Merge pull request #507 from armosec/dev

- Adding Lens extension to readme - Supporting --view flag
Merge pull request #506 from dwertent/master
2026-04-15 06:58:11 +00:00 · 2022-05-12 10:26:14 +03:00 · 2022-05-11 23:11:48 +03:00 · 2022-05-11 08:22:31 +03:00 · 2022-05-11 08:20:32 +03:00 · 2022-05-10 15:48:54 +03:00
13 changed files with 47 additions and 19 deletions
--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ curl -s https://raw.githubusercontent.com/armosec/kubescape/master/install.sh |

 ## Run:
 ```
-kubescape scan --submit --enable-host-scan --format-version v2 --verbose
+kubescape scan --submit --enable-host-scan --verbose
 ```

 <img src="docs/summary.png">
@@ -276,6 +276,9 @@ kubescape submit results path/to/results.json

 Scan the YAML files while writing them using the [vs code extension](https://github.com/armosec/vscode-kubescape/blob/master/README.md) 

+## Lens Extension
+
+View Kubescape scan results directly in [Lens IDE](https://k8slens.dev/) using kubescape [Lens extension](https://github.com/armosec/lens-kubescape/blob/master/README.md)

 # Under the hood

--- a/cmd/scan/scan.go
+++ b/cmd/scan/scan.go
@@ -1,6 +1,8 @@
 package scan

 import (
+	"fmt"
+
 	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/meta"
@@ -73,6 +75,7 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Local, "keep-local", "", false, "If you do not want your Kubescape results reported to ARMO backend. Use this flag if you ran with the '--submit' flag in the past and you do not want to submit your current scan results")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Output, "output", "o", "", "Output file. Print output to file and not stdout")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.VerboseMode, "verbose", "v", false, "Display all of the input resources and not only failed resources")
+	scanCmd.PersistentFlags().StringVar(&scanInfo.View, "view", string(cautils.ResourceViewType), fmt.Sprintf("View results based on the %s/%s. default is --view=%s", cautils.ResourceViewType, cautils.ControlViewType, cautils.ResourceViewType))
 	scanCmd.PersistentFlags().BoolVar(&scanInfo.UseDefault, "use-default", false, "Load local policy object from default path. If not used will download latest")
 	scanCmd.PersistentFlags().StringSliceVar(&scanInfo.UseFrom, "use-from", nil, "Load local policy object from specified path. If not used will download latest")
 	scanCmd.PersistentFlags().BoolVarP(&scanInfo.Submit, "submit", "", false, "Send the scan results to ARMO management portal where you can see the results in a user-friendly UI, choose your preferred compliance framework, check risk results history and trends, manage exceptions, get remediation recommendations and much more. By default the results are not submitted")
--- a/core/cautils/scaninfo.go
+++ b/core/cautils/scaninfo.go
@@ -70,6 +70,13 @@ func (bpf *BoolPtrFlag) Set(val string) error {
 }

 // TODO - UPDATE
+type ViewTypes string
+
+const (
+	ResourceViewType ViewTypes = "resource"
+	ControlViewType  ViewTypes = "control"
+)
+
 type ScanInfo struct {
 	Getters                                              // TODO - remove from object
 	PolicyIdentifier   []reporthandling.PolicyIdentifier // TODO - remove from object
@@ -79,6 +86,7 @@ type ScanInfo struct {
 	UseDefault         bool                              // Load framework from cached file (instead of download). Use when running offline
 	UseArtifactsFrom   string                            // Load artifacts from local path. Use when running offline
 	VerboseMode        bool                              // Display all of the input resources and not only failed resources
+	View               string                            // Display all of the input resources and not only failed resources
 	Format             string                            // Format results (table, json, junit ...)
 	Output             string                            // Store results in an output file, Output file name
 	FormatVersion      string                            // Output object can be differnet between versions, this is for testing and backward compatibility
@@ -226,6 +234,7 @@ func scanInfoToScanMetadata(scanInfo *ScanInfo) *reporthandlingv2.Metadata {
 		metadata.ScanMetadata.TargetNames = append(metadata.ScanMetadata.TargetNames, policy.Name)
 	}

+	metadata.ScanMetadata.KubescapeVersion = BuildNumber
 	metadata.ScanMetadata.VerboseMode = scanInfo.VerboseMode
 	metadata.ScanMetadata.FailThreshold = scanInfo.FailThreshold
 	metadata.ScanMetadata.HostScanner = scanInfo.HostSensorEnabled.GetBool()
--- a/core/core/scan.go
+++ b/core/core/scan.go
@@ -96,7 +96,7 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 	reportHandler := getReporter(tenantConfig, scanInfo.ScanID, scanInfo.Submit, scanInfo.FrameworkScan)

 	// setup printer
-	printerHandler := resultshandling.NewPrinter(scanInfo.Format, scanInfo.FormatVersion, scanInfo.VerboseMode)
+	printerHandler := resultshandling.NewPrinter(scanInfo.Format, scanInfo.FormatVersion, scanInfo.VerboseMode, cautils.ViewTypes(scanInfo.View))
 	printerHandler.SetWriter(scanInfo.Output)

 	// ================== return interface ======================================
--- a/core/pkg/opaprocessor/processorhandler.go
+++ b/core/pkg/opaprocessor/processorhandler.go
@@ -180,6 +180,9 @@ func (opap *OPAProcessor) processRule(rule *reporthandling.PolicyRule) (map[stri
 				for j := range ruleResponses[i].FixPaths {
 					ruleResult.Paths = append(ruleResult.Paths, armotypes.PosturePaths{FixPath: ruleResponses[i].FixPaths[j]})
 				}
+				if ruleResponses[i].FixCommand != "" {
+					ruleResult.Paths = append(ruleResult.Paths, armotypes.PosturePaths{FixCommand: ruleResponses[i].FixCommand})
+				}
 				resources[failedResources[j].GetID()] = ruleResult
 			}
 		}
--- a/core/pkg/resultshandling/printer/v2/prettyprinter.go
+++ b/core/pkg/resultshandling/printer/v2/prettyprinter.go
@@ -19,14 +19,16 @@ import (

 type PrettyPrinter struct {
 	formatVersion string
+	viewType      cautils.ViewTypes
 	writer        *os.File
 	verboseMode   bool
 }

-func NewPrettyPrinter(verboseMode bool, formatVersion string) *PrettyPrinter {
+func NewPrettyPrinter(verboseMode bool, formatVersion string, viewType cautils.ViewTypes) *PrettyPrinter {
 	return &PrettyPrinter{
 		verboseMode:   verboseMode,
 		formatVersion: formatVersion,
+		viewType:      viewType,
 	}
 }

@@ -35,9 +37,15 @@ func (prettyPrinter *PrettyPrinter) ActionPrint(opaSessionObj *cautils.OPASessio

 	sortedControlNames := getSortedControlsNames(opaSessionObj.Report.SummaryDetails.Controls) // ListControls().All())

-	if prettyPrinter.verboseMode {
-		prettyPrinter.resourceTable(opaSessionObj)
+	switch prettyPrinter.viewType {
+	case cautils.ControlViewType:
+		prettyPrinter.printResults(&opaSessionObj.Report.SummaryDetails.Controls, opaSessionObj.AllResources, sortedControlNames)
+	case cautils.ResourceViewType:
+		if prettyPrinter.verboseMode {
+			prettyPrinter.resourceTable(opaSessionObj)
+		}
 	}
+
 	prettyPrinter.printSummaryTable(&opaSessionObj.Report.SummaryDetails, sortedControlNames)

 }
--- a/core/pkg/resultshandling/reporter/v2/reporteventreceiver.go
+++ b/core/pkg/resultshandling/reporter/v2/reporteventreceiver.go
@@ -113,6 +113,7 @@ func (report *ReportEventReceiver) GetURL() string {
 }
 func (report *ReportEventReceiver) sendResources(host string, opaSessionObj *cautils.OPASessionObj) error {
 	splittedPostureReport := report.setSubReport(opaSessionObj)
+
 	counter := 0
 	reportCounter := 0
 	if err := report.setResources(splittedPostureReport, opaSessionObj.AllResources, opaSessionObj.ResourceSource, &counter, &reportCounter, host); err != nil {
@@ -121,7 +122,6 @@ func (report *ReportEventReceiver) sendResources(host string, opaSessionObj *cau
 	if err := report.setResults(splittedPostureReport, opaSessionObj.ResourcesResult, &counter, &reportCounter, host); err != nil {
 		return err
 	}
-
 	return report.sendReport(host, splittedPostureReport, reportCounter, true)
 }
 func (report *ReportEventReceiver) setResults(reportObj *reporthandlingv2.PostureReport, results map[string]resourcesresults.Result, counter, reportCounter *int, host string) error {
--- a/core/pkg/resultshandling/results.go
+++ b/core/pkg/resultshandling/results.go
@@ -72,7 +72,7 @@ func (resultsHandler *ResultsHandler) HandleResults() error {
 }

 // NewPrinter defind output format
-func NewPrinter(printFormat, formatVersion string, verboseMode bool) printer.IPrinter {
+func NewPrinter(printFormat, formatVersion string, verboseMode bool, viewType cautils.ViewTypes) printer.IPrinter {

 	switch printFormat {
 	case printer.JsonFormat:
@@ -90,6 +90,6 @@ func NewPrinter(printFormat, formatVersion string, verboseMode bool) printer.IPr
 	case printer.PdfFormat:
 		return printerv2.NewPdfPrinter()
 	default:
-		return printerv2.NewPrettyPrinter(verboseMode, formatVersion)
+		return printerv2.NewPrettyPrinter(verboseMode, formatVersion, viewType)
 	}
 }
--- a/go.mod
+++ b/go.mod
@@ -3,10 +3,10 @@ module github.com/armosec/kubescape/v2
 go 1.17

 require (
-	github.com/armosec/armoapi-go v0.0.67
+	github.com/armosec/armoapi-go v0.0.73
 	github.com/armosec/go-git-url v0.0.4
 	github.com/armosec/k8s-interface v0.0.70
-	github.com/armosec/opa-utils v0.0.136
+	github.com/armosec/opa-utils v0.0.137
 	github.com/armosec/rbac-utils v0.0.14
 	github.com/armosec/utils-go v0.0.5
 	github.com/armosec/utils-k8s-go v0.0.6
--- a/go.sum
+++ b/go.sum
@@ -113,8 +113,9 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armosec/armoapi-go v0.0.2/go.mod h1:vIK17yoKbJRQyZXWWLe3AqfqCRITxW8qmSkApyq5xFs=
 github.com/armosec/armoapi-go v0.0.23/go.mod h1:iaVVGyc23QGGzAdv4n+szGQg3Rbpixn9yQTU3qWRpaw=
-github.com/armosec/armoapi-go v0.0.67 h1:XHm3nasLjzQBQJVQKVCA9MpFVQsqyl6JnN4lx2IVHpU=
 github.com/armosec/armoapi-go v0.0.67/go.mod h1:/9SQAgtLbYkfFneRRm/zkIn3zz+4Y2xv6N3vtFcyF8s=
+github.com/armosec/armoapi-go v0.0.73 h1:LMf+eCkkf+W9NVvOzHKFgVUEpBMvh27M7//UQP3aiO8=
+github.com/armosec/armoapi-go v0.0.73/go.mod h1:/9SQAgtLbYkfFneRRm/zkIn3zz+4Y2xv6N3vtFcyF8s=
 github.com/armosec/go-git-url v0.0.4 h1:emG9Yfl53rHpuX41fXLD92ehzhRoNSSnGT6Pr7ogWMY=
 github.com/armosec/go-git-url v0.0.4/go.mod h1:PJqdEyJyFxTQvawBcyOM0Ies6+uezire5gpwfr1XX5M=
 github.com/armosec/k8s-interface v0.0.8/go.mod h1:xxS+V5QT3gVQTwZyAMMDrYLWGrfKOpiJ7Jfhfa0w9sM=
@@ -122,8 +123,8 @@ github.com/armosec/k8s-interface v0.0.37/go.mod h1:vHxGWqD/uh6+GQb9Sqv7OGMs+Rvc2
 github.com/armosec/k8s-interface v0.0.70 h1:NU3UIaNl7H3hsRecwggiaQbZXTwXtOKg3GOBjq6/XJw=
 github.com/armosec/k8s-interface v0.0.70/go.mod h1:8NX4xWXh8mwW7QyZdZea1czNdM2azCK9BbUNmiZYXW0=
 github.com/armosec/opa-utils v0.0.64/go.mod h1:6tQP8UDq2EvEfSqh8vrUdr/9QVSCG4sJfju1SXQOn4c=
-github.com/armosec/opa-utils v0.0.136 h1:WOflXgweEUZAbLwyB18x8cbIftGhp2M2UngGxIvQEPY=
-github.com/armosec/opa-utils v0.0.136/go.mod h1:mCFQzz4E227f7V2jQVQ9XCivkNNK3UWCTaZ0HE5rBWk=
+github.com/armosec/opa-utils v0.0.137 h1:KAkxWYnnTef8ofixJ198Zs4Xs7MOh32+yMUyFY7I8DA=
+github.com/armosec/opa-utils v0.0.137/go.mod h1:mCFQzz4E227f7V2jQVQ9XCivkNNK3UWCTaZ0HE5rBWk=
 github.com/armosec/rbac-utils v0.0.1/go.mod h1:pQ8CBiij8kSKV7aeZm9FMvtZN28VgA7LZcYyTWimq40=
 github.com/armosec/rbac-utils v0.0.14 h1:CKYKcgqJEXWF2Hen/B1pVGtS3nDAG1wp9dDv6oNtq90=
 github.com/armosec/rbac-utils v0.0.14/go.mod h1:Ex/IdGWhGv9HZq6Hs8N/ApzCKSIvpNe/ETqDfnuyah0=
--- a/httphandler/go.mod
+++ b/httphandler/go.mod
@@ -6,7 +6,7 @@ replace github.com/armosec/kubescape/v2 => ../

 require (
 	github.com/armosec/kubescape/v2 v2.0.0-00010101000000-000000000000
-	github.com/armosec/opa-utils v0.0.136
+	github.com/armosec/opa-utils v0.0.137
 	github.com/armosec/utils-go v0.0.5
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/mux v1.8.0
@@ -28,7 +28,7 @@ require (
 	github.com/Azure/go-autorest/logger v0.2.1 // indirect
 	github.com/Azure/go-autorest/tracing v0.6.0 // indirect
 	github.com/OneOfOne/xxhash v1.2.8 // indirect
-	github.com/armosec/armoapi-go v0.0.67 // indirect
+	github.com/armosec/armoapi-go v0.0.73 // indirect
 	github.com/armosec/go-git-url v0.0.4 // indirect
 	github.com/armosec/k8s-interface v0.0.70 // indirect
 	github.com/armosec/rbac-utils v0.0.14 // indirect
--- a/httphandler/go.sum
+++ b/httphandler/go.sum
@@ -113,8 +113,9 @@ github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armosec/armoapi-go v0.0.2/go.mod h1:vIK17yoKbJRQyZXWWLe3AqfqCRITxW8qmSkApyq5xFs=
 github.com/armosec/armoapi-go v0.0.23/go.mod h1:iaVVGyc23QGGzAdv4n+szGQg3Rbpixn9yQTU3qWRpaw=
-github.com/armosec/armoapi-go v0.0.67 h1:XHm3nasLjzQBQJVQKVCA9MpFVQsqyl6JnN4lx2IVHpU=
 github.com/armosec/armoapi-go v0.0.67/go.mod h1:/9SQAgtLbYkfFneRRm/zkIn3zz+4Y2xv6N3vtFcyF8s=
+github.com/armosec/armoapi-go v0.0.73 h1:LMf+eCkkf+W9NVvOzHKFgVUEpBMvh27M7//UQP3aiO8=
+github.com/armosec/armoapi-go v0.0.73/go.mod h1:/9SQAgtLbYkfFneRRm/zkIn3zz+4Y2xv6N3vtFcyF8s=
 github.com/armosec/go-git-url v0.0.4 h1:emG9Yfl53rHpuX41fXLD92ehzhRoNSSnGT6Pr7ogWMY=
 github.com/armosec/go-git-url v0.0.4/go.mod h1:PJqdEyJyFxTQvawBcyOM0Ies6+uezire5gpwfr1XX5M=
 github.com/armosec/k8s-interface v0.0.8/go.mod h1:xxS+V5QT3gVQTwZyAMMDrYLWGrfKOpiJ7Jfhfa0w9sM=
@@ -122,8 +123,8 @@ github.com/armosec/k8s-interface v0.0.37/go.mod h1:vHxGWqD/uh6+GQb9Sqv7OGMs+Rvc2
 github.com/armosec/k8s-interface v0.0.70 h1:NU3UIaNl7H3hsRecwggiaQbZXTwXtOKg3GOBjq6/XJw=
 github.com/armosec/k8s-interface v0.0.70/go.mod h1:8NX4xWXh8mwW7QyZdZea1czNdM2azCK9BbUNmiZYXW0=
 github.com/armosec/opa-utils v0.0.64/go.mod h1:6tQP8UDq2EvEfSqh8vrUdr/9QVSCG4sJfju1SXQOn4c=
-github.com/armosec/opa-utils v0.0.136 h1:WOflXgweEUZAbLwyB18x8cbIftGhp2M2UngGxIvQEPY=
-github.com/armosec/opa-utils v0.0.136/go.mod h1:mCFQzz4E227f7V2jQVQ9XCivkNNK3UWCTaZ0HE5rBWk=
+github.com/armosec/opa-utils v0.0.137 h1:KAkxWYnnTef8ofixJ198Zs4Xs7MOh32+yMUyFY7I8DA=
+github.com/armosec/opa-utils v0.0.137/go.mod h1:mCFQzz4E227f7V2jQVQ9XCivkNNK3UWCTaZ0HE5rBWk=
 github.com/armosec/rbac-utils v0.0.1/go.mod h1:pQ8CBiij8kSKV7aeZm9FMvtZN28VgA7LZcYyTWimq40=
 github.com/armosec/rbac-utils v0.0.14 h1:CKYKcgqJEXWF2Hen/B1pVGtS3nDAG1wp9dDv6oNtq90=
 github.com/armosec/rbac-utils v0.0.14/go.mod h1:Ex/IdGWhGv9HZq6Hs8N/ApzCKSIvpNe/ETqDfnuyah0=
--- a/install.sh
+++ b/install.sh
@@ -54,6 +54,6 @@ echo -e "\033[0m"
 $KUBESCAPE_EXEC version
 echo

-echo -e "\033[35mUsage: $ $KUBESCAPE_EXEC scan --submit --enable-host-scan --format-version v2 --verbose"
+echo -e "\033[35mUsage: $ $KUBESCAPE_EXEC scan --submit --enable-host-scan --verbose"

 echo -e "\033[0m"
Author	SHA1	Message	Date
Rotem Refael	afb6ea1d9c	Merge pull request #507 from armosec/dev - Adding Lens extension to readme - Supporting --view flag	2022-05-12 10:26:14 +03:00
David Wertenteil	39d6d1fd26	Merge pull request #506 from dwertent/master Adding `view` flag	2022-05-11 23:11:48 +03:00
David Wertenteil	2dff63b101	rm format-vers flag from examples	2022-05-11 08:22:31 +03:00
David Wertenteil	b928892f0a	erge remote-tracking branch 'armosec/dev'	2022-05-11 08:20:32 +03:00
David Wertenteil	c0188ea51d	Merge pull request #505 from amirmalka/dev Updated readme - Lens extension	2022-05-10 15:48:54 +03:00
David Wertenteil	fa376ed5a4	support control view	2022-05-10 14:36:07 +03:00
Amir Malka	61d6c2dd1f	Updated readme - Lens extension	2022-05-09 18:03:01 +03:00
Amir Malka	44194f0b4e	Updated readme - Lens extension	2022-05-09 16:46:50 +03:00
David Wertenteil	b3d16875d6	Merge pull request #493 from armosec/dev Microservice support	2022-05-03 15:14:24 +03:00
shm12	47412c89ca	Merge pull request #501 from dwertent/master Report ks version	2022-05-03 14:45:56 +03:00
David Wertenteil	20d65f2ed3	Merge remote-tracking branch 'armosec/dev'	2022-05-03 14:27:39 +03:00
David Wertenteil	46a559fb1d	reprot ks version	2022-05-03 14:23:23 +03:00
David Wertenteil	2769b22721	Merge pull request #499 from dwertent/master return response object	2022-05-03 13:28:02 +03:00
David Wertenteil	333b55a9f2	Merge pull request #497 from Daniel-GrunbergerCA/master support fixCommand	2022-05-02 13:35:49 +03:00
DanielGrunbergerCA	c6d3fd1a82	check that fixCOmmand is not nul	2022-05-02 13:26:15 +03:00
DanielGrunbergerCA	8106133ed0	go mod	2022-05-02 12:15:25 +03:00
DanielGrunbergerCA	b36111f63e	Merge remote-tracking branch 'upstream/dev'	2022-05-02 12:10:13 +03:00
DanielGrunbergerCA	3ad0284394	support fixCOmmand	2022-05-02 11:50:12 +03:00
shm12	245ebf8c41	Merge pull request #496 from dwertent/master fixed saving error files	2022-05-02 10:42:28 +03:00
David Wertenteil	de807a65a6	Merge pull request #492 from dwertent/master Update docker build	2022-04-28 13:50:27 +03:00
Rotem Refael	cf086e6614	Merge pull request #487 from armosec/dev Remove binary from repo	2022-04-11 17:20:18 +03:00
Rotem Refael	a27d2d41f2	Merge pull request #484 from armosec/dev CLI improvement release	2022-04-11 15:48:10 +03:00