use ks namespace

refactor: Rename branded entities to Kubescape

.github/workflows/build.yaml

@@ -3,6 +3,9 @@ name: build
 on:
   push:
     branches: [ master ]
+    paths-ignore:
+      # Do not run the pipeline if only Markdown files changed
+      - '**.md'
 jobs:
   once:
     name: Create release
@@ -29,19 +32,65 @@ jobs:
         os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
       - uses: actions/checkout@v3
+        with:
+          submodules: recursive
+
+      - name: Cache Go modules (Linux)
+        if: matrix.os == 'ubuntu-latest' 
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Cache Go modules (macOS)
+        if: matrix.os == 'macos-latest' 
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/Library/Caches/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Cache Go modules (Windows)
+        if: matrix.os == 'windows-latest'
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~\AppData\Local\go-build
+            ~\go\pkg\mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
           go-version: 1.18
       # - name: Test cmd pkg
       #   run: cd cmd && go test -v ./...
+
+      - name: Install MSYS2 & libgit2 (Windows)
+        shell: cmd
+        run: .\build.bat all
+        if: matrix.os == 'windows-latest'
+
+      - name: Install libgit2 (Linux/macOS)
+        run: make libgit2
+        if: matrix.os != 'windows-latest'
+
       - name: Test core pkg
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: go test -v ./...
+        run: go test -tags=static -v ./...
 
       - name: Test httphandler pkg
-        run: cd httphandler && go test -v ./...
+        run: cd httphandler && go test -tags=static -v ./...
 
       - name: Build
         env:
@@ -51,7 +100,7 @@ jobs:
           ArmoAuthServer: auth.armo.cloud
           ArmoERServer: report.armo.cloud
           ArmoWebsite: portal.armo.cloud
-          CGO_ENABLED: 0
+          CGO_ENABLED: 1
         run: python3 --version && python3 build.py
       
       - name: Smoke Testing
@@ -93,6 +142,8 @@ jobs:
 
     steps:
       - uses: actions/checkout@v2
+        with:
+          submodules: recursive
 
       - name: Set image version
         id: image-version

.github/workflows/build_dev.yaml

@@ -3,6 +3,9 @@ name: build-dev
 on:
   push:
     branches: [ dev ]
+    paths-ignore:
+      # Do not run the pipeline if only Markdown files changed
+      - '**.md'
 jobs:
   build:
     name: Create cross-platform dev build
@@ -12,6 +15,42 @@ jobs:
         os: [ubuntu-latest, macos-latest, windows-latest]
     steps:
       - uses: actions/checkout@v3
+        with:
+          submodules: recursive
+      
+      - name: Cache Go modules (Linux)
+        if: matrix.os == 'ubuntu-latest' 
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Cache Go modules (macOS)
+        if: matrix.os == 'macos-latest' 
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/Library/Caches/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Cache Go modules (Windows)
+        if: matrix.os == 'windows-latest'
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~\AppData\Local\go-build
+            ~\go\pkg\mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
@@ -28,13 +67,22 @@ jobs:
       # - name: Test cmd pkg
       #   run: cd cmd && go test -v ./...
 
+      - name: Install MSYS2 & libgit2 (Windows)
+        shell: cmd
+        run: .\build.bat all
+        if: matrix.os == 'windows-latest'
+
+      - name: Install libgit2 (Linux/macOS)
+        run: make libgit2
+        if: matrix.os != 'windows-latest'
+
       - name: Test core pkg
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: go test -v ./...
+        run: go test -tags=static -v ./...
 
       - name: Test httphandler pkg
-        run: cd httphandler && go test -v ./...
+        run: cd httphandler && go test -tags=static -v ./...
 
       - name: Build
         env:
@@ -44,7 +92,7 @@ jobs:
           ArmoAuthServer: auth.armo.cloud
           ArmoERServer: report.armo.cloud
           ArmoWebsite: portal.armo.cloud
-          CGO_ENABLED: 0
+          CGO_ENABLED: 1
         run: python3 --version && python3 build.py
       
       - name: Smoke Testing
@@ -71,6 +119,8 @@ jobs:
 
     steps:
       - uses: actions/checkout@v2
+        with:
+          submodules: recursive
 
       - name: Set image version
         id: image-version

.github/workflows/master_pr_checks.yaml

@@ -1,48 +0,0 @@
-name: master-pr
-
-on:
-  pull_request:
-    branches: [ master ]
-    types: [ edited, opened, synchronize, reopened ]
-jobs:
-  build:
-    name: Create cross-platform build
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [ubuntu-latest, macos-latest, windows-latest]
-    steps:
-      - uses: actions/checkout@v3
-      - name: Set up Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: 1.18
-
-      # - name: Test cmd pkg
-      #   run: cd cmd && go test -v ./...
-      
-      - name: Test core pkg
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: go test -v ./...
-
-      - name: Test httphandler pkg
-        run: cd httphandler && go test -v ./...
-
-      - name: Build
-        env:
-          RELEASE: v2.0.${{ github.run_number }} 
-          CLIENT: test
-          ArmoBEServer: api.armo.cloud
-          ArmoAuthServer: auth.armo.cloud
-          ArmoERServer: report.armo.cloud
-          ArmoWebsite: portal.armo.cloud
-          CGO_ENABLED: 0
-        run: python3 --version && python3 build.py
-
-      - name: Smoke Testing
-        env:
-          RELEASE: v2.0.${{ github.run_number }} 
-          KUBESCAPE_SKIP_UPDATE_CHECK: "true"
-        run: python3 smoke_testing/init.py ${PWD}/build/${{ matrix.os }}/kubescape
-        

.github/workflows/pr_checks.yaml

@@ -0,0 +1,96 @@
+name: pr-checks
+
+on:
+  pull_request:
+    branches: [ master, dev ]
+    types: [ edited, opened, synchronize, reopened ]
+    paths-ignore:
+      # Do not run the pipeline if only Markdown files changed
+      - '**.md'
+jobs:
+  build:
+    name: Create cross-platform build
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          submodules: recursive
+
+      - name: Cache Go modules (Linux)
+        if: matrix.os == 'ubuntu-latest' 
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Cache Go modules (macOS)
+        if: matrix.os == 'macos-latest' 
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/Library/Caches/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Cache Go modules (Windows)
+        if: matrix.os == 'windows-latest'
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~\AppData\Local\go-build
+            ~\go\pkg\mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.18
+
+      - name: Install MSYS2 & libgit2 (Windows)
+        shell: cmd
+        run: .\build.bat all
+        if: matrix.os == 'windows-latest'
+
+      - name: Install libgit2 (Linux/macOS)
+        run: make libgit2
+        if: matrix.os != 'windows-latest'
+
+      # - name: Test cmd pkg
+      #   run: cd cmd && go test -v ./...
+      
+      - name: Test core pkg
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: go test -tags=static -v ./...
+
+      - name: Test httphandler pkg
+        run: cd httphandler && go test -tags=static -v ./...
+
+      - name: Build
+        env:
+          RELEASE: v2.0.${{ github.run_number }} 
+          CLIENT: test
+          ArmoBEServer: api.armo.cloud
+          ArmoAuthServer: auth.armo.cloud
+          ArmoERServer: report.armo.cloud
+          ArmoWebsite: portal.armo.cloud
+          CGO_ENABLED: 1
+        run: python3 --version && python3 build.py
+
+      - name: Smoke Testing
+        env:
+          RELEASE: v2.0.${{ github.run_number }} 
+          KUBESCAPE_SKIP_UPDATE_CHECK: "true"
+        run: python3 smoke_testing/init.py ${PWD}/build/${{ matrix.os }}/kubescape
+        

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "git2go"]
+	path = git2go
+	url = https://github.com/libgit2/git2go.git

Makefile

@@ -0,0 +1,20 @@
+.PHONY: test all build libgit2
+
+# default task invoked while running make
+all: libgit2 build
+
+export CGO_ENABLED=1
+
+# build and install libgit2
+libgit2:
+	git submodule update --init --recursive
+	cd git2go; make install-static
+
+# go build tags
+TAGS = "static"
+
+build:
+	go build -v -tags=$(TAGS) .
+
+test:
+	go test -v -tags=$(TAGS) ./...

README.md

@@ -6,7 +6,7 @@
 
 
 Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning. 
-Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the [NSA-CISA](https://www.armosec.io/blog/kubernetes-hardening-guidance-summary-by-armo) , [MITRE ATT&CK®](https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/)), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time.
+Kubescape scans K8s clusters, YAML files, and HELM charts, detecting misconfigurations according to multiple frameworks (such as the [NSA-CISA](https://www.armosec.io/blog/kubernetes-hardening-guidance-summary-by-armo/?utm_source=github&utm_medium=repository), [MITRE ATT&CK®](https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/)), software vulnerabilities, and RBAC (role-based-access-control) violations at early stages of the CI/CD pipeline, calculates risk score instantly and shows risk trends over time.
 It became one of the fastest-growing Kubernetes tools among developers due to its easy-to-use CLI interface, flexible output formats, and automated scanning capabilities, saving Kubernetes users and admins’ precious time, effort, and resources.
 Kubescape integrates natively with other DevOps tools, including Jenkins, CircleCI, Github workflows, Prometheus, and Slack, and supports multi-cloud K8s deployments like EKS, GKE, and AKS.
 
@@ -66,7 +66,7 @@ Want to contribute? Want to discuss something? Have an issue?
 
 * Feel free to pick a task from the [roadmap](docs/roadmap.md) or suggest a feature of your own. [Contact us](MAINTAINERS.md) directly for more information :) 
 * Open a issue, we are trying to respond within 48 hours
-* [Join us](https://armosec.github.io/kubescape/) in a discussion on our discord server!
+* [Join us](https://armosec.github.io/kubescape) in a discussion on our discord server!
 
 [<img src="docs/discord-banner.png" width="100" alt="logo" align="center">](https://armosec.github.io/kubescape/)
 ![discord](https://img.shields.io/discord/893048809884643379)
@@ -74,10 +74,10 @@ Want to contribute? Want to discuss something? Have an issue?
 
 # Options and examples
 
-[Kubescape docs](https://hub.armo.cloud/docs)
+[Kubescape docs](https://hub.armosec.io/docs?utm_source=github&utm_medium=repository)
 
 ## Playground
-* [Kubescape playground](https://www.katacoda.com/pathaksaiyam/scenarios/kubescape)
+* [Kubescape playground](https://killercoda.com/saiyampathak/scenario/kubescape)
 
 ## Tutorials
 
@@ -89,6 +89,8 @@ Want to contribute? Want to discuss something? Have an issue?
 * [Configure and run customized frameworks](https://youtu.be/12Sanq_rEhs)
 * Customize controls configurations. [Kubescape CLI](https://youtu.be/955psg6TVu4), [Kubescape SaaS](https://youtu.be/lIMVSVhH33o)
 
+<details><summary>Windows</summary>
+
 ## Install on Windows
 
 **Requires powershell v5.0+**
@@ -102,15 +104,21 @@ Note: if you get an error you might need to change the execution policy (i.e. en
 ``` powershell
 Set-ExecutionPolicy RemoteSigned -scope CurrentUser
 ```
+</details>
+
+<details><summary>MacOS</summary>
 
 ## Install on macOS
 
 1. ```sh
-    brew tap armosec/kubescape
+    brew tap kubescape/tap
     ```
 2. ```sh
-    brew install kubescape
+    brew install kubescape-cli
     ```
+</details>
+
+<details><summary>Nix/NixOS</summary>
 
 ## Install on NixOS or with nix (Community)
 
@@ -144,35 +152,33 @@ home-manager:
 
 Or to your profile (not preferred): `nix-env --install -A nixpkgs.kubescape`
 
-## Install using Go
-
-With a sufficient version of `go` you can install and build with `go install github.com/armosec/kubescape/v2@latest`
+</details>
 
 ## Usage & Examples
 
 ### Examples
 
 
-#### Scan a running Kubernetes cluster and submit results to the [Kubescape SaaS version](https://portal.armo.cloud/)
+#### Scan a running Kubernetes cluster and submit results to the [Kubescape SaaS version](https://cloud.armosec.io?utm_source=github&utm_medium=repository)
 ```
 kubescape scan --submit --enable-host-scan  --verbose
 ```
 
-> Read [here](https://hub.armo.cloud/docs/host-sensor) more about the `enable-host-scan` flag
+> Read [here](https://hub.armosec.io/docs/host-sensor?utm_source=github&utm_medium=repository) more about the `enable-host-scan` flag
 
-#### Scan a running Kubernetes cluster with [`nsa`](https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/) framework and submit results to the [Kubescape SaaS version](https://portal.armo.cloud/)
+#### Scan a running Kubernetes cluster with [`nsa`](https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/2716980/nsa-cisa-release-kubernetes-hardening-guidance/) framework and submit results to the [Kubescape SaaS version](https://cloud.armosec.io?utm_source=github&utm_medium=repository)
 ```
 kubescape scan framework nsa --submit
 ```
 
 
-#### Scan a running Kubernetes cluster with [`MITRE ATT&CK®`](https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/) framework and submit results to the [Kubescape SaaS version](https://portal.armo.cloud/)
+#### Scan a running Kubernetes cluster with [`MITRE ATT&CK®`](https://www.microsoft.com/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/) framework and submit results to the [Kubescape SaaS version](https://cloud.armosec.io?utm_source=github&utm_medium=repository)
 ```
 kubescape scan framework mitre --submit
 ```
 
 
-#### Scan a running Kubernetes cluster with a specific control using the control name or control ID. [List of controls](https://hub.armo.cloud/docs/controls) 
+#### Scan a running Kubernetes cluster with a specific control using the control name or control ID. [List of controls](https://hub.armosec.io/docs/controls?utm_source=github&utm_medium=repository) 
 ```
 kubescape scan control "Privileged container"
 ```
@@ -187,12 +193,12 @@ kubescape scan --include-namespaces development,staging,production
 kubescape scan --exclude-namespaces kube-system,kube-public
 ```
 
-#### Scan local `yaml`/`json` files before deploying. [Take a look at the demonstration](https://youtu.be/Ox6DaR7_4ZI) Submit the results in case the directory is a git repo. [docs](https://hub.armo.cloud/docs/repository-scanning)
+#### Scan local `yaml`/`json` files before deploying. [Take a look at the demonstration](https://youtu.be/Ox6DaR7_4ZI) Submit the results in case the directory is a git repo. [docs](https://hub.armosec.io/docs/repository-scanning?utm_source=github&utm_medium=repository)
 ```
 kubescape scan *.yaml --submit
 ```
 
-#### Scan kubernetes manifest files from a git repository [and submit the results](https://hub.armo.cloud/docs/repository-scanning)
+#### Scan kubernetes manifest files from a git repository [and submit the results](https://hub.armosec.io/docs/repository-scanning?utm_source=github&utm_medium=repository)
 ```
 kubescape scan https://github.com/armosec/kubescape --submit
 ```
@@ -233,16 +239,11 @@ kubescape scan --format prometheus
 kubescape scan --exceptions examples/exceptions/exclude-kube-namespaces.json
 ```
 
-#### Scan Helm charts - Render the helm chart using [`helm template`](https://helm.sh/docs/helm/helm_template/) and pass to stdout
+#### Scan Helm charts 
 ```
-helm template [NAME] [CHART] [flags] --dry-run | kubescape scan -
+kubescape scan </path/to/directory> --submit
 ```
-
-e.g.
-```
-helm template bitnami/mysql --generate-name --dry-run | kubescape scan -
-```
-
+> Kubescape will load the default values file
 
 ### Offline/Air-gaped Environment Support
 
@@ -278,36 +279,10 @@ kubescape scan framework nsa --use-from /path/nsa.json
 ```
 
 
-## Scan Periodically using Helm - Contributed by [@yonahd](https://github.com/yonahd)  
-[Please follow the instructions here](https://hub.armo.cloud/docs/installation-of-armo-in-cluster)
+## Scan Periodically using Helm 
+[Please follow the instructions here](https://hub.armosec.io/docs/installation-of-armo-in-cluster?utm_source=github&utm_medium=repository)
 [helm chart repo](https://github.com/armosec/armo-helm)
 
-## Scan using docker image
-
-Official Docker image `quay.io/armosec/kubescape`
-
-```
-docker run -v "$(pwd)/example.yaml:/app/example.yaml  quay.io/armosec/kubescape scan /app/example.yaml
-```
-
-If you wish, you can [build the docker image on your own](build/README.md)
-
-# Submit data manually
-
-Use the `submit` command if you wish to submit data manually
-
-## Submit scan results manually
-
-> Support forward compatibility by using the `--format-version v2` flag
-
-First, scan your cluster using the `json` format flag: `kubescape scan framework <name> --format json --format-version v2 --output path/to/results.json`.
-
-Now you can submit the results to the Kubescape SaaS version -
-```
-kubescape submit results path/to/results.json
-```
-
-
 # Integrations
 
 ## VS Code Extension 
@@ -320,12 +295,116 @@ Scan the YAML files while writing them using the [vs code extension](https://git
 
 View Kubescape scan results directly in [Lens IDE](https://k8slens.dev/) using kubescape [Lens extension](https://github.com/armosec/lens-kubescape/blob/master/README.md)
 
+
+# Building Kubescape
+
+<details><summary>Windows</summary>
+
+## Windows
+
+1. Install MSYS2 & build libgit _(needed only for the first time)_
+
+    ```
+    build.bat all
+    ```
+
+> You can install MSYS2 separately by running `build.bat install` and build libgit2 separately by running `build.bat build`
+
+2. Build kubescape
+
+    ```
+    make build
+    ```
+
+    OR 
+
+    ```
+    go build -tags=static .
+    ```
+</details>
+
+<details><summary>Linux / MacOS</summary>
+
+## Linux / MacOS
+
+1. Install libgit2 dependency _(needed only for the first time)_
+   
+    ```
+    make libgit2
+    ```
+
+> `cmake` is required to build libgit2. You can install it by running `sudo apt-get install cmake` (Linux) or `brew install cmake` (macOS)
+
+2. Build kubescape
+
+    ```
+    make build
+    ```
+
+    OR 
+
+    ```
+    go build -tags=static .
+    ```
+
+3. Test
+
+    ```
+    make test
+    ```
+
+</details>
+
+## VS code configuration samples
+
+You can use the samples files below to setup your VS code environment for building and debugging purposes.
+
+
+<details><summary>.vscode/settings.json</summary>
+
+```json5
+// .vscode/settings.json
+{
+    "go.testTags": "static",
+    "go.buildTags": "static",
+    "go.toolsEnvVars": {
+        "CGO_ENABLED": "1"
+    }
+}
+```
+</details>
+
+<details><summary>.vscode/launch.json</summary>
+
+```json5
+// .vscode/launch.json
+{
+    "version": "0.2.0",
+    "configurations": [
+        {
+            "name": "Launch Package",
+            "type": "go",
+            "request": "launch",
+            "mode": "auto",
+            "program": "${workspaceFolder}/main.go",
+            "args": [
+                "scan",
+                "--logger",
+                "debug"
+            ],
+            "buildFlags": "-tags=static"
+        }
+    ]
+}
+```
+</details>
+
 # Under the hood
 
 ## Technology
-Kubescape based on OPA engine: https://github.com/open-policy-agent/opa and ARMO's posture controls.
+Kubescape based on [OPA engine](https://github.com/open-policy-agent/opa) and ARMO's posture controls.
 
-The tools retrieves Kubernetes objects from the API server and runs a set of [rego's snippets](https://www.openpolicyagent.org/docs/latest/policy-language/) developed by [ARMO](https://www.armosec.io/).
+The tools retrieves Kubernetes objects from the API server and runs a set of [rego's snippets](https://www.openpolicyagent.org/docs/latest/policy-language/) developed by [ARMO](https://www.armosec.io?utm_source=github&utm_medium=repository).
 
 The results by default printed in a pretty "console friendly" manner, but they can be retrieved in JSON format for further processing.
 

build.bat

@@ -0,0 +1,51 @@
+@ECHO OFF
+
+IF "%1"=="install" goto Install
+IF "%1"=="build" goto Build
+IF "%1"=="all" goto All
+IF "%1"=="" goto Error ELSE goto Error
+
+:Install
+
+if exist C:\MSYS64\ (
+    echo "MSYS2 already installed"
+) else (
+    mkdir temp_install & cd temp_install
+
+    echo "Downloading MSYS2..."
+    curl -L https://github.com/msys2/msys2-installer/releases/download/2022-06-03/msys2-x86_64-20220603.exe > msys2-x86_64-20220603.exe
+
+    echo "Installing MSYS2..."
+    msys2-x86_64-20220603.exe install --root C:\MSYS64 --confirm-command
+
+    cd .. && rmdir /s /q temp_install
+)
+
+
+echo "Adding MSYS2 to path..."
+SET "PATH=C:\MSYS64\mingw64\bin;C:\MSYS64\usr\bin;%PATH%"
+echo %PATH%
+
+echo "Installing MSYS2 packages..."
+pacman -S --needed --noconfirm make
+pacman -S --needed --noconfirm mingw-w64-x86_64-cmake
+pacman -S --needed --noconfirm mingw-w64-x86_64-gcc
+pacman -S --needed --noconfirm mingw-w64-x86_64-pkg-config
+pacman -S --needed --noconfirm msys2-w32api-runtime
+
+IF "%1"=="all" GOTO Build
+GOTO End
+
+:Build
+SET "PATH=C:\MSYS2\mingw64\bin;C:\MSYS2\usr\bin;%PATH%"
+make libgit2
+GOTO End
+
+:All
+GOTO Install
+
+:Error
+echo "Error: Unknown option"
+GOTO End
+
+:End

build.py

@@ -5,10 +5,6 @@ import platform
 import subprocess
 
 BASE_GETTER_CONST = "github.com/armosec/kubescape/v2/core/cautils/getter"
-BE_SERVER_CONST   = BASE_GETTER_CONST + ".ArmoBEURL"
-ER_SERVER_CONST   = BASE_GETTER_CONST + ".ArmoERURL"
-WEBSITE_CONST     = BASE_GETTER_CONST + ".ArmoFEURL"
-AUTH_SERVER_CONST = BASE_GETTER_CONST + ".armoAUTHURL"
 
 def check_status(status, msg):
     if status != 0:
@@ -41,10 +37,6 @@ def main():
     package_name = get_package_name()
     build_url = "github.com/armosec/kubescape/v2/core/cautils.BuildNumber"
     release_version = os.getenv("RELEASE")
-    armo_be_server = os.getenv("ArmoBEServer")
-    armo_er_server = os.getenv("ArmoERServer")
-    armo_website = os.getenv("ArmoWebsite")
-    armo_auth_server = os.getenv("ArmoAuthServer")
 
     client_var = "github.com/armosec/kubescape/v2/core/cautils.Client"
     client_name = os.getenv("CLIENT")
@@ -64,16 +56,8 @@ def main():
         ldflags += " -X {}={}".format(build_url, release_version)
     if client_name:
         ldflags += " -X {}={}".format(client_var, client_name)
-    if armo_be_server:
-        ldflags += " -X {}={}".format(BE_SERVER_CONST, armo_be_server)
-    if armo_er_server:
-        ldflags += " -X {}={}".format(ER_SERVER_CONST, armo_er_server)
-    if armo_website:
-        ldflags += " -X {}={}".format(WEBSITE_CONST, armo_website)
-    if armo_auth_server:
-        ldflags += " -X {}={}".format(AUTH_SERVER_CONST, armo_auth_server)
  
-    build_command = ["go", "build", "-o", ks_file, "-ldflags" ,ldflags]
+    build_command = ["go", "build", "-tags=static", "-o", ks_file, "-ldflags" ,ldflags]
 
     print("Building kubescape and saving here: {}".format(ks_file))
     print("Build command: {}".format(" ".join(build_command)))

build/Dockerfile

@@ -8,17 +8,21 @@ ENV CLIENT=$client
 
 ENV GO111MODULE=
 
-ENV CGO_ENABLED=0
+ENV CGO_ENABLED=1
 
 # Install required python/pip
 ENV PYTHONUNBUFFERED=1
-RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python
+RUN apk add --update --no-cache python3 git openssl-dev musl-dev gcc make cmake pkgconfig && ln -sf python3 /usr/bin/python
 RUN python3 -m ensurepip
 RUN pip3 install --no-cache --upgrade pip setuptools
 
 WORKDIR /work
 ADD . .
 
+# install libgit2
+WORKDIR /work
+RUN rm -rf git2go && make libgit2
+
 # build kubescape server
 WORKDIR /work/httphandler
 RUN python build.py

cmd/config/delete.go

@@ -1,9 +1,9 @@
 package config
 
 import (
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/meta"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 	"github.com/spf13/cobra"
 )
 

cmd/config/set.go

@@ -4,9 +4,9 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/meta"
 	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 	"github.com/spf13/cobra"
 )
 

cmd/config/view.go

@@ -3,9 +3,9 @@ package config
 import (
 	"os"
 
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/meta"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 	"github.com/spf13/cobra"
 )
 

cmd/delete/delete.go

@@ -25,8 +25,8 @@ func GetDeleteCmd(ks meta.IKubescape) *cobra.Command {
 		},
 	}
 	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
-	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
 
 	deleteCmd.AddCommand(getExceptionsCmd(ks, &deleteInfo))
 

cmd/delete/exceptions.go

@@ -4,9 +4,9 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/meta"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 	"github.com/spf13/cobra"
 )
 

cmd/download/download.go

@@ -6,10 +6,10 @@ import (
 	"strings"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/core"
 	"github.com/armosec/kubescape/v2/core/meta"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 	"github.com/spf13/cobra"
 )
 
@@ -74,8 +74,8 @@ func GeDownloadCmd(ks meta.IKubescape) *cobra.Command {
 	}
 
 	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
-	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
 	downloadCmd.Flags().StringVarP(&downloadInfo.Path, "output", "o", "", "Output file. If not specified, will save in `~/.kubescape/<policy name>.json`")
 
 	return downloadCmd

cmd/list/list.go

@@ -5,10 +5,10 @@ import (
 	"strings"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/core"
 	"github.com/armosec/kubescape/v2/core/meta"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 	"github.com/spf13/cobra"
 )
 
@@ -27,7 +27,7 @@ var (
   kubescape list controls --id 
   
   Control documentation:
-  https://hub.armo.cloud/docs/controls
+  https://hub.armosec.io/docs/controls
 `
 )
 
@@ -60,8 +60,8 @@ func GetListCmd(ks meta.IKubescape) *cobra.Command {
 		},
 	}
 	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
-	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
 	listCmd.PersistentFlags().StringVar(&listPolicies.Format, "format", "pretty-print", "output format. supported: 'pretty-printer'/'json'")
 	listCmd.PersistentFlags().BoolVarP(&listPolicies.ListIDs, "id", "", false, "List control ID's instead of controls names")
 

cmd/root.go

@@ -14,10 +14,10 @@ import (
 	"github.com/armosec/kubescape/v2/cmd/version"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/core"
 	"github.com/armosec/kubescape/v2/core/meta"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 
 	"github.com/spf13/cobra"
 )
@@ -47,13 +47,12 @@ func getRootCmd(ks meta.IKubescape) *cobra.Command {
 
 	rootCmd := &cobra.Command{
 		Use:     "kubescape",
-		Version: cautils.BuildNumber,
-		Short:   "Kubescape is a tool for testing Kubernetes security posture. Docs: https://hub.armo.cloud/docs",
+		Short:   "Kubescape is a tool for testing Kubernetes security posture. Docs: https://hub.armosec.io/docs",
 		Example: ksExamples,
 	}
 
-	rootCmd.PersistentFlags().StringVar(&rootInfo.ArmoBEURLsDep, "environment", "", envFlagUsage)
-	rootCmd.PersistentFlags().StringVar(&rootInfo.ArmoBEURLs, "env", "", envFlagUsage)
+	rootCmd.PersistentFlags().StringVar(&rootInfo.KSCloudBEURLsDep, "environment", "", envFlagUsage)
+	rootCmd.PersistentFlags().StringVar(&rootInfo.KSCloudBEURLs, "env", "", envFlagUsage)
 	rootCmd.PersistentFlags().MarkDeprecated("environment", "use 'env' instead")
 	rootCmd.PersistentFlags().MarkHidden("environment")
 	rootCmd.PersistentFlags().MarkHidden("env")

cmd/rootutils.go

@@ -6,8 +6,8 @@ import (
 	"strings"
 
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 
 	"github.com/mattn/go-isatty"
 )
@@ -55,10 +55,10 @@ func initCacheDir() {
 	logger.L().Debug("cache dir updated", helpers.String("path", getter.DefaultLocalStore))
 }
 func initEnvironment() {
-	if rootInfo.ArmoBEURLs == "" {
-		rootInfo.ArmoBEURLs = rootInfo.ArmoBEURLsDep
+	if rootInfo.KSCloudBEURLs == "" {
+		rootInfo.KSCloudBEURLs = rootInfo.KSCloudBEURLsDep
 	}
-	urlSlices := strings.Split(rootInfo.ArmoBEURLs, ",")
+	urlSlices := strings.Split(rootInfo.KSCloudBEURLs, ",")
 	if len(urlSlices) != 1 && len(urlSlices) < 3 {
 		logger.L().Fatal("expected at least 3 URLs (report, api, frontend, auth)")
 	}
@@ -66,24 +66,24 @@ func initEnvironment() {
 	case 1:
 		switch urlSlices[0] {
 		case "dev", "development":
-			getter.SetARMOAPIConnector(getter.NewARMOAPIDev())
+			getter.SetKSCloudAPIConnector(getter.NewKSCloudAPIDev())
 		case "stage", "staging":
-			getter.SetARMOAPIConnector(getter.NewARMOAPIStaging())
+			getter.SetKSCloudAPIConnector(getter.NewKSCloudAPIStaging())
 		case "":
-			getter.SetARMOAPIConnector(getter.NewARMOAPIProd())
+			getter.SetKSCloudAPIConnector(getter.NewKSCloudAPIProd())
 		default:
 			logger.L().Fatal("--environment flag usage: " + envFlagUsage)
 		}
 	case 2:
 		logger.L().Fatal("--environment flag usage: " + envFlagUsage)
 	case 3, 4:
-		var armoAUTHURL string
-		armoERURL := urlSlices[0] // mandatory
-		armoBEURL := urlSlices[1] // mandatory
-		armoFEURL := urlSlices[2] // mandatory
+		var ksAuthURL string
+		ksEventReceiverURL := urlSlices[0] // mandatory
+		ksBackendURL := urlSlices[1]       // mandatory
+		ksFrontendURL := urlSlices[2]      // mandatory
 		if len(urlSlices) >= 4 {
-			armoAUTHURL = urlSlices[3]
+			ksAuthURL = urlSlices[3]
 		}
-		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, armoFEURL, armoAUTHURL))
+		getter.SetKSCloudAPIConnector(getter.NewKSCloudAPICustomized(ksEventReceiverURL, ksBackendURL, ksFrontendURL, ksAuthURL))
 	}
 }

cmd/scan/control.go

@@ -6,12 +6,13 @@ import (
 	"os"
 	"strings"
 
-	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/meta"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+
 	"github.com/enescakir/emoji"
 	"github.com/spf13/cobra"
 )
@@ -30,7 +31,7 @@ var (
   Run 'kubescape list controls' for the list of supported controls
   
   Control documentation:
-  https://hub.armo.cloud/docs/controls
+  https://hub.armosec.io/docs/controls
 `
 )
 

cmd/scan/framework.go

@@ -6,12 +6,13 @@ import (
 	"os"
 	"strings"
 
-	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/meta"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+
 	"github.com/enescakir/emoji"
 	"github.com/spf13/cobra"
 )

cmd/scan/scan.go

@@ -3,9 +3,9 @@ package scan
 import (
 	"fmt"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/meta"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 	"github.com/spf13/cobra"
 )
 
@@ -64,8 +64,8 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	}
 
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
-	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.KubeContext, "kube-context", "", "", "Kube context. Default will use the current-context")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.ControlsInputs, "controls-config", "", "Path to an controls-config obj. If not set will download controls-config from ARMO management portal")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.UseExceptions, "exceptions", "", "Path to an exceptions obj. If not set will download exceptions from ARMO management portal")

cmd/submit/exceptions.go

@@ -3,16 +3,16 @@ package submit
 import (
 	"fmt"
 
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	"github.com/armosec/kubescape/v2/core/meta"
 	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
 
 	"github.com/spf13/cobra"
 )
 
 func getExceptionsCmd(ks meta.IKubescape, submitInfo *metav1.Submit) *cobra.Command {
 	return &cobra.Command{
-		Use:   "exceptions <full path to exceptins file>",
+		Use:   "exceptions <full path to exceptions file>",
 		Short: "Submit exceptions to the Kubescape SaaS version",
 		Args: func(cmd *cobra.Command, args []string) error {
 			if len(args) != 1 {

cmd/submit/rbac.go

@@ -1,27 +1,40 @@
 package submit
 
 import (
-	"github.com/armosec/k8s-interface/k8sinterface"
+	"fmt"
+
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/meta"
 	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	reporterv2 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v2"
+	"github.com/google/uuid"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 
-	reporterv1 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v1"
-
-	"github.com/armosec/rbac-utils/rbacscanner"
+	"github.com/kubescape/rbac-utils/rbacscanner"
 	"github.com/spf13/cobra"
 )
 
+var (
+	rbacExamples = `
+	# Submit cluster's Role-Based Access Control(RBAC)
+	kubescape submit rbac
+
+	# Submit cluster's Role-Based Access Control(RBAC) with account ID 
+	kubescape submit rbac --account <account-id>
+	`
+)
+
 // getRBACCmd represents the RBAC command
 func getRBACCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 	return &cobra.Command{
-		Use:   "rbac \nExample:\n$ kubescape submit rbac",
-		Short: "Submit cluster's Role-Based Access Control(RBAC)",
-		Long:  ``,
+		Use:     "rbac",
+		Example: rbacExamples,
+		Short:   "Submit cluster's Role-Based Access Control(RBAC)",
+		Long:    ``,
 		RunE: func(cmd *cobra.Command, args []string) error {
 
 			k8s := k8sinterface.NewKubernetesApi()
@@ -32,11 +45,15 @@ func getRBACCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 				logger.L().Error("failed setting account ID", helpers.Error(err))
 			}
 
+			if clusterConfig.GetAccountID() == "" {
+				return fmt.Errorf("account ID is not set, run 'kubescape submit rbac --account <account-id>'")
+			}
+
 			// list RBAC
 			rbacObjects := cautils.NewRBACObjects(rbacscanner.NewRbacScannerFromK8sAPI(k8s, clusterConfig.GetAccountID(), clusterConfig.GetContextName()))
 
 			// submit resources
-			r := reporterv1.NewReportEventReceiver(clusterConfig.GetConfigObj())
+			r := reporterv2.NewReportEventReceiver(clusterConfig.GetConfigObj(), uuid.NewString(), reporterv2.SubmitContextRBAC)
 
 			submitInterfaces := cliinterfaces.SubmitInterfaces{
 				ClusterConfig: clusterConfig,
@@ -62,7 +79,7 @@ func getKubernetesApi() *k8sinterface.KubernetesApi {
 }
 func getTenantConfig(credentials *cautils.Credentials, clusterName string, k8s *k8sinterface.KubernetesApi) cautils.ITenantConfig {
 	if !k8sinterface.IsConnectedToCluster() || k8s == nil {
-		return cautils.NewLocalConfig(getter.GetArmoAPIConnector(), credentials, clusterName)
+		return cautils.NewLocalConfig(getter.GetKSCloudAPIConnector(), credentials, clusterName)
 	}
-	return cautils.NewClusterConfig(k8s, getter.GetArmoAPIConnector(), credentials, clusterName)
+	return cautils.NewClusterConfig(k8s, getter.GetKSCloudAPIConnector(), credentials, clusterName)
 }

cmd/submit/results.go

@@ -4,20 +4,18 @@ import (
 	"encoding/json"
 	"fmt"
 	"os"
-	"time"
 
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	"github.com/google/uuid"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
+
 	"github.com/armosec/kubescape/v2/core/meta"
 	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
-	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
-	reporterv1 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v1"
 	reporterv2 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v2"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/google/uuid"
 	"github.com/spf13/cobra"
 )
 
@@ -37,19 +35,13 @@ func NewResultsObject(customerGUID, clusterName, filePath string) *ResultsObject
 	}
 }
 
-func (resultsObject *ResultsObject) SetResourcesReport() (*reporthandling.PostureReport, error) {
+func (resultsObject *ResultsObject) SetResourcesReport() (*reporthandlingv2.PostureReport, error) {
 	// load framework results from json file
-	frameworkReports, err := loadResultsFromFile(resultsObject.filePath)
+	report, err := loadResultsFromFile(resultsObject.filePath)
 	if err != nil {
 		return nil, err
 	}
-	return &reporthandling.PostureReport{
-		FrameworkReports:     frameworkReports,
-		ReportID:             uuid.NewString(),
-		ReportGenerationTime: time.Now().UTC(),
-		CustomerGUID:         resultsObject.customerGUID,
-		ClusterName:          resultsObject.clusterName,
-	}, nil
+	return report, nil
 }
 
 func (resultsObject *ResultsObject) ListAllResources() (map[string]workloadinterface.IMetadata, error) {
@@ -76,15 +68,7 @@ func getResultsCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 
 			resultsObjects := NewResultsObject(clusterConfig.GetAccountID(), clusterConfig.GetContextName(), args[0])
 
-			// submit resources
-			var r reporter.IReport
-			switch formatVersion {
-			case "v2":
-				r = reporterv2.NewReportEventReceiver(clusterConfig.GetConfigObj(), "")
-			default:
-				logger.L().Warning("Deprecated results version. run with '--format-version' flag", helpers.String("your version", formatVersion), helpers.String("latest version", "v2"))
-				r = reporterv1.NewReportEventReceiver(clusterConfig.GetConfigObj())
-			}
+			r := reporterv2.NewReportEventReceiver(clusterConfig.GetConfigObj(), uuid.NewString(), reporterv2.SubmitContextScan)
 
 			submitInterfaces := cliinterfaces.SubmitInterfaces{
 				ClusterConfig: clusterConfig,
@@ -102,18 +86,14 @@ func getResultsCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 
 	return resultsCmd
 }
-func loadResultsFromFile(filePath string) ([]reporthandling.FrameworkReport, error) {
-	frameworkReports := []reporthandling.FrameworkReport{}
+func loadResultsFromFile(filePath string) (*reporthandlingv2.PostureReport, error) {
+	report := &reporthandlingv2.PostureReport{}
 	f, err := os.ReadFile(filePath)
 	if err != nil {
 		return nil, err
 	}
-	if err = json.Unmarshal(f, &frameworkReports); err != nil {
-		frameworkReport := reporthandling.FrameworkReport{}
-		if err = json.Unmarshal(f, &frameworkReport); err != nil {
-			return frameworkReports, err
-		}
-		frameworkReports = append(frameworkReports, frameworkReport)
+	if err = json.Unmarshal(f, report); err != nil {
+		return report, fmt.Errorf("failed to unmarshal results file: %s, make sure you run kubescape with '--format=json --format-version=v2'", err.Error())
 	}
-	return frameworkReports, nil
+	return report, nil
 }

cmd/submit/submit.go

@@ -21,8 +21,8 @@ func GetSubmitCmd(ks meta.IKubescape) *cobra.Command {
 		},
 	}
 	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
-	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
 
 	submitCmd.AddCommand(getExceptionsCmd(ks, &submitInfo))
 	submitCmd.AddCommand(getResultsCmd(ks, &submitInfo))

core/cautils/customerloader.go

@@ -9,9 +9,9 @@ import (
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 	corev1 "k8s.io/api/core/v1"
 )
 
@@ -124,7 +124,7 @@ func (lc *LocalConfig) GetToken() string         { return lc.configObj.Token }
 func (lc *LocalConfig) IsConfigFound() bool      { return existsConfigFile() }
 func (lc *LocalConfig) SetTenant() error {
 
-	// ARMO tenant GUID
+	// Kubescape Cloud tenant GUID
 	if err := getTenantConfigFromBE(lc.backendAPI, lc.configObj); err != nil {
 		return err
 	}
@@ -145,7 +145,7 @@ func (lc *LocalConfig) DeleteCachedConfig() error {
 
 func getTenantConfigFromBE(backendAPI getter.IBackend, configObj *ConfigObj) error {
 
-	// get from armoBE
+	// get from Kubescape Cloud API
 	tenantResponse, err := backendAPI.GetTenant()
 	if err == nil && tenantResponse != nil {
 		if tenantResponse.AdminMail != "" { // registered tenant
@@ -487,13 +487,13 @@ func getConfigMapNamespace() string {
 
 func getAccountFromEnv(credentials *Credentials) {
 	// load from env
-	if accountID := os.Getenv("KS_ACCOUNT_ID"); credentials.Account != "" && accountID != "" {
+	if accountID := os.Getenv("KS_ACCOUNT_ID"); credentials.Account == "" && accountID != "" {
 		credentials.Account = accountID
 	}
-	if clientID := os.Getenv("KS_CLIENT_ID"); credentials.ClientID != "" && clientID != "" {
+	if clientID := os.Getenv("KS_CLIENT_ID"); credentials.ClientID == "" && clientID != "" {
 		credentials.ClientID = clientID
 	}
-	if secretKey := os.Getenv("KS_SECRET_KEY"); credentials.SecretKey != "" && secretKey != "" {
+	if secretKey := os.Getenv("KS_SECRET_KEY"); credentials.SecretKey == "" && secretKey != "" {
 		credentials.SecretKey = secretKey
 	}
 }

core/cautils/datastructures.go

@@ -2,25 +2,24 @@ package cautils
 
 import (
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
-	apis "github.com/armosec/opa-utils/reporthandling/apis"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/resourcesresults"
-	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
+	apis "github.com/kubescape/opa-utils/reporthandling/apis"
+	"github.com/kubescape/opa-utils/reporthandling/results/v1/resourcesresults"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
 )
 
 // K8SResources map[<api group>/<api version>/<resource>][]<resourceID>
 type K8SResources map[string][]string
-type ArmoResources map[string][]string
+type KSResources map[string][]string
 
 type OPASessionObj struct {
 	K8SResources          *K8SResources                          // input k8s objects
-	ArmoResource          *ArmoResources                         // input ARMO objects
+	ArmoResource          *KSResources                           // input ARMO objects
 	Policies              []reporthandling.Framework             // list of frameworks to scan
 	AllResources          map[string]workloadinterface.IMetadata // all scanned resources, map[<rtesource ID>]<resource>
 	ResourcesResult       map[string]resourcesresults.Result     // resources scan results, map[<rtesource ID>]<resource result>
 	ResourceSource        map[string]reporthandling.Source       // resources sources, map[<rtesource ID>]<resource result>
-	PostureReport         *reporthandling.PostureReport          // scan results v1 - Remove
 	Report                *reporthandlingv2.PostureReport        // scan results v2 - Remove
 	Exceptions            []armotypes.PostureExceptionPolicy     // list of exceptions to apply on scan results
 	RegoInputData         RegoInputData                          // input passed to rgo for scanning. map[<control name>][<input arguments>]
@@ -41,11 +40,7 @@ func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SRe
 		ResourceToControlsMap: make(map[string][]string),
 		ResourceSource:        make(map[string]reporthandling.Source),
 		SessionID:             scanInfo.ScanID,
-		PostureReport: &reporthandling.PostureReport{
-			ClusterName:  ClusterName,
-			CustomerGUID: CustomerGUID,
-		},
-		Metadata: scanInfoToScanMetadata(scanInfo),
+		Metadata:              scanInfoToScanMetadata(scanInfo),
 	}
 }
 
@@ -56,11 +51,10 @@ func NewOPASessionObjMock() *OPASessionObj {
 		AllResources:    make(map[string]workloadinterface.IMetadata),
 		ResourcesResult: make(map[string]resourcesresults.Result),
 		Report:          &reporthandlingv2.PostureReport{},
-		PostureReport: &reporthandling.PostureReport{
-			ClusterName:  "",
-			CustomerGUID: "",
-			ReportID:     "",
-			JobID:        "",
+		Metadata: &reporthandlingv2.Metadata{
+			ScanMetadata: reporthandlingv2.ScanMetadata{
+				ScanningTarget: 0,
+			},
 		},
 	}
 }

core/cautils/datastructuresmethods.go

@@ -3,8 +3,8 @@ package cautils
 import (
 	"golang.org/x/mod/semver"
 
-	"github.com/armosec/opa-utils/reporthandling"
 	"github.com/armosec/utils-go/boolutils"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 func NewPolicies() *Policies {
@@ -22,7 +22,7 @@ func (policies *Policies) Set(frameworks []reporthandling.Framework, version str
 		for j := range frameworks[i].Controls {
 			compatibleRules := []reporthandling.PolicyRule{}
 			for r := range frameworks[i].Controls[j].Rules {
-				if !ruleWithArmoOpaDependency(frameworks[i].Controls[j].Rules[r].Attributes) && isRuleKubescapeVersionCompatible(frameworks[i].Controls[j].Rules[r].Attributes, version) {
+				if !ruleWithKSOpaDependency(frameworks[i].Controls[j].Rules[r].Attributes) && isRuleKubescapeVersionCompatible(frameworks[i].Controls[j].Rules[r].Attributes, version) {
 					compatibleRules = append(compatibleRules, frameworks[i].Controls[j].Rules[r])
 				}
 			}
@@ -35,7 +35,7 @@ func (policies *Policies) Set(frameworks []reporthandling.Framework, version str
 	}
 }
 
-func ruleWithArmoOpaDependency(attributes map[string]interface{}) bool {
+func ruleWithKSOpaDependency(attributes map[string]interface{}) bool {
 	if attributes == nil {
 		return false
 	}

core/cautils/environments.go

@@ -1,6 +1,6 @@
 package cautils
 
-// CA environment vars
+// Kubescape Cloud environment vars
 var (
 	CustomerGUID = ""
 	ClusterName  = ""

core/cautils/fileutils.go

@@ -8,12 +8,13 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/armosec/k8s-interface/workloadinterface"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/opa-utils/objectsenvelopes"
+	"github.com/kubescape/opa-utils/objectsenvelopes/localworkload"
 
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/objectsenvelopes"
-	"github.com/armosec/opa-utils/objectsenvelopes/localworkload"
 	"gopkg.in/yaml.v2"
 )
 
@@ -29,8 +30,8 @@ const (
 	JSON_FILE_FORMAT FileFormat = "json"
 )
 
-// LoadResourcesFromHelmCharts scans a given path (recuresively) for helm charts, renders the templates and returns a list of workloads
-func LoadResourcesFromHelmCharts(basePath string) map[string][]workloadinterface.IMetadata {
+// LoadResourcesFromHelmCharts scans a given path (recuresively) for helm charts, renders the templates and returns a map of workloads and a map of chart names
+func LoadResourcesFromHelmCharts(basePath string) (map[string][]workloadinterface.IMetadata, map[string]string) {
 	directories, _ := listDirs(basePath)
 	helmDirectories := make([]string, 0)
 	for _, dir := range directories {
@@ -39,7 +40,8 @@ func LoadResourcesFromHelmCharts(basePath string) map[string][]workloadinterface
 		}
 	}
 
-	result := map[string][]workloadinterface.IMetadata{}
+	sourceToWorkloads := map[string][]workloadinterface.IMetadata{}
+	sourceToChartName := map[string]string{}
 	for _, helmDir := range helmDirectories {
 		chart, err := NewHelmChart(helmDir)
 		if err == nil {
@@ -49,12 +51,14 @@ func LoadResourcesFromHelmCharts(basePath string) map[string][]workloadinterface
 				continue
 			}
 
+			chartName := chart.GetName()
 			for k, v := range wls {
-				result[k] = v
+				sourceToWorkloads[k] = v
+				sourceToChartName[k] = chartName
 			}
 		}
 	}
-	return result
+	return sourceToWorkloads, sourceToChartName
 }
 
 func LoadResourcesFromFiles(input, rootPath string) map[string][]workloadinterface.IMetadata {

core/cautils/fileutils_test.go

@@ -6,18 +6,18 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/armosec/opa-utils/objectsenvelopes/localworkload"
+	"github.com/kubescape/opa-utils/objectsenvelopes/localworkload"
 	"github.com/stretchr/testify/assert"
 )
 
 func onlineBoutiquePath() string {
 	o, _ := os.Getwd()
-	return filepath.Join(filepath.Dir(o), "../examples/online-boutique/*")
+	return filepath.Join(filepath.Dir(o), "..", "examples", "online-boutique")
 }
 
 func helmChartPath() string {
 	o, _ := os.Getwd()
-	return filepath.Join(filepath.Dir(o), "../examples/helm_chart/*")
+	return filepath.Join(filepath.Dir(o), "..", "examples", "helm_chart")
 }
 
 func TestListFiles(t *testing.T) {
@@ -44,7 +44,7 @@ func TestLoadResourcesFromFiles(t *testing.T) {
 }
 
 func TestLoadResourcesFromHelmCharts(t *testing.T) {
-	sourceToWorkloads := LoadResourcesFromHelmCharts(helmChartPath())
+	sourceToWorkloads, sourceToChartName := LoadResourcesFromHelmCharts(helmChartPath())
 	assert.Equal(t, 6, len(sourceToWorkloads))
 
 	for file, workloads := range sourceToWorkloads {
@@ -52,6 +52,7 @@ func TestLoadResourcesFromHelmCharts(t *testing.T) {
 
 		w := workloads[0]
 		assert.True(t, localworkload.IsTypeLocalWorkload(w.GetObject()), "Expected localworkload as object type")
+		assert.Equal(t, "kubescape", sourceToChartName[file])
 
 		switch filepath.Base(file) {
 		case "serviceaccount.yaml":
@@ -79,10 +80,10 @@ func TestLoadFiles(t *testing.T) {
 }
 
 func TestListDirs(t *testing.T) {
-	dirs, _ := listDirs(strings.Replace(onlineBoutiquePath(), "*", "adservice.yaml", 1))
+	dirs, _ := listDirs(filepath.Join(onlineBoutiquePath(), "adservice.yaml"))
 	assert.Equal(t, 0, len(dirs))
 
-	expectedDirs := []string{"examples/helm_chart", "examples/helm_chart/templates"}
+	expectedDirs := []string{filepath.Join("examples", "helm_chart"), filepath.Join("examples", "helm_chart", "templates")}
 	dirs, _ = listDirs(helmChartPath())
 	assert.Equal(t, len(expectedDirs), len(dirs))
 	for i := range expectedDirs {
@@ -91,7 +92,7 @@ func TestListDirs(t *testing.T) {
 }
 
 func TestLoadFile(t *testing.T) {
-	files, _ := listFiles(strings.Replace(onlineBoutiquePath(), "*", "adservice.yaml", 1))
+	files, _ := listFiles(filepath.Join(onlineBoutiquePath(), "adservice.yaml"))
 	assert.Equal(t, 1, len(files))
 
 	_, err := loadFile(files[0])

core/cautils/getter/armoapi.go

@@ -1,371 +0,0 @@
-package getter
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"strings"
-	"time"
-
-	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/reporthandling"
-)
-
-// =======================================================================================================================
-// =============================================== ArmoAPI ===============================================================
-// =======================================================================================================================
-
-var (
-	// ATTENTION!!!
-	// Changes in this URLs variable names, or in the usage is affecting the build process! BE CAREFUL
-	armoERURL   = "report.armo.cloud"
-	armoBEURL   = "api.armo.cloud"
-	armoFEURL   = "portal.armo.cloud"
-	armoAUTHURL = "auth.armo.cloud"
-
-	armoStageERURL   = "report-ks.eustage2.cyberarmorsoft.com"
-	armoStageBEURL   = "api-stage.armo.cloud"
-	armoStageFEURL   = "armoui.eustage2.cyberarmorsoft.com"
-	armoStageAUTHURL = "eggauth.eustage2.cyberarmorsoft.com"
-
-	armoDevERURL   = "report.eudev3.cyberarmorsoft.com"
-	armoDevBEURL   = "api-dev.armo.cloud"
-	armoDevFEURL   = "cloud-dev.armosec.io"
-	armoDevAUTHURL = "eggauth.eudev3.cyberarmorsoft.com"
-)
-
-// Armo API for downloading policies
-type ArmoAPI struct {
-	httpClient *http.Client
-	apiURL     string
-	authURL    string
-	erURL      string
-	feURL      string
-	accountID  string
-	clientID   string
-	secretKey  string
-	feToken    FeLoginResponse
-	authCookie string
-	loggedIn   bool
-}
-
-var globalArmoAPIConnector *ArmoAPI
-
-func SetARMOAPIConnector(armoAPI *ArmoAPI) {
-	logger.L().Debug("Armo URLs", helpers.String("api", armoAPI.apiURL), helpers.String("auth", armoAPI.authURL), helpers.String("report", armoAPI.erURL), helpers.String("UI", armoAPI.feURL))
-	globalArmoAPIConnector = armoAPI
-}
-
-func GetArmoAPIConnector() *ArmoAPI {
-	if globalArmoAPIConnector == nil {
-		// logger.L().Error("returning nil API connector")
-		SetARMOAPIConnector(NewARMOAPIProd())
-	}
-	return globalArmoAPIConnector
-}
-
-func NewARMOAPIDev() *ArmoAPI {
-	apiObj := newArmoAPI()
-
-	apiObj.apiURL = armoDevBEURL
-	apiObj.authURL = armoDevAUTHURL
-	apiObj.erURL = armoDevERURL
-	apiObj.feURL = armoDevFEURL
-
-	return apiObj
-}
-
-func NewARMOAPIProd() *ArmoAPI {
-	apiObj := newArmoAPI()
-
-	apiObj.apiURL = armoBEURL
-	apiObj.erURL = armoERURL
-	apiObj.feURL = armoFEURL
-	apiObj.authURL = armoAUTHURL
-
-	return apiObj
-}
-
-func NewARMOAPIStaging() *ArmoAPI {
-	apiObj := newArmoAPI()
-
-	apiObj.apiURL = armoStageBEURL
-	apiObj.erURL = armoStageERURL
-	apiObj.feURL = armoStageFEURL
-	apiObj.authURL = armoStageAUTHURL
-
-	return apiObj
-}
-
-func NewARMOAPICustomized(armoERURL, armoBEURL, armoFEURL, armoAUTHURL string) *ArmoAPI {
-	apiObj := newArmoAPI()
-
-	apiObj.erURL = armoERURL
-	apiObj.apiURL = armoBEURL
-	apiObj.feURL = armoFEURL
-	apiObj.authURL = armoAUTHURL
-
-	return apiObj
-}
-
-func newArmoAPI() *ArmoAPI {
-	return &ArmoAPI{
-		httpClient: &http.Client{Timeout: time.Duration(61) * time.Second},
-		loggedIn:   false,
-	}
-}
-
-func (armoAPI *ArmoAPI) Post(fullURL string, headers map[string]string, body []byte) (string, error) {
-	if headers == nil {
-		headers = make(map[string]string)
-	}
-	armoAPI.appendAuthHeaders(headers)
-	return HttpPost(armoAPI.httpClient, fullURL, headers, body)
-}
-
-func (armoAPI *ArmoAPI) Delete(fullURL string, headers map[string]string) (string, error) {
-	if headers == nil {
-		headers = make(map[string]string)
-	}
-	armoAPI.appendAuthHeaders(headers)
-	return HttpDelete(armoAPI.httpClient, fullURL, headers)
-}
-func (armoAPI *ArmoAPI) Get(fullURL string, headers map[string]string) (string, error) {
-	if headers == nil {
-		headers = make(map[string]string)
-	}
-	armoAPI.appendAuthHeaders(headers)
-	return HttpGetter(armoAPI.httpClient, fullURL, headers)
-}
-
-func (armoAPI *ArmoAPI) GetAccountID() string          { return armoAPI.accountID }
-func (armoAPI *ArmoAPI) IsLoggedIn() bool              { return armoAPI.loggedIn }
-func (armoAPI *ArmoAPI) GetClientID() string           { return armoAPI.clientID }
-func (armoAPI *ArmoAPI) GetSecretKey() string          { return armoAPI.secretKey }
-func (armoAPI *ArmoAPI) GetFrontendURL() string        { return armoAPI.feURL }
-func (armoAPI *ArmoAPI) GetApiURL() string             { return armoAPI.apiURL }
-func (armoAPI *ArmoAPI) GetAuthURL() string            { return armoAPI.authURL }
-func (armoAPI *ArmoAPI) GetReportReceiverURL() string  { return armoAPI.erURL }
-func (armoAPI *ArmoAPI) SetAccountID(accountID string) { armoAPI.accountID = accountID }
-func (armoAPI *ArmoAPI) SetClientID(clientID string)   { armoAPI.clientID = clientID }
-func (armoAPI *ArmoAPI) SetSecretKey(secretKey string) { armoAPI.secretKey = secretKey }
-
-func (armoAPI *ArmoAPI) GetFramework(name string) (*reporthandling.Framework, error) {
-	respStr, err := armoAPI.Get(armoAPI.getFrameworkURL(name), nil)
-	if err != nil {
-		return nil, nil
-	}
-
-	framework := &reporthandling.Framework{}
-	if err = JSONDecoder(respStr).Decode(framework); err != nil {
-		return nil, err
-	}
-
-	return framework, err
-}
-
-func (armoAPI *ArmoAPI) GetFrameworks() ([]reporthandling.Framework, error) {
-	respStr, err := armoAPI.Get(armoAPI.getListFrameworkURL(), nil)
-	if err != nil {
-		return nil, nil
-	}
-
-	frameworks := []reporthandling.Framework{}
-	if err = JSONDecoder(respStr).Decode(&frameworks); err != nil {
-		return nil, err
-	}
-	// SaveInFile(framework, GetDefaultPath(name+".json"))
-
-	return frameworks, err
-}
-
-func (armoAPI *ArmoAPI) GetControl(policyName string) (*reporthandling.Control, error) {
-	return nil, fmt.Errorf("control api is not public")
-}
-
-func (armoAPI *ArmoAPI) GetExceptions(clusterName string) ([]armotypes.PostureExceptionPolicy, error) {
-	exceptions := []armotypes.PostureExceptionPolicy{}
-
-	respStr, err := armoAPI.Get(armoAPI.getExceptionsURL(clusterName), nil)
-	if err != nil {
-		return nil, err
-	}
-
-	if err = JSONDecoder(respStr).Decode(&exceptions); err != nil {
-		return nil, err
-	}
-
-	return exceptions, nil
-}
-
-func (armoAPI *ArmoAPI) GetTenant() (*TenantResponse, error) {
-	url := armoAPI.getAccountURL()
-	if armoAPI.accountID != "" {
-		url = fmt.Sprintf("%s?customerGUID=%s", url, armoAPI.accountID)
-	}
-	respStr, err := armoAPI.Get(url, nil)
-	if err != nil {
-		return nil, err
-	}
-	tenant := &TenantResponse{}
-	if err = JSONDecoder(respStr).Decode(tenant); err != nil {
-		return nil, err
-	}
-	if tenant.TenantID != "" {
-		armoAPI.accountID = tenant.TenantID
-	}
-	return tenant, nil
-}
-
-// ControlsInputs  // map[<control name>][<input arguments>]
-func (armoAPI *ArmoAPI) GetAccountConfig(clusterName string) (*armotypes.CustomerConfig, error) {
-	accountConfig := &armotypes.CustomerConfig{}
-	if armoAPI.accountID == "" {
-		return accountConfig, nil
-	}
-	respStr, err := armoAPI.Get(armoAPI.getAccountConfig(clusterName), nil)
-	if err != nil {
-		return nil, err
-	}
-
-	if err = JSONDecoder(respStr).Decode(&accountConfig); err != nil {
-		// try with default scope
-		respStr, err = armoAPI.Get(armoAPI.getAccountConfigDefault(clusterName), nil)
-		if err != nil {
-			return nil, err
-		}
-		if err = JSONDecoder(respStr).Decode(&accountConfig); err != nil {
-			return nil, err
-		}
-	}
-
-	return accountConfig, nil
-}
-
-// ControlsInputs  // map[<control name>][<input arguments>]
-func (armoAPI *ArmoAPI) GetControlsInputs(clusterName string) (map[string][]string, error) {
-	accountConfig, err := armoAPI.GetAccountConfig(clusterName)
-	if err == nil {
-		return accountConfig.Settings.PostureControlInputs, nil
-	}
-	return nil, err
-}
-
-func (armoAPI *ArmoAPI) ListCustomFrameworks() ([]string, error) {
-	respStr, err := armoAPI.Get(armoAPI.getListFrameworkURL(), nil)
-	if err != nil {
-		return nil, err
-	}
-	frs := []reporthandling.Framework{}
-	if err = json.Unmarshal([]byte(respStr), &frs); err != nil {
-		return nil, err
-	}
-
-	frameworkList := []string{}
-	for _, fr := range frs {
-		if !isNativeFramework(fr.Name) {
-			frameworkList = append(frameworkList, fr.Name)
-		}
-	}
-
-	return frameworkList, nil
-}
-
-func (armoAPI *ArmoAPI) ListFrameworks() ([]string, error) {
-	respStr, err := armoAPI.Get(armoAPI.getListFrameworkURL(), nil)
-	if err != nil {
-		return nil, err
-	}
-	frs := []reporthandling.Framework{}
-	if err = json.Unmarshal([]byte(respStr), &frs); err != nil {
-		return nil, err
-	}
-
-	frameworkList := []string{}
-	for _, fr := range frs {
-		if isNativeFramework(fr.Name) {
-			frameworkList = append(frameworkList, strings.ToLower(fr.Name))
-		} else {
-			frameworkList = append(frameworkList, fr.Name)
-		}
-	}
-
-	return frameworkList, nil
-}
-
-func (armoAPI *ArmoAPI) ListControls(l ListType) ([]string, error) {
-	return nil, fmt.Errorf("control api is not public")
-}
-
-func (armoAPI *ArmoAPI) PostExceptions(exceptions []armotypes.PostureExceptionPolicy) error {
-
-	for i := range exceptions {
-		ex, err := json.Marshal(exceptions[i])
-		if err != nil {
-			return err
-		}
-		_, err = armoAPI.Post(armoAPI.exceptionsURL(""), map[string]string{"Content-Type": "application/json"}, ex)
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (armoAPI *ArmoAPI) DeleteException(exceptionName string) error {
-
-	_, err := armoAPI.Delete(armoAPI.exceptionsURL(exceptionName), nil)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-func (armoAPI *ArmoAPI) Login() error {
-	if armoAPI.accountID == "" {
-		return fmt.Errorf("failed to login, missing accountID")
-	}
-	if armoAPI.clientID == "" {
-		return fmt.Errorf("failed to login, missing clientID")
-	}
-	if armoAPI.secretKey == "" {
-		return fmt.Errorf("failed to login, missing secretKey")
-	}
-
-	// init URLs
-	feLoginData := FeLoginData{ClientId: armoAPI.clientID, Secret: armoAPI.secretKey}
-	body, _ := json.Marshal(feLoginData)
-
-	resp, err := http.Post(armoAPI.getApiToken(), "application/json", bytes.NewBuffer(body))
-	if err != nil {
-		return err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusOK {
-		return fmt.Errorf("error authenticating: %d", resp.StatusCode)
-	}
-
-	responseBody, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		return err
-	}
-	var feLoginResponse FeLoginResponse
-
-	if err = json.Unmarshal(responseBody, &feLoginResponse); err != nil {
-		return err
-	}
-	armoAPI.feToken = feLoginResponse
-
-	/* Now we have JWT */
-
-	armoAPI.authCookie, err = armoAPI.getAuthCookie()
-	if err != nil {
-		return err
-	}
-	armoAPI.loggedIn = true
-	return nil
-}

core/cautils/getter/datastructures.go

@@ -12,7 +12,7 @@ type FeLoginResponse struct {
 	Expires      string `json:"expires"`
 }
 
-type ArmoSelectCustomer struct {
+type KSCloudSelectCustomer struct {
 	SelectedCustomerGuid string `json:"selectedCustomer"`
 }
 

core/cautils/getter/downloadreleasedpolicy.go

@@ -3,8 +3,8 @@ package getter
 import (
 	"strings"
 
-	"github.com/armosec/opa-utils/gitregostore"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/gitregostore"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 // =======================================================================================================================

core/cautils/getter/getpolicies.go

@@ -2,7 +2,7 @@ package getter
 
 import (
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 // supported listing

core/cautils/getter/kscloudapi.go

@@ -0,0 +1,363 @@
+package getter
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/armosec/armoapi-go/armotypes"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/opa-utils/reporthandling"
+)
+
+var (
+	ksCloudERURL   = "report.armo.cloud"
+	ksCloudBEURL   = "api.armosec.io"
+	ksCloudFEURL   = "cloud.armosec.io"
+	ksCloudAUTHURL = "auth.armosec.io"
+
+	ksCloudStageERURL   = "report-ks.eustage2.cyberarmorsoft.com"
+	ksCloudStageBEURL   = "api-stage.armosec.io"
+	ksCloudStageFEURL   = "armoui-stage.armosec.io"
+	ksCloudStageAUTHURL = "eggauth-stage.armosec.io"
+
+	ksCloudDevERURL   = "report.eudev3.cyberarmorsoft.com"
+	ksCloudDevBEURL   = "api-dev.armosec.io"
+	ksCloudDevFEURL   = "cloud-dev.armosec.io"
+	ksCloudDevAUTHURL = "eggauth-dev.armosec.io"
+)
+
+// KSCloudAPI allows accessing the API of the Kubescape Cloud offering
+type KSCloudAPI struct {
+	httpClient *http.Client
+	apiURL     string
+	authURL    string
+	erURL      string
+	feURL      string
+	accountID  string
+	clientID   string
+	secretKey  string
+	feToken    FeLoginResponse
+	authCookie string
+	loggedIn   bool
+}
+
+var globalKSCloudAPIConnector *KSCloudAPI
+
+func SetKSCloudAPIConnector(ksCloudAPI *KSCloudAPI) {
+	logger.L().Debug("Kubescape Cloud URLs", helpers.String("api", ksCloudAPI.apiURL), helpers.String("auth", ksCloudAPI.authURL), helpers.String("report", ksCloudAPI.erURL), helpers.String("UI", ksCloudAPI.feURL))
+	globalKSCloudAPIConnector = ksCloudAPI
+}
+
+func GetKSCloudAPIConnector() *KSCloudAPI {
+	if globalKSCloudAPIConnector == nil {
+		SetKSCloudAPIConnector(NewKSCloudAPIProd())
+	}
+	return globalKSCloudAPIConnector
+}
+
+func NewKSCloudAPIDev() *KSCloudAPI {
+	apiObj := newKSCloudAPI()
+
+	apiObj.apiURL = ksCloudDevBEURL
+	apiObj.authURL = ksCloudDevAUTHURL
+	apiObj.erURL = ksCloudDevERURL
+	apiObj.feURL = ksCloudDevFEURL
+
+	return apiObj
+}
+
+func NewKSCloudAPIProd() *KSCloudAPI {
+	apiObj := newKSCloudAPI()
+
+	apiObj.apiURL = ksCloudBEURL
+	apiObj.erURL = ksCloudERURL
+	apiObj.feURL = ksCloudFEURL
+	apiObj.authURL = ksCloudAUTHURL
+
+	return apiObj
+}
+
+func NewKSCloudAPIStaging() *KSCloudAPI {
+	apiObj := newKSCloudAPI()
+
+	apiObj.apiURL = ksCloudStageBEURL
+	apiObj.erURL = ksCloudStageERURL
+	apiObj.feURL = ksCloudStageFEURL
+	apiObj.authURL = ksCloudStageAUTHURL
+
+	return apiObj
+}
+
+func NewKSCloudAPICustomized(ksCloudERURL, ksCloudBEURL, ksCloudFEURL, ksCloudAUTHURL string) *KSCloudAPI {
+	apiObj := newKSCloudAPI()
+
+	apiObj.erURL = ksCloudERURL
+	apiObj.apiURL = ksCloudBEURL
+	apiObj.feURL = ksCloudFEURL
+	apiObj.authURL = ksCloudAUTHURL
+
+	return apiObj
+}
+
+func newKSCloudAPI() *KSCloudAPI {
+	return &KSCloudAPI{
+		httpClient: &http.Client{Timeout: time.Duration(61) * time.Second},
+		loggedIn:   false,
+	}
+}
+
+func (api *KSCloudAPI) Post(fullURL string, headers map[string]string, body []byte) (string, error) {
+	if headers == nil {
+		headers = make(map[string]string)
+	}
+	api.appendAuthHeaders(headers)
+	return HttpPost(api.httpClient, fullURL, headers, body)
+}
+
+func (api *KSCloudAPI) Delete(fullURL string, headers map[string]string) (string, error) {
+	if headers == nil {
+		headers = make(map[string]string)
+	}
+	api.appendAuthHeaders(headers)
+	return HttpDelete(api.httpClient, fullURL, headers)
+}
+func (api *KSCloudAPI) Get(fullURL string, headers map[string]string) (string, error) {
+	if headers == nil {
+		headers = make(map[string]string)
+	}
+	api.appendAuthHeaders(headers)
+	return HttpGetter(api.httpClient, fullURL, headers)
+}
+
+func (api *KSCloudAPI) GetAccountID() string          { return api.accountID }
+func (api *KSCloudAPI) IsLoggedIn() bool              { return api.loggedIn }
+func (api *KSCloudAPI) GetClientID() string           { return api.clientID }
+func (api *KSCloudAPI) GetSecretKey() string          { return api.secretKey }
+func (api *KSCloudAPI) GetFrontendURL() string        { return api.feURL }
+func (api *KSCloudAPI) GetApiURL() string             { return api.apiURL }
+func (api *KSCloudAPI) GetAuthURL() string            { return api.authURL }
+func (api *KSCloudAPI) GetReportReceiverURL() string  { return api.erURL }
+func (api *KSCloudAPI) SetAccountID(accountID string) { api.accountID = accountID }
+func (api *KSCloudAPI) SetClientID(clientID string)   { api.clientID = clientID }
+func (api *KSCloudAPI) SetSecretKey(secretKey string) { api.secretKey = secretKey }
+
+func (api *KSCloudAPI) GetFramework(name string) (*reporthandling.Framework, error) {
+	respStr, err := api.Get(api.getFrameworkURL(name), nil)
+	if err != nil {
+		return nil, nil
+	}
+
+	framework := &reporthandling.Framework{}
+	if err = JSONDecoder(respStr).Decode(framework); err != nil {
+		return nil, err
+	}
+
+	return framework, err
+}
+
+func (api *KSCloudAPI) GetFrameworks() ([]reporthandling.Framework, error) {
+	respStr, err := api.Get(api.getListFrameworkURL(), nil)
+	if err != nil {
+		return nil, nil
+	}
+
+	frameworks := []reporthandling.Framework{}
+	if err = JSONDecoder(respStr).Decode(&frameworks); err != nil {
+		return nil, err
+	}
+
+	return frameworks, err
+}
+
+func (api *KSCloudAPI) GetControl(policyName string) (*reporthandling.Control, error) {
+	return nil, fmt.Errorf("control api is not public")
+}
+
+func (api *KSCloudAPI) GetExceptions(clusterName string) ([]armotypes.PostureExceptionPolicy, error) {
+	exceptions := []armotypes.PostureExceptionPolicy{}
+
+	respStr, err := api.Get(api.getExceptionsURL(clusterName), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	if err = JSONDecoder(respStr).Decode(&exceptions); err != nil {
+		return nil, err
+	}
+
+	return exceptions, nil
+}
+
+func (api *KSCloudAPI) GetTenant() (*TenantResponse, error) {
+	url := api.getAccountURL()
+	if api.accountID != "" {
+		url = fmt.Sprintf("%s?customerGUID=%s", url, api.accountID)
+	}
+	respStr, err := api.Get(url, nil)
+	if err != nil {
+		return nil, err
+	}
+	tenant := &TenantResponse{}
+	if err = JSONDecoder(respStr).Decode(tenant); err != nil {
+		return nil, err
+	}
+	if tenant.TenantID != "" {
+		api.accountID = tenant.TenantID
+	}
+	return tenant, nil
+}
+
+// ControlsInputs  // map[<control name>][<input arguments>]
+func (api *KSCloudAPI) GetAccountConfig(clusterName string) (*armotypes.CustomerConfig, error) {
+	accountConfig := &armotypes.CustomerConfig{}
+	if api.accountID == "" {
+		return accountConfig, nil
+	}
+	respStr, err := api.Get(api.getAccountConfig(clusterName), nil)
+	if err != nil {
+		return nil, err
+	}
+
+	if err = JSONDecoder(respStr).Decode(&accountConfig); err != nil {
+		// try with default scope
+		respStr, err = api.Get(api.getAccountConfigDefault(clusterName), nil)
+		if err != nil {
+			return nil, err
+		}
+		if err = JSONDecoder(respStr).Decode(&accountConfig); err != nil {
+			return nil, err
+		}
+	}
+
+	return accountConfig, nil
+}
+
+// ControlsInputs  // map[<control name>][<input arguments>]
+func (api *KSCloudAPI) GetControlsInputs(clusterName string) (map[string][]string, error) {
+	accountConfig, err := api.GetAccountConfig(clusterName)
+	if err == nil {
+		return accountConfig.Settings.PostureControlInputs, nil
+	}
+	return nil, err
+}
+
+func (api *KSCloudAPI) ListCustomFrameworks() ([]string, error) {
+	respStr, err := api.Get(api.getListFrameworkURL(), nil)
+	if err != nil {
+		return nil, err
+	}
+	frs := []reporthandling.Framework{}
+	if err = json.Unmarshal([]byte(respStr), &frs); err != nil {
+		return nil, err
+	}
+
+	frameworkList := []string{}
+	for _, fr := range frs {
+		if !isNativeFramework(fr.Name) {
+			frameworkList = append(frameworkList, fr.Name)
+		}
+	}
+
+	return frameworkList, nil
+}
+
+func (api *KSCloudAPI) ListFrameworks() ([]string, error) {
+	respStr, err := api.Get(api.getListFrameworkURL(), nil)
+	if err != nil {
+		return nil, err
+	}
+	frs := []reporthandling.Framework{}
+	if err = json.Unmarshal([]byte(respStr), &frs); err != nil {
+		return nil, err
+	}
+
+	frameworkList := []string{}
+	for _, fr := range frs {
+		if isNativeFramework(fr.Name) {
+			frameworkList = append(frameworkList, strings.ToLower(fr.Name))
+		} else {
+			frameworkList = append(frameworkList, fr.Name)
+		}
+	}
+
+	return frameworkList, nil
+}
+
+func (api *KSCloudAPI) ListControls(l ListType) ([]string, error) {
+	return nil, fmt.Errorf("control api is not public")
+}
+
+func (api *KSCloudAPI) PostExceptions(exceptions []armotypes.PostureExceptionPolicy) error {
+
+	for i := range exceptions {
+		ex, err := json.Marshal(exceptions[i])
+		if err != nil {
+			return err
+		}
+		_, err = api.Post(api.exceptionsURL(""), map[string]string{"Content-Type": "application/json"}, ex)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func (api *KSCloudAPI) DeleteException(exceptionName string) error {
+
+	_, err := api.Delete(api.exceptionsURL(exceptionName), nil)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+func (api *KSCloudAPI) Login() error {
+	if api.accountID == "" {
+		return fmt.Errorf("failed to login, missing accountID")
+	}
+	if api.clientID == "" {
+		return fmt.Errorf("failed to login, missing clientID")
+	}
+	if api.secretKey == "" {
+		return fmt.Errorf("failed to login, missing secretKey")
+	}
+
+	// init URLs
+	feLoginData := FeLoginData{ClientId: api.clientID, Secret: api.secretKey}
+	body, _ := json.Marshal(feLoginData)
+
+	resp, err := http.Post(api.getApiToken(), "application/json", bytes.NewBuffer(body))
+	if err != nil {
+		return err
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return fmt.Errorf("error authenticating: %d", resp.StatusCode)
+	}
+
+	responseBody, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return err
+	}
+	var feLoginResponse FeLoginResponse
+
+	if err = json.Unmarshal(responseBody, &feLoginResponse); err != nil {
+		return err
+	}
+	api.feToken = feLoginResponse
+
+	/* Now we have JWT */
+
+	api.authCookie, err = api.getAuthCookie()
+	if err != nil {
+		return err
+	}
+	api.loggedIn = true
+	return nil
+}

core/cautils/getter/kscloudapiutils.go

@@ -11,12 +11,12 @@ import (
 
 var NativeFrameworks = []string{"nsa", "mitre", "armobest", "devopsbest"}
 
-func (armoAPI *ArmoAPI) getFrameworkURL(frameworkName string) string {
+func (api *KSCloudAPI) getFrameworkURL(frameworkName string) string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/armoFrameworks"
 	q := u.Query()
-	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
+	q.Add("customerGUID", api.getCustomerGUIDFallBack())
 	if isNativeFramework(frameworkName) {
 		q.Add("frameworkName", strings.ToUpper(frameworkName))
 	} else {
@@ -28,23 +28,23 @@ func (armoAPI *ArmoAPI) getFrameworkURL(frameworkName string) string {
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) getListFrameworkURL() string {
+func (api *KSCloudAPI) getListFrameworkURL() string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/armoFrameworks"
 	q := u.Query()
-	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
+	q.Add("customerGUID", api.getCustomerGUIDFallBack())
 	u.RawQuery = q.Encode()
 
 	return u.String()
 }
-func (armoAPI *ArmoAPI) getExceptionsURL(clusterName string) string {
+func (api *KSCloudAPI) getExceptionsURL(clusterName string) string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/armoPostureExceptions"
 
 	q := u.Query()
-	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
+	q.Add("customerGUID", api.getCustomerGUIDFallBack())
 	// if clusterName != "" { // TODO - fix customer name support in Armo BE
 	// 	q.Add("clusterName", clusterName)
 	// }
@@ -53,13 +53,13 @@ func (armoAPI *ArmoAPI) getExceptionsURL(clusterName string) string {
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) exceptionsURL(exceptionsPolicyName string) string {
+func (api *KSCloudAPI) exceptionsURL(exceptionsPolicyName string) string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/postureExceptionPolicy"
 
 	q := u.Query()
-	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
+	q.Add("customerGUID", api.getCustomerGUIDFallBack())
 	if exceptionsPolicyName != "" { // for delete
 		q.Add("policyName", exceptionsPolicyName)
 	}
@@ -69,19 +69,19 @@ func (armoAPI *ArmoAPI) exceptionsURL(exceptionsPolicyName string) string {
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) getAccountConfigDefault(clusterName string) string {
-	config := armoAPI.getAccountConfig(clusterName)
+func (api *KSCloudAPI) getAccountConfigDefault(clusterName string) string {
+	config := api.getAccountConfig(clusterName)
 	url := config + "&scope=customer"
 	return url
 }
 
-func (armoAPI *ArmoAPI) getAccountConfig(clusterName string) string {
+func (api *KSCloudAPI) getAccountConfig(clusterName string) string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/armoCustomerConfiguration"
 
 	q := u.Query()
-	q.Add("customerGUID", armoAPI.getCustomerGUIDFallBack())
+	q.Add("customerGUID", api.getCustomerGUIDFallBack())
 	if clusterName != "" { // TODO - fix customer name support in Armo BE
 		q.Add("clusterName", clusterName)
 	}
@@ -90,49 +90,49 @@ func (armoAPI *ArmoAPI) getAccountConfig(clusterName string) string {
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) getAccountURL() string {
+func (api *KSCloudAPI) getAccountURL() string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/createTenant"
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) getApiToken() string {
+func (api *KSCloudAPI) getApiToken() string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetAuthURL())
+	u.Scheme, u.Host = parseHost(api.GetAuthURL())
 	u.Path = "identity/resources/auth/v1/api-token"
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) getOpenidCustomers() string {
+func (api *KSCloudAPI) getOpenidCustomers() string {
 	u := url.URL{}
-	u.Scheme, u.Host = parseHost(armoAPI.GetApiURL())
+	u.Scheme, u.Host = parseHost(api.GetApiURL())
 	u.Path = "api/v1/openid_customers"
 	return u.String()
 }
 
-func (armoAPI *ArmoAPI) getAuthCookie() (string, error) {
-	selectCustomer := ArmoSelectCustomer{SelectedCustomerGuid: armoAPI.accountID}
+func (api *KSCloudAPI) getAuthCookie() (string, error) {
+	selectCustomer := KSCloudSelectCustomer{SelectedCustomerGuid: api.accountID}
 	requestBody, _ := json.Marshal(selectCustomer)
 	client := &http.Client{}
-	httpRequest, err := http.NewRequest(http.MethodPost, armoAPI.getOpenidCustomers(), bytes.NewBuffer(requestBody))
+	httpRequest, err := http.NewRequest(http.MethodPost, api.getOpenidCustomers(), bytes.NewBuffer(requestBody))
 	if err != nil {
 		return "", err
 	}
 	httpRequest.Header.Set("Content-Type", "application/json")
-	httpRequest.Header.Set("Authorization", fmt.Sprintf("Bearer %s", armoAPI.feToken.Token))
+	httpRequest.Header.Set("Authorization", fmt.Sprintf("Bearer %s", api.feToken.Token))
 	httpResponse, err := client.Do(httpRequest)
 	if err != nil {
 		return "", err
 	}
 	defer httpResponse.Body.Close()
 	if httpResponse.StatusCode != http.StatusOK {
-		return "", fmt.Errorf("failed to get cookie from %s: status %d", armoAPI.getOpenidCustomers(), httpResponse.StatusCode)
+		return "", fmt.Errorf("failed to get cookie from %s: status %d", api.getOpenidCustomers(), httpResponse.StatusCode)
 	}
 
 	cookies := httpResponse.Header.Get("set-cookie")
 	if len(cookies) == 0 {
-		return "", fmt.Errorf("no cookie field in response from %s", armoAPI.getOpenidCustomers())
+		return "", fmt.Errorf("no cookie field in response from %s", api.getOpenidCustomers())
 	}
 
 	authCookie := ""
@@ -144,24 +144,24 @@ func (armoAPI *ArmoAPI) getAuthCookie() (string, error) {
 	}
 
 	if len(authCookie) == 0 {
-		return "", fmt.Errorf("no auth cookie field in response from %s", armoAPI.getOpenidCustomers())
+		return "", fmt.Errorf("no auth cookie field in response from %s", api.getOpenidCustomers())
 	}
 
 	return authCookie, nil
 }
-func (armoAPI *ArmoAPI) appendAuthHeaders(headers map[string]string) {
+func (api *KSCloudAPI) appendAuthHeaders(headers map[string]string) {
 
-	if armoAPI.feToken.Token != "" {
-		headers["Authorization"] = fmt.Sprintf("Bearer %s", armoAPI.feToken.Token)
+	if api.feToken.Token != "" {
+		headers["Authorization"] = fmt.Sprintf("Bearer %s", api.feToken.Token)
 	}
-	if armoAPI.authCookie != "" {
-		headers["Cookie"] = fmt.Sprintf("auth=%s", armoAPI.authCookie)
+	if api.authCookie != "" {
+		headers["Cookie"] = fmt.Sprintf("auth=%s", api.authCookie)
 	}
 }
 
-func (armoAPI *ArmoAPI) getCustomerGUIDFallBack() string {
-	if armoAPI.accountID != "" {
-		return armoAPI.accountID
+func (api *KSCloudAPI) getCustomerGUIDFallBack() string {
+	if api.accountID != "" {
+		return api.accountID
 	}
 	return "11111111-1111-1111-1111-111111111111"
 }

core/cautils/getter/loadpolicy.go

@@ -8,7 +8,7 @@ import (
 	"strings"
 
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 // =======================================================================================================================

core/cautils/helmchart.go

@@ -1,14 +1,14 @@
 package cautils
 
 import (
-	"os"
 	"path/filepath"
 	"strings"
 
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/objectsenvelopes/localworkload"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/objectsenvelopes/localworkload"
+
 	helmchart "helm.sh/helm/v3/pkg/chart"
 	helmloader "helm.sh/helm/v3/pkg/chart/loader"
 	helmchartutil "helm.sh/helm/v3/pkg/chartutil"
@@ -73,7 +73,11 @@ func (hc *HelmChart) GetWorkloads(values map[string]interface{}) (map[string][]w
 		if e != nil {
 			logger.L().Debug("failed to read rendered yaml file", helpers.String("file", path), helpers.Error(e))
 		}
-		if firstPathSeparatorIndex := strings.Index(path, string(os.PathSeparator)); firstPathSeparatorIndex != -1 {
+		if len(wls) == 0 {
+			continue
+		}
+		// separate base path and file name. We do not use the os.Separator because the paths returned from the helm engine are not OS specific (e.g. mychart/templates/myfile.yaml)
+		if firstPathSeparatorIndex := strings.Index(path, string("/")); firstPathSeparatorIndex != -1 {
 			absPath := filepath.Join(hc.path, path[firstPathSeparatorIndex:])
 
 			workloads[absPath] = []workloadinterface.IMetadata{}
@@ -83,7 +87,6 @@ func (hc *HelmChart) GetWorkloads(values map[string]interface{}) (map[string][]w
 				workloads[absPath] = append(workloads[absPath], lw)
 			}
 		}
-
 	}
 	return workloads, errs
 }

core/cautils/helmchart_test.go

@@ -9,7 +9,7 @@ import (
 	"strings"
 	"testing"
 
-	"github.com/armosec/opa-utils/objectsenvelopes/localworkload"
+	"github.com/kubescape/opa-utils/objectsenvelopes/localworkload"
 	"github.com/stretchr/testify/suite"
 )
 
@@ -27,19 +27,19 @@ func TestHelmChartTestSuite(t *testing.T) {
 func (s *HelmChartTestSuite) SetupSuite() {
 	o, _ := os.Getwd()
 
-	s.helmChartPath = filepath.Join(filepath.Dir(o), "../examples/helm_chart")
+	s.helmChartPath = filepath.Join(filepath.Dir(o), "..", "examples", "helm_chart")
 
 	s.expectedFiles = []string{
-		filepath.Join(s.helmChartPath, "templates/clusterrolebinding.yaml"),
-		filepath.Join(s.helmChartPath, "templates/clusterrole.yaml"),
-		filepath.Join(s.helmChartPath, "templates/serviceaccount.yaml"),
-		filepath.Join(s.helmChartPath, "templates/rolebinding.yaml"),
-		filepath.Join(s.helmChartPath, "templates/role.yaml"),
-		filepath.Join(s.helmChartPath, "templates/cronjob.yaml"),
+		filepath.Join(s.helmChartPath, "templates", "clusterrolebinding.yaml"),
+		filepath.Join(s.helmChartPath, "templates", "clusterrole.yaml"),
+		filepath.Join(s.helmChartPath, "templates", "serviceaccount.yaml"),
+		filepath.Join(s.helmChartPath, "templates", "rolebinding.yaml"),
+		filepath.Join(s.helmChartPath, "templates", "role.yaml"),
+		filepath.Join(s.helmChartPath, "templates", "cronjob.yaml"),
 	}
 
 	var obj interface{}
-	file, _ := ioutil.ReadFile("testdata/helm_expected_default_values.json")
+	file, _ := ioutil.ReadFile(filepath.Join("testdata", "helm_expected_default_values.json"))
 	_ = json.Unmarshal([]byte(file), &obj)
 	s.expectedDefaultValues = obj.(map[string]interface{})
 }

core/cautils/localgitrepository.go

@@ -4,26 +4,30 @@ import (
 	"fmt"
 	"path"
 	"strings"
+	"time"
 
 	"github.com/armosec/go-git-url/apis"
 	gitv5 "github.com/go-git/go-git/v5"
 	configv5 "github.com/go-git/go-git/v5/config"
 	plumbingv5 "github.com/go-git/go-git/v5/plumbing"
+	git2go "github.com/libgit2/git2go/v33"
 )
 
 type LocalGitRepository struct {
-	repo   *gitv5.Repository
-	head   *plumbingv5.Reference
-	config *configv5.Config
+	goGitRepo        *gitv5.Repository
+	git2GoRepo       *git2go.Repository
+	head             *plumbingv5.Reference
+	config           *configv5.Config
+	fileToLastCommit map[string]*git2go.Commit
 }
 
 func NewLocalGitRepository(path string) (*LocalGitRepository, error) {
-	gitRepo, err := gitv5.PlainOpenWithOptions(path, &gitv5.PlainOpenOptions{DetectDotGit: true})
+	goGitRepo, err := gitv5.PlainOpenWithOptions(path, &gitv5.PlainOpenOptions{DetectDotGit: true})
 	if err != nil {
 		return nil, err
 	}
 
-	head, err := gitRepo.Head()
+	head, err := goGitRepo.Head()
 	if err != nil {
 		return nil, err
 	}
@@ -32,16 +36,30 @@ func NewLocalGitRepository(path string) (*LocalGitRepository, error) {
 		return nil, fmt.Errorf("current HEAD reference is not a branch")
 	}
 
-	config, err := gitRepo.Config()
+	config, err := goGitRepo.Config()
 	if err != nil {
 		return nil, err
 	}
 
-	return &LocalGitRepository{
-		repo:   gitRepo,
-		head:   head,
-		config: config,
-	}, nil
+	if len(config.Remotes) == 0 {
+		return nil, fmt.Errorf("no remotes found")
+	}
+
+	l := &LocalGitRepository{
+		goGitRepo: goGitRepo,
+		head:      head,
+		config:    config,
+	}
+
+	if repoRoot, err := l.GetRootDir(); err == nil {
+		git2GoRepo, err := git2go.OpenRepository(repoRoot)
+		if err != nil {
+			return l, err
+		}
+		l.git2GoRepo = git2GoRepo
+	}
+
+	return l, nil
 }
 
 // GetBranchName get current branch name
@@ -80,20 +98,7 @@ func (g *LocalGitRepository) GetName() (string, error) {
 
 // GetLastCommit get latest commit object
 func (g *LocalGitRepository) GetLastCommit() (*apis.Commit, error) {
-	return g.GetFileLastCommit("")
-}
-
-// GetFileLastCommit get file latest commit object, if empty will return latest commit
-func (g *LocalGitRepository) GetFileLastCommit(filePath string) (*apis.Commit, error) {
-	// By default, returns commit information from current HEAD
-	logOptions := &gitv5.LogOptions{}
-
-	if filePath != "" {
-		logOptions.FileName = &filePath
-		logOptions.Order = gitv5.LogOrderCommitterTime // faster -> LogOrderDFSPost
-	}
-
-	cIter, err := g.repo.Log(logOptions)
+	cIter, err := g.goGitRepo.Log(&gitv5.LogOptions{})
 	if err != nil {
 		return nil, err
 	}
@@ -117,8 +122,122 @@ func (g *LocalGitRepository) GetFileLastCommit(filePath string) (*apis.Commit, e
 	}, nil
 }
 
+func (g *LocalGitRepository) getAllCommits() ([]*git2go.Commit, error) {
+	logItr, itrErr := g.git2GoRepo.Walk()
+	if itrErr != nil {
+
+		return nil, itrErr
+	}
+
+	pushErr := logItr.PushHead()
+	if pushErr != nil {
+		return nil, pushErr
+	}
+
+	var allCommits []*git2go.Commit
+	err := logItr.Iterate(func(commit *git2go.Commit) bool {
+		if commit != nil {
+			allCommits = append(allCommits, commit)
+			return true
+		}
+		return false
+	})
+
+	if err != nil {
+		return nil, err
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	return allCommits, nil
+}
+
+func (g *LocalGitRepository) GetFileLastCommit(filePath string) (*apis.Commit, error) {
+	if len(g.fileToLastCommit) == 0 {
+		filePathToCommitTime := map[string]time.Time{}
+		filePathToCommit := map[string]*git2go.Commit{}
+		allCommits, _ := g.getAllCommits()
+
+		// builds a map of all files to their last commit
+		for _, commit := range allCommits {
+			// Ignore merge commits (2+ parents)
+			if commit.ParentCount() <= 1 {
+				tree, err := commit.Tree()
+				if err != nil {
+					continue
+				}
+
+				// ParentCount can be either 1 or 0 (initial commit)
+				// In case it's the initial commit, prevTree is nil
+				var prevTree *git2go.Tree
+				if commit.ParentCount() == 1 {
+					prevCommit := commit.Parent(0)
+					prevTree, err = prevCommit.Tree()
+					if err != nil {
+						continue
+					}
+				}
+
+				diff, err := g.git2GoRepo.DiffTreeToTree(prevTree, tree, nil)
+				if err != nil {
+					continue
+				}
+
+				numDeltas, err := diff.NumDeltas()
+				if err != nil {
+					continue
+				}
+
+				for i := 0; i < numDeltas; i++ {
+					delta, err := diff.Delta(i)
+					if err != nil {
+						continue
+					}
+
+					deltaFilePath := delta.NewFile.Path
+					commitTime := commit.Author().When
+
+					// In case we have the commit information for the file which is not the latest - we override it
+					if currentCommitTime, exists := filePathToCommitTime[deltaFilePath]; exists {
+						if currentCommitTime.Before(commitTime) {
+							filePathToCommitTime[deltaFilePath] = commitTime
+							filePathToCommit[deltaFilePath] = commit
+						}
+					} else {
+						filePathToCommitTime[deltaFilePath] = commitTime
+						filePathToCommit[deltaFilePath] = commit
+					}
+				}
+			}
+		}
+		g.fileToLastCommit = filePathToCommit
+	}
+
+	if relevantCommit, exists := g.fileToLastCommit[filePath]; exists {
+		return g.getCommit(relevantCommit), nil
+	}
+
+	return nil, fmt.Errorf("failed to get commit information for file: %s", filePath)
+}
+
+func (g *LocalGitRepository) getCommit(commit *git2go.Commit) *apis.Commit {
+	return &apis.Commit{
+		SHA: commit.Id().String(),
+		Author: apis.Committer{
+			Name:  commit.Author().Name,
+			Email: commit.Author().Email,
+			Date:  commit.Author().When,
+		},
+		Message:   commit.Message(),
+		Committer: apis.Committer{},
+		Files:     []apis.Files{},
+	}
+}
+
 func (g *LocalGitRepository) GetRootDir() (string, error) {
-	wt, err := g.repo.Worktree()
+	wt, err := g.goGitRepo.Worktree()
 	if err != nil {
 		return "", fmt.Errorf("failed to get repo root")
 	}

core/cautils/localgitrepository_test.go

@@ -5,7 +5,6 @@ import (
 	"fmt"
 	"io"
 	"os"
-	"path"
 	"path/filepath"
 	"strings"
 	"testing"
@@ -13,11 +12,13 @@ import (
 	"github.com/stretchr/testify/suite"
 )
 
+var TEST_REPOS = [...]string{"localrepo", "withoutremotes"}
+
 type LocalGitRepositoryTestSuite struct {
 	suite.Suite
-	archive           *zip.ReadCloser
-	gitRepositoryPath string
-	destinationPath   string
+	archives           map[string]*zip.ReadCloser
+	gitRepositoryPaths map[string]string
+	destinationPath    string
 }
 
 func unzipFile(zipPath, destinationFolder string) (*zip.ReadCloser, error) {
@@ -62,17 +63,21 @@ func unzipFile(zipPath, destinationFolder string) (*zip.ReadCloser, error) {
 }
 
 func (s *LocalGitRepositoryTestSuite) SetupSuite() {
-	zippedFixturePath := path.Join(".", "testdata", "localrepo.git")
-	destinationPath := path.Join(".", "testdata", "temp")
-	gitRepositoryPath := path.Join(destinationPath, "localrepo")
+	s.archives = make(map[string]*zip.ReadCloser)
+	s.gitRepositoryPaths = make(map[string]string)
 
+	destinationPath := filepath.Join(".", "testdata", "temp")
+	s.destinationPath = destinationPath
 	os.RemoveAll(destinationPath)
-	archive, err := unzipFile(zippedFixturePath, destinationPath)
+	for _, repo := range TEST_REPOS {
+		zippedFixturePath := filepath.Join(".", "testdata", repo+".git")
+		gitRepositoryPath := filepath.Join(destinationPath, repo)
+		archive, err := unzipFile(zippedFixturePath, destinationPath)
 
-	if err == nil {
-		s.archive = archive
-		s.gitRepositoryPath = gitRepositoryPath
-		s.destinationPath = destinationPath
+		if err == nil {
+			s.archives[repo] = archive
+			s.gitRepositoryPaths[repo] = gitRepositoryPath
+		}
 	}
 }
 
@@ -81,9 +86,14 @@ func TestLocalGitRepositoryTestSuite(t *testing.T) {
 }
 
 func (s *LocalGitRepositoryTestSuite) TearDownSuite() {
-	if s.archive != nil {
-		s.archive.Close()
+	if s.archives != nil {
+		for _, archive := range s.archives {
+			if archive != nil {
+				archive.Close()
+			}
+		}
 	}
+
 	os.RemoveAll(s.destinationPath)
 }
 
@@ -93,14 +103,20 @@ func (s *LocalGitRepositoryTestSuite) TestInvalidRepositoryPath() {
 	}
 }
 
+func (s *LocalGitRepositoryTestSuite) TestRepositoryWithoutRemotes() {
+	if _, err := NewLocalGitRepository(s.gitRepositoryPaths["withoutremotes"]); s.Error(err) {
+		s.Equal("no remotes found", err.Error())
+	}
+}
+
 func (s *LocalGitRepositoryTestSuite) TestGetBranchName() {
-	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPath); s.NoError(err) {
+	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPaths["localrepo"]); s.NoError(err) {
 		s.Equal("master", localRepo.GetBranchName())
 	}
 }
 
 func (s *LocalGitRepositoryTestSuite) TestGetName() {
-	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPath); s.NoError(err) {
+	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPaths["localrepo"]); s.NoError(err) {
 		if name, err := localRepo.GetName(); s.NoError(err) {
 			s.Equal("localrepo", name)
 		}
@@ -109,7 +125,7 @@ func (s *LocalGitRepositoryTestSuite) TestGetName() {
 }
 
 func (s *LocalGitRepositoryTestSuite) TestGetOriginUrl() {
-	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPath); s.NoError(err) {
+	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPaths["localrepo"]); s.NoError(err) {
 		if url, err := localRepo.GetRemoteUrl(); s.NoError(err) {
 			s.Equal("git@github.com:testuser/localrepo", url)
 		}
@@ -117,7 +133,7 @@ func (s *LocalGitRepositoryTestSuite) TestGetOriginUrl() {
 }
 
 func (s *LocalGitRepositoryTestSuite) TestGetLastCommit() {
-	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPath); s.NoError(err) {
+	if localRepo, err := NewLocalGitRepository(s.gitRepositoryPaths["localrepo"]); s.NoError(err) {
 		if commit, err := localRepo.GetLastCommit(); s.NoError(err) {
 			s.Equal("7e09312b8017695fadcd606882e3779f10a5c832", commit.SHA)
 			s.Equal("Amir Malka", commit.Author.Name)
@@ -130,7 +146,8 @@ func (s *LocalGitRepositoryTestSuite) TestGetLastCommit() {
 
 func (s *LocalGitRepositoryTestSuite) TestGetFileLastCommit() {
 	s.Run("fileA", func() {
-		if localRepo, err := NewLocalGitRepository(s.gitRepositoryPath); s.NoError(err) {
+		if localRepo, err := NewLocalGitRepository(s.gitRepositoryPaths["localrepo"]); s.NoError(err) {
+
 			if commit, err := localRepo.GetFileLastCommit("fileA"); s.NoError(err) {
 				s.Equal("9fae4be19624297947d2b605cefbff516628612d", commit.SHA)
 				s.Equal("Amir Malka", commit.Author.Name)
@@ -138,11 +155,13 @@ func (s *LocalGitRepositoryTestSuite) TestGetFileLastCommit() {
 				s.Equal("2022-05-22 18:55:48 +0300 +0300", commit.Author.Date.String())
 				s.Equal("added file A\n", commit.Message)
 			}
+
 		}
 	})
 
 	s.Run("fileB", func() {
-		if localRepo, err := NewLocalGitRepository(s.gitRepositoryPath); s.NoError(err) {
+		if localRepo, err := NewLocalGitRepository(s.gitRepositoryPaths["localrepo"]); s.NoError(err) {
+
 			if commit, err := localRepo.GetFileLastCommit("dirA/fileB"); s.NoError(err) {
 				s.Equal("7e09312b8017695fadcd606882e3779f10a5c832", commit.SHA)
 				s.Equal("Amir Malka", commit.Author.Name)
@@ -150,6 +169,7 @@ func (s *LocalGitRepositoryTestSuite) TestGetFileLastCommit() {
 				s.Equal("2022-05-22 19:11:57 +0300 +0300", commit.Author.Date.String())
 				s.Equal("added file B\n", commit.Message)
 			}
+
 		}
 	})
 }

core/cautils/logger/helpers/datastructures.go

@@ -1,31 +0,0 @@
-package helpers
-
-import "time"
-
-type StringObj struct {
-	key   string
-	value string
-}
-
-type ErrorObj struct {
-	key   string
-	value error
-}
-
-type IntObj struct {
-	key   string
-	value int
-}
-
-type InterfaceObj struct {
-	key   string
-	value interface{}
-}
-
-func Error(e error) *ErrorObj                         { return &ErrorObj{key: "error", value: e} }
-func Int(k string, v int) *IntObj                     { return &IntObj{key: k, value: v} }
-func String(k, v string) *StringObj                   { return &StringObj{key: k, value: v} }
-func Interface(k string, v interface{}) *InterfaceObj { return &InterfaceObj{key: k, value: v} }
-func Time() *StringObj {
-	return &StringObj{key: "time", value: time.Now().Format("2006-01-02 15:04:05")}
-}

core/cautils/logger/helpers/level.go

@@ -1,69 +0,0 @@
-package helpers
-
-import (
-	"strings"
-)
-
-type Level int8
-
-const (
-	UnknownLevel Level = iota - -1
-	DebugLevel
-	InfoLevel //default
-	SuccessLevel
-	WarningLevel
-	ErrorLevel
-	FatalLevel
-
-	_defaultLevel = InfoLevel
-	_minLevel     = DebugLevel
-	_maxLevel     = FatalLevel
-)
-
-func ToLevel(level string) Level {
-	switch strings.ToLower(level) {
-	case "debug":
-		return DebugLevel
-	case "info":
-		return InfoLevel
-	case "success":
-		return SuccessLevel
-	case "warning", "warn":
-		return WarningLevel
-	case "error":
-		return ErrorLevel
-	case "fatal":
-		return FatalLevel
-	default:
-		return UnknownLevel
-	}
-}
-func (l Level) String() string {
-	switch l {
-	case DebugLevel:
-		return "debug"
-	case InfoLevel:
-		return "info"
-	case SuccessLevel:
-		return "success"
-	case WarningLevel:
-		return "warning"
-	case ErrorLevel:
-		return "error"
-	case FatalLevel:
-		return "fatal"
-	}
-	return ""
-}
-
-func (l Level) Skip(l2 Level) bool {
-	return l < l2
-}
-
-func SupportedLevels() []string {
-	levels := []string{}
-	for i := _minLevel; i <= _maxLevel; i++ {
-		levels = append(levels, i.String())
-	}
-	return levels
-}

core/cautils/logger/helpers/methods.go

@@ -1,62 +0,0 @@
-package helpers
-
-type IDetails interface {
-	Key() string
-	Value() interface{}
-}
-
-// ======================================================================================
-// ============================== String ================================================
-// ======================================================================================
-
-// Key
-func (s *StringObj) Key() string {
-	return s.key
-}
-
-// Value
-func (s *StringObj) Value() interface{} {
-	return s.value
-}
-
-// ======================================================================================
-// =============================== Error ================================================
-// ======================================================================================
-
-// Key
-func (s *ErrorObj) Key() string {
-	return s.key
-}
-
-// Value
-func (s *ErrorObj) Value() interface{} {
-	return s.value
-}
-
-// ======================================================================================
-// ================================= Int ================================================
-// ======================================================================================
-
-// Key
-func (s *IntObj) Key() string {
-	return s.key
-}
-
-// Value
-func (s *IntObj) Value() interface{} {
-	return s.value
-}
-
-// ======================================================================================
-// =========================== Interface ================================================
-// ======================================================================================
-
-// Key
-func (s *InterfaceObj) Key() string {
-	return s.key
-}
-
-// Value
-func (s *InterfaceObj) Value() interface{} {
-	return s.value
-}

core/cautils/logger/methods.go

@@ -1,81 +0,0 @@
-package logger
-
-import (
-	"os"
-	"strings"
-
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/nonelogger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/prettylogger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/zaplogger"
-)
-
-type ILogger interface {
-	Fatal(msg string, details ...helpers.IDetails) // print log and exit 1
-	Error(msg string, details ...helpers.IDetails)
-	Success(msg string, details ...helpers.IDetails)
-	Warning(msg string, details ...helpers.IDetails)
-	Info(msg string, details ...helpers.IDetails)
-	Debug(msg string, details ...helpers.IDetails)
-
-	SetLevel(level string) error
-	GetLevel() string
-
-	SetWriter(w *os.File)
-	GetWriter() *os.File
-
-	LoggerName() string
-}
-
-var l ILogger
-
-// Return initialized logger. If logger not initialized, will call InitializeLogger() with the default value
-func L() ILogger {
-	if l == nil {
-		InitDefaultLogger()
-	}
-	return l
-}
-
-/* InitLogger initialize desired logger
-
-Use:
-InitLogger("<logger name>")
-
-Supported logger names (call ListLoggersNames() for listing supported loggers)
-- "zap": Logger from package "go.uber.org/zap"
-- "pretty", "colorful": Human friendly colorful logger
-- "none", "mock", "empty", "ignore": Logger will not print anything
-
-Default:
-- "pretty"
-
-e.g.
-InitLogger("none") -> will initialize the mock logger
-
-*/
-func InitLogger(loggerName string) {
-
-	switch strings.ToLower(loggerName) {
-	case zaplogger.LoggerName:
-		l = zaplogger.NewZapLogger()
-	case prettylogger.LoggerName, "colorful":
-		l = prettylogger.NewPrettyLogger()
-	case nonelogger.LoggerName, "mock", "empty", "ignore":
-		l = nonelogger.NewNoneLogger()
-	default:
-		InitDefaultLogger()
-	}
-}
-
-func InitDefaultLogger() {
-	l = prettylogger.NewPrettyLogger()
-}
-
-func DisableColor(flag bool) {
-	prettylogger.DisableColor(flag)
-}
-
-func ListLoggersNames() []string {
-	return []string{prettylogger.LoggerName, zaplogger.LoggerName, nonelogger.LoggerName}
-}

core/cautils/logger/nonelogger/logger.go

@@ -1,28 +0,0 @@
-package nonelogger
-
-import (
-	"os"
-
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-)
-
-const LoggerName string = "none"
-
-type NoneLogger struct {
-}
-
-func NewNoneLogger() *NoneLogger {
-	return &NoneLogger{}
-}
-
-func (nl *NoneLogger) GetLevel() string                                { return "" }
-func (nl *NoneLogger) LoggerName() string                              { return LoggerName }
-func (nl *NoneLogger) SetWriter(w *os.File)                            {}
-func (nl *NoneLogger) GetWriter() *os.File                             { return nil }
-func (nl *NoneLogger) SetLevel(level string) error                     { return nil }
-func (nl *NoneLogger) Fatal(msg string, details ...helpers.IDetails)   {}
-func (nl *NoneLogger) Error(msg string, details ...helpers.IDetails)   {}
-func (nl *NoneLogger) Warning(msg string, details ...helpers.IDetails) {}
-func (nl *NoneLogger) Success(msg string, details ...helpers.IDetails) {}
-func (nl *NoneLogger) Info(msg string, details ...helpers.IDetails)    {}
-func (nl *NoneLogger) Debug(msg string, details ...helpers.IDetails)   {}

core/cautils/logger/prettylogger/colors.go

@@ -1,37 +0,0 @@
-package prettylogger
-
-import (
-	"io"
-
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/fatih/color"
-)
-
-var prefixError = color.New(color.Bold, color.FgHiRed).FprintfFunc()
-var prefixWarning = color.New(color.Bold, color.FgHiYellow).FprintfFunc()
-var prefixInfo = color.New(color.Bold, color.FgCyan).FprintfFunc()
-var prefixSuccess = color.New(color.Bold, color.FgHiGreen).FprintfFunc()
-var prefixDebug = color.New(color.Bold, color.FgWhite).FprintfFunc()
-var message = color.New().FprintfFunc()
-
-func prefix(l helpers.Level) func(w io.Writer, format string, a ...interface{}) {
-	switch l {
-	case helpers.DebugLevel:
-		return prefixDebug
-	case helpers.InfoLevel:
-		return prefixInfo
-	case helpers.SuccessLevel:
-		return prefixSuccess
-	case helpers.WarningLevel:
-		return prefixWarning
-	case helpers.ErrorLevel, helpers.FatalLevel:
-		return prefixError
-	}
-	return message
-}
-
-func DisableColor(flag bool) {
-	if flag {
-		color.NoColor = true
-	}
-}

core/cautils/logger/prettylogger/logger.go

@@ -1,82 +0,0 @@
-package prettylogger
-
-import (
-	"fmt"
-	"os"
-	"sync"
-
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-)
-
-const LoggerName string = "pretty"
-
-type PrettyLogger struct {
-	writer *os.File
-	level  helpers.Level
-	mutex  sync.Mutex
-}
-
-func NewPrettyLogger() *PrettyLogger {
-
-	return &PrettyLogger{
-		writer: os.Stderr, // default to stderr
-		level:  helpers.InfoLevel,
-		mutex:  sync.Mutex{},
-	}
-}
-
-func (pl *PrettyLogger) GetLevel() string     { return pl.level.String() }
-func (pl *PrettyLogger) SetWriter(w *os.File) { pl.writer = w }
-func (pl *PrettyLogger) GetWriter() *os.File  { return pl.writer }
-func (pl *PrettyLogger) LoggerName() string   { return LoggerName }
-
-func (pl *PrettyLogger) SetLevel(level string) error {
-	pl.level = helpers.ToLevel(level)
-	if pl.level == helpers.UnknownLevel {
-		return fmt.Errorf("level '%s' unknown", level)
-	}
-	return nil
-}
-func (pl *PrettyLogger) Fatal(msg string, details ...helpers.IDetails) {
-	pl.print(helpers.FatalLevel, msg, details...)
-	os.Exit(1)
-}
-func (pl *PrettyLogger) Error(msg string, details ...helpers.IDetails) {
-	pl.print(helpers.ErrorLevel, msg, details...)
-}
-func (pl *PrettyLogger) Warning(msg string, details ...helpers.IDetails) {
-	pl.print(helpers.WarningLevel, msg, details...)
-}
-func (pl *PrettyLogger) Info(msg string, details ...helpers.IDetails) {
-	pl.print(helpers.InfoLevel, msg, details...)
-}
-func (pl *PrettyLogger) Debug(msg string, details ...helpers.IDetails) {
-	pl.print(helpers.DebugLevel, msg, details...)
-}
-func (pl *PrettyLogger) Success(msg string, details ...helpers.IDetails) {
-	pl.print(helpers.SuccessLevel, msg, details...)
-}
-
-func (pl *PrettyLogger) print(level helpers.Level, msg string, details ...helpers.IDetails) {
-	if !level.Skip(pl.level) {
-		pl.mutex.Lock()
-		prefix(level)(pl.writer, "[%s] ", level.String())
-		if d := detailsToString(details); d != "" {
-			msg = fmt.Sprintf("%s. %s", msg, d)
-		}
-		message(pl.writer, fmt.Sprintf("%s\n", msg))
-		pl.mutex.Unlock()
-	}
-
-}
-
-func detailsToString(details []helpers.IDetails) string {
-	s := ""
-	for i := range details {
-		s += fmt.Sprintf("%s: %v", details[i].Key(), details[i].Value())
-		if i < len(details)-1 {
-			s += "; "
-		}
-	}
-	return s
-}

core/cautils/logger/zaplogger/logger.go

@@ -1,79 +0,0 @@
-package zaplogger
-
-import (
-	"os"
-
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"go.uber.org/zap"
-	"go.uber.org/zap/zapcore"
-)
-
-const LoggerName string = "zap"
-
-type ZapLogger struct {
-	zapL *zap.Logger
-	cfg  zap.Config
-}
-
-func NewZapLogger() *ZapLogger {
-	ec := zap.NewProductionEncoderConfig()
-	ec.EncodeTime = zapcore.RFC3339TimeEncoder
-	cfg := zap.NewProductionConfig()
-	cfg.DisableCaller = true
-	cfg.DisableStacktrace = true
-	cfg.Encoding = "json"
-	cfg.EncoderConfig = ec
-
-	zapLogger, err := cfg.Build()
-	if err != nil {
-		panic(err)
-	}
-	return &ZapLogger{
-		zapL: zapLogger,
-		cfg:  cfg,
-	}
-}
-
-func (zl *ZapLogger) GetLevel() string     { return zl.cfg.Level.Level().String() }
-func (zl *ZapLogger) SetWriter(w *os.File) {}
-func (zl *ZapLogger) GetWriter() *os.File  { return nil }
-func (zl *ZapLogger) LoggerName() string   { return LoggerName }
-func (zl *ZapLogger) SetLevel(level string) error {
-	l := zapcore.Level(1)
-	err := l.Set(level)
-	if err == nil {
-		zl.cfg.Level.SetLevel(l)
-	}
-	return err
-}
-func (zl *ZapLogger) Fatal(msg string, details ...helpers.IDetails) {
-	zl.zapL.Fatal(msg, detailsToZapFields(details)...)
-}
-
-func (zl *ZapLogger) Error(msg string, details ...helpers.IDetails) {
-	zl.zapL.Error(msg, detailsToZapFields(details)...)
-}
-
-func (zl *ZapLogger) Warning(msg string, details ...helpers.IDetails) {
-	zl.zapL.Warn(msg, detailsToZapFields(details)...)
-}
-
-func (zl *ZapLogger) Success(msg string, details ...helpers.IDetails) {
-	zl.zapL.Info(msg, detailsToZapFields(details)...)
-}
-
-func (zl *ZapLogger) Info(msg string, details ...helpers.IDetails) {
-	zl.zapL.Info(msg, detailsToZapFields(details)...)
-}
-
-func (zl *ZapLogger) Debug(msg string, details ...helpers.IDetails) {
-	zl.zapL.Debug(msg, detailsToZapFields(details)...)
-}
-
-func detailsToZapFields(details []helpers.IDetails) []zapcore.Field {
-	zapFields := []zapcore.Field{}
-	for i := range details {
-		zapFields = append(zapFields, zap.Any(details[i].Key(), details[i].Value()))
-	}
-	return zapFields
-}

core/cautils/rbac.go

@@ -4,11 +4,12 @@ import (
 	"encoding/json"
 	"time"
 
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/rbac-utils/rbacscanner"
-	"github.com/armosec/rbac-utils/rbacutils"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
+
 	"github.com/google/uuid"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/rbac-utils/rbacscanner"
+	"github.com/kubescape/rbac-utils/rbacutils"
 )
 
 type RBACObjects struct {
@@ -19,12 +20,19 @@ func NewRBACObjects(scanner *rbacscanner.RbacScannerFromK8sAPI) *RBACObjects {
 	return &RBACObjects{scanner: scanner}
 }
 
-func (rbacObjects *RBACObjects) SetResourcesReport() (*reporthandling.PostureReport, error) {
-	return &reporthandling.PostureReport{
+func (rbacObjects *RBACObjects) SetResourcesReport() (*reporthandlingv2.PostureReport, error) {
+	return &reporthandlingv2.PostureReport{
 		ReportID:             uuid.NewString(),
 		ReportGenerationTime: time.Now().UTC(),
 		CustomerGUID:         rbacObjects.scanner.CustomerGUID,
 		ClusterName:          rbacObjects.scanner.ClusterName,
+		Metadata: reporthandlingv2.Metadata{
+			ContextMetadata: reporthandlingv2.ContextMetadata{
+				ClusterContextMetadata: &reporthandlingv2.ClusterMetadata{
+					ContextName: rbacObjects.scanner.ClusterName,
+				},
+			},
+		},
 	}, nil
 }
 
@@ -46,26 +54,30 @@ func (rbacObjects *RBACObjects) rbacObjectsToResources(resources *rbacutils.Rbac
 	/*
 		************************************************************************************************************************
 			This code is adding a non valid ID ->
-				(github.com/armosec/rbac-utils v0.0.11): "//SA2WLIDmap/SA2WLIDmap"
-				(github.com/armosec/rbac-utils v0.0.12): "armo.rbac.com/v0beta1//SAID2WLIDmap/SAID2WLIDmap"
+				(github.com/kubescape/opa-utils v0.0.11): "//SA2WLIDmap/SA2WLIDmap"
+				(github.com/kubescape/opa-utils v0.0.12): "armo.rbac.com/v0beta1//SAID2WLIDmap/SAID2WLIDmap"
 
 			Should be investigated
 		************************************************************************************************************************
 	*/
 
-	// wrap rbac aggregated objects in IMetadata and add to allresources
+	// wrap rbac aggregated objects in IMetadata and add to AllResources
 	// TODO - DEPRECATE SA2WLIDmap
-	SA2WLIDmapIMeta, err := rbacutils.SA2WLIDmapIMetadataWrapper(resources.SA2WLIDmap)
+	m, err := rbacutils.SA2WLIDmapIMetadataWrapper(resources.SA2WLIDmap)
 	if err != nil {
 		return nil, err
 	}
-	allresources[SA2WLIDmapIMeta.GetID()] = SA2WLIDmapIMeta
 
-	SAID2WLIDmapIMeta, err := rbacutils.SAID2WLIDmapIMetadataWrapper(resources.SAID2WLIDmap)
+	sa2WLIDmapIMeta := workloadinterface.NewBaseObject(m)
+	allresources[sa2WLIDmapIMeta.GetID()] = sa2WLIDmapIMeta
+
+	m2, err := rbacutils.SAID2WLIDmapIMetadataWrapper(resources.SAID2WLIDmap)
 	if err != nil {
 		return nil, err
 	}
-	allresources[SAID2WLIDmapIMeta.GetID()] = SAID2WLIDmapIMeta
+
+	saID2WLIDmapIMeta := workloadinterface.NewBaseObject(m2)
+	allresources[saID2WLIDmapIMeta.GetID()] = saID2WLIDmapIMeta
 
 	// convert rbac k8s resources to IMetadata and add to allresources
 	for _, cr := range resources.ClusterRoles.Items {

core/cautils/reportv2tov1.go

@@ -1,17 +1,14 @@
 package cautils
 
 import (
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
-	helpersv1 "github.com/armosec/opa-utils/reporthandling/helpers/v1"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
+	helpersv1 "github.com/kubescape/opa-utils/reporthandling/helpers/v1"
+	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
 )
 
-func ReportV2ToV1(opaSessionObj *OPASessionObj) {
-	if len(opaSessionObj.PostureReport.FrameworkReports) > 0 {
-		return // report already converted
-	}
-	//	opaSessionObj.PostureReport.ClusterCloudProvider = opaSessionObj.Report.ClusterCloudProvider
+func ReportV2ToV1(opaSessionObj *OPASessionObj) *reporthandling.PostureReport {
+	report := &reporthandling.PostureReport{}
 
 	frameworks := []reporthandling.FrameworkReport{}
 
@@ -33,27 +30,14 @@ func ReportV2ToV1(opaSessionObj *OPASessionObj) {
 		fwv1.Score = opaSessionObj.Report.SummaryDetails.Score
 	}
 
-	// // remove unused data
-	// opaSessionObj.Report = nil
-	// opaSessionObj.ResourcesResult = nil
-
 	// setup counters and score
 	for f := range frameworks {
-		// // set exceptions
-		// exceptions.SetFrameworkExceptions(frameworks, opap.Exceptions, cautils.ClusterName)
-
 		// set counters
 		reporthandling.SetUniqueResourcesCounter(&frameworks[f])
-
-		// set default score
-		// reporthandling.SetDefaultScore(&frameworks[f])
 	}
 
-	// // update score
-	// scoreutil := score.NewScore(opaSessionObj.AllResources)
-	// scoreutil.Calculate(frameworks)
-
-	opaSessionObj.PostureReport.FrameworkReports = frameworks
+	report.FrameworkReports = frameworks
+	return report
 }
 
 func controlReportV2ToV1(opaSessionObj *OPASessionObj, frameworkName string, controls map[string]reportsummary.ControlSummary) []reporthandling.ControlReport {
@@ -65,7 +49,6 @@ func controlReportV2ToV1(opaSessionObj *OPASessionObj, frameworkName string, con
 		crv1.Name = crv2.GetName()
 		crv1.Score = crv2.GetScore()
 		crv1.Control_ID = controlID
-		// crv1.Attributes = crv2.
 
 		// TODO - add fields
 		crv1.Description = crv2.Description

core/cautils/rootinfo.go

@@ -6,8 +6,8 @@ type RootInfo struct {
 	CacheDir     string // cached dir
 	DisableColor bool   // Disable Color
 
-	ArmoBEURLs    string // armo url
-	ArmoBEURLsDep string // armo url
+	KSCloudBEURLs    string // Kubescape Cloud URL
+	KSCloudBEURLsDep string // Kubescape Cloud URL
 
 }
 
@@ -16,81 +16,3 @@ type Credentials struct {
 	ClientID  string
 	SecretKey string
 }
-
-// func (rootInfo *RootInfo) InitLogger() {
-// 	logger.DisableColor(rootInfo.DisableColor)
-
-// 	if rootInfo.LoggerName == "" {
-// 		if l := os.Getenv("KS_LOGGER_NAME"); l != "" {
-// 			rootInfo.LoggerName = l
-// 		} else {
-// 			if isatty.IsTerminal(os.Stdout.Fd()) {
-// 				rootInfo.LoggerName = "pretty"
-// 			} else {
-// 				rootInfo.LoggerName = "zap"
-// 			}
-// 		}
-// 	}
-
-// 	logger.InitLogger(rootInfo.LoggerName)
-
-// }
-// func (rootInfo *RootInfo) InitLoggerLevel() error {
-// 	if rootInfo.Logger == helpers.InfoLevel.String() {
-// 	} else if l := os.Getenv("KS_LOGGER"); l != "" {
-// 		rootInfo.Logger = l
-// 	}
-
-// 	if err := logger.L().SetLevel(rootInfo.Logger); err != nil {
-// 		return fmt.Errorf("supported levels: %s", strings.Join(helpers.SupportedLevels(), "/"))
-// 	}
-// 	return nil
-// }
-
-// func (rootInfo *RootInfo) InitCacheDir() error {
-// 	if rootInfo.CacheDir == getter.DefaultLocalStore {
-// 		getter.DefaultLocalStore = rootInfo.CacheDir
-// 	} else if cacheDir := os.Getenv("KS_CACHE_DIR"); cacheDir != "" {
-// 		getter.DefaultLocalStore = cacheDir
-// 	} else {
-// 		return nil // using default cache dir location
-// 	}
-
-// 	// TODO create dir if not found exist
-// 	// logger.L().Debug("cache dir updated", helpers.String("path", getter.DefaultLocalStore))
-// 	return nil
-// }
-// func (rootInfo *RootInfo) InitEnvironment() error {
-
-// 	urlSlices := strings.Split(rootInfo.ArmoBEURLs, ",")
-// 	if len(urlSlices) != 1 && len(urlSlices) < 3 {
-// 		return fmt.Errorf("expected at least 2 URLs (report,api,frontend,auth)")
-// 	}
-// 	switch len(urlSlices) {
-// 	case 1:
-// 		switch urlSlices[0] {
-// 		case "dev", "development":
-// 			getter.SetARMOAPIConnector(getter.NewARMOAPIDev())
-// 		case "stage", "staging":
-// 			getter.SetARMOAPIConnector(getter.NewARMOAPIStaging())
-// 		case "":
-// 			getter.SetARMOAPIConnector(getter.NewARMOAPIProd())
-// 		default:
-// 			return fmt.Errorf("unknown environment")
-// 		}
-// 	case 2:
-// 		armoERURL := urlSlices[0] // mandatory
-// 		armoBEURL := urlSlices[1] // mandatory
-// 		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, "", ""))
-// 	case 3, 4:
-// 		var armoAUTHURL string
-// 		armoERURL := urlSlices[0] // mandatory
-// 		armoBEURL := urlSlices[1] // mandatory
-// 		armoFEURL := urlSlices[2] // mandatory
-// 		if len(urlSlices) <= 4 {
-// 			armoAUTHURL = urlSlices[3]
-// 		}
-// 		getter.SetARMOAPIConnector(getter.NewARMOAPICustomized(armoERURL, armoBEURL, armoFEURL, armoAUTHURL))
-// 	}
-// 	return nil
-// }

core/cautils/scaninfo.go

@@ -9,15 +9,16 @@ import (
 	"strings"
 
 	"github.com/armosec/armoapi-go/armotypes"
-	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
 
 	giturl "github.com/armosec/go-git-url"
-	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/reporthandling"
-	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
+
 	"github.com/google/uuid"
 )
 
@@ -116,9 +117,9 @@ type ScanInfo struct {
 	InputPatterns      []string           // Yaml files input patterns
 	Silent             bool               // Silent mode - Do not print progress logs
 	FailThreshold      float32            // Failure score threshold
-	Submit             bool               // Submit results to Armo BE
+	Submit             bool               // Submit results to Kubescape Cloud BE
 	ScanID             string             // Report id of the current scan
-	HostSensorEnabled  BoolPtrFlag        // Deploy ARMO K8s host scanner to collect data from certain controls
+	HostSensorEnabled  BoolPtrFlag        // Deploy Kubescape K8s host scanner to collect data from certain controls
 	HostSensorYamlPath string             // Path to hostsensor file
 	Local              bool               // Do not submit results
 	Credentials        Credentials        // account ID
@@ -266,10 +267,23 @@ func scanInfoToScanMetadata(scanInfo *ScanInfo) *reporthandlingv2.Metadata {
 	if len(scanInfo.InputPatterns) > 0 {
 		inputFiles = scanInfo.InputPatterns[0]
 	}
-
-	metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Cluster
-	if GetScanningContext(inputFiles) != ContextCluster {
+	switch GetScanningContext(inputFiles) {
+	case ContextCluster:
+		// cluster
+		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Cluster
+	case ContextFile:
+		// local file
 		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.File
+	case ContextGitURL:
+		// url
+		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Repo
+	case ContextGitLocal:
+		// local-git
+		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.GitLocal
+	case ContextDir:
+		// directory
+		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Directory
+
 	}
 
 	setContextMetadata(&metadata.ContextMetadata, inputFiles)

core/cautils/scaninfo_test.go

@@ -3,7 +3,7 @@ package cautils
 import (
 	"testing"
 
-	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -40,8 +40,5 @@ func TestGetHostname(t *testing.T) {
 
 func TestGetScanningContext(t *testing.T) {
 	assert.Equal(t, ContextCluster, GetScanningContext(""))
-	// assert.Equal(t, ContextDir, GetScanningContext("/"))
 	assert.Equal(t, ContextGitURL, GetScanningContext("https://github.com/armosec/kubescape"))
-	// assert.Equal(t, ContextFile, GetScanningContext(path.Join(".", "testdata", "localrepo.git")))
-	// assert.Equal(t, ContextGitLocal, GetScanningContext(path.Join(".", "testdata")))
 }

core/cautils/versioncheck.go

@@ -7,9 +7,10 @@ import (
 	"os"
 
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/utils-go/boolutils"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+
 	"golang.org/x/mod/semver"
 )
 

core/cautils/versioncheck_test.go

@@ -4,7 +4,7 @@ import (
 	"testing"
 
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling"
 	"github.com/stretchr/testify/assert"
 	"golang.org/x/mod/semver"
 )

core/cautils/workloadmappingutils.go

@@ -3,7 +3,7 @@ package cautils
 import (
 	"strings"
 
-	"github.com/armosec/opa-utils/reporthandling/apis"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
 )
 
 var (
@@ -21,9 +21,9 @@ var (
 	CloudResources = []string{"ClusterDescribe"}
 )
 
-func MapArmoResource(armoResourceMap *ArmoResources, resources []string) []string {
+func MapKSResource(ksResourceMap *KSResources, resources []string) []string {
 	var hostResources []string
-	for k := range *armoResourceMap {
+	for k := range *ksResourceMap {
 		for _, resource := range resources {
 			if strings.Contains(k, resource) {
 				hostResources = append(hostResources, k)
@@ -33,16 +33,16 @@ func MapArmoResource(armoResourceMap *ArmoResources, resources []string) []strin
 	return hostResources
 }
 
-func MapHostResources(armoResourceMap *ArmoResources) []string {
-	return MapArmoResource(armoResourceMap, HostSensorResources)
+func MapHostResources(ksResourceMap *KSResources) []string {
+	return MapKSResource(ksResourceMap, HostSensorResources)
 }
 
-func MapImageVulnResources(armoResourceMap *ArmoResources) []string {
-	return MapArmoResource(armoResourceMap, ImageVulnResources)
+func MapImageVulnResources(ksResourceMap *KSResources) []string {
+	return MapKSResource(ksResourceMap, ImageVulnResources)
 }
 
-func MapCloudResources(armoResourceMap *ArmoResources) []string {
-	return MapArmoResource(armoResourceMap, CloudResources)
+func MapCloudResources(ksResourceMap *KSResources) []string {
+	return MapKSResource(ksResourceMap, CloudResources)
 }
 
 func SetInfoMapForResources(info string, resources []string, errorMap map[string]apis.StatusInfo) {

core/core/delete.go

@@ -4,9 +4,9 @@ import (
 	"fmt"
 
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	v1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 )
 
 func (ks *Kubescape) DeleteExceptions(delExceptions *v1.DeleteExceptions) error {
@@ -15,8 +15,8 @@ func (ks *Kubescape) DeleteExceptions(delExceptions *v1.DeleteExceptions) error
 	getTenantConfig(&delExceptions.Credentials, "", getKubernetesApi())
 
 	// login kubescape SaaS
-	armoAPI := getter.GetArmoAPIConnector()
-	if err := armoAPI.Login(); err != nil {
+	ksCloudAPI := getter.GetKSCloudAPIConnector()
+	if err := ksCloudAPI.Login(); err != nil {
 		return err
 	}
 
@@ -26,7 +26,7 @@ func (ks *Kubescape) DeleteExceptions(delExceptions *v1.DeleteExceptions) error
 			continue
 		}
 		logger.L().Info("Deleting exception", helpers.String("name", exceptionName))
-		if err := armoAPI.DeleteException(exceptionName); err != nil {
+		if err := ksCloudAPI.DeleteException(exceptionName); err != nil {
 			return fmt.Errorf("failed to delete exception '%s', reason: %s", exceptionName, err.Error())
 		}
 		logger.L().Success("Exception deleted successfully")

core/core/download.go

@@ -8,9 +8,9 @@ import (
 
 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	metav1 "github.com/armosec/kubescape/v2/core/meta/datastructures/v1"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 )
 
 var downloadFunc = map[string]func(*metav1.DownloadInfo) error{

core/core/initutils.go

@@ -3,18 +3,19 @@ package core
 import (
 	"fmt"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/pkg/hostsensorutils"
 	"github.com/armosec/kubescape/v2/core/pkg/resourcehandler"
 	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
 	reporterv2 "github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter/v2"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+
 	"github.com/google/uuid"
 
-	"github.com/armosec/rbac-utils/rbacscanner"
+	"github.com/kubescape/rbac-utils/rbacscanner"
 )
 
 // getKubernetesApi
@@ -26,9 +27,9 @@ func getKubernetesApi() *k8sinterface.KubernetesApi {
 }
 func getTenantConfig(credentials *cautils.Credentials, clusterName string, k8s *k8sinterface.KubernetesApi) cautils.ITenantConfig {
 	if !k8sinterface.IsConnectedToCluster() || k8s == nil {
-		return cautils.NewLocalConfig(getter.GetArmoAPIConnector(), credentials, clusterName)
+		return cautils.NewLocalConfig(getter.GetKSCloudAPIConnector(), credentials, clusterName)
 	}
-	return cautils.NewClusterConfig(k8s, getter.GetArmoAPIConnector(), credentials, clusterName)
+	return cautils.NewClusterConfig(k8s, getter.GetKSCloudAPIConnector(), credentials, clusterName)
 }
 
 func getExceptionsGetter(useExceptions string) getter.IExceptionsGetter {
@@ -36,7 +37,7 @@ func getExceptionsGetter(useExceptions string) getter.IExceptionsGetter {
 		// load exceptions from file
 		return getter.NewLoadPolicy([]string{useExceptions})
 	} else {
-		return getter.GetArmoAPIConnector()
+		return getter.GetKSCloudAPIConnector()
 	}
 }
 
@@ -47,9 +48,13 @@ func getRBACHandler(tenantConfig cautils.ITenantConfig, k8s *k8sinterface.Kubern
 	return nil
 }
 
-func getReporter(tenantConfig cautils.ITenantConfig, reportID string, submit, fwScan bool) reporter.IReport {
+func getReporter(tenantConfig cautils.ITenantConfig, reportID string, submit, fwScan bool, scanningContext cautils.ScanningContext) reporter.IReport {
 	if submit {
-		return reporterv2.NewReportEventReceiver(tenantConfig.GetConfigObj(), reportID)
+		submitData := reporterv2.SubmitContextScan
+		if scanningContext != cautils.ContextCluster {
+			submitData = reporterv2.SubmitContextRepository
+		}
+		return reporterv2.NewReportEventReceiver(tenantConfig.GetConfigObj(), reportID, submitData)
 	}
 	if tenantConfig.GetAccountID() == "" {
 		// Add link only when scanning a cluster using a framework
@@ -68,7 +73,7 @@ func getResourceHandler(scanInfo *cautils.ScanInfo, tenantConfig cautils.ITenant
 		// scanInfo.HostSensor.SetBool(false)
 		return resourcehandler.NewFileResourceHandler(scanInfo.InputPatterns, registryAdaptors)
 	}
-	getter.GetArmoAPIConnector()
+	getter.GetKSCloudAPIConnector()
 	rbacObjects := getRBACHandler(tenantConfig, k8s, scanInfo.Submit)
 	return resourcehandler.NewK8sResourceHandler(k8s, getFieldSelector(scanInfo), hostSensorHandler, rbacObjects, registryAdaptors)
 }
@@ -119,7 +124,7 @@ func policyIdentifierNames(pi []cautils.PolicyIdentifier) string {
 	return policiesNames
 }
 
-// setSubmitBehavior - Setup the desired cluster behavior regarding submitting to the Armo BE
+// setSubmitBehavior - Setup the desired cluster behavior regarding submitting to the Kubescape Cloud BE
 func setSubmitBehavior(scanInfo *cautils.ScanInfo, tenantConfig cautils.ITenantConfig) {
 
 	/*
@@ -160,13 +165,13 @@ func setSubmitBehavior(scanInfo *cautils.ScanInfo, tenantConfig cautils.ITenantC
 
 }
 
-// setPolicyGetter set the policy getter - local file/github release/ArmoAPI
+// setPolicyGetter set the policy getter - local file/github release/Kubescape Cloud API
 func getPolicyGetter(loadPoliciesFromFile []string, tennatEmail string, frameworkScope bool, downloadReleasedPolicy *getter.DownloadReleasedPolicy) getter.IPolicyGetter {
 	if len(loadPoliciesFromFile) > 0 {
 		return getter.NewLoadPolicy(loadPoliciesFromFile)
 	}
 	if tennatEmail != "" && frameworkScope {
-		g := getter.GetArmoAPIConnector() // download policy from ARMO backend
+		g := getter.GetKSCloudAPIConnector() // download policy from Kubescape Cloud backend
 		return g
 	}
 	if downloadReleasedPolicy == nil {
@@ -176,13 +181,13 @@ func getPolicyGetter(loadPoliciesFromFile []string, tennatEmail string, framewor
 
 }
 
-// setConfigInputsGetter sets the config input getter - local file/github release/ArmoAPI
+// setConfigInputsGetter sets the config input getter - local file/github release/Kubescape Cloud API
 func getConfigInputsGetter(ControlsInputs string, accountID string, downloadReleasedPolicy *getter.DownloadReleasedPolicy) getter.IControlsInputsGetter {
 	if len(ControlsInputs) > 0 {
 		return getter.NewLoadPolicy([]string{ControlsInputs})
 	}
 	if accountID != "" {
-		g := getter.GetArmoAPIConnector() // download config from ARMO backend
+		g := getter.GetKSCloudAPIConnector() // download config from Kubescape Cloud backend
 		return g
 	}
 	if downloadReleasedPolicy == nil {

core/core/list.go

@@ -66,8 +66,8 @@ func listExceptions(listPolicies *metav1.ListPolicies) ([]string, error) {
 	getTenantConfig(&listPolicies.Credentials, "", getKubernetesApi())
 
 	var exceptionsNames []string
-	armoAPI := getExceptionsGetter("")
-	exceptions, err := armoAPI.GetExceptions("")
+	ksCloudAPI := getExceptionsGetter("")
+	exceptions, err := ksCloudAPI.GetExceptions("")
 	if err != nil {
 		return exceptionsNames, err
 	}

core/core/scan.go

@@ -3,14 +3,12 @@ package core
 import (
 	"fmt"
 
-	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/pkg/hostsensorutils"
 	"github.com/armosec/kubescape/v2/core/pkg/opaprocessor"
 	"github.com/armosec/kubescape/v2/core/pkg/policyhandler"
@@ -18,8 +16,10 @@ import (
 	"github.com/armosec/kubescape/v2/core/pkg/resultshandling"
 	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/printer"
 	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 
-	"github.com/armosec/opa-utils/resources"
+	"github.com/kubescape/opa-utils/resources"
 )
 
 type componentInterfaces struct {
@@ -86,7 +86,7 @@ func getInterfaces(scanInfo *cautils.ScanInfo) componentInterfaces {
 	// ================== setup reporter & printer objects ======================================
 
 	// reporting behavior - setup reporter
-	reportHandler := getReporter(tenantConfig, scanInfo.ScanID, scanInfo.Submit, scanInfo.FrameworkScan)
+	reportHandler := getReporter(tenantConfig, scanInfo.ScanID, scanInfo.Submit, scanInfo.FrameworkScan, scanInfo.GetScanningContext())
 
 	// setup printer
 	printerHandler := resultshandling.NewPrinter(scanInfo.Format, scanInfo.FormatVersion, scanInfo.VerboseMode, cautils.ViewTypes(scanInfo.View))

core/core/submit.go

@@ -3,15 +3,16 @@ package core
 import (
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/meta/cliinterfaces"
+
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 )
 
 func (ks *Kubescape) Submit(submitInterfaces cliinterfaces.SubmitInterfaces) error {
 
 	// list resources
-	postureReport, err := submitInterfaces.SubmitObjects.SetResourcesReport()
+	report, err := submitInterfaces.SubmitObjects.SetResourcesReport()
 	if err != nil {
 		return err
 	}
@@ -20,7 +21,12 @@ func (ks *Kubescape) Submit(submitInterfaces cliinterfaces.SubmitInterfaces) err
 		return err
 	}
 	// report
-	if err := submitInterfaces.Reporter.Submit(&cautils.OPASessionObj{PostureReport: postureReport, AllResources: allresources}); err != nil {
+	o := &cautils.OPASessionObj{
+		Report:       report,
+		AllResources: allresources,
+		Metadata:     &report.Metadata,
+	}
+	if err := submitInterfaces.Reporter.Submit(o); err != nil {
 		return err
 	}
 	logger.L().Success("Data has been submitted successfully")
@@ -46,12 +52,12 @@ func (ks *Kubescape) SubmitExceptions(credentials *cautils.Credentials, excPath
 	}
 
 	// login kubescape SaaS
-	armoAPI := getter.GetArmoAPIConnector()
-	if err := armoAPI.Login(); err != nil {
+	ksCloudAPI := getter.GetKSCloudAPIConnector()
+	if err := ksCloudAPI.Login(); err != nil {
 		return err
 	}
 
-	if err := armoAPI.PostExceptions(exceptions); err != nil {
+	if err := ksCloudAPI.PostExceptions(exceptions); err != nil {
 		return err
 	}
 	logger.L().Success("Exceptions submitted successfully")

core/meta/cliinterfaces/submit.go

@@ -1,14 +1,14 @@
 package cliinterfaces
 
 import (
-	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/pkg/resultshandling/reporter"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
 )
 
 type ISubmitObjects interface {
-	SetResourcesReport() (*reporthandling.PostureReport, error)
+	SetResourcesReport() (*reporthandlingv2.PostureReport, error)
 	ListAllResources() (map[string]workloadinterface.IMetadata, error)
 }
 

core/mocks/loadmocks.go

@@ -4,8 +4,8 @@ import (
 	"encoding/json"
 
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 var mockControl_0006 = `{"guid":"","name":"Allowed hostPath","attributes":{"armoBuiltin":true},"id":"C-0006","controlID":"C-0006","creationTime":"","description":"Mounting host directory to the container can be abused to get access to sensitive data and gain persistence on the host machine.","remediation":"Refrain from using host path mount.","rules":[{"guid":"","name":"alert-rw-hostpath","attributes":{"armoBuiltin":true,"m$K8sThreatMatrix":"Persistence::Writable hostPath mount, Lateral Movement::Writable volume mounts on the host"},"creationTime":"","rule":"package armo_builtins\n\n# input: pod\n# apiversion: v1\n# does: returns hostPath volumes\n\ndeny[msga] {\n    pod := input[_]\n    pod.kind == \"Pod\"\n    volumes := pod.spec.volumes\n    volume := volumes[_]\n    volume.hostPath\n\tcontainer := pod.spec.containers[i]\n\tvolumeMount := container.volumeMounts[k]\n\tvolumeMount.name == volume.name\n\tbegginingOfPath := \"spec.\"\n\tresult := isRWMount(volumeMount, begginingOfPath,  i, k)\n\n    podname := pod.metadata.name\n\n\tmsga := {\n\t\t\"alertMessage\": sprintf(\"pod: %v has: %v as hostPath volume\", [podname, volume.name]),\n\t\t\"packagename\": \"armo_builtins\",\n\t\t\"alertScore\": 7,\n\t\t\"failedPaths\": [result],\n\t\t\"alertObject\": {\n\t\t\t\"k8sApiObjects\": [pod]\n\t\t}\n\t}\n}\n\n#handles majority of workload resources\ndeny[msga] {\n\twl := input[_]\n\tspec_template_spec_patterns := {\"Deployment\",\"ReplicaSet\",\"DaemonSet\",\"StatefulSet\",\"Job\"}\n\tspec_template_spec_patterns[wl.kind]\n    volumes := wl.spec.template.spec.volumes\n    volume := volumes[_]\n    volume.hostPath\n\tcontainer := wl.spec.template.spec.containers[i]\n\tvolumeMount := container.volumeMounts[k]\n\tvolumeMount.name == volume.name\n\tbegginingOfPath := \"spec.template.spec.\"\n\tresult := isRWMount(volumeMount, begginingOfPath,  i, k)\n\n\tmsga := {\n\t\t\"alertMessage\": sprintf(\"%v: %v has: %v as hostPath volume\", [wl.kind, wl.metadata.name, volume.name]),\n\t\t\"packagename\": \"armo_builtins\",\n\t\t\"alertScore\": 7,\n\t\t\"failedPaths\": [result],\n\t\t\"alertObject\": {\n\t\t\t\"k8sApiObjects\": [wl]\n\t\t}\n\t\n\t}\n}\n\n#handles CronJobs\ndeny[msga] {\n\twl := input[_]\n\twl.kind == \"CronJob\"\n    volumes := wl.spec.jobTemplate.spec.template.spec.volumes\n    volume := volumes[_]\n    volume.hostPath\n\n\tcontainer = wl.spec.jobTemplate.spec.template.spec.containers[i]\n\tvolumeMount := container.volumeMounts[k]\n\tvolumeMount.name == volume.name\n\tbegginingOfPath := \"spec.jobTemplate.spec.template.spec.\"\n\tresult := isRWMount(volumeMount, begginingOfPath,  i, k)\n\n\tmsga := {\n\t\"alertMessage\": sprintf(\"%v: %v has: %v as hostPath volume\", [wl.kind, wl.metadata.name, volume.name]),\n\t\"packagename\": \"armo_builtins\",\n\t\"alertScore\": 7,\n\t\"failedPaths\": [result],\n\t\"alertObject\": {\n\t\t\t\"k8sApiObjects\": [wl]\n\t\t}\n\t}\n}\n\nisRWMount(mount, begginingOfPath,  i, k) = path {\n not mount.readOnly == true\n not mount.readOnly == false\n path = \"\"\n}\nisRWMount(mount, begginingOfPath,  i, k) = path {\n  mount.readOnly == false\n  path = sprintf(\"%vcontainers[%v].volumeMounts[%v].readOnly\", [begginingOfPath, format_int(i, 10), format_int(k, 10)])\n} ","resourceEnumerator":"","ruleLanguage":"Rego","match":[{"apiGroups":["*"],"apiVersions":["*"],"resources":["Deployment","ReplicaSet","DaemonSet","StatefulSet","Job","CronJob","Pod"]}],"ruleDependencies":[{"packageName":"cautils"},{"packageName":"kubernetes.api.client"}],"configInputs":null,"controlConfigInputs":null,"description":"determines if any workload contains a hostPath volume with rw permissions","remediation":"Set the readOnly field of the mount to true","ruleQuery":""}],"rulesIDs":[""],"baseScore":6}`

core/pkg/hostsensorutils/hostsensordeploy.go

@@ -8,11 +8,12 @@ import (
 	"sync"
 	"time"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -35,6 +36,7 @@ type HostSensorHandler struct {
 	DaemonSet                     *appsv1.DaemonSet
 	podListLock                   sync.RWMutex
 	gracePeriod                   int64
+	workerPool                    workerPool
 }
 
 func NewHostSensorHandler(k8sObj *k8sinterface.KubernetesApi, hostSensorYAMLFile string) (*HostSensorHandler, error) {
@@ -54,6 +56,7 @@ func NewHostSensorHandler(k8sObj *k8sinterface.KubernetesApi, hostSensorYAMLFile
 		HostSensorPodNames:            map[string]string{},
 		HostSensorUnscheduledPodNames: map[string]string{},
 		gracePeriod:                   int64(15),
+		workerPool:                    NewWorkerPool(),
 	}
 	// Don't deploy on cluster with no nodes. Some cloud providers prevents termination of K8s objects for cluster with no nodes!!!
 	if nodeList, err := k8sObj.KubernetesClient.CoreV1().Nodes().List(k8sObj.Context, metav1.ListOptions{}); err != nil || len(nodeList.Items) == 0 {

core/pkg/hostsensorutils/hostsensorgetfrompod.go

@@ -5,11 +5,12 @@ import (
 	"fmt"
 	"sync"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
-	"github.com/armosec/opa-utils/reporthandling/apis"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/opa-utils/objectsenvelopes/hostsensor"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
+
 	"sigs.k8s.io/yaml"
 )
 
@@ -32,7 +33,23 @@ func (hsh *HostSensorHandler) HTTPGetToPod(podName, path string) ([]byte, error)
 
 	restProxy := hsh.k8sObj.KubernetesClient.CoreV1().Pods(hsh.DaemonSet.Namespace).ProxyGet("http", podName, fmt.Sprintf("%d", hsh.HostSensorPort), path, map[string]string{})
 	return restProxy.DoRaw(hsh.k8sObj.Context)
+}
 
+func (hsh *HostSensorHandler) getResourcesFromPod(podName, nodeName, resourceKind, path string) (hostsensor.HostSensorDataEnvelope, error) {
+	//  send the request and pack the response as an hostSensorDataEnvelope
+
+	resBytes, err := hsh.HTTPGetToPod(podName, path)
+	if err != nil {
+		return hostsensor.HostSensorDataEnvelope{}, err
+	}
+
+	hostSensorDataEnvelope := hostsensor.HostSensorDataEnvelope{}
+	hostSensorDataEnvelope.SetApiVersion(k8sinterface.JoinGroupVersion(hostsensor.GroupHostSensor, hostsensor.Version))
+	hostSensorDataEnvelope.SetKind(resourceKind)
+	hostSensorDataEnvelope.SetName(nodeName)
+	hostSensorDataEnvelope.SetData(resBytes)
+
+	return hostSensorDataEnvelope, nil
 }
 
 func (hsh *HostSensorHandler) ForwardToPod(podName, path string) ([]byte, error) {
@@ -59,35 +76,26 @@ func (hsh *HostSensorHandler) ForwardToPod(podName, path string) ([]byte, error)
 
 // sendAllPodsHTTPGETRequest fills the raw byte response in the envelope and the node name, but not the GroupVersionKind
 // so the caller is responsible to convert the raw data to some structured data and add the GroupVersionKind details
+//
+// The function produces a worker-pool with a fixed number of workers.
+// For each node the request is pushed to the jobs channel, the worker sends the request and pushes the result to the result channel.
+// When all workers have finished, the function returns a list of results
 func (hsh *HostSensorHandler) sendAllPodsHTTPGETRequest(path, requestKind string) ([]hostsensor.HostSensorDataEnvelope, error) {
 	podList, err := hsh.getPodList()
 	if err != nil {
 		return nil, fmt.Errorf("failed to sendAllPodsHTTPGETRequest: %v", err)
 	}
-	res := make([]hostsensor.HostSensorDataEnvelope, 0, len(podList))
-	resLock := sync.Mutex{}
-	wg := sync.WaitGroup{}
-	wg.Add(len(podList))
-	for podName := range podList {
-		go func(podName, path string) {
-			defer wg.Done()
-			resBytes, err := hsh.HTTPGetToPod(podName, path)
-			if err != nil {
-				logger.L().Error("failed to get data", helpers.String("path", path), helpers.String("podName", podName), helpers.Error(err))
-			} else {
-				resLock.Lock()
-				defer resLock.Unlock()
-				hostSensorDataEnvelope := hostsensor.HostSensorDataEnvelope{}
-				hostSensorDataEnvelope.SetApiVersion(k8sinterface.JoinGroupVersion(hostsensor.GroupHostSensor, hostsensor.Version))
-				hostSensorDataEnvelope.SetKind(requestKind)
-				hostSensorDataEnvelope.SetName(podList[podName])
-				hostSensorDataEnvelope.SetData(resBytes)
-				res = append(res, hostSensorDataEnvelope)
-			}
 
-		}(podName, path)
-	}
-	wg.Wait()
+	res := make([]hostsensor.HostSensorDataEnvelope, 0, len(podList))
+	var wg sync.WaitGroup
+	// initialization of the channels
+	hsh.workerPool.init(len(podList))
+
+	hsh.workerPool.hostSensorApplyJobs(podList, path, requestKind)
+	hsh.workerPool.hostSensorGetResults(&res)
+	hsh.workerPool.createWorkerPool(hsh, &wg)
+	hsh.workerPool.waitForDone(&wg)
+
 	return res, nil
 }
 

core/pkg/hostsensorutils/hostsensorinterface.go

@@ -1,8 +1,8 @@
 package hostsensorutils
 
 import (
-	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
-	"github.com/armosec/opa-utils/reporthandling/apis"
+	"github.com/kubescape/opa-utils/objectsenvelopes/hostsensor"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
 )
 
 type IHostSensor interface {

core/pkg/hostsensorutils/hostsensormock.go

@@ -1,8 +1,8 @@
 package hostsensorutils
 
 import (
-	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
-	"github.com/armosec/opa-utils/reporthandling/apis"
+	"github.com/kubescape/opa-utils/objectsenvelopes/hostsensor"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
 )
 
 type HostSensorHandlerMock struct {

core/pkg/hostsensorutils/hostsensorworkerpool.go

@@ -0,0 +1,96 @@
+package hostsensorutils
+
+import (
+	"sync"
+
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/opa-utils/objectsenvelopes/hostsensor"
+)
+
+const noOfWorkers int = 10
+
+type job struct {
+	podName     string
+	nodeName    string
+	requestKind string
+	path        string
+}
+
+type workerPool struct {
+	jobs        chan job
+	results     chan hostsensor.HostSensorDataEnvelope
+	done        chan bool
+	noOfWorkers int
+}
+
+func NewWorkerPool() workerPool {
+	wp := workerPool{}
+	wp.noOfWorkers = noOfWorkers
+	wp.init()
+	return wp
+}
+
+func (wp *workerPool) init(noOfPods ...int) {
+	if noOfPods != nil && len(noOfPods) > 0 && noOfPods[0] < noOfWorkers {
+		wp.noOfWorkers = noOfPods[0]
+	}
+	// init the channels
+	wp.jobs = make(chan job, noOfWorkers)
+	wp.results = make(chan hostsensor.HostSensorDataEnvelope, noOfWorkers)
+	wp.done = make(chan bool)
+}
+
+// The worker takes a job out of the chan, executes the request, and pushes the result to the results chan
+func (wp *workerPool) hostSensorWorker(hsh *HostSensorHandler, wg *sync.WaitGroup) {
+	defer wg.Done()
+	for job := range wp.jobs {
+		hostSensorDataEnvelope, err := hsh.getResourcesFromPod(job.podName, job.nodeName, job.requestKind, job.path)
+		if err != nil {
+			logger.L().Error("failed to get data", helpers.String("path", job.path), helpers.String("podName", job.podName), helpers.Error(err))
+		} else {
+			wp.results <- hostSensorDataEnvelope
+		}
+	}
+}
+
+func (wp *workerPool) createWorkerPool(hsh *HostSensorHandler, wg *sync.WaitGroup) {
+	for i := 0; i < noOfWorkers; i++ {
+		wg.Add(1)
+		go wp.hostSensorWorker(hsh, wg)
+	}
+}
+
+func (wp *workerPool) waitForDone(wg *sync.WaitGroup) {
+	// Waiting for workers to finish
+	wg.Wait()
+	close(wp.results)
+
+	// Waiting for the results to be processed
+	<-wp.done
+}
+
+func (wp *workerPool) hostSensorGetResults(result *[]hostsensor.HostSensorDataEnvelope) {
+	go func() {
+		for res := range wp.results {
+			*result = append(*result, res)
+		}
+		wp.done <- true
+	}()
+}
+
+func (wp *workerPool) hostSensorApplyJobs(podList map[string]string, path, requestKind string) {
+	go func() {
+		for podName, nodeName := range podList {
+			job := job{
+				podName:     podName,
+				nodeName:    nodeName,
+				requestKind: requestKind,
+				path:        path,
+			}
+			wp.jobs <- job
+
+		}
+		close(wp.jobs)
+	}()
+}

core/pkg/hostsensorutils/utils.go

@@ -1,8 +1,8 @@
 package hostsensorutils
 
 import (
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/opa-utils/reporthandling/apis"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
 )
 
 var (

core/pkg/opaprocessor/processorhandler.go

@@ -7,18 +7,20 @@ import (
 
 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/pkg/score"
-	"github.com/armosec/opa-utils/objectsenvelopes"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/opa-utils/reporthandling/apis"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/resourcesresults"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/opa-utils/objectsenvelopes"
+	"github.com/kubescape/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
+	"github.com/kubescape/opa-utils/reporthandling/results/v1/resourcesresults"
+
 	"github.com/open-policy-agent/opa/storage"
 
-	"github.com/armosec/k8s-interface/workloadinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 
-	"github.com/armosec/opa-utils/resources"
+	reporthandlingv2 "github.com/kubescape/opa-utils/reporthandling/v2"
+	"github.com/kubescape/opa-utils/resources"
 	"github.com/open-policy-agent/opa/ast"
 	"github.com/open-policy-agent/opa/rego"
 )
@@ -62,7 +64,7 @@ func (opap *OPAProcessor) ProcessRulesListenner() error {
 }
 
 func (opap *OPAProcessor) Process(policies *cautils.Policies) error {
-	logger.L().Info("Scanning", helpers.String("cluster", cautils.ClusterName))
+	opap.loggerStartScanning()
 
 	cautils.StartSpinner()
 
@@ -89,11 +91,30 @@ func (opap *OPAProcessor) Process(policies *cautils.Policies) error {
 	opap.Report.ReportGenerationTime = time.Now().UTC()
 
 	cautils.StopSpinner()
-	logger.L().Success("Done scanning", helpers.String("cluster", cautils.ClusterName))
+
+	opap.loggerDoneScanning()
 
 	return errs
 }
 
+func (opap *OPAProcessor) loggerStartScanning() {
+	targetScan := opap.OPASessionObj.Metadata.ScanMetadata.ScanningTarget
+	if reporthandlingv2.Cluster == targetScan {
+		logger.L().Info("Scanning", helpers.String(targetScan.String(), cautils.ClusterName))
+	} else {
+		logger.L().Info("Scanning " + targetScan.String())
+	}
+}
+
+func (opap *OPAProcessor) loggerDoneScanning() {
+	targetScan := opap.OPASessionObj.Metadata.ScanMetadata.ScanningTarget
+	if reporthandlingv2.Cluster == targetScan {
+		logger.L().Success("Done scanning", helpers.String(targetScan.String(), cautils.ClusterName))
+	} else {
+		logger.L().Success("Done scanning " + targetScan.String())
+	}
+}
+
 func (opap *OPAProcessor) processControl(control *reporthandling.Control) (map[string]resourcesresults.ResourceAssociatedControl, error) {
 	var errs error
 

core/pkg/opaprocessor/processorhandler_test.go

@@ -6,56 +6,17 @@ import (
 	"github.com/armosec/armoapi-go/armotypes"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/mocks"
-	"github.com/armosec/opa-utils/objectsenvelopes"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/opa-utils/resources"
+	"github.com/kubescape/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/resources"
 	"github.com/stretchr/testify/assert"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/k8s-interface/workloadinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 	// _ "k8s.io/client-go/plugin/pkg/client/auth"
 )
 
 func NewOPAProcessorMock() *OPAProcessor {
 	return &OPAProcessor{}
 }
-func TestProcess(t *testing.T) {
-
-	// set k8s
-	k8sResources := make(cautils.K8SResources)
-	allResources := make(map[string]workloadinterface.IMetadata)
-	imetaObj := objectsenvelopes.ListMapToMeta(k8sinterface.ConvertUnstructuredSliceToMap(k8sinterface.V1KubeSystemNamespaceMock().Items))
-	for i := range imetaObj {
-		allResources[imetaObj[i].GetID()] = imetaObj[i]
-	}
-	k8sResources["/v1/pods"] = workloadinterface.ListMetaIDs(imetaObj)
-
-	// set opaSessionObj
-	opaSessionObj := cautils.NewOPASessionObjMock()
-	opaSessionObj.Policies = []reporthandling.Framework{*reporthandling.MockFrameworkA()}
-	policies := ConvertFrameworksToPolicies(opaSessionObj.Policies, "")
-
-	opaSessionObj.K8SResources = &k8sResources
-	opaSessionObj.AllResources = allResources
-
-	opap := NewOPAProcessor(opaSessionObj, resources.NewRegoDependenciesDataMock()) // ,
-	opap.Process(policies)
-	opap.updateResults()
-	for _, f := range opap.PostureReport.FrameworkReports {
-		for _, c := range f.ControlReports {
-			for _, r := range c.RuleReports {
-				for _, rr := range r.RuleResponses {
-					// t.Errorf("AlertMessage: %v", rr.AlertMessage)
-					if rr.Exception != nil {
-						t.Errorf("Exception: %v", rr.Exception)
-					}
-				}
-			}
-		}
-	}
-
-}
-
 func TestProcessResourcesResult(t *testing.T) {
 
 	// set k8s

core/pkg/opaprocessor/processorhandlerutils.go

@@ -2,14 +2,14 @@ package opaprocessor
 
 import (
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	logger "github.com/kubescape/go-logger"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/opa-utils/reporthandling/apis"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
-	resources "github.com/armosec/opa-utils/resources"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
+	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
+	resources "github.com/kubescape/opa-utils/resources"
 )
 
 // updateResults update the results objects and report objects. This is a critical function - DO NOT CHANGE
@@ -84,14 +84,14 @@ func isEmptyResources(counters reportsummary.ICounters) bool {
 	return counters.Failed() == 0 && counters.Excluded() == 0 && counters.Passed() == 0
 }
 
-func getAllSupportedObjects(k8sResources *cautils.K8SResources, armoResources *cautils.ArmoResources, allResources map[string]workloadinterface.IMetadata, rule *reporthandling.PolicyRule) []workloadinterface.IMetadata {
+func getAllSupportedObjects(k8sResources *cautils.K8SResources, ksResources *cautils.KSResources, allResources map[string]workloadinterface.IMetadata, rule *reporthandling.PolicyRule) []workloadinterface.IMetadata {
 	k8sObjects := []workloadinterface.IMetadata{}
 	k8sObjects = append(k8sObjects, getKubernetesObjects(k8sResources, allResources, rule.Match)...)
-	k8sObjects = append(k8sObjects, getArmoObjects(armoResources, allResources, rule.DynamicMatch)...)
+	k8sObjects = append(k8sObjects, getKSObjects(ksResources, allResources, rule.DynamicMatch)...)
 	return k8sObjects
 }
 
-func getArmoObjects(k8sResources *cautils.ArmoResources, allResources map[string]workloadinterface.IMetadata, match []reporthandling.RuleMatchObjects) []workloadinterface.IMetadata {
+func getKSObjects(k8sResources *cautils.KSResources, allResources map[string]workloadinterface.IMetadata, match []reporthandling.RuleMatchObjects) []workloadinterface.IMetadata {
 	k8sObjects := []workloadinterface.IMetadata{}
 
 	for m := range match {

core/pkg/opaprocessor/processorhandlerutils_test.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 
-	"github.com/armosec/k8s-interface/workloadinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 )
 
 func TestRemoveData(t *testing.T) {

core/pkg/opaprocessor/utils.go

@@ -2,8 +2,8 @@ package opaprocessor
 
 import (
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
+	"github.com/kubescape/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
 )
 
 // ConvertFrameworksToPolicies convert list of frameworks to list of policies

core/pkg/opaprocessor/utils_test.go

@@ -6,8 +6,8 @@ import (
 	"github.com/stretchr/testify/assert"
 
 	"github.com/armosec/kubescape/v2/core/mocks"
-	"github.com/armosec/opa-utils/reporthandling"
-	"github.com/armosec/opa-utils/reporthandling/results/v1/reportsummary"
+	"github.com/kubescape/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling/results/v1/reportsummary"
 )
 
 func TestConvertFrameworksToPolicies(t *testing.T) {

core/pkg/policyhandler/handlenotification.go

@@ -49,14 +49,14 @@ func (policyHandler *PolicyHandler) CollectResources(policyIdentifier []cautils.
 func (policyHandler *PolicyHandler) getResources(policyIdentifier []cautils.PolicyIdentifier, opaSessionObj *cautils.OPASessionObj, scanInfo *cautils.ScanInfo) error {
 	opaSessionObj.Report.ClusterAPIServerInfo = policyHandler.resourceHandler.GetClusterAPIServerInfo()
 
-	resourcesMap, allResources, armoResources, err := policyHandler.resourceHandler.GetResources(opaSessionObj, &policyIdentifier[0].Designators)
+	resourcesMap, allResources, ksResources, err := policyHandler.resourceHandler.GetResources(opaSessionObj, &policyIdentifier[0].Designators)
 	if err != nil {
 		return err
 	}
 
 	opaSessionObj.K8SResources = resourcesMap
 	opaSessionObj.AllResources = allResources
-	opaSessionObj.ArmoResource = armoResources
+	opaSessionObj.ArmoResource = ksResources
 
 	return nil
 }

core/pkg/policyhandler/handlepullpolicies.go

@@ -4,13 +4,13 @@ import (
 	"fmt"
 	"strings"
 
-	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/reporthandling"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 func (policyHandler *PolicyHandler) getPolicies(policyIdentifier []cautils.PolicyIdentifier, policiesAndResources *cautils.OPASessionObj) error {
@@ -33,6 +33,8 @@ func (policyHandler *PolicyHandler) getPolicies(policyIdentifier []cautils.Polic
 	exceptionPolicies, err := policyHandler.getters.ExceptionsGetter.GetExceptions(cautils.ClusterName)
 	if err == nil {
 		policiesAndResources.Exceptions = exceptionPolicies
+	} else {
+		logger.L().Error("failed to load exceptions", helpers.Error(err))
 	}
 
 	// get account configuration

core/pkg/policyhandler/handlepullpoliciesutils.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	apisv1 "github.com/armosec/opa-utils/httpserver/apis/v1"
+	apisv1 "github.com/kubescape/opa-utils/httpserver/apis/v1"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
 )

core/pkg/registryadaptors/README.md

@@ -7,7 +7,7 @@ For these controls to work properly, it is necessary to
 
 # Integrate With Armosec Server
 
-1. Navigate to the [armosec.io](https://portal.armo.cloud/)
+1. Navigate to the [armosec.io](https://cloud.armosec.io?utm_source=github&utm_medium=repository)
 2. Click Profile(top right icon)->"User Management"->"API Tokens" and Generate a token
 3. Copy the clientID and secretKey and run:
 ```

core/pkg/registryadaptors/armosec/v1/civksadaptor.go

@@ -5,28 +5,28 @@ import (
 	"fmt"
 
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/pkg/containerscan"
 	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
 )
 
-func NewArmoAdaptor(armoAPI *getter.ArmoAPI) *ArmoCivAdaptor {
-	return &ArmoCivAdaptor{
-		armoAPI: armoAPI,
+func NewKSAdaptor(api *getter.KSCloudAPI) *KSCivAdaptor {
+	return &KSCivAdaptor{
+		ksCloudAPI: api,
 	}
 }
 
-func (armoCivAdaptor *ArmoCivAdaptor) Login() error {
-	if armoCivAdaptor.armoAPI.IsLoggedIn() {
+func (ksCivAdaptor *KSCivAdaptor) Login() error {
+	if ksCivAdaptor.ksCloudAPI.IsLoggedIn() {
 		return nil
 	}
-	return armoCivAdaptor.armoAPI.Login()
+	return ksCivAdaptor.ksCloudAPI.Login()
 }
-func (armoCivAdaptor *ArmoCivAdaptor) GetImagesVulnerabilities(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageVulnerabilityReport, error) {
+func (ksCivAdaptor *KSCivAdaptor) GetImagesVulnerabilities(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageVulnerabilityReport, error) {
 	resultList := make([]registryvulnerabilities.ContainerImageVulnerabilityReport, 0)
 	for _, imageID := range imageIDs {
-		result, err := armoCivAdaptor.GetImageVulnerability(&imageID)
+		result, err := ksCivAdaptor.GetImageVulnerability(&imageID)
 		if err == nil {
 			resultList = append(resultList, *result)
 		} else {
@@ -36,9 +36,9 @@ func (armoCivAdaptor *ArmoCivAdaptor) GetImagesVulnerabilities(imageIDs []regist
 	return resultList, nil
 }
 
-func (armoCivAdaptor *ArmoCivAdaptor) GetImageVulnerability(imageID *registryvulnerabilities.ContainerImageIdentifier) (*registryvulnerabilities.ContainerImageVulnerabilityReport, error) {
+func (ksCivAdaptor *KSCivAdaptor) GetImageVulnerability(imageID *registryvulnerabilities.ContainerImageIdentifier) (*registryvulnerabilities.ContainerImageVulnerabilityReport, error) {
 	// First
-	containerScanId, err := armoCivAdaptor.getImageLastScanId(imageID)
+	containerScanId, err := ksCivAdaptor.getImageLastScanId(imageID)
 	if err != nil {
 		return nil, err
 	}
@@ -51,9 +51,9 @@ func (armoCivAdaptor *ArmoCivAdaptor) GetImageVulnerability(imageID *registryvul
 	pageNumber := 1
 	request := V2ListRequest{PageSize: &pageSize, PageNum: &pageNumber, InnerFilters: filter, OrderBy: "timestamp:desc"}
 	requestBody, _ := json.Marshal(request)
-	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsDetails?customerGUID=%s", armoCivAdaptor.armoAPI.GetApiURL(), armoCivAdaptor.armoAPI.GetAccountID())
+	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsDetails?customerGUID=%s", ksCivAdaptor.ksCloudAPI.GetApiURL(), ksCivAdaptor.ksCloudAPI.GetAccountID())
 
-	resp, err := armoCivAdaptor.armoAPI.Post(requestUrl, map[string]string{"Content-Type": "application/json"}, requestBody)
+	resp, err := ksCivAdaptor.ksCloudAPI.Post(requestUrl, map[string]string{"Content-Type": "application/json"}, requestBody)
 	if err != nil {
 		return nil, err
 	}
@@ -82,16 +82,16 @@ func (armoCivAdaptor *ArmoCivAdaptor) GetImageVulnerability(imageID *registryvul
 	return &resultImageVulnerabilityReport, nil
 }
 
-func (armoCivAdaptor *ArmoCivAdaptor) DescribeAdaptor() string {
-	return "armo image vulnerabilities scanner, docs: https://hub.armo.cloud/docs/cluster-vulnerability-scanning"
+func (ksCivAdaptor *KSCivAdaptor) DescribeAdaptor() string {
+	return "armo image vulnerabilities scanner, docs: https://hub.armosec.io/docs/configuration-of-image-vulnerabilities"
 }
 
-func (armoCivAdaptor *ArmoCivAdaptor) GetImagesInformation(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageInformation, error) {
+func (ksCivAdaptor *KSCivAdaptor) GetImagesInformation(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageInformation, error) {
 	// TODO
 	return []registryvulnerabilities.ContainerImageInformation{}, nil
 }
 
-func (armoCivAdaptor *ArmoCivAdaptor) GetImagesScanStatus(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageScanStatus, error) {
+func (ksCivAdaptor *KSCivAdaptor) GetImagesScanStatus(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageScanStatus, error) {
 	// TODO
 	return []registryvulnerabilities.ContainerImageScanStatus{}, nil
 }

core/pkg/registryadaptors/armosec/v1/civksadaptorutils.go

@@ -8,15 +8,15 @@ import (
 	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
 )
 
-func (armoCivAdaptor *ArmoCivAdaptor) getImageLastScanId(imageID *registryvulnerabilities.ContainerImageIdentifier) (string, error) {
+func (armoCivAdaptor *KSCivAdaptor) getImageLastScanId(imageID *registryvulnerabilities.ContainerImageIdentifier) (string, error) {
 	filter := []map[string]string{{"imageTag": imageID.Tag, "status": "Success"}}
 	pageSize := 1
 	pageNumber := 1
 	request := V2ListRequest{PageSize: &pageSize, PageNum: &pageNumber, InnerFilters: filter, OrderBy: "timestamp:desc"}
 	requestBody, _ := json.Marshal(request)
-	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsSumSummary?customerGUID=%s", armoCivAdaptor.armoAPI.GetApiURL(), armoCivAdaptor.armoAPI.GetAccountID())
+	requestUrl := fmt.Sprintf("https://%s/api/v1/vulnerability/scanResultsSumSummary?customerGUID=%s", armoCivAdaptor.ksCloudAPI.GetApiURL(), armoCivAdaptor.ksCloudAPI.GetAccountID())
 
-	resp, err := armoCivAdaptor.armoAPI.Post(requestUrl, map[string]string{"Content-Type": "application/json"}, requestBody)
+	resp, err := armoCivAdaptor.ksCloudAPI.Post(requestUrl, map[string]string{"Content-Type": "application/json"}, requestBody)
 	if err != nil {
 		return "", err
 	}

core/pkg/registryadaptors/armosec/v1/datastructures.go

@@ -30,6 +30,7 @@ type V2ListRequest struct {
 	FieldsList              []string          `json:"includeFields,omitempty"`
 	FieldsReverseKeywordMap map[string]string `json:"-,omitempty"`
 }
-type ArmoCivAdaptor struct {
-	armoAPI *getter.ArmoAPI
+
+type KSCivAdaptor struct {
+	ksCloudAPI *getter.KSCloudAPI
 }

core/pkg/resourcehandler/fieldselector.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"strings"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )
 

core/pkg/resourcehandler/fieldselector_test.go

@@ -3,7 +3,7 @@ package resourcehandler
 import (
 	"testing"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 	"github.com/stretchr/testify/assert"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 )

core/pkg/resourcehandler/filesloader.go

@@ -6,14 +6,14 @@ import (
 	"path/filepath"
 
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/k8s-interface/workloadinterface"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
 	"k8s.io/apimachinery/pkg/version"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 )
 
 // FileResourceHandler handle resources from files and URLs
@@ -30,7 +30,7 @@ func NewFileResourceHandler(inputPatterns []string, registryAdaptors *RegistryAd
 	}
 }
 
-func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASessionObj, designator *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.ArmoResources, error) {
+func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASessionObj, designator *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.KSResources, error) {
 
 	//
 	// build resources map
@@ -38,7 +38,7 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess
 	k8sResources := setK8sResourceMap(sessionObj.Policies)
 	allResources := map[string]workloadinterface.IMetadata{}
 	workloadIDToSource := make(map[string]reporthandling.Source, 0)
-	armoResources := &cautils.ArmoResources{}
+	ksResources := &cautils.KSResources{}
 
 	workloads := []workloadinterface.IMetadata{}
 
@@ -57,13 +57,14 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess
 
 	// Get repo root
 	repoRoot := ""
-	giRepo, err := cautils.NewLocalGitRepository(path)
-	if err == nil {
-		repoRoot, _ = giRepo.GetRootDir()
+	gitRepo, err := cautils.NewLocalGitRepository(path)
+	if err == nil && gitRepo != nil {
+		repoRoot, _ = gitRepo.GetRootDir()
 	}
 
 	// load resource from local file system
 	logger.L().Info("Accessing local objects")
+	cautils.StartSpinner()
 
 	sourceToWorkloads := cautils.LoadResourcesFromFiles(path, repoRoot)
 
@@ -75,19 +76,38 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess
 		if err == nil {
 			source = relSource
 		}
+
+		var filetype string
+		if cautils.IsYaml(source) {
+			filetype = reporthandling.SourceTypeYaml
+		} else if cautils.IsJson(source) {
+			filetype = reporthandling.SourceTypeJson
+		} else {
+			continue
+		}
+
+		var lastCommit reporthandling.LastCommit
+		if gitRepo != nil {
+			commitInfo, _ := gitRepo.GetFileLastCommit(source)
+			if commitInfo != nil {
+				lastCommit = reporthandling.LastCommit{
+					Hash:           commitInfo.SHA,
+					Date:           commitInfo.Author.Date,
+					CommitterName:  commitInfo.Author.Name,
+					CommitterEmail: commitInfo.Author.Email,
+					Message:        commitInfo.Message,
+				}
+			}
+		}
+
+		workloadSource := reporthandling.Source{
+			RelativePath: source,
+			FileType:     filetype,
+			LastCommit:   lastCommit,
+		}
+
 		for i := range ws {
-			var filetype string
-			if cautils.IsYaml(source) {
-				filetype = reporthandling.SourceTypeYaml
-			} else if cautils.IsJson(source) {
-				filetype = reporthandling.SourceTypeJson
-			} else {
-				continue
-			}
-			workloadIDToSource[ws[i].GetID()] = reporthandling.Source{
-				RelativePath: source,
-				FileType:     filetype,
-			}
+			workloadIDToSource[ws[i].GetID()] = workloadSource
 		}
 	}
 
@@ -96,20 +116,40 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess
 	}
 
 	// load resources from helm charts
-	helmSourceToWorkloads := cautils.LoadResourcesFromHelmCharts(path)
+	helmSourceToWorkloads, helmSourceToChartName := cautils.LoadResourcesFromHelmCharts(path)
 	for source, ws := range helmSourceToWorkloads {
 		workloads = append(workloads, ws...)
+		helmChartName := helmSourceToChartName[source]
 
 		relSource, err := filepath.Rel(repoRoot, source)
 		if err == nil {
 			source = relSource
 		}
-		for i := range ws {
-			workloadIDToSource[ws[i].GetID()] = reporthandling.Source{
-				RelativePath: source,
-				FileType:     reporthandling.SourceTypeHelmChart,
+
+		var lastCommit reporthandling.LastCommit
+		if gitRepo != nil {
+			commitInfo, _ := gitRepo.GetFileLastCommit(source)
+			if commitInfo != nil {
+				lastCommit = reporthandling.LastCommit{
+					Hash:           commitInfo.SHA,
+					Date:           commitInfo.Author.Date,
+					CommitterName:  commitInfo.Author.Name,
+					CommitterEmail: commitInfo.Author.Email,
+					Message:        commitInfo.Message,
+				}
 			}
 		}
+
+		workloadSource := reporthandling.Source{
+			RelativePath:  source,
+			FileType:      reporthandling.SourceTypeHelmChart,
+			HelmChartName: helmChartName,
+			LastCommit:    lastCommit,
+		}
+
+		for i := range ws {
+			workloadIDToSource[ws[i].GetID()] = workloadSource
+		}
 	}
 
 	if len(helmSourceToWorkloads) > 0 {
@@ -139,13 +179,14 @@ func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASess
 		}
 	}
 
-	if err := fileHandler.registryAdaptors.collectImagesVulnerabilities(k8sResources, allResources, armoResources); err != nil {
+	if err := fileHandler.registryAdaptors.collectImagesVulnerabilities(k8sResources, allResources, ksResources); err != nil {
 		logger.L().Warning("failed to collect images vulnerabilities", helpers.Error(err))
 	}
 
+	cautils.StopSpinner()
 	logger.L().Success("Accessed to local objects")
 
-	return k8sResources, allResources, armoResources, nil
+	return k8sResources, allResources, ksResources, nil
 }
 
 func (fileHandler *FileResourceHandler) GetClusterAPIServerInfo() *version.Info {

core/pkg/resourcehandler/filesloaderutils.go

@@ -5,12 +5,12 @@ import (
 	"path/filepath"
 
 	giturl "github.com/armosec/go-git-url"
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/reporthandling"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
 )
 
 // Clone git repository
@@ -65,7 +65,7 @@ func mapResources(workloads []workloadinterface.IMetadata) map[string][]workload
 
 func addCommitData(input string, workloadIDToSource map[string]reporthandling.Source) {
 	giRepo, err := cautils.NewLocalGitRepository(input)
-	if err != nil {
+	if err != nil || giRepo == nil {
 		return
 	}
 	for k := range workloadIDToSource {

core/pkg/resourcehandler/k8sresources.go

@@ -6,15 +6,15 @@ import (
 	"strings"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
 	"github.com/armosec/kubescape/v2/core/pkg/hostsensorutils"
-	"github.com/armosec/opa-utils/objectsenvelopes"
-	"github.com/armosec/opa-utils/reporthandling/apis"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/opa-utils/objectsenvelopes"
+	"github.com/kubescape/opa-utils/reporthandling/apis"
 
-	"github.com/armosec/k8s-interface/cloudsupport"
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/k8s-interface/workloadinterface"
+	"github.com/kubescape/k8s-interface/cloudsupport"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 
 	"github.com/armosec/armoapi-go/armotypes"
 
@@ -45,7 +45,7 @@ func NewK8sResourceHandler(k8s *k8sinterface.KubernetesApi, fieldSelector IField
 	}
 }
 
-func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessionObj, designator *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.ArmoResources, error) {
+func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessionObj, designator *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.KSResources, error) {
 	allResources := map[string]workloadinterface.IMetadata{}
 
 	// get k8s resources
@@ -61,14 +61,14 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 	_, namespace, labels := armotypes.DigestPortalDesignator(designator)
 
 	// pull k8s recourses
-	armoResourceMap := setArmoResourceMap(sessionObj.Policies, resourceToControl)
+	ksResourceMap := setKSResourceMap(sessionObj.Policies, resourceToControl)
 
-	// map of armo resources to control_ids
+	// map of Kubescape resources to control_ids
 	sessionObj.ResourceToControlsMap = resourceToControl
 
 	if err := k8sHandler.pullResources(k8sResourcesMap, allResources, namespace, labels); err != nil {
 		cautils.StopSpinner()
-		return k8sResourcesMap, allResources, armoResourceMap, err
+		return k8sResourcesMap, allResources, ksResourceMap, err
 	}
 
 	numberOfWorkerNodes, err := k8sHandler.pullWorkerNodesNumber()
@@ -81,24 +81,24 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 		}
 	}
 
-	imgVulnResources := cautils.MapImageVulnResources(armoResourceMap)
+	imgVulnResources := cautils.MapImageVulnResources(ksResourceMap)
 	// check that controls use image vulnerability resources
 	if len(imgVulnResources) > 0 {
-		if err := k8sHandler.registryAdaptors.collectImagesVulnerabilities(k8sResourcesMap, allResources, armoResourceMap); err != nil {
+		if err := k8sHandler.registryAdaptors.collectImagesVulnerabilities(k8sResourcesMap, allResources, ksResourceMap); err != nil {
 			logger.L().Warning("failed to collect image vulnerabilities", helpers.Error(err))
-			cautils.SetInfoMapForResources(fmt.Sprintf("failed to pull image scanning data: %s", err.Error()), imgVulnResources, sessionObj.InfoMap)
+			cautils.SetInfoMapForResources(fmt.Sprintf("failed to pull image scanning data: %s. for more information: https://hub.armosec.io/docs/configuration-of-image-vulnerabilities", err.Error()), imgVulnResources, sessionObj.InfoMap)
 		} else {
-			if isEmptyImgVulns(*armoResourceMap) {
-				cautils.SetInfoMapForResources("image scanning is not configured. for more information: https://hub.armo.cloud/docs/cluster-vulnerability-scanning", imgVulnResources, sessionObj.InfoMap)
+			if isEmptyImgVulns(*ksResourceMap) {
+				cautils.SetInfoMapForResources("image scanning is not configured. for more information: https://hub.armosec.io/docs/configuration-of-image-vulnerabilities", imgVulnResources, sessionObj.InfoMap)
 			}
 		}
 	}
 
-	hostResources := cautils.MapHostResources(armoResourceMap)
+	hostResources := cautils.MapHostResources(ksResourceMap)
 	// check that controls use host sensor resources
 	if len(hostResources) > 0 {
 		if sessionObj.Metadata.ScanMetadata.HostScanner {
-			infoMap, err := k8sHandler.collectHostResources(allResources, armoResourceMap)
+			infoMap, err := k8sHandler.collectHostResources(allResources, ksResourceMap)
 			if err != nil {
 				logger.L().Warning("failed to collect host scanner resources", helpers.Error(err))
 				cautils.SetInfoMapForResources(err.Error(), hostResources, sessionObj.InfoMap)
@@ -109,7 +109,7 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 				sessionObj.InfoMap = infoMap
 			}
 		} else {
-			cautils.SetInfoMapForResources("enable-host-scan flag not used. For more information:  https://hub.armo.cloud/docs/host-sensor", hostResources, sessionObj.InfoMap)
+			cautils.SetInfoMapForResources("enable-host-scan flag not used. For more information: https://hub.armosec.io/docs/host-sensor", hostResources, sessionObj.InfoMap)
 		}
 	}
 
@@ -117,10 +117,10 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 		logger.L().Warning("failed to collect rbac resources", helpers.Error(err))
 	}
 
-	cloudResources := cautils.MapCloudResources(armoResourceMap)
+	cloudResources := cautils.MapCloudResources(ksResourceMap)
 	// check that controls use cloud resources
 	if len(cloudResources) > 0 {
-		provider, err := getCloudProviderDescription(allResources, armoResourceMap)
+		provider, err := getCloudProviderDescription(allResources, ksResourceMap)
 		if err != nil {
 			cautils.SetInfoMapForResources(err.Error(), cloudResources, sessionObj.InfoMap)
 			logger.L().Warning("failed to collect cloud data", helpers.Error(err))
@@ -135,7 +135,7 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 	cautils.StopSpinner()
 	logger.L().Success("Accessed to Kubernetes objects")
 
-	return k8sResourcesMap, allResources, armoResourceMap, nil
+	return k8sResourcesMap, allResources, ksResourceMap, nil
 }
 
 func (k8sHandler *K8sResourceHandler) GetClusterAPIServerInfo() *version.Info {
@@ -220,19 +220,7 @@ func ConvertMapListToMeta(resourceMap []map[string]interface{}) []workloadinterf
 	return workloads
 }
 
-// func (k8sHandler *K8sResourceHandler) collectHostResourcesAPI(allResources map[string]workloadinterface.IMetadata, resourcesMap *cautils.K8SResources) error {
-
-// 	HostSensorAPI := map[string]string{
-// 		"bla/v1": "",
-// 	}
-// 	for apiVersion := range allResources {
-// 		if HostSensorAPI == apiVersion {
-// 			k8sHandler.collectHostResources()
-// 		}
-// 	}
-// 	return nil
-// }
-func (k8sHandler *K8sResourceHandler) collectHostResources(allResources map[string]workloadinterface.IMetadata, armoResourceMap *cautils.ArmoResources) (map[string]apis.StatusInfo, error) {
+func (k8sHandler *K8sResourceHandler) collectHostResources(allResources map[string]workloadinterface.IMetadata, ksResourceMap *cautils.KSResources) (map[string]apis.StatusInfo, error) {
 	logger.L().Debug("Collecting host scanner resources")
 	hostResources, infoMap, err := k8sHandler.hostSensorHandler.CollectResources()
 	if err != nil {
@@ -244,11 +232,11 @@ func (k8sHandler *K8sResourceHandler) collectHostResources(allResources map[stri
 		groupResource := k8sinterface.JoinResourceTriplets(group, version, hostResources[rscIdx].GetKind())
 		allResources[hostResources[rscIdx].GetID()] = &hostResources[rscIdx]
 
-		grpResourceList, ok := (*armoResourceMap)[groupResource]
+		grpResourceList, ok := (*ksResourceMap)[groupResource]
 		if !ok {
 			grpResourceList = make([]string, 0)
 		}
-		(*armoResourceMap)[groupResource] = append(grpResourceList, hostResources[rscIdx].GetID())
+		(*ksResourceMap)[groupResource] = append(grpResourceList, hostResources[rscIdx].GetID())
 	}
 	return infoMap, nil
 }
@@ -269,7 +257,7 @@ func (k8sHandler *K8sResourceHandler) collectRbacResources(allResources map[stri
 	return nil
 }
 
-func getCloudProviderDescription(allResources map[string]workloadinterface.IMetadata, armoResourceMap *cautils.ArmoResources) (string, error) {
+func getCloudProviderDescription(allResources map[string]workloadinterface.IMetadata, ksResourceMap *cautils.KSResources) (string, error) {
 	logger.L().Debug("Collecting cloud data")
 
 	clusterName := cautils.ClusterName
@@ -283,10 +271,10 @@ func getCloudProviderDescription(allResources map[string]workloadinterface.IMeta
 		if err != nil {
 			// Return error with useful info on how to configure credentials for getting cloud provider info
 			logger.L().Debug("failed to get descriptive information", helpers.Error(err))
-			return provider, fmt.Errorf("failed to get %s descriptive information. Read more: https://hub.armo.cloud/docs/kubescape-integration-with-cloud-providers", strings.ToUpper(provider))
+			return provider, fmt.Errorf("failed to get %s descriptive information. Read more: https://hub.armosec.io/docs/kubescape-integration-with-cloud-providers", strings.ToUpper(provider))
 		}
 		allResources[wl.GetID()] = wl
-		(*armoResourceMap)[fmt.Sprintf("%s/%s", wl.GetApiVersion(), wl.GetKind())] = []string{wl.GetID()}
+		(*ksResourceMap)[fmt.Sprintf("%s/%s", wl.GetApiVersion(), wl.GetKind())] = []string{wl.GetID()}
 	}
 	return provider, nil
 

core/pkg/resourcehandler/k8sresourcesutils.go

@@ -4,10 +4,10 @@ import (
 	"strings"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/opa-utils/reporthandling"
 	"k8s.io/utils/strings/slices"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/k8sinterface"
 )
 
 var (
@@ -40,10 +40,10 @@ var (
 		ClusterDescribe: {"container.googleapis.com/v1", "eks.amazonaws.com/v1", "management.azure.com/v1"}}
 )
 
-func isEmptyImgVulns(armoResourcesMap cautils.ArmoResources) bool {
-	imgVulnResources := cautils.MapImageVulnResources(&armoResourcesMap)
+func isEmptyImgVulns(ksResourcesMap cautils.KSResources) bool {
+	imgVulnResources := cautils.MapImageVulnResources(&ksResourcesMap)
 	for _, resource := range imgVulnResources {
-		if val, ok := armoResourcesMap[resource]; ok {
+		if val, ok := ksResourcesMap[resource]; ok {
 			if len(val) > 0 {
 				return false
 			}
@@ -68,20 +68,20 @@ func setK8sResourceMap(frameworks []reporthandling.Framework) *cautils.K8SResour
 	return &k8sResources
 }
 
-func setArmoResourceMap(frameworks []reporthandling.Framework, resourceToControl map[string][]string) *cautils.ArmoResources {
-	armoResources := make(cautils.ArmoResources)
-	complexMap := setComplexArmoResourceMap(frameworks, resourceToControl)
+func setKSResourceMap(frameworks []reporthandling.Framework, resourceToControl map[string][]string) *cautils.KSResources {
+	ksResources := make(cautils.KSResources)
+	complexMap := setComplexKSResourceMap(frameworks, resourceToControl)
 	for group := range complexMap {
 		for version := range complexMap[group] {
 			for resource := range complexMap[group][version] {
 				groupResources := k8sinterface.ResourceGroupToString(group, version, resource)
 				for _, groupResource := range groupResources {
-					armoResources[groupResource] = nil
+					ksResources[groupResource] = nil
 				}
 			}
 		}
 	}
-	return &armoResources
+	return &ksResources
 }
 
 func setComplexK8sResourceMap(frameworks []reporthandling.Framework) map[string]map[string]map[string]interface{} {
@@ -99,13 +99,13 @@ func setComplexK8sResourceMap(frameworks []reporthandling.Framework) map[string]
 }
 
 // [group][versionn][resource]
-func setComplexArmoResourceMap(frameworks []reporthandling.Framework, resourceToControls map[string][]string) map[string]map[string]map[string]interface{} {
+func setComplexKSResourceMap(frameworks []reporthandling.Framework, resourceToControls map[string][]string) map[string]map[string]map[string]interface{} {
 	k8sResources := make(map[string]map[string]map[string]interface{})
 	for _, framework := range frameworks {
 		for _, control := range framework.Controls {
 			for _, rule := range control.Rules {
 				for _, match := range rule.DynamicMatch {
-					insertArmoResourcesAndControls(k8sResources, match, resourceToControls, control)
+					insertKSResourcesAndControls(k8sResources, match, resourceToControls, control)
 				}
 			}
 		}
@@ -113,7 +113,7 @@ func setComplexArmoResourceMap(frameworks []reporthandling.Framework, resourceTo
 	return k8sResources
 }
 
-func mapArmoResourceToApiGroup(resource string) []string {
+func mapKSResourceToApiGroup(resource string) []string {
 	if val, ok := MapResourceToApiGroup[resource]; ok {
 		return []string{val}
 	}
@@ -127,9 +127,9 @@ func mapArmoResourceToApiGroup(resource string) []string {
 }
 
 func insertControls(resource string, resourceToControl map[string][]string, control reporthandling.Control) {
-	armoResources := mapArmoResourceToApiGroup(resource)
-	for _, armoResource := range armoResources {
-		group, version := k8sinterface.SplitApiVersion(armoResource)
+	ksResources := mapKSResourceToApiGroup(resource)
+	for _, ksResource := range ksResources {
+		group, version := k8sinterface.SplitApiVersion(ksResource)
 		r := k8sinterface.JoinResourceTriplets(group, version, resource)
 		if _, ok := resourceToControl[r]; !ok {
 			resourceToControl[r] = append(resourceToControl[r], control.ControlID)
@@ -159,7 +159,7 @@ func insertResources(k8sResources map[string]map[string]map[string]interface{},
 	}
 }
 
-func insertArmoResourcesAndControls(k8sResources map[string]map[string]map[string]interface{}, match reporthandling.RuleMatchObjects, resourceToControl map[string][]string, control reporthandling.Control) {
+func insertKSResourcesAndControls(k8sResources map[string]map[string]map[string]interface{}, match reporthandling.RuleMatchObjects, resourceToControl map[string][]string, control reporthandling.Control) {
 	for _, apiGroup := range match.APIGroups {
 		if v, ok := k8sResources[apiGroup]; !ok || v == nil {
 			k8sResources[apiGroup] = make(map[string]map[string]interface{})

core/pkg/resourcehandler/k8sresourcesutils_test.go

@@ -1,9 +1,9 @@
 package resourcehandler
 
 import (
-	"github.com/armosec/k8s-interface/k8sinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/opa-utils/reporthandling"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/opa-utils/reporthandling"
 	"github.com/stretchr/testify/assert"
 
 	"testing"
@@ -27,16 +27,16 @@ func TestSetResourceMap(t *testing.T) {
 
 }
 func TestSsEmptyImgVulns(t *testing.T) {
-	armoResourcesMap := make(cautils.ArmoResources, 0)
-	armoResourcesMap["container.googleapis.com/v1"] = []string{"fsdfds"}
-	assert.Equal(t, true, isEmptyImgVulns(armoResourcesMap))
+	ksResourcesMap := make(cautils.KSResources, 0)
+	ksResourcesMap["container.googleapis.com/v1"] = []string{"fsdfds"}
+	assert.Equal(t, true, isEmptyImgVulns(ksResourcesMap))
 
-	armoResourcesMap["armo.vuln.images/v1/ImageVulnerabilities"] = []string{"dada"}
-	assert.Equal(t, false, isEmptyImgVulns(armoResourcesMap))
+	ksResourcesMap["armo.vuln.images/v1/ImageVulnerabilities"] = []string{"dada"}
+	assert.Equal(t, false, isEmptyImgVulns(ksResourcesMap))
 
-	armoResourcesMap["armo.vuln.images/v1/ImageVulnerabilities"] = []string{}
-	armoResourcesMap["bla"] = []string{"blu"}
-	assert.Equal(t, true, isEmptyImgVulns(armoResourcesMap))
+	ksResourcesMap["armo.vuln.images/v1/ImageVulnerabilities"] = []string{}
+	ksResourcesMap["bla"] = []string{"blu"}
+	assert.Equal(t, true, isEmptyImgVulns(ksResourcesMap))
 }
 
 func TestInsertK8sResources(t *testing.T) {

core/pkg/resourcehandler/registrydata.go

@@ -3,15 +3,15 @@ package resourcehandler
 import (
 	"fmt"
 
-	"github.com/armosec/k8s-interface/k8sinterface"
-	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
 	"github.com/armosec/kubescape/v2/core/cautils/getter"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
 	armosecadaptorv1 "github.com/armosec/kubescape/v2/core/pkg/registryadaptors/armosec/v1"
 	"github.com/armosec/kubescape/v2/core/pkg/registryadaptors/registryvulnerabilities"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/k8s-interface/k8sinterface"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 
-	"github.com/armosec/opa-utils/shared"
+	"github.com/kubescape/opa-utils/shared"
 )
 
 const (
@@ -35,9 +35,19 @@ func NewRegistryAdaptors() (*RegistryAdaptors, error) {
 	return registryAdaptors, nil
 }
 
-func (registryAdaptors *RegistryAdaptors) collectImagesVulnerabilities(k8sResourcesMap *cautils.K8SResources, allResources map[string]workloadinterface.IMetadata, armoResourceMap *cautils.ArmoResources) error {
+func (registryAdaptors *RegistryAdaptors) collectImagesVulnerabilities(k8sResourcesMap *cautils.K8SResources, allResources map[string]workloadinterface.IMetadata, ksResourceMap *cautils.KSResources) error {
 	logger.L().Debug("Collecting images vulnerabilities")
 
+	if len(registryAdaptors.adaptors) == 0 {
+		return fmt.Errorf("credentials are not configured for any registry adaptor")
+	}
+
+	for i := range registryAdaptors.adaptors { // login and and get vulnerabilities
+		if err := registryAdaptors.adaptors[i].Login(); err != nil {
+			return fmt.Errorf("failed to login, adaptor: '%s', reason: '%s'", registryAdaptors.adaptors[i].DescribeAdaptor(), err.Error())
+		}
+	}
+
 	// list cluster images
 	images := listImagesTags(k8sResourcesMap, allResources)
 	imagesIdentifiers := imageTagsToContainerImageIdentifier(images)
@@ -45,11 +55,6 @@ func (registryAdaptors *RegistryAdaptors) collectImagesVulnerabilities(k8sResour
 	imagesVulnerability := map[string][]registryvulnerabilities.Vulnerability{}
 	for i := range registryAdaptors.adaptors { // login and and get vulnerabilities
 
-		if err := registryAdaptors.adaptors[i].Login(); err != nil {
-			if err != nil {
-				return fmt.Errorf("failed to login, adaptor: '%s', reason: '%s'", registryAdaptors.adaptors[i].DescribeAdaptor(), err.Error())
-			}
-		}
 		vulnerabilities, err := registryAdaptors.adaptors[i].GetImagesVulnerabilities(imagesIdentifiers)
 		if err != nil {
 			return err
@@ -62,11 +67,15 @@ func (registryAdaptors *RegistryAdaptors) collectImagesVulnerabilities(k8sResour
 	// convert result to IMetadata object
 	metaObjs := vulnerabilitiesToIMetadata(imagesVulnerability)
 
+	if len(metaObjs) == 0 {
+		return fmt.Errorf("no vulnerabilities found for any of the images")
+	}
+
 	// save in resources map
 	for i := range metaObjs {
 		allResources[metaObjs[i].GetID()] = metaObjs[i]
 	}
-	(*armoResourceMap)[k8sinterface.JoinResourceTriplets(ImagevulnerabilitiesObjectGroup, ImagevulnerabilitiesObjectVersion, ImagevulnerabilitiesObjectKind)] = workloadinterface.ListMetaIDs(metaObjs)
+	(*ksResourceMap)[k8sinterface.JoinResourceTriplets(ImagevulnerabilitiesObjectGroup, ImagevulnerabilitiesObjectVersion, ImagevulnerabilitiesObjectKind)] = workloadinterface.ListMetaIDs(metaObjs)
 
 	return nil
 }
@@ -142,10 +151,10 @@ func listAdaptores() ([]registryvulnerabilities.IContainerImageVulnerabilityAdap
 
 	adaptors := []registryvulnerabilities.IContainerImageVulnerabilityAdaptor{}
 
-	armoAPI := getter.GetArmoAPIConnector()
-	if armoAPI != nil {
-		if armoAPI.GetSecretKey() != "" && armoAPI.GetClientID() != "" && armoAPI.GetAccountID() != "" {
-			adaptors = append(adaptors, armosecadaptorv1.NewArmoAdaptor(getter.GetArmoAPIConnector()))
+	ksCloudAPI := getter.GetKSCloudAPIConnector()
+	if ksCloudAPI != nil {
+		if ksCloudAPI.GetSecretKey() != "" && ksCloudAPI.GetClientID() != "" && ksCloudAPI.GetAccountID() != "" {
+			adaptors = append(adaptors, armosecadaptorv1.NewKSAdaptor(getter.GetKSCloudAPIConnector()))
 		}
 	}
 

core/pkg/resourcehandler/resourceshandler.go

@@ -2,12 +2,12 @@ package resourcehandler
 
 import (
 	"github.com/armosec/armoapi-go/armotypes"
-	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 	"k8s.io/apimachinery/pkg/version"
 )
 
 type IResourceHandler interface {
-	GetResources(*cautils.OPASessionObj, *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.ArmoResources, error)
+	GetResources(*cautils.OPASessionObj, *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.KSResources, error)
 	GetClusterAPIServerInfo() *version.Info
 }

core/pkg/resourcehandler/urlloader.go

@@ -2,10 +2,10 @@ package resourcehandler
 
 import (
 	giturl "github.com/armosec/go-git-url"
-	"github.com/armosec/k8s-interface/workloadinterface"
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
+	logger "github.com/kubescape/go-logger"
+	"github.com/kubescape/go-logger/helpers"
+	"github.com/kubescape/k8s-interface/workloadinterface"
 )
 
 func loadResourcesFromUrl(inputPatterns []string) (map[string][]workloadinterface.IMetadata, error) {

core/pkg/resultshandling/printer/printresults.go

@@ -6,7 +6,7 @@ import (
 	"path/filepath"
 
 	"github.com/armosec/kubescape/v2/core/cautils"
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
+	logger "github.com/kubescape/go-logger"
 )
 
 var INDENT = "   "