerHandler := resultshandling.NewPrinter(scanInfo.Format, scanInfo.FormatVersion, scanInfo.VerboseMode)
+	printerHandler := resultshandling.NewPrinter(scanInfo.Format, scanInfo.FormatVersion, scanInfo.VerboseMode, cautils.ViewTypes(scanInfo.View))
 	printerHandler.SetWriter(scanInfo.Output)

 	// ================== return interface ======================================
@@ -111,27 +116,27 @@ func (ks *Kubescape) Scan(scanInfo *cautils.ScanInfo) (*resultshandling.ResultsH

 	interfaces := getInterfaces(scanInfo)

-	cautils.ClusterName = interfaces.tenantConfig.GetClusterName() // TODO - Deprecated
+	cautils.ClusterName = interfaces.tenantConfig.GetContextName() // TODO - Deprecated
 	cautils.CustomerGUID = interfaces.tenantConfig.GetAccountID()  // TODO - Deprecated
-	interfaces.report.SetClusterName(interfaces.tenantConfig.GetClusterName())
+	interfaces.report.SetClusterName(interfaces.tenantConfig.GetContextName())
 	interfaces.report.SetCustomerGUID(interfaces.tenantConfig.GetAccountID())

 	downloadReleasedPolicy := getter.NewDownloadReleasedPolicy() // download config inputs from github release

 	// set policy getter only after setting the customerGUID
-	scanInfo.Getters.PolicyGetter = getPolicyGetter(scanInfo.UseFrom, interfaces.tenantConfig.GetAccountID(), scanInfo.FrameworkScan, downloadReleasedPolicy)
+	scanInfo.Getters.PolicyGetter = getPolicyGetter(scanInfo.UseFrom, interfaces.tenantConfig.GetTenantEmail(), scanInfo.FrameworkScan, downloadReleasedPolicy)
 	scanInfo.Getters.ControlsInputsGetter = getConfigInputsGetter(scanInfo.ControlsInputs, interfaces.tenantConfig.GetAccountID(), downloadReleasedPolicy)
 	scanInfo.Getters.ExceptionsGetter = getExceptionsGetter(scanInfo.UseExceptions)

 	// TODO - list supported frameworks/controls
 	if scanInfo.ScanAll {
-		scanInfo.SetPolicyIdentifiers(listFrameworksNames(scanInfo.Getters.PolicyGetter), reporthandling.KindFramework)
+		scanInfo.SetPolicyIdentifiers(listFrameworksNames(scanInfo.Getters.PolicyGetter), apisv1.KindFramework)
 	}

 	// remove host scanner components
 	defer func() {
 		if err := interfaces.hostSensorHandler.TearDown(); err != nil {
-			logger.L().Error("failed to tear down host sensor", helpers.Error(err))
+			logger.L().Error("failed to tear down host scanner", helpers.Error(err))
 		}
 	}()

@@ -139,13 +144,13 @@ func (ks *Kubescape) Scan(scanInfo *cautils.ScanInfo) (*resultshandling.ResultsH

 	// ===================== policies & resources =====================
 	policyHandler := policyhandler.NewPolicyHandler(interfaces.resourceHandler)
-	scanData, err := collectResources(policyHandler, scanInfo)
+	scanData, err := policyHandler.CollectResources(scanInfo.PolicyIdentifier, scanInfo)
 	if err != nil {
 		return resultsHandling, err
 	}

 	// ========================= opa testing =====================
-	deps := resources.NewRegoDependenciesData(k8sinterface.GetK8sConfig(), interfaces.tenantConfig.GetClusterName())
+	deps := resources.NewRegoDependenciesData(k8sinterface.GetK8sConfig(), interfaces.tenantConfig.GetContextName())
 	reportResults := opaprocessor.NewOPAProcessor(scanData, deps)
 	if err := reportResults.ProcessRulesListenner(); err != nil {
 		// TODO - do something
@@ -162,28 +167,6 @@ func (ks *Kubescape) Scan(scanInfo *cautils.ScanInfo) (*resultshandling.ResultsH
 	return resultsHandling, nil
 }

-// TODO - remove function
-func collectResources(policyHandler *policyhandler.PolicyHandler, scanInfo *cautils.ScanInfo) (*cautils.OPASessionObj, error) {
-	policyNotification := &reporthandling.PolicyNotification{
-		Rules: scanInfo.PolicyIdentifier,
-		KubescapeNotification: reporthandling.KubescapeNotification{
-			Designators:      armotypes.PortalDesignator{},
-			NotificationType: reporthandling.TypeExecPostureScan,
-		},
-	}
-	switch policyNotification.KubescapeNotification.NotificationType {
-	case reporthandling.TypeExecPostureScan:
-		collectedResources, err := policyHandler.CollectResources(policyNotification, scanInfo)
-		if err != nil {
-			return nil, err
-		}
-		return collectedResources, nil
-
-	default:
-		return nil, fmt.Errorf("notification type '%s' Unknown", policyNotification.KubescapeNotification.NotificationType)
-	}
-}
-
 // func askUserForHostSensor() bool {
 // 	return false

--- a/core/core/submit.go
+++ b/core/core/submit.go
@@ -1,11 +1,11 @@
 package core

 import (
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/core/meta/cliinterfaces"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
 )

 func (ks *Kubescape) Submit(submitInterfaces cliinterfaces.SubmitInterfaces) error {
@@ -20,7 +20,7 @@ func (ks *Kubescape) Submit(submitInterfaces cliinterfaces.SubmitInterfaces) err
 		return err
 	}
 	// report
-	if err := submitInterfaces.Reporter.ActionSendReport(&cautils.OPASessionObj{PostureReport: postureReport, AllResources: allresources}); err != nil {
+	if err := submitInterfaces.Reporter.Submit(&cautils.OPASessionObj{PostureReport: postureReport, AllResources: allresources}); err != nil {
 		return err
 	}
 	logger.L().Success("Data has been submitted successfully")
@@ -29,11 +29,11 @@ func (ks *Kubescape) Submit(submitInterfaces cliinterfaces.SubmitInterfaces) err
 	return nil
 }

-func (ks *Kubescape) SubmitExceptions(accountID, excPath string) error {
+func (ks *Kubescape) SubmitExceptions(credentials *cautils.Credentials, excPath string) error {
 	logger.L().Info("submitting exceptions", helpers.String("path", excPath))

 	// load cached config
-	tenantConfig := getTenantConfig(accountID, "", getKubernetesApi())
+	tenantConfig := getTenantConfig(credentials, "", getKubernetesApi())
 	if err := tenantConfig.SetTenant(); err != nil {
 		logger.L().Error("failed setting account ID", helpers.Error(err))
 	}
--- a/core/meta/cliinterfaces/submit.go
+++ b/core/meta/cliinterfaces/submit.go
@@ -2,8 +2,8 @@ package cliinterfaces

 import (
 	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/core/pkg/resultshandling/reporter"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
 	"github.com/armosec/opa-utils/reporthandling"
 )

--- a/core/meta/datastructures/v1/delete.go
+++ b/core/meta/datastructures/v1/delete.go
@@ -1,6 +1,8 @@
 package v1

+import "github.com/armosec/kubescape/v2/core/cautils"
+
 type DeleteExceptions struct {
-	Account    string
-	Exceptions []string
+	Credentials cautils.Credentials
+	Exceptions  []string
 }
--- a/core/meta/datastructures/v1/download.go
+++ b/core/meta/datastructures/v1/download.go
@@ -1,9 +1,11 @@
 package v1

+import "github.com/armosec/kubescape/v2/core/cautils"
+
 type DownloadInfo struct {
-	Path     string // directory to save artifact. Default is "~/.kubescape/"
-	FileName string // can be empty
-	Target   string // type of artifact to download
-	Name     string // name of artifact to download
-	Account  string // AccountID
+	Path        string // directory to save artifact. Default is "~/.kubescape/"
+	FileName    string // can be empty
+	Target      string // type of artifact to download
+	Name        string // name of artifact to download
+	Credentials cautils.Credentials
 }
--- a/core/meta/datastructures/v1/listpolicies.go
+++ b/core/meta/datastructures/v1/listpolicies.go
@@ -1,10 +1,12 @@
 package v1

+import "github.com/armosec/kubescape/v2/core/cautils"
+
 type ListPolicies struct {
-	Target  string
-	ListIDs bool
-	Account string
-	Format  string
+	Target      string
+	ListIDs     bool
+	Format      string
+	Credentials cautils.Credentials
 }

 type ListResponse struct {
--- a/core/meta/datastructures/v1/submit.go
+++ b/core/meta/datastructures/v1/submit.go
@@ -1,9 +1,11 @@
 package v1

+import "github.com/armosec/kubescape/v2/core/cautils"
+
 type Submit struct {
-	Account string
+	Credentials cautils.Credentials
 }

 type Delete struct {
-	Account string
+	Credentials cautils.Credentials
 }
--- a/core/meta/ksinterface.go
+++ b/core/meta/ksinterface.go
@@ -1,10 +1,10 @@
 package meta

 import (
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/core/meta/cliinterfaces"
-	metav1 "github.com/armosec/kubescape/core/meta/datastructures/v1"
-	"github.com/armosec/kubescape/core/pkg/resultshandling"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
+	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	"github.com/armosec/kubescape/v2/core/pkg/resultshandling"
 )

 type IKubescape interface {
@@ -15,8 +15,8 @@ type IKubescape interface {
 	Download(downloadInfo *metav1.DownloadInfo) error // TODO - return downloaded policies

 	// submit
-	Submit(submitInterfaces cliinterfaces.SubmitInterfaces) error // TODO - func should receive object
-	SubmitExceptions(accountID, excPath string) error             // TODO - remove
+	Submit(submitInterfaces cliinterfaces.SubmitInterfaces) error            // TODO - func should receive object
+	SubmitExceptions(credentials *cautils.Credentials, excPath string) error // TODO - remove

 	// config
 	SetCachedConfig(setConfig *metav1.SetConfig) error
--- a/core/mocks/loadmocks.go
+++ b/core/mocks/loadmocks.go
--- a/core/pkg/hostsensorutils/hostsensordeploy.go
+++ b/core/pkg/hostsensorutils/hostsensordeploy.go
@@ -10,9 +10,9 @@ import (

 	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -71,18 +71,19 @@ func (hsh *HostSensorHandler) Init() error {
 	// store namespace + port
 	// store pod names
 	// make sure all pods are running, after X seconds treat has running anyway, and log an error on the pods not running yet
-	logger.L().Info("Installing host sensor")
+	logger.L().Info("Installing host scanner")

 	cautils.StartSpinner()
-	defer cautils.StopSpinner()

 	if err := hsh.applyYAML(); err != nil {
-		return fmt.Errorf("failed to apply host sensor YAML, reason: %v", err)
+		cautils.StopSpinner()
+		return fmt.Errorf("failed to apply host scanner YAML, reason: %v", err)
 	}
 	hsh.populatePodNamesToNodeNames()
 	if err := hsh.checkPodForEachNode(); err != nil {
 		logger.L().Error("failed to validate host-sensor pods status", helpers.Error(err))
 	}
+	cautils.StopSpinner()
 	return nil
 }

--- a/core/pkg/hostsensorutils/hostsensorgetfrompod.go
+++ b/core/pkg/hostsensorutils/hostsensorgetfrompod.go
@@ -6,10 +6,10 @@ import (
 	"sync"

 	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
+	"github.com/armosec/opa-utils/reporthandling/apis"
 	"sigs.k8s.io/yaml"
 )

@@ -157,58 +157,77 @@ func (hsh *HostSensorHandler) GetKubeletConfigurations() ([]hostsensor.HostSenso
 	return res, err
 }

-func (hsh *HostSensorHandler) CollectResources() ([]hostsensor.HostSensorDataEnvelope, error) {
+func (hsh *HostSensorHandler) CollectResources() ([]hostsensor.HostSensorDataEnvelope, map[string]apis.StatusInfo, error) {
 	res := make([]hostsensor.HostSensorDataEnvelope, 0)
+	infoMap := make(map[string]apis.StatusInfo)
 	if hsh.DaemonSet == nil {
-		return res, nil
+		return res, nil, nil
 	}
-
-	logger.L().Debug("Accessing host sensor")
-	cautils.StartSpinner()
-	defer cautils.StopSpinner()
-	kcData, err := hsh.GetKubeletConfigurations()
+	var kcData []hostsensor.HostSensorDataEnvelope
+	var err error
+	logger.L().Debug("Accessing host scanner")
+	kcData, err = hsh.GetKubeletConfigurations()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(KubeletConfiguration, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
 	}
-	res = append(res, kcData...)
 	//
 	kcData, err = hsh.GetKubeletCommandLine()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(KubeletCommandLine, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
 	}
-	res = append(res, kcData...)
 	//
 	kcData, err = hsh.GetOsReleaseFile()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(OsReleaseFile, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
 	}
-	res = append(res, kcData...)
 	//
 	kcData, err = hsh.GetKernelVersion()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(KernelVersion, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
 	}
-	res = append(res, kcData...)
 	//
 	kcData, err = hsh.GetLinuxSecurityHardeningStatus()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(LinuxSecurityHardeningStatus, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
 	}
-	res = append(res, kcData...)
 	//
 	kcData, err = hsh.GetOpenPortsList()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(OpenPortsList, infoMap, err)
+		logger.L().Warning(err.Error())
+	}
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
 	}
-	res = append(res, kcData...)
 	// GetKernelVariables
 	kcData, err = hsh.GetKernelVariables()
 	if err != nil {
-		return kcData, err
+		addInfoToMap(LinuxKernelVariables, infoMap, err)
+		logger.L().Warning(err.Error())
 	}
-	res = append(res, kcData...)
-	// finish
-
-	logger.L().Debug("Done reading information from host sensor")
-	return res, nil
+	if len(kcData) > 0 {
+		res = append(res, kcData...)
+	}
+	logger.L().Debug("Done reading information from host scanner")
+	return res, infoMap, nil
 }
--- a/core/pkg/hostsensorutils/hostsensorinterface.go
+++ b/core/pkg/hostsensorutils/hostsensorinterface.go
@@ -1,10 +1,13 @@
 package hostsensorutils

-import "github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
+import (
+	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
+	"github.com/armosec/opa-utils/reporthandling/apis"
+)

 type IHostSensor interface {
 	Init() error
 	TearDown() error
-	CollectResources() ([]hostsensor.HostSensorDataEnvelope, error)
+	CollectResources() ([]hostsensor.HostSensorDataEnvelope, map[string]apis.StatusInfo, error)
 	GetNamespace() string
 }
--- a/core/pkg/hostsensorutils/hostsensormock.go
+++ b/core/pkg/hostsensorutils/hostsensormock.go
@@ -2,6 +2,7 @@ package hostsensorutils

 import (
 	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
+	"github.com/armosec/opa-utils/reporthandling/apis"
 )

 type HostSensorHandlerMock struct {
@@ -15,8 +16,8 @@ func (hshm *HostSensorHandlerMock) TearDown() error {
 	return nil
 }

-func (hshm *HostSensorHandlerMock) CollectResources() ([]hostsensor.HostSensorDataEnvelope, error) {
-	return []hostsensor.HostSensorDataEnvelope{}, nil
+func (hshm *HostSensorHandlerMock) CollectResources() ([]hostsensor.HostSensorDataEnvelope, map[string]apis.StatusInfo, error) {
+	return []hostsensor.HostSensorDataEnvelope{}, nil, nil
 }

 func (hshm *HostSensorHandlerMock) GetNamespace() string {
--- a/core/pkg/hostsensorutils/utils.go
+++ b/core/pkg/hostsensorutils/utils.go
@@ -0,0 +1,35 @@
+package hostsensorutils
+
+import (
+	"github.com/armosec/k8s-interface/k8sinterface"
+	"github.com/armosec/opa-utils/reporthandling/apis"
+)
+
+var (
+	KubeletConfiguration         = "KubeletConfiguration"
+	OsReleaseFile                = "OsReleaseFile"
+	KernelVersion                = "KernelVersion"
+	LinuxSecurityHardeningStatus = "LinuxSecurityHardeningStatus"
+	OpenPortsList                = "OpenPortsList"
+	LinuxKernelVariables         = "LinuxKernelVariables"
+	KubeletCommandLine           = "KubeletCommandLine"
+
+	MapHostSensorResourceToApiGroup = map[string]string{
+		KubeletConfiguration:         "hostdata.kubescape.cloud/v1beta0",
+		OsReleaseFile:                "hostdata.kubescape.cloud/v1beta0",
+		KubeletCommandLine:           "hostdata.kubescape.cloud/v1beta0",
+		KernelVersion:                "hostdata.kubescape.cloud/v1beta0",
+		LinuxSecurityHardeningStatus: "hostdata.kubescape.cloud/v1beta0",
+		OpenPortsList:                "hostdata.kubescape.cloud/v1beta0",
+		LinuxKernelVariables:         "hostdata.kubescape.cloud/v1beta0",
+	}
+)
+
+func addInfoToMap(resource string, infoMap map[string]apis.StatusInfo, err error) {
+	group, version := k8sinterface.SplitApiVersion(MapHostSensorResourceToApiGroup[resource])
+	r := k8sinterface.JoinResourceTriplets(group, version, resource)
+	infoMap[r] = apis.StatusInfo{
+		InnerStatus: apis.StatusSkipped,
+		InnerInfo:   err.Error(),
+	}
+}
--- a/core/pkg/opaprocessor/processorhandler.go
+++ b/core/pkg/opaprocessor/processorhandler.go
@@ -6,9 +6,10 @@ import (
 	"time"

 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/core/pkg/score"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/pkg/score"
 	"github.com/armosec/opa-utils/objectsenvelopes"
 	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/opa-utils/reporthandling/apis"
@@ -30,6 +31,9 @@ type OPAProcessor struct {
 }

 func NewOPAProcessor(sessionObj *cautils.OPASessionObj, regoDependenciesData *resources.RegoDependenciesData) *OPAProcessor {
+	if regoDependenciesData != nil && sessionObj != nil {
+		regoDependenciesData.PostureControlInputs = sessionObj.RegoInputData.PostureControlInputs
+	}
 	return &OPAProcessor{
 		OPASessionObj:        sessionObj,
 		regoDependenciesData: regoDependenciesData,
@@ -58,7 +62,7 @@ func (opap *OPAProcessor) ProcessRulesListenner() error {
 }

 func (opap *OPAProcessor) Process(policies *cautils.Policies) error {
-	logger.L().Info(fmt.Sprintf("Scanning cluster %s", cautils.ClusterName))
+	logger.L().Info("Scanning", helpers.String("cluster", cautils.ClusterName))

 	cautils.StartSpinner()

@@ -85,7 +89,8 @@ func (opap *OPAProcessor) Process(policies *cautils.Policies) error {
 	opap.Report.ReportGenerationTime = time.Now().UTC()

 	cautils.StopSpinner()
-	logger.L().Success(fmt.Sprintf("Done scanning cluster %s", cautils.ClusterName))
+	logger.L().Success("Done scanning", helpers.String("cluster", cautils.ClusterName))
+
 	return errs
 }

@@ -128,7 +133,7 @@ func (opap *OPAProcessor) processRule(rule *reporthandling.PolicyRule) (map[stri

 	postureControlInputs := opap.regoDependenciesData.GetFilteredPostureControlInputs(rule.ConfigInputs) // get store

-	inputResources, err := reporthandling.RegoResourcesAggregator(rule, getAllSupportedObjects(opap.K8SResources, opap.AllResources, rule))
+	inputResources, err := reporthandling.RegoResourcesAggregator(rule, getAllSupportedObjects(opap.K8SResources, opap.ArmoResource, opap.AllResources, rule))
 	if err != nil {
 		return nil, fmt.Errorf("error getting aggregated k8sObjects: %s", err.Error())
 	}
@@ -175,6 +180,9 @@ func (opap *OPAProcessor) processRule(rule *reporthandling.PolicyRule) (map[stri
 				for j := range ruleResponses[i].FixPaths {
 					ruleResult.Paths = append(ruleResult.Paths, armotypes.PosturePaths{FixPath: ruleResponses[i].FixPaths[j]})
 				}
+				if ruleResponses[i].FixCommand != "" {
+					ruleResult.Paths = append(ruleResult.Paths, armotypes.PosturePaths{FixCommand: ruleResponses[i].FixCommand})
+				}
 				resources[failedResources[j].GetID()] = ruleResult
 			}
 		}
--- a/core/pkg/opaprocessor/processorhandler_test.go
+++ b/core/pkg/opaprocessor/processorhandler_test.go
@@ -4,8 +4,8 @@ import (
 	"testing"

 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/mocks"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/mocks"
 	"github.com/armosec/opa-utils/objectsenvelopes"
 	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/opa-utils/resources"
@@ -112,10 +112,10 @@ func TestProcessResourcesResult(t *testing.T) {
 	assert.Equal(t, 0, len(summaryDetails.ListResourcesIDs().Passed()))

 	// test control listing
-	assert.Equal(t, len(res.ListControlsIDs(nil).All()), len(summaryDetails.ListControls().All()))
-	assert.Equal(t, len(res.ListControlsIDs(nil).Passed()), len(summaryDetails.ListControls().Passed()))
-	assert.Equal(t, len(res.ListControlsIDs(nil).Failed()), len(summaryDetails.ListControls().Failed()))
-	assert.Equal(t, len(res.ListControlsIDs(nil).Excluded()), len(summaryDetails.ListControls().Excluded()))
+	assert.Equal(t, len(res.ListControlsIDs(nil).All()), summaryDetails.NumberOfControls().All())
+	assert.Equal(t, len(res.ListControlsIDs(nil).Passed()), summaryDetails.NumberOfControls().Passed())
+	assert.Equal(t, len(res.ListControlsIDs(nil).Failed()), summaryDetails.NumberOfControls().Failed())
+	assert.Equal(t, len(res.ListControlsIDs(nil).Excluded()), summaryDetails.NumberOfControls().Excluded())
 	assert.True(t, summaryDetails.GetStatus().IsFailed())

 	opaSessionObj.Exceptions = []armotypes.PostureExceptionPolicy{*mocks.MockExceptionAllKinds(&armotypes.PosturePolicy{FrameworkName: frameworks[0].Name})}
--- a/core/pkg/opaprocessor/processorhandlerutils.go
+++ b/core/pkg/opaprocessor/processorhandlerutils.go
@@ -1,14 +1,14 @@
 package opaprocessor

 import (
-	"fmt"
-
-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"

 	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/armosec/opa-utils/reporthandling/apis"
+	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
 	resources "github.com/armosec/opa-utils/resources"
 )

@@ -46,8 +46,9 @@ func (opap *OPAProcessor) updateResults() {
 	}

 	// set result summary
-	opap.Report.SummaryDetails.InitResourcesSummary()
-
+	// map control to error
+	controlToInfoMap := mapControlToInfo(opap.ResourceToControlsMap, opap.InfoMap, opap.Report.SummaryDetails.Controls)
+	opap.Report.SummaryDetails.InitResourcesSummary(controlToInfoMap)
 	// for f := range opap.PostureReport.FrameworkReports {
 	// 	// set exceptions
 	// 	exceptions.SetFrameworkExceptions(&opap.PostureReport.FrameworkReports[f], opap.Exceptions, cautils.ClusterName)
@@ -60,13 +61,62 @@ func (opap *OPAProcessor) updateResults() {
 	// }
 }

-func getAllSupportedObjects(k8sResources *cautils.K8SResources, allResources map[string]workloadinterface.IMetadata, rule *reporthandling.PolicyRule) []workloadinterface.IMetadata {
+func mapControlToInfo(mapResourceToControls map[string][]string, infoMap map[string]apis.StatusInfo, controlSummary reportsummary.ControlSummaries) map[string]apis.StatusInfo {
+	controlToInfoMap := make(map[string]apis.StatusInfo)
+	for resource, statusInfo := range infoMap {
+		controlIDs := mapResourceToControls[resource]
+		for _, controlID := range controlIDs {
+			ctrl := controlSummary.GetControl(reportsummary.EControlCriteriaID, controlID)
+			if ctrl != nil {
+				resources := ctrl.NumberOfResources()
+				// Check that there are no K8s resources too
+				if isEmptyResources(resources) {
+					controlToInfoMap[controlID] = statusInfo
+				}
+			}
+
+		}
+	}
+	return controlToInfoMap
+}
+
+func isEmptyResources(counters reportsummary.ICounters) bool {
+	return counters.Failed() == 0 && counters.Excluded() == 0 && counters.Passed() == 0
+}
+
+func getAllSupportedObjects(k8sResources *cautils.K8SResources, armoResources *cautils.ArmoResources, allResources map[string]workloadinterface.IMetadata, rule *reporthandling.PolicyRule) []workloadinterface.IMetadata {
 	k8sObjects := []workloadinterface.IMetadata{}
 	k8sObjects = append(k8sObjects, getKubernetesObjects(k8sResources, allResources, rule.Match)...)
-	k8sObjects = append(k8sObjects, getKubernetesObjects(k8sResources, allResources, rule.DynamicMatch)...)
+	k8sObjects = append(k8sObjects, getArmoObjects(armoResources, allResources, rule.DynamicMatch)...)
 	return k8sObjects
 }

+func getArmoObjects(k8sResources *cautils.ArmoResources, allResources map[string]workloadinterface.IMetadata, match []reporthandling.RuleMatchObjects) []workloadinterface.IMetadata {
+	k8sObjects := []workloadinterface.IMetadata{}
+
+	for m := range match {
+		for _, groups := range match[m].APIGroups {
+			for _, version := range match[m].APIVersions {
+				for _, resource := range match[m].Resources {
+					groupResources := k8sinterface.ResourceGroupToString(groups, version, resource)
+					for _, groupResource := range groupResources {
+						if k8sObj, ok := (*k8sResources)[groupResource]; ok {
+							// if k8sObj == nil {
+							// 	logger.L().Debug(fmt.Sprintf("resource '%s' is nil, probably failed to pull the resource", groupResource))
+							// }
+							for i := range k8sObj {
+								k8sObjects = append(k8sObjects, allResources[k8sObj[i]])
+							}
+						}
+					}
+				}
+			}
+		}
+	}
+
+	return filterOutChildResources(k8sObjects, match)
+}
+
 func getKubernetesObjects(k8sResources *cautils.K8SResources, allResources map[string]workloadinterface.IMetadata, match []reporthandling.RuleMatchObjects) []workloadinterface.IMetadata {
 	k8sObjects := []workloadinterface.IMetadata{}

@@ -78,7 +128,7 @@ func getKubernetesObjects(k8sResources *cautils.K8SResources, allResources map[s
 					for _, groupResource := range groupResources {
 						if k8sObj, ok := (*k8sResources)[groupResource]; ok {
 							if k8sObj == nil {
-								logger.L().Debug(fmt.Sprintf("resource '%s' is nil, probably failed to pull the resource", groupResource))
+								// logger.L().Debug("skipping", helpers.String("resource", groupResource))
 							}
 							for i := range k8sObj {
 								k8sObjects = append(k8sObjects, allResources[k8sObj[i]])
--- a/core/pkg/opaprocessor/utils.go
+++ b/core/pkg/opaprocessor/utils.go
@@ -1,7 +1,7 @@
 package opaprocessor

 import (
-	"github.com/armosec/kubescape/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
 )
--- a/core/pkg/opaprocessor/utils_test.go
+++ b/core/pkg/opaprocessor/utils_test.go
@@ -3,9 +3,9 @@ package opaprocessor
 import (
 	"testing"

-	"github.com/armosec/kubescape/mocks"
 	"github.com/stretchr/testify/assert"

+	"github.com/armosec/kubescape/v2/core/mocks"
 	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
 )
--- a/core/pkg/policyhandler/handlenotification.go
+++ b/core/pkg/policyhandler/handlenotification.go
@@ -3,9 +3,9 @@ package policyhandler
 import (
 	"fmt"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/core/pkg/resourcehandler"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/armosec/armoapi-go/armotypes"
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/pkg/resourcehandler"
 )

 // PolicyHandler -
@@ -22,22 +22,23 @@ func NewPolicyHandler(resourceHandler resourcehandler.IResourceHandler) *PolicyH
 	}
 }

-func (policyHandler *PolicyHandler) CollectResources(notification *reporthandling.PolicyNotification, scanInfo *cautils.ScanInfo) (*cautils.OPASessionObj, error) {
-	opaSessionObj := cautils.NewOPASessionObj(nil, nil)
+func (policyHandler *PolicyHandler) CollectResources(policyIdentifier []cautils.PolicyIdentifier, scanInfo *cautils.ScanInfo) (*cautils.OPASessionObj, error) {
+	opaSessionObj := cautils.NewOPASessionObj(nil, nil, scanInfo)
+
 	// validate notification
 	// TODO
 	policyHandler.getters = &scanInfo.Getters

 	// get policies
-	if err := policyHandler.getPolicies(notification, opaSessionObj); err != nil {
+	if err := policyHandler.getPolicies(policyIdentifier, opaSessionObj); err != nil {
 		return opaSessionObj, err
 	}

-	err := policyHandler.getResources(notification, opaSessionObj, scanInfo)
+	err := policyHandler.getResources(policyIdentifier, opaSessionObj, scanInfo)
 	if err != nil {
 		return opaSessionObj, err
 	}
-	if opaSessionObj.K8SResources == nil || len(*opaSessionObj.K8SResources) == 0 {
+	if (opaSessionObj.K8SResources == nil || len(*opaSessionObj.K8SResources) == 0) && (opaSessionObj.ArmoResource == nil || len(*opaSessionObj.ArmoResource) == 0) {
 		return opaSessionObj, fmt.Errorf("empty list of resources")
 	}

@@ -45,16 +46,24 @@ func (policyHandler *PolicyHandler) CollectResources(notification *reporthandlin
 	return opaSessionObj, nil
 }

-func (policyHandler *PolicyHandler) getResources(notification *reporthandling.PolicyNotification, opaSessionObj *cautils.OPASessionObj, scanInfo *cautils.ScanInfo) error {
-
+func (policyHandler *PolicyHandler) getResources(policyIdentifier []cautils.PolicyIdentifier, opaSessionObj *cautils.OPASessionObj, scanInfo *cautils.ScanInfo) error {
 	opaSessionObj.Report.ClusterAPIServerInfo = policyHandler.resourceHandler.GetClusterAPIServerInfo()
-	resourcesMap, allResources, err := policyHandler.resourceHandler.GetResources(opaSessionObj.Policies, &notification.Designators)
+
+	resourcesMap, allResources, armoResources, err := policyHandler.resourceHandler.GetResources(opaSessionObj, &policyIdentifier[0].Designators)
 	if err != nil {
 		return err
 	}

 	opaSessionObj.K8SResources = resourcesMap
 	opaSessionObj.AllResources = allResources
+	opaSessionObj.ArmoResource = armoResources

 	return nil
 }
+
+func getDesignator(policyIdentifier []cautils.PolicyIdentifier) *armotypes.PortalDesignator {
+	if len(policyIdentifier) > 0 {
+		return &policyIdentifier[0].Designators
+	}
+	return &armotypes.PortalDesignator{}
+}
--- a/core/pkg/policyhandler/handlepullpolicies.go
+++ b/core/pkg/policyhandler/handlepullpolicies.go
@@ -4,20 +4,27 @@ import (
 	"fmt"
 	"strings"

-	"github.com/armosec/kubescape/cautils"
-	"github.com/armosec/kubescape/cautils/logger"
+	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+
+	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/opa-utils/reporthandling"
 )

-func (policyHandler *PolicyHandler) getPolicies(notification *reporthandling.PolicyNotification, policiesAndResources *cautils.OPASessionObj) error {
+func (policyHandler *PolicyHandler) getPolicies(policyIdentifier []cautils.PolicyIdentifier, policiesAndResources *cautils.OPASessionObj) error {
 	logger.L().Info("Downloading/Loading policy definitions")

-	policies, err := policyHandler.getScanPolicies(notification)
+	cautils.StartSpinner()
+	defer cautils.StopSpinner()
+
+	policies, err := policyHandler.getScanPolicies(policyIdentifier)
 	if err != nil {
 		return err
 	}
 	if len(policies) == 0 {
-		return fmt.Errorf("failed to download policies: '%s'. Make sure the policy exist and you spelled it correctly. For more information, please feel free to contact ARMO team", strings.Join(policyIdentifierToSlice(notification.Rules), ", "))
+		return fmt.Errorf("failed to download policies: '%s'. Make sure the policy exist and you spelled it correctly. For more information, please feel free to contact ARMO team", strings.Join(policyIdentifierToSlice(policyIdentifier), ", "))
 	}

 	policiesAndResources.Policies = policies
@@ -33,35 +40,47 @@ func (policyHandler *PolicyHandler) getPolicies(notification *reporthandling.Pol
 	if err == nil {
 		policiesAndResources.RegoInputData.PostureControlInputs = controlsInputs
 	}
+	cautils.StopSpinner()
+
 	logger.L().Success("Downloaded/Loaded policy")
 	return nil
 }

-func (policyHandler *PolicyHandler) getScanPolicies(notification *reporthandling.PolicyNotification) ([]reporthandling.Framework, error) {
+func (policyHandler *PolicyHandler) getScanPolicies(policyIdentifier []cautils.PolicyIdentifier) ([]reporthandling.Framework, error) {
 	frameworks := []reporthandling.Framework{}

-	switch getScanKind(notification) {
-	case reporthandling.KindFramework: // Download frameworks
-		for _, rule := range notification.Rules {
+	switch getScanKind(policyIdentifier) {
+	case apisv1.KindFramework: // Download frameworks
+		for _, rule := range policyIdentifier {
 			receivedFramework, err := policyHandler.getters.PolicyGetter.GetFramework(rule.Name)
 			if err != nil {
 				return frameworks, policyDownloadError(err)
 			}
 			if receivedFramework != nil {
 				frameworks = append(frameworks, *receivedFramework)
+
+				cache := getter.GetDefaultPath(rule.Name + ".json")
+				if err := getter.SaveInFile(receivedFramework, cache); err != nil {
+					logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
+				}
 			}
 		}
-	case reporthandling.KindControl: // Download controls
+	case apisv1.KindControl: // Download controls
 		f := reporthandling.Framework{}
 		var receivedControl *reporthandling.Control
 		var err error
-		for _, rule := range notification.Rules {
+		for _, rule := range policyIdentifier {
 			receivedControl, err = policyHandler.getters.PolicyGetter.GetControl(rule.Name)
 			if err != nil {
 				return frameworks, policyDownloadError(err)
 			}
 			if receivedControl != nil {
 				f.Controls = append(f.Controls, *receivedControl)
+
+				cache := getter.GetDefaultPath(rule.Name + ".json")
+				if err := getter.SaveInFile(receivedControl, cache); err != nil {
+					logger.L().Warning("failed to cache file", helpers.String("file", cache), helpers.Error(err))
+				}
 			}
 		}
 		frameworks = append(frameworks, f)
@@ -72,7 +91,7 @@ func (policyHandler *PolicyHandler) getScanPolicies(notification *reporthandling
 	return frameworks, nil
 }

-func policyIdentifierToSlice(rules []reporthandling.PolicyIdentifier) []string {
+func policyIdentifierToSlice(rules []cautils.PolicyIdentifier) []string {
 	s := []string{}
 	for i := range rules {
 		s = append(s, fmt.Sprintf("%s: %s", rules[i].Kind, rules[i].Name))
--- a/core/pkg/policyhandler/handlepullpoliciesutils.go
+++ b/core/pkg/policyhandler/handlepullpoliciesutils.go
@@ -4,12 +4,14 @@ import (
 	"fmt"
 	"strings"

-	"github.com/armosec/opa-utils/reporthandling"
+	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+
+	"github.com/armosec/kubescape/v2/core/cautils"
 )

-func getScanKind(notification *reporthandling.PolicyNotification) reporthandling.NotificationPolicyKind {
-	if len(notification.Rules) > 0 {
-		return notification.Rules[0].Kind
+func getScanKind(policyIdentifier []cautils.PolicyIdentifier) apisv1.NotificationPolicyKind {
+	if len(policyIdentifier) > 0 {
+		return policyIdentifier[0].Kind
 	}
 	return "unknown"
 }
--- a/core/pkg/registryadaptors/armosec/v1/civarmoadaptor.go
+++ b/core/pkg/registryadaptors/armosec/v1/civarmoadaptor.go
@@ -4,11 +4,11 @@ import (
 	"encoding/json"
 	"fmt"

-	"github.com/armosec/kubescape/cautils/getter"
-	"github.com/armosec/kubescape/cautils/logger"
-	"github.com/armosec/kubescape/cautils/logger/helpers"
-	"github.com/armosec/kubescape/core/pkg/containerscan"
-	"github.com/armosec/kubescape/core/pkg/registryadaptors/registryvulnerabilities"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/armosec/kubescape/v2/core/pkg/containerscan"
+	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
 )

 func NewArmoAdaptor(armoAPI *getter.ArmoAPI) *ArmoCivAdaptor {
@@ -51,7 +51,7 @@ func (armoCivAdaptor *ArmoCivAdaptor) GetImageVulnerability(imageID *registryvul
 	pageNumber := 1
 	request := V2ListRequest{PageSize: &pageSize, PageNum: &pageNumber, InnerFilters: filter, OrderBy: "timestamp:desc"}
 	requestBody, _ := json.Marshal(request)
-	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsDetails?customerGUID=%s", armoCivAdaptor.armoAPI.GetAPIURL(), armoCivAdaptor.armoAPI.GetAccountID())
+	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsDetails?customerGUID=%s", armoCivAdaptor.armoAPI.GetApiURL(), armoCivAdaptor.armoAPI.GetAccountID())

 	resp, err := armoCivAdaptor.armoAPI.Post(requestUrl, map[string]string{"Content-Type": "application/json"}, requestBody)
 	if err != nil {
@@ -83,8 +83,7 @@ func (armoCivAdaptor *ArmoCivAdaptor) GetImageVulnerability(imageID *registryvul
 }

 func (armoCivAdaptor *ArmoCivAdaptor) DescribeAdaptor() string {
-	// TODO
-	return ""
+	return "armo image vulnerabilities scanner, docs: https://hub.armo.cloud/docs/cluster-vulnerability-scanning"
 }

 func (armoCivAdaptor *ArmoCivAdaptor) GetImagesInformation(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageInformation, error) {
--- a/core/pkg/registryadaptors/armosec/v1/civarmoadaptor_test.go
+++ b/core/pkg/registryadaptors/armosec/v1/civarmoadaptor_test.go
@@ -3,7 +3,7 @@ package v1
 import (
 	"testing"

-	"github.com/armosec/kubescape/core/pkg/registryadaptors/registryvulnerabilities"
+	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
 	"github.com/stretchr/testify/assert"
 )

--- a/core/pkg/registryadaptors/armosec/v1/civarmoadaptormock.go
+++ b/core/pkg/registryadaptors/armosec/v1/civarmoadaptormock.go
@@ -3,8 +3,8 @@ package v1
 import (
 	"encoding/json"

-	"github.com/armosec/kubescape/core/pkg/containerscan"
-	"github.com/armosec/kubescape/core/pkg/registryadaptors/registryvulnerabilities"
+	"github.com/armosec/kubescape/v2/core/pkg/containerscan"
+	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
 )

 type ArmoCivAdaptorMock struct {
--- a/core/pkg/registryadaptors/armosec/v1/civarmoadaptorutils.go
+++ b/core/pkg/registryadaptors/armosec/v1/civarmoadaptorutils.go
@@ -4,8 +4,8 @@ import (
 	"encoding/json"
 	"fmt"

-	"github.com/armosec/kubescape/core/pkg/containerscan"
-	"github.com/armosec/kubescape/core/pkg/registryadaptors/registryvulnerabilities"
+	"github.com/armosec/kubescape/v2/core/pkg/containerscan"
+	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
 )

 func (armoCivAdaptor *ArmoCivAdaptor) getImageLastScanId(imageID *registryvulnerabilities.ContainerImageIdentifier) (string, error) {
@@ -14,7 +14,7 @@ func (armoCivAdaptor *ArmoCivAdaptor) getImageLastScanId(imageID *registryvulner
 	pageNumber := 1
 	request := V2ListRequest{PageSize: &pageSize, PageNum: &pageNumber, InnerFilters: filter, OrderBy: "timestamp:desc"}
 	requestBody, _ := json.Marshal(request)
-	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsSumSummary?customerGUID=%s", armoCivAdaptor.armoAPI.GetAPIURL(), armoCivAdaptor.armoAPI.GetAccountID())
+	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsSumSummary?customerGUID=%s", armoCivAdaptor.armoAPI.GetApiURL(), armoCivAdaptor.armoAPI.GetAccountID())

 	resp, err := armoCivAdaptor.armoAPI.Post(requestUrl, map[string]string{"Content-Type": "application/json"}, requestBody)
 	if err != nil {
@@ -60,6 +60,9 @@ func responseObjectToVulnerabilities(vulnerabilitiesList containerscan.Vulnerabi
 		vulnerabilities[i].Relevancy = vulnerabilityEntry.Relevancy
 		vulnerabilities[i].Severity = vulnerabilityEntry.Severity
 		vulnerabilities[i].UrgentCount = vulnerabilityEntry.UrgentCount
+		vulnerabilities[i].Categories = registryvulnerabilities.Categories{
+			IsRCE: vulnerabilityEntry.Categories.IsRCE,
+		}
 	}
 	return vulnerabilities
 }
--- a/core/pkg/registryadaptors/armosec/v1/datastructures.go
+++ b/core/pkg/registryadaptors/armosec/v1/datastructures.go
@@ -3,7 +3,7 @@ package v1
 import (
 	"time"

-	"github.com/armosec/kubescape/cautils/getter"
+	"github.com/armosec/kubescape/v2/core/cautils/getter"
 )

 type V2ListRequest struct {
--- a/core/pkg/registryadaptors/registryvulnerabilities/datastructures.go
+++ b/core/pkg/registryadaptors/registryvulnerabilities/datastructures.go
@@ -23,6 +23,10 @@ type FixedIn struct {
 	ImgTag  string `json:"imageTag"`
 	Version string `json:"version"`
 }
+type Categories struct {
+	IsRCE bool `json:"isRce"`
+}
+
 type Vulnerability struct {
 	Name               string      `json:"name"`
 	RelatedPackageName string      `json:"packageName"`
@@ -36,6 +40,7 @@ type Vulnerability struct {
 	UrgentCount        int         `json:"urgent"`
 	NeglectedCount     int         `json:"neglected"`
 	HealthStatus       string      `json:"healthStatus"`
+	Categories         Categories  `json:"categories"`
 }

 type ContainerImageVulnerabilityReport struct {
--- a/core/pkg/resourcehandler/cloudproviderhandler.go
+++ b/core/pkg/resourcehandler/cloudproviderhandler.go
@@ -1,110 +0,0 @@
-package resourcehandler
-
-import (
-	"os"
-	"strings"
-
-	"github.com/armosec/k8s-interface/cloudsupport"
-	"github.com/armosec/k8s-interface/k8sinterface"
-)
-
-var (
-	KS_KUBE_CLUSTER_ENV_VAR   = "KS_KUBE_CLUSTER"
-	KS_CLOUD_PROVIDER_ENV_VAR = "KS_CLOUD_PROVIDER"
-	KS_CLOUD_REGION_ENV_VAR   = "KS_CLOUD_REGION"
-	KS_GKE_PROJECT_ENV_VAR    = "KS_GKE_PROJECT"
-)
-
-type ICloudProvider interface {
-	getKubeCluster() string
-	getRegion(cluster string, provider string) (string, error)
-	getProject(cluster string, provider string) (string, error)
-	getKubeClusterName() string
-}
-
-func initCloudProvider() ICloudProvider {
-
-	switch getCloudProvider() {
-	case "gke", "gcp":
-		if isEnvVars() {
-			return NewGKEProviderEnvVar()
-		}
-		return NewGKEProviderContext()
-	case "eks", "aws":
-		if isEnvVars() {
-			return NewEKSProviderEnvVar()
-		}
-		return NewEKSProviderContext()
-	}
-	return NewEmptyCloudProvider()
-}
-
-func getCloudProvider() string {
-	var provider string
-	if isEnvVars() {
-		provider = getCloudProviderFromEnvVar()
-	} else {
-		provider = getCloudProviderFromContext()
-	}
-	return strings.ToLower(provider)
-}
-
-func getCloudProviderFromContext() string {
-	return cloudsupport.GetCloudProvider(getClusterFromContext())
-}
-
-func getClusterFromContext() string {
-	context := k8sinterface.GetCurrentContext()
-	if context == nil {
-		return ""
-	}
-	cluster := context.Cluster
-	if cluster != "" {
-		return cluster
-	}
-	return k8sinterface.GetClusterName()
-}
-
-func getCloudProviderFromEnvVar() string {
-	val, present := os.LookupEnv(KS_CLOUD_PROVIDER_ENV_VAR)
-	if present {
-		return val
-	}
-	return ""
-}
-
-func isEnvVars() bool {
-	_, present := os.LookupEnv(KS_KUBE_CLUSTER_ENV_VAR)
-	if !present {
-		return false
-	}
-	_, present = os.LookupEnv(KS_CLOUD_PROVIDER_ENV_VAR)
-	if !present {
-		return false
-	}
-	_, present = os.LookupEnv(KS_CLOUD_REGION_ENV_VAR)
-	return present
-}
-
-type EmptyCloudProvider struct {
-}
-
-func NewEmptyCloudProvider() *EmptyCloudProvider {
-	return &EmptyCloudProvider{}
-}
-
-func (emptyCloudProvider *EmptyCloudProvider) getKubeCluster() string {
-	return getClusterFromContext()
-}
-
-func (emptyCloudProvider *EmptyCloudProvider) getKubeClusterName() string {
-	return emptyCloudProvider.getKubeCluster()
-}
-
-func (emptyCloudProvider *EmptyCloudProvider) getRegion(cluster string, provider string) (string, error) {
-	return "", nil
-}
-
-func (emptyCloudProvider *EmptyCloudProvider) getProject(cluster string, provider string) (string, error) {
-	return "", nil
-}
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Rotem Refael	54020d317e	Merge pull request #528 from armosec/rotemamsa-patch-1 Update README.md	2022-06-06 13:45:35 +03:00
Rotem Refael	91d1ec6c2f	Update README.md	2022-06-06 13:30:22 +03:00
Rotem Refael	1d3fd0dc9d	Merge pull request #527 from vladklokun/add-maintenance-message	2022-06-03 19:43:27 +03:00
Vlad Klokun	8a7511cecb	chore: add maintenance message	2022-06-03 19:35:33 +03:00
David Wertenteil	0af0c01ec0	Merge pull request #524 from armosec/dev Quick fix	2022-05-26 12:21:29 +03:00
David Wertenteil	3ff2b0d6ff	Merge pull request #523 from dwertent/master Support client ID and secret key flags	2022-05-26 11:50:35 +03:00
David Wertenteil	35b2b350a0	print submit error	2022-05-26 11:42:24 +03:00
David Wertenteil	046ea1d79f	support secret key and account ID from cmd	2022-05-26 11:01:26 +03:00
Rotem Refael	3081508863	Merge pull request #522 from dwertent/master Adding http request logs	2022-05-25 17:56:50 +03:00
David Wertenteil	4a757c1bf1	adding logs	2022-05-25 17:26:12 +03:00
David Wertenteil	4f1971a63d	Merge pull request #520 from armosec/dev Extend microservice support	2022-05-24 11:07:24 +03:00
David Wertenteil	dec4bcca00	Merge pull request #521 from dwertent/master Do not submit results every scan with Prometheus	2022-05-24 10:18:20 +03:00
David Wertenteil	95e68f49f3	do not submit results every scan with Prometheus	2022-05-24 09:33:40 +03:00
rcohencyberarmor	0c84c8f1f3	Merge pull request #518 from dwertent/master Image vuln data integration	2022-05-23 10:51:31 +03:00
David Wertenteil	56b3239e30	loading from file fallback	2022-05-23 10:10:41 +03:00
David Wertenteil	f8e85941da	update loading customer config	2022-05-23 09:47:40 +03:00
David Wertenteil	15081aa9c3	update auth url	2022-05-22 15:45:55 +03:00
David Wertenteil	ac03a2bda3	load data from config.json	2022-05-22 15:21:06 +03:00
rcohencyberarmor	b7ffa22f3a	Merge pull request #517 from dwertent/master httphandler using channel for queueing requests	2022-05-22 11:22:31 +03:00
David Wertenteil	ac5e7069da	update readme	2022-05-22 10:59:48 +03:00
David Wertenteil	5a83f38bca	send prometheus triggering to queue	2022-05-22 09:57:30 +03:00
David Wertenteil	3abd59e290	use channels for triggering scan	2022-05-19 14:18:11 +03:00
David Wertenteil	d08fdf2e9e	update status busy to support more than one req	2022-05-19 12:01:28 +03:00
David Wertenteil	bad2f54e72	Merge pull request #515 from dwertent/master fixed triggerd all frameworks	2022-05-18 17:29:55 +03:00
David Wertenteil	fc9b713851	fixed triggerd all frameworks	2022-05-18 17:28:46 +03:00
rcohencyberarmor	245200840d	Merge pull request #514 from dwertent/master using Buildx in githubactions	2022-05-18 16:11:47 +03:00
David Wertenteil	3f87610e8c	using Buildx in githubactions	2022-05-18 16:09:29 +03:00
David Wertenteil	c285cb1bcc	Merge pull request #513 from dwertent/master REST api support	2022-05-18 15:16:00 +03:00
David Wertenteil	63968b564b	update k8s-interface pkg	2022-05-18 14:36:55 +03:00
David Wertenteil	e237c48186	merged	2022-05-18 14:24:53 +03:00
David Wertenteil	622b121535	adding scan request log	2022-05-18 13:22:33 +03:00
Bezbran	20774d4a40	Merge pull request #510 from Daniel-GrunbergerCA/master Set number of worker nodes based on scheduable nodes (based on taints) & set status to 'skipped' when there are no image vulns	2022-05-18 09:40:51 +03:00
DanielGrunbergerCA	7bb6bb85ec	go mod	2022-05-18 09:35:58 +03:00
DanielGrunbergerCA	da908a84bc	update k8s-iface for http handler	2022-05-18 09:35:07 +03:00
DanielGrunbergerCA	b515e259c0	Merge remote-tracking branch 'upstream/dev'	2022-05-18 09:33:38 +03:00
DanielGrunbergerCA	facd551518	update k8s-interface version	2022-05-18 09:33:13 +03:00
David Wertenteil	0fc569d9d9	fixed import	2022-05-18 00:35:45 +03:00
David Wertenteil	da27a27ad5	adding status rest api	2022-05-18 00:34:15 +03:00
DanielGrunbergerCA	5d4a20f622	fix test	2022-05-17 16:01:03 +03:00
DanielGrunbergerCA	70b15a373b	unit test for isEmptyImgVulns	2022-05-17 15:32:49 +03:00
DanielGrunbergerCA	01353f81b3	unit test for isMaterNodeTaints	2022-05-16 17:29:29 +03:00
DanielGrunbergerCA	22f10b6581	go mod	2022-05-16 17:02:55 +03:00
DanielGrunbergerCA	785178ffb1	show skipped for scan without imgvuln	2022-05-16 16:55:37 +03:00
DanielGrunbergerCA	f9b5c58402	pull worker nodes based on taints	2022-05-16 16:36:00 +03:00
David Wertenteil	8ed6d63ce5	Merge pull request #509 from Daniel-GrunbergerCA/fix-eks Fix eks and support http for all endpoints	2022-05-16 15:22:49 +03:00
DanielGrunbergerCA	990a7c2052	update go mod	2022-05-16 14:28:09 +03:00
DanielGrunbergerCA	09b0c09472	support http and https for all endpoints	2022-05-16 14:13:04 +03:00
DanielGrunbergerCA	f83c38b58e	update k8s-interface	2022-05-16 11:51:55 +03:00
DanielGrunbergerCA	51e600797a	Merge remote-tracking branch 'upstream/dev' into fix-eks	2022-05-16 11:43:40 +03:00
Rotem Refael	afb6ea1d9c	Merge pull request #507 from armosec/dev - Adding Lens extension to readme - Supporting --view flag	2022-05-12 10:26:14 +03:00
David Wertenteil	39d6d1fd26	Merge pull request #506 from dwertent/master Adding `view` flag	2022-05-11 23:11:48 +03:00
David Wertenteil	2dff63b101	rm format-vers flag from examples	2022-05-11 08:22:31 +03:00
David Wertenteil	b928892f0a	erge remote-tracking branch 'armosec/dev'	2022-05-11 08:20:32 +03:00
David Wertenteil	c0188ea51d	Merge pull request #505 from amirmalka/dev Updated readme - Lens extension	2022-05-10 15:48:54 +03:00
David Wertenteil	fa376ed5a4	support control view	2022-05-10 14:36:07 +03:00
DanielGrunbergerCA	6382edeb6e	Merge remote-tracking branch 'upstream/dev'	2022-05-10 09:05:18 +03:00
Amir Malka	61d6c2dd1f	Updated readme - Lens extension	2022-05-09 18:03:01 +03:00
Amir Malka	44194f0b4e	Updated readme - Lens extension	2022-05-09 16:46:50 +03:00
DanielGrunbergerCA	7103c7d32c	fix url	2022-05-04 11:11:29 +03:00
DanielGrunbergerCA	b4e1663cd1	make parse func	2022-05-03 16:24:19 +03:00
David Wertenteil	b3d16875d6	Merge pull request #493 from armosec/dev Microservice support	2022-05-03 15:14:24 +03:00
shm12	47412c89ca	Merge pull request #501 from dwertent/master Report ks version	2022-05-03 14:45:56 +03:00
David Wertenteil	20d65f2ed3	Merge remote-tracking branch 'armosec/dev'	2022-05-03 14:27:39 +03:00
David Wertenteil	46a559fb1d	reprot ks version	2022-05-03 14:23:23 +03:00
David Wertenteil	2769b22721	Merge pull request #499 from dwertent/master return response object	2022-05-03 13:28:02 +03:00
DanielGrunbergerCA	60ec6e8294	support env with http	2022-05-03 12:58:33 +03:00
David Wertenteil	63520f9aff	return response object	2022-05-02 15:28:29 +03:00
David Wertenteil	333b55a9f2	Merge pull request #497 from Daniel-GrunbergerCA/master support fixCommand	2022-05-02 13:35:49 +03:00
DanielGrunbergerCA	c6d3fd1a82	check that fixCOmmand is not nul	2022-05-02 13:26:15 +03:00
DanielGrunbergerCA	8106133ed0	go mod	2022-05-02 12:15:25 +03:00
DanielGrunbergerCA	b36111f63e	Merge remote-tracking branch 'upstream/dev'	2022-05-02 12:10:13 +03:00
DanielGrunbergerCA	3ad0284394	support fixCOmmand	2022-05-02 11:50:12 +03:00
shm12	245ebf8c41	Merge pull request #496 from dwertent/master fixed saving error files	2022-05-02 10:42:28 +03:00
David Wertenteil	8309562da1	fixed saving error files	2022-05-01 22:33:37 +03:00
David Wertenteil	de807a65a6	Merge pull request #492 from dwertent/master Update docker build	2022-04-28 13:50:27 +03:00
David Wertenteil	92fe583421	Merge remote-tracking branch 'armosec/dev'	2022-04-28 13:04:20 +03:00
David Wertenteil	b7ec05e88a	adding tests	2022-04-28 13:03:51 +03:00
Daniel Grunberger	203e925888	Merge pull request #491 from dwertent/master Minor microservice features	2022-04-27 15:28:35 +03:00
David Wertenteil	fde5453bf3	docker user name	2022-04-27 15:25:27 +03:00
David Wertenteil	4c6a65565b	support keep in query	2022-04-26 09:31:48 +03:00
David Wertenteil	e60ecfb8f5	Merge pull request #488 from Daniel-GrunbergerCA/master Check for empty k8s resources in controls related to armo resources	2022-04-25 14:28:52 +03:00
DanielGrunbergerCA	b72e2610ca	check tat control is not nil	2022-04-25 12:14:48 +03:00
DanielGrunbergerCA	8d4bae06bc	check that control is present	2022-04-25 12:11:05 +03:00
DanielGrunbergerCA	847b597d0f	use iface	2022-04-25 09:32:28 +03:00
David Wertenteil	db1743f617	update docker user name	2022-04-19 16:04:02 +03:00
David Wertenteil	7ac1b8aacf	return resp object from http req	2022-04-17 14:40:24 +03:00
David Wertenteil	55f8cb1f0e	Merge pull request #489 from dwertent/master Submit repo metadata in context	2022-04-17 08:10:13 +03:00
David Wertenteil	93574736cd	update http handler	2022-04-14 11:05:45 +03:00
David Wertenteil	e43f4b1a37	update go mod	2022-04-13 15:47:26 +03:00
David Wertenteil	4ba33578ce	sent git repo context	2022-04-13 15:31:48 +03:00
DanielGrunbergerCA	ae00866005	Merge remote-tracking branch 'upstream/dev'	2022-04-13 11:31:03 +03:00
DanielGrunbergerCA	21cb4dae29	fix skipped for controlsd which use both armo and k8s resources	2022-04-13 11:30:51 +03:00
Rotem Refael	cf086e6614	Merge pull request #487 from armosec/dev Remove binary from repo	2022-04-11 17:20:18 +03:00
Daniel Grunberger	7d3ac98998	Merge pull request #486 from dwertent/master removed binary	2022-04-11 16:52:43 +03:00
David Wertenteil	5e9d01aec2	removed binary	2022-04-11 16:45:03 +03:00
Rotem Refael	a27d2d41f2	Merge pull request #484 from armosec/dev CLI improvement release	2022-04-11 15:48:10 +03:00
Daniel Grunberger	c09eabf347	Merge pull request #483 from dwertent/master update version check	2022-04-11 13:28:25 +03:00
David Wertenteil	38c2aed74a	update version check	2022-04-11 12:16:44 +03:00
David Wertenteil	cf70671dba	Merge pull request #482 from Daniel-GrunbergerCA/master Delete cloud logic from kubescape	2022-04-11 10:57:28 +03:00
Daniel Grunberger	f90ce83a74	Merge pull request #481 from dwertent/master fixed submit url	2022-04-11 10:56:51 +03:00
DanielGrunbergerCA	fab594ee32	rm context name	2022-04-11 10:56:30 +03:00
DanielGrunbergerCA	d25cefe355	rm error msg	2022-04-11 10:49:51 +03:00
DanielGrunbergerCA	747eee1d29	merge	2022-04-11 10:13:41 +03:00
DanielGrunbergerCA	0c43ee9ab8	Merge remote-tracking branch 'upstream/dev'	2022-04-11 10:13:20 +03:00
DanielGrunbergerCA	466f3acd71	change to ge contextname	2022-04-11 09:49:32 +03:00
DanielGrunbergerCA	80add4ef12	Merge branch 'errors-fix'	2022-04-11 09:18:59 +03:00
David Wertenteil	959319c335	fixed submit url	2022-04-11 09:12:30 +03:00
Rotem Refael	0e9ca547cb	Merge pull request #480 from dwertent/master update pkg name to v2	2022-04-11 08:35:18 +03:00
David Wertenteil	6e17e5ce7e	Call cmd pkg from root	2022-04-11 07:53:22 +03:00
David Wertenteil	858d7ac2ef	update pkg struct	2022-04-10 18:06:28 +03:00
Rotem Refael	4046321297	Merge pull request #467 from dwertent/master support yaml scan submit update metrics update cmd format	2022-04-10 17:03:21 +03:00
David Wertenteil	0cfdabd25a	remove v1 format	2022-04-10 16:26:59 +03:00
David Wertenteil	8b6cb6c5d8	adding logs	2022-04-10 11:55:35 +03:00
David Wertenteil	3df3b7766c	save policy in file	2022-04-10 09:33:44 +03:00
David Wertenteil	0d83654197	update resource table	2022-04-07 16:44:56 +03:00
David Wertenteil	bd9e44382e	format v2	2022-04-07 13:54:49 +03:00
David Wertenteil	2a7c20ea94	report format version	2022-04-07 11:59:19 +03:00
David Wertenteil	bde0dc9a17	convert score to int	2022-04-07 11:00:39 +03:00
David Wertenteil	7d7336ae01	support only one input	2022-04-07 09:53:44 +03:00
David Wertenteil	e5e608324d	send file meta	2022-04-06 16:11:57 +03:00
David Wertenteil	569c1444f7	Merge remote-tracking branch 'armosec/dev'	2022-04-06 09:45:32 +03:00
dwertent	dc5ef28324	update output	2022-04-06 09:29:28 +03:00
David Wertenteil	aea6c0eab8	Merge pull request #477 from Daniel-GrunbergerCA/master Fix error msg for cloud	2022-04-06 09:23:12 +03:00
DanielGrunbergerCA	c80a15d0cf	Merge remote-tracking branch 'upstream/dev'	2022-04-05 17:19:11 +03:00
DanielGrunbergerCA	1ddd57aa1d	fix error msg for cloud	2022-04-05 17:18:50 +03:00
David Wertenteil	55adb0da6b	Merge pull request #474 from Daniel-GrunbergerCA/master Fix posture control inputs for yaml scan	2022-04-05 16:28:39 +03:00
DanielGrunbergerCA	a716289cc8	go mod	2022-04-05 14:10:11 +03:00
DanielGrunbergerCA	093d71fff4	exit status 1	2022-04-05 14:05:31 +03:00
DanielGrunbergerCA	4fe40e348d	Merge branch 'master' of github.com:Daniel-GrunbergerCA/kubescape	2022-04-05 13:40:41 +03:00
DanielGrunbergerCA	29a67b806d	Merge remote-tracking branch 'upstream/dev'	2022-04-05 13:39:39 +03:00
DanielGrunbergerCA	0169f42747	Merge remote-tracking branch 'upstream/master'	2022-04-05 13:39:28 +03:00
DanielGrunbergerCA	ed45b09241	Merge remote-tracking branch 'upstream/dev' into errors-fix	2022-04-05 09:25:56 +03:00
DanielGrunbergerCA	107903cc99	Merge branch 'dev' into fix-errors	2022-04-05 09:24:32 +03:00
David Wertenteil	92e100c497	Merge branch 'dev' into master	2022-04-04 13:39:17 +03:00
DanielGrunbergerCA	536fe970f7	fix go mod	2022-04-04 12:31:45 +03:00
DanielGrunbergerCA	85526b06b6	fix control input for yaml scan	2022-04-04 12:27:30 +03:00
dwertent	d9b6c048d5	Merge remote-tracking branch 'armosec/dev'	2022-04-04 12:14:45 +03:00
David Wertenteil	7e46a6529a	Merge pull request #473 from Lucifergene/dev Added Severity Column with colored text	2022-04-04 12:14:35 +03:00
dwertent	2dc5fd80da	Merge remote-tracking branch 'armosec/dev'	2022-04-04 12:14:13 +03:00
dwertent	e89cc8ca24	register usesrs download from BE	2022-04-04 12:13:35 +03:00
dwertent	d39aeb0691	update metrics	2022-04-04 11:32:56 +03:00
Lucifergene	da9d98134a	Added Severity Column with colored text	2022-04-04 03:46:05 +05:30
David Wertenteil	9992a9a0e4	Merge pull request #472 from falconcode16/master Improved grammatical mistakes and typos	2022-04-03 10:03:15 +03:00
Rohit Patil	adc8a16e85	Improved grammatical mistakes and typos	2022-04-03 10:40:56 +05:30
DanielGrunbergerCA	13fb586ded	Merge remote-tracking branch 'upstream/dev' into dev	2022-03-30 17:37:01 +03:00
DanielGrunbergerCA	2e63982f5a	mv cloud logic to k8s-interface	2022-03-30 17:36:15 +03:00
dwertent	58b833c18a	support yaml scan submit	2022-03-28 09:40:11 +03:00
Rotem Refael	cb424eab00	Merge pull request #461 from armosec/dev Microservice support	2022-03-27 17:20:35 +03:00
Rotem Refael	9f2e18c3ee	Merge pull request #466 from dwertent/master udpate armo api types	2022-03-27 17:09:52 +03:00
dwertent	b44a73aea5	udpate armo api types	2022-03-27 17:07:17 +03:00
Rotem Refael	9c5759286f	Merge pull request #465 from dwertent/master Update url support	2022-03-27 16:29:01 +03:00
dwertent	74dc714736	use scan ID	2022-03-27 15:51:29 +03:00
dwertent	83751e22cc	fixed report sending	2022-03-27 15:37:11 +03:00
dwertent	db5fdd75c4	inserting scan source	2022-03-25 16:08:07 +03:00
dwertent	4be2104d4b	adding githubusercontent tests	2022-03-24 12:37:00 +02:00
dwertent	b6bab7618f	loading github token from env	2022-03-24 12:15:54 +02:00
dwertent	3e1fda6f3b	fixed test	2022-03-24 11:12:28 +02:00
dwertent	8487a031ee	fixed url scanning	2022-03-24 09:45:35 +02:00
David Wertenteil	efbb123fce	Merge pull request #464 from dwertent/master update error display	2022-03-23 09:27:58 +02:00
dwertent	5a335d4f1c	update error display	2022-03-23 09:05:36 +02:00
dwertent	5770a823d6	update readme	2022-03-23 08:47:24 +02:00
Rotem Refael	52d7be9108	Add kubescape covarage	2022-03-22 17:42:20 +02:00
David Wertenteil	9512b9c6c4	Merge pull request #463 from Daniel-GrunbergerCA/dev fix json printer	2022-03-22 09:14:59 +02:00
DanielGrunbergerCA	da9ab642ec	rm list initializtion	2022-03-22 09:07:55 +02:00
DanielGrunbergerCA	718ca1c7ab	fix json printer	2022-03-22 08:55:36 +02:00
DanielGrunbergerCA	ee3742c5a0	update opa-utils version	2022-03-21 15:36:17 +02:00
DanielGrunbergerCA	7eef843a7a	fix resources in report	2022-03-21 15:11:26 +02:00
David Wertenteil	b4a8b06f07	Merge pull request #462 from dwertent/master update get context	2022-03-21 09:09:12 +02:00
dwertent	4e13609985	update get context	2022-03-21 09:08:01 +02:00
David Wertenteil	2e5e4328f6	Merge pull request #460 from dwertent/master update readme	2022-03-20 11:30:37 +02:00
dwertent	d98a11a8fa	udpate badges	2022-03-20 11:28:56 +02:00
dwertent	bdb25cbb66	adding vs code to readme	2022-03-20 11:08:48 +02:00
David Wertenteil	369804cb6e	Merge pull request #459 from shm12/dev send scan metadata	2022-03-20 10:45:19 +02:00
shm12	1b08a92095	send scan metadata	2022-03-20 10:05:40 +02:00
David Wertenteil	e787454d53	Merge pull request #458 from dwertent/master fixed json output	2022-03-16 16:58:54 +02:00
dwertent	31d1ba663a	json output	2022-03-16 16:58:05 +02:00
David Wertenteil	c3731d8ff6	Merge pull request #457 from dwertent/master support frameworks from http request	2022-03-16 16:37:40 +02:00
dwertent	c5b46beb1a	support frameworks from http request	2022-03-16 16:33:03 +02:00
dwertent	c5ca576c98	Merge remote-tracking branch 'armosec/dev'	2022-03-16 15:27:10 +02:00
dwertent	eae6458b42	fixed cmd init	2022-03-16 15:26:59 +02:00
David Wertenteil	aa1aa913b6	Merge pull request #456 from Daniel-GrunbergerCA/dev Support status information	2022-03-16 15:17:49 +02:00
DanielGrunbergerCA	44084592cb	fixes	2022-03-16 14:16:48 +02:00
DanielGrunbergerCA	6cacfb7b16	refactor	2022-03-16 12:22:21 +02:00
DanielGrunbergerCA	6372ce5647	Merge branch 'dev'	2022-03-16 12:13:16 +02:00
DanielGrunbergerCA	306d3a7081	fix table display	2022-03-16 12:12:39 +02:00
DanielGrunbergerCA	442530061f	rm space	2022-03-16 12:09:53 +02:00
DanielGrunbergerCA	961a6f6ebc	Merge remote-tracking branch 'upstream/dev' into dev	2022-03-16 12:08:38 +02:00
DanielGrunbergerCA	0d0c8e1b97	support status info	2022-03-16 12:08:04 +02:00
David Wertenteil	5b843ba2c4	Merge pull request #455 from dwertent/master update prometheus format	2022-03-16 09:32:23 +02:00
dwertent	8f9b46cdbe	update prometheus format	2022-03-16 09:25:45 +02:00
David Wertenteil	e16885a044	Merge pull request #452 from dwertent/master update dockerfile and scan triggering	2022-03-15 22:12:31 +02:00
dwertent	06a2fa05be	add ks user to dockerfile	2022-03-15 22:10:27 +02:00
dwertent	d26f90b98e	update Prometheus yaml	2022-03-15 18:40:42 +02:00
David Wertenteil	b47c128eb3	Merge pull request #451 from dwertent/master update prometheus format	2022-03-15 17:12:07 +02:00
dwertent	9d957b3c77	update output	2022-03-15 17:04:59 +02:00
dwertent	8ec5615569	junit format	2022-03-15 16:50:39 +02:00
David Wertenteil	fae73b827a	Merge pull request #450 from dwertent/master build each pkg	2022-03-14 19:27:47 +02:00
dwertent	6477437872	update readme	2022-03-14 19:14:31 +02:00
dwertent	6099f46dea	adding docker build	2022-03-14 18:34:34 +02:00
Rotem Refael	5009e6ef47	change gif	2022-03-14 11:33:56 +02:00
Rotem Refael	c4450d3259	add web & CLI Interfaces	2022-03-14 11:27:57 +02:00
Rotem Refael	0c3339f1c9	update gif	2022-03-14 10:28:32 +02:00
Rotem Refael	faee3d5ad6	Add new video to readme	2022-03-14 10:14:55 +02:00
David Wertenteil	a279963b28	Merge pull request #449 from dwertent/master split to packages	2022-03-13 19:37:02 +02:00
dwertent	f7c0c95d3b	adding tests to build	2022-03-13 19:05:06 +02:00
dwertent	b8df07b547	fixed unitest	2022-03-13 18:59:39 +02:00
dwertent	d0e2730518	add cautils to core	2022-03-13 18:14:48 +02:00
dwertent	6dab82f01a	fixed output format	2022-03-13 15:03:22 +02:00
David Wertenteil	353a39d66a	Merge pull request #448 from dwertent/master microservice support	2022-03-10 17:17:35 +02:00
Rotem Refael	9733178228	Merge pull request #428 from armosec/dev Release	2022-03-06 11:51:59 +02:00