Merge pull request #558 from armosec/dev

Support helm chart scanning and reporting

cmd/delete/delete.go

@@ -25,8 +25,8 @@ func GetDeleteCmd(ks meta.IKubescape) *cobra.Command {
 		},
 	}
 	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
-	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	deleteCmd.PersistentFlags().StringVarP(&deleteInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 
 	deleteCmd.AddCommand(getExceptionsCmd(ks, &deleteInfo))
 

cmd/download/download.go

@@ -74,8 +74,8 @@ func GeDownloadCmd(ks meta.IKubescape) *cobra.Command {
 	}
 
 	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
-	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	downloadCmd.PersistentFlags().StringVarP(&downloadInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 	downloadCmd.Flags().StringVarP(&downloadInfo.Path, "output", "o", "", "Output file. If not specified, will save in `~/.kubescape/<policy name>.json`")
 
 	return downloadCmd

cmd/list/list.go

@@ -27,7 +27,7 @@ var (
   kubescape list controls --id 
   
   Control documentation:
-  https://hub.armosec.io/docs/controls
+  https://hub.armo.cloud/docs/controls
 `
 )
 
@@ -60,8 +60,8 @@ func GetListCmd(ks meta.IKubescape) *cobra.Command {
 		},
 	}
 	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
-	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 	listCmd.PersistentFlags().StringVar(&listPolicies.Format, "format", "pretty-print", "output format. supported: 'pretty-printer'/'json'")
 	listCmd.PersistentFlags().BoolVarP(&listPolicies.ListIDs, "id", "", false, "List control ID's instead of controls names")
 

cmd/root.go

@@ -48,7 +48,7 @@ func getRootCmd(ks meta.IKubescape) *cobra.Command {
 	rootCmd := &cobra.Command{
 		Use:     "kubescape",
 		Version: cautils.BuildNumber,
-		Short:   "Kubescape is a tool for testing Kubernetes security posture. Docs: https://hub.armosec.io/docs",
+		Short:   "Kubescape is a tool for testing Kubernetes security posture. Docs: https://hub.armo.cloud/docs",
 		Example: ksExamples,
 	}
 

cmd/scan/control.go

@@ -30,7 +30,7 @@ var (
   Run 'kubescape list controls' for the list of supported controls
   
   Control documentation:
-  https://hub.armosec.io/docs/controls
+  https://hub.armo.cloud/docs/controls
 `
 )
 

cmd/scan/scan.go

@@ -64,8 +64,8 @@ func GetScanCommand(ks meta.IKubescape) *cobra.Command {
 	}
 
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
-	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	scanCmd.PersistentFlags().StringVarP(&scanInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 	scanCmd.PersistentFlags().StringVarP(&scanInfo.KubeContext, "kube-context", "", "", "Kube context. Default will use the current-context")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.ControlsInputs, "controls-config", "", "Path to an controls-config obj. If not set will download controls-config from ARMO management portal")
 	scanCmd.PersistentFlags().StringVar(&scanInfo.UseExceptions, "exceptions", "", "Path to an exceptions obj. If not set will download exceptions from ARMO management portal")

cmd/submit/submit.go

@@ -21,8 +21,8 @@ func GetSubmitCmd(ks meta.IKubescape) *cobra.Command {
 		},
 	}
 	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
-	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
-	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armo.cloud/docs/authentication")
+	submitCmd.PersistentFlags().StringVarP(&submitInfo.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armo.cloud/docs/authentication")
 
 	submitCmd.AddCommand(getExceptionsCmd(ks, &submitInfo))
 	submitCmd.AddCommand(getResultsCmd(ks, &submitInfo))

core/cautils/datastructures.go

@@ -62,11 +62,6 @@ func NewOPASessionObjMock() *OPASessionObj {
 			ReportID:     "",
 			JobID:        "",
 		},
-		Metadata: &reporthandlingv2.Metadata{
-			ScanMetadata: reporthandlingv2.ScanMetadata{
-				ScanningTarget: 0,
-			},
-		},
 	}
 }
 

core/cautils/getter/armoapi.go

@@ -23,19 +23,19 @@ var (
 	// ATTENTION!!!
 	// Changes in this URLs variable names, or in the usage is affecting the build process! BE CAREFUL
 	armoERURL   = "report.armo.cloud"
-	armoBEURL   = "api.armosec.io"
-	armoFEURL   = "cloud.armosec.io"
-	armoAUTHURL = "auth.armosec.io"
+	armoBEURL   = "api.armo.cloud"
+	armoFEURL   = "portal.armo.cloud"
+	armoAUTHURL = "auth.armo.cloud"
 
 	armoStageERURL   = "report-ks.eustage2.cyberarmorsoft.com"
-	armoStageBEURL   = "api-stage.armosec.io"
-	armoStageFEURL   = "armoui-stage.armosec.io"
-	armoStageAUTHURL = "eggauth-stage.armosec.io"
+	armoStageBEURL   = "api-stage.armo.cloud"
+	armoStageFEURL   = "armoui.eustage2.cyberarmorsoft.com"
+	armoStageAUTHURL = "eggauth.eustage2.cyberarmorsoft.com"
 
 	armoDevERURL   = "report.eudev3.cyberarmorsoft.com"
-	armoDevBEURL   = "api-dev.armosec.io"
+	armoDevBEURL   = "api-dev.armo.cloud"
 	armoDevFEURL   = "cloud-dev.armosec.io"
-	armoDevAUTHURL = "eggauth-dev.armosec.io"
+	armoDevAUTHURL = "eggauth.eudev3.cyberarmorsoft.com"
 )
 
 // Armo API for downloading policies

core/cautils/scaninfo.go

@@ -266,23 +266,10 @@ func scanInfoToScanMetadata(scanInfo *ScanInfo) *reporthandlingv2.Metadata {
 	if len(scanInfo.InputPatterns) > 0 {
 		inputFiles = scanInfo.InputPatterns[0]
 	}
-	switch GetScanningContext(inputFiles) {
-	case ContextCluster:
-		// cluster
-		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Cluster
-	case ContextFile:
-		// local file
-		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.File
-	case ContextGitURL:
-		// url
-		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Repo
-	case ContextGitLocal:
-		// local-git
-		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.GitLocal
-	case ContextDir:
-		// directory
-		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Directory
 
+	metadata.ScanMetadata.ScanningTarget = reporthandlingv2.Cluster
+	if GetScanningContext(inputFiles) != ContextCluster {
+		metadata.ScanMetadata.ScanningTarget = reporthandlingv2.File
 	}
 
 	setContextMetadata(&metadata.ContextMetadata, inputFiles)

core/pkg/hostsensorutils/hostsensordeploy.go

@@ -35,7 +35,6 @@ type HostSensorHandler struct {
 	DaemonSet                     *appsv1.DaemonSet
 	podListLock                   sync.RWMutex
 	gracePeriod                   int64
-	workerPool                    workerPool
 }
 
 func NewHostSensorHandler(k8sObj *k8sinterface.KubernetesApi, hostSensorYAMLFile string) (*HostSensorHandler, error) {
@@ -55,7 +54,6 @@ func NewHostSensorHandler(k8sObj *k8sinterface.KubernetesApi, hostSensorYAMLFile
 		HostSensorPodNames:            map[string]string{},
 		HostSensorUnscheduledPodNames: map[string]string{},
 		gracePeriod:                   int64(15),
-		workerPool:                    NewWorkerPool(),
 	}
 	// Don't deploy on cluster with no nodes. Some cloud providers prevents termination of K8s objects for cluster with no nodes!!!
 	if nodeList, err := k8sObj.KubernetesClient.CoreV1().Nodes().List(k8sObj.Context, metav1.ListOptions{}); err != nil || len(nodeList.Items) == 0 {

core/pkg/hostsensorutils/hostsensorgetfrompod.go

@@ -32,23 +32,7 @@ func (hsh *HostSensorHandler) HTTPGetToPod(podName, path string) ([]byte, error)
 
 	restProxy := hsh.k8sObj.KubernetesClient.CoreV1().Pods(hsh.DaemonSet.Namespace).ProxyGet("http", podName, fmt.Sprintf("%d", hsh.HostSensorPort), path, map[string]string{})
 	return restProxy.DoRaw(hsh.k8sObj.Context)
-}
 
-func (hsh *HostSensorHandler) getResourcesFromPod(podName, nodeName, resourceKind, path string) (hostsensor.HostSensorDataEnvelope, error) {
-	//  send the request and pack the response as an hostSensorDataEnvelope
-
-	resBytes, err := hsh.HTTPGetToPod(podName, path)
-	if err != nil {
-		return hostsensor.HostSensorDataEnvelope{}, err
-	}
-
-	hostSensorDataEnvelope := hostsensor.HostSensorDataEnvelope{}
-	hostSensorDataEnvelope.SetApiVersion(k8sinterface.JoinGroupVersion(hostsensor.GroupHostSensor, hostsensor.Version))
-	hostSensorDataEnvelope.SetKind(resourceKind)
-	hostSensorDataEnvelope.SetName(nodeName)
-	hostSensorDataEnvelope.SetData(resBytes)
-
-	return hostSensorDataEnvelope, nil
 }
 
 func (hsh *HostSensorHandler) ForwardToPod(podName, path string) ([]byte, error) {
@@ -75,26 +59,35 @@ func (hsh *HostSensorHandler) ForwardToPod(podName, path string) ([]byte, error)
 
 // sendAllPodsHTTPGETRequest fills the raw byte response in the envelope and the node name, but not the GroupVersionKind
 // so the caller is responsible to convert the raw data to some structured data and add the GroupVersionKind details
-//
-// The function produces a worker-pool with a fixed number of workers.
-// For each node the request is pushed to the jobs channel, the worker sends the request and pushes the result to the result channel.
-// When all workers have finished, the function returns a list of results
 func (hsh *HostSensorHandler) sendAllPodsHTTPGETRequest(path, requestKind string) ([]hostsensor.HostSensorDataEnvelope, error) {
 	podList, err := hsh.getPodList()
 	if err != nil {
 		return nil, fmt.Errorf("failed to sendAllPodsHTTPGETRequest: %v", err)
 	}
-
 	res := make([]hostsensor.HostSensorDataEnvelope, 0, len(podList))
-	var wg sync.WaitGroup
-	// initialization of the channels
-	hsh.workerPool.init(len(podList))
-
-	hsh.workerPool.hostSensorApplyJobs(podList, path, requestKind)
-	hsh.workerPool.hostSensorGetResults(&res)
-	hsh.workerPool.createWorkerPool(hsh, &wg)
-	hsh.workerPool.waitForDone(&wg)
+	resLock := sync.Mutex{}
+	wg := sync.WaitGroup{}
+	wg.Add(len(podList))
+	for podName := range podList {
+		go func(podName, path string) {
+			defer wg.Done()
+			resBytes, err := hsh.HTTPGetToPod(podName, path)
+			if err != nil {
+				logger.L().Error("failed to get data", helpers.String("path", path), helpers.String("podName", podName), helpers.Error(err))
+			} else {
+				resLock.Lock()
+				defer resLock.Unlock()
+				hostSensorDataEnvelope := hostsensor.HostSensorDataEnvelope{}
+				hostSensorDataEnvelope.SetApiVersion(k8sinterface.JoinGroupVersion(hostsensor.GroupHostSensor, hostsensor.Version))
+				hostSensorDataEnvelope.SetKind(requestKind)
+				hostSensorDataEnvelope.SetName(podList[podName])
+				hostSensorDataEnvelope.SetData(resBytes)
+				res = append(res, hostSensorDataEnvelope)
+			}
 
+		}(podName, path)
+	}
+	wg.Wait()
 	return res, nil
 }
 

core/pkg/hostsensorutils/hostsensorworkerpool.go

@@ -1,96 +0,0 @@
-package hostsensorutils
-
-import (
-	"sync"
-
-	"github.com/armosec/kubescape/v2/core/cautils/logger"
-	"github.com/armosec/kubescape/v2/core/cautils/logger/helpers"
-	"github.com/armosec/opa-utils/objectsenvelopes/hostsensor"
-)
-
-const noOfWorkers int = 10
-
-type job struct {
-	podName     string
-	nodeName    string
-	requestKind string
-	path        string
-}
-
-type workerPool struct {
-	jobs        chan job
-	results     chan hostsensor.HostSensorDataEnvelope
-	done        chan bool
-	noOfWorkers int
-}
-
-func NewWorkerPool() workerPool {
-	wp := workerPool{}
-	wp.noOfWorkers = noOfWorkers
-	wp.init()
-	return wp
-}
-
-func (wp *workerPool) init(noOfPods ...int) {
-	if noOfPods != nil && len(noOfPods) > 0 && noOfPods[0] < noOfWorkers {
-		wp.noOfWorkers = noOfPods[0]
-	}
-	// init the channels
-	wp.jobs = make(chan job, noOfWorkers)
-	wp.results = make(chan hostsensor.HostSensorDataEnvelope, noOfWorkers)
-	wp.done = make(chan bool)
-}
-
-// The worker takes a job out of the chan, executes the request, and pushes the result to the results chan
-func (wp *workerPool) hostSensorWorker(hsh *HostSensorHandler, wg *sync.WaitGroup) {
-	defer wg.Done()
-	for job := range wp.jobs {
-		hostSensorDataEnvelope, err := hsh.getResourcesFromPod(job.podName, job.nodeName, job.requestKind, job.path)
-		if err != nil {
-			logger.L().Error("failed to get data", helpers.String("path", job.path), helpers.String("podName", job.podName), helpers.Error(err))
-		} else {
-			wp.results <- hostSensorDataEnvelope
-		}
-	}
-}
-
-func (wp *workerPool) createWorkerPool(hsh *HostSensorHandler, wg *sync.WaitGroup) {
-	for i := 0; i < noOfWorkers; i++ {
-		wg.Add(1)
-		go wp.hostSensorWorker(hsh, wg)
-	}
-}
-
-func (wp *workerPool) waitForDone(wg *sync.WaitGroup) {
-	// Waiting for workers to finish
-	wg.Wait()
-	close(wp.results)
-
-	// Waiting for the results to be processed
-	<-wp.done
-}
-
-func (wp *workerPool) hostSensorGetResults(result *[]hostsensor.HostSensorDataEnvelope) {
-	go func() {
-		for res := range wp.results {
-			*result = append(*result, res)
-		}
-		wp.done <- true
-	}()
-}
-
-func (wp *workerPool) hostSensorApplyJobs(podList map[string]string, path, requestKind string) {
-	go func() {
-		for podName, nodeName := range podList {
-			job := job{
-				podName:     podName,
-				nodeName:    nodeName,
-				requestKind: requestKind,
-				path:        path,
-			}
-			wp.jobs <- job
-
-		}
-		close(wp.jobs)
-	}()
-}

core/pkg/opaprocessor/processorhandler.go

@@ -18,7 +18,6 @@ import (
 
 	"github.com/armosec/k8s-interface/workloadinterface"
 
-	reporthandlingv2 "github.com/armosec/opa-utils/reporthandling/v2"
 	"github.com/armosec/opa-utils/resources"
 	"github.com/open-policy-agent/opa/ast"
 	"github.com/open-policy-agent/opa/rego"
@@ -63,7 +62,7 @@ func (opap *OPAProcessor) ProcessRulesListenner() error {
 }
 
 func (opap *OPAProcessor) Process(policies *cautils.Policies) error {
-	opap.loggerStartScanning()
+	logger.L().Info("Scanning", helpers.String("cluster", cautils.ClusterName))
 
 	cautils.StartSpinner()
 
@@ -90,30 +89,11 @@ func (opap *OPAProcessor) Process(policies *cautils.Policies) error {
 	opap.Report.ReportGenerationTime = time.Now().UTC()
 
 	cautils.StopSpinner()
-
-	opap.loggerDoneScanning()
+	logger.L().Success("Done scanning", helpers.String("cluster", cautils.ClusterName))
 
 	return errs
 }
 
-func (opap *OPAProcessor) loggerStartScanning() {
-	targetScan := opap.OPASessionObj.Metadata.ScanMetadata.ScanningTarget
-	if reporthandlingv2.Cluster == targetScan {
-		logger.L().Info("Scanning", helpers.String(targetScan.String(), cautils.ClusterName))
-	} else {
-		logger.L().Info("Scanning " + targetScan.String())
-	}
-}
-
-func (opap *OPAProcessor) loggerDoneScanning() {
-	targetScan := opap.OPASessionObj.Metadata.ScanMetadata.ScanningTarget
-	if reporthandlingv2.Cluster == targetScan {
-		logger.L().Success("Done scanning", helpers.String(targetScan.String(), cautils.ClusterName))
-	} else {
-		logger.L().Success("Done scanning " + targetScan.String())
-	}
-}
-
 func (opap *OPAProcessor) processControl(control *reporthandling.Control) (map[string]resourcesresults.ResourceAssociatedControl, error) {
 	var errs error
 

core/pkg/policyhandler/handlepullpolicies.go

@@ -33,8 +33,6 @@ func (policyHandler *PolicyHandler) getPolicies(policyIdentifier []cautils.Polic
 	exceptionPolicies, err := policyHandler.getters.ExceptionsGetter.GetExceptions(cautils.ClusterName)
 	if err == nil {
 		policiesAndResources.Exceptions = exceptionPolicies
-	} else {
-		logger.L().Error("failed to load exceptions", helpers.Error(err))
 	}
 
 	// get account configuration

core/pkg/registryadaptors/armosec/v1/civarmoadaptor.go

@@ -83,7 +83,7 @@ func (armoCivAdaptor *ArmoCivAdaptor) GetImageVulnerability(imageID *registryvul
 }
 
 func (armoCivAdaptor *ArmoCivAdaptor) DescribeAdaptor() string {
-	return "armo image vulnerabilities scanner, docs: https://hub.armosec.io/docs/cluster-vulnerability-scanning"
+	return "armo image vulnerabilities scanner, docs: https://hub.armo.cloud/docs/cluster-vulnerability-scanning"
 }
 
 func (armoCivAdaptor *ArmoCivAdaptor) GetImagesInformation(imageIDs []registryvulnerabilities.ContainerImageIdentifier) ([]registryvulnerabilities.ContainerImageInformation, error) {

core/pkg/resourcehandler/k8sresources.go

@@ -89,7 +89,7 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 			cautils.SetInfoMapForResources(fmt.Sprintf("failed to pull image scanning data: %s", err.Error()), imgVulnResources, sessionObj.InfoMap)
 		} else {
 			if isEmptyImgVulns(*armoResourceMap) {
-				cautils.SetInfoMapForResources("image scanning is not configured. for more information: https://hub.armosec.io/docs/cluster-vulnerability-scanning", imgVulnResources, sessionObj.InfoMap)
+				cautils.SetInfoMapForResources("image scanning is not configured. for more information: https://hub.armo.cloud/docs/cluster-vulnerability-scanning", imgVulnResources, sessionObj.InfoMap)
 			}
 		}
 	}
@@ -109,7 +109,7 @@ func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessio
 				sessionObj.InfoMap = infoMap
 			}
 		} else {
-			cautils.SetInfoMapForResources("enable-host-scan flag not used. For more information: https://hub.armo.cloud/docs/host-sensor", hostResources, sessionObj.InfoMap)
+			cautils.SetInfoMapForResources("enable-host-scan flag not used. For more information:  https://hub.armo.cloud/docs/host-sensor", hostResources, sessionObj.InfoMap)
 		}
 	}
 
@@ -283,7 +283,7 @@ func getCloudProviderDescription(allResources map[string]workloadinterface.IMeta
 		if err != nil {
 			// Return error with useful info on how to configure credentials for getting cloud provider info
 			logger.L().Debug("failed to get descriptive information", helpers.Error(err))
-			return provider, fmt.Errorf("failed to get %s descriptive information. Read more: https://hub.armosec.io/docs/kubescape-integration-with-cloud-providers", strings.ToUpper(provider))
+			return provider, fmt.Errorf("failed to get %s descriptive information. Read more: https://hub.armo.cloud/docs/kubescape-integration-with-cloud-providers", strings.ToUpper(provider))
 		}
 		allResources[wl.GetID()] = wl
 		(*armoResourceMap)[fmt.Sprintf("%s/%s", wl.GetApiVersion(), wl.GetKind())] = []string{wl.GetID()}

core/pkg/resultshandling/printer/v2/prettyprinter.go

@@ -253,7 +253,7 @@ func frameworksScoresToString(frameworks []reportsummary.IFrameworkSummary) stri
 }
 
 func getControlLink(controlID string) string {
-	return fmt.Sprintf("https://hub.armosec.io/docs/%s", strings.ToLower(controlID))
+	return fmt.Sprintf("https://hub.armo.cloud/docs/%s", strings.ToLower(controlID))
 }
 
 func controlCountersForSummary(counters reportsummary.ICounters) string {

core/pkg/resultshandling/printer/v2/resourcetable.go

@@ -73,7 +73,7 @@ func generateResourceRows(controls []resourcesresults.ResourceAssociatedControl,
 			continue
 		}
 
-		row[resourceColumnURL] = fmt.Sprintf("https://hub.armosec.io/docs/%s", strings.ToLower(controls[i].GetID()))
+		row[resourceColumnURL] = fmt.Sprintf("https://hub.armo.cloud/docs/%s", strings.ToLower(controls[i].GetID()))
 		row[resourceColumnPath] = strings.Join(failedPathsToString(&controls[i]), "\n")
 		row[resourceColumnName] = controls[i].GetName()
 

core/pkg/resultshandling/reporter/v2/reporteventreceive_test.go

@@ -19,7 +19,7 @@ func TestGetURL(t *testing.T) {
 			},
 			"",
 		)
-		assert.Equal(t, "https://cloud.armosec.io/configuration-scanning/test?utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
+		assert.Equal(t, "https://portal.armo.cloud/configuration-scanning/test?utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
 	}
 
 	// Test submit and NOT registered url
@@ -33,16 +33,16 @@ func TestGetURL(t *testing.T) {
 			},
 			"",
 		)
-		assert.Equal(t, "https://cloud.armosec.io/account/sign-up?customerGUID=1234&invitationToken=token&utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
+		assert.Equal(t, "https://portal.armo.cloud/account/sign-up?customerGUID=1234&invitationToken=token&utm_campaign=Submit&utm_medium=CLI&utm_source=GitHub", reporter.GetURL())
 	}
 	// Test None submit url
 	{
 		reporter := NewReportMock(NO_SUBMIT_QUERY, "")
-		assert.Equal(t, "https://cloud.armosec.io/account/sign-up?utm_source=GitHub&utm_medium=CLI&utm_campaign=no_submit", reporter.GetURL())
+		assert.Equal(t, "https://portal.armo.cloud/account/sign-up?utm_source=GitHub&utm_medium=CLI&utm_campaign=no_submit", reporter.GetURL())
 	}
 	// Test None report url
 	{
 		reporter := NewReportMock("", "")
-		assert.Equal(t, "https://cloud.armosec.io/account/sign-up", reporter.GetURL())
+		assert.Equal(t, "https://portal.armo.cloud/account/sign-up", reporter.GetURL())
 	}
 }

core/pkg/resultshandling/reporter/v2/reporteventreceiver.go

@@ -74,12 +74,6 @@ func (report *ReportEventReceiver) SetClusterName(clusterName string) {
 }
 
 func (report *ReportEventReceiver) prepareReport(opaSessionObj *cautils.OPASessionObj) error {
-	// All scans whose target is not a cluster, currently their target is a file, which is what the backend expects
-	// (e.g. local-git, directory, etc)
-	if opaSessionObj.Metadata.ScanMetadata.ScanningTarget != reporthandlingv2.Cluster {
-		opaSessionObj.Metadata.ScanMetadata.ScanningTarget = reporthandlingv2.File
-	}
-
 	report.initEventReceiverURL()
 	host := hostToString(report.eventReceiverURL, report.reportID)
 

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/armosec/armoapi-go v0.0.97
 	github.com/armosec/go-git-url v0.0.13
 	github.com/armosec/k8s-interface v0.0.78
-	github.com/armosec/opa-utils v0.0.160
+	github.com/armosec/opa-utils v0.0.159
 	github.com/armosec/rbac-utils v0.0.14
 	github.com/armosec/utils-go v0.0.7
 	github.com/armosec/utils-k8s-go v0.0.7

go.sum

@@ -193,8 +193,8 @@ github.com/armosec/go-git-url v0.0.13 h1:kwzHBL7oFqf2UsR0h4Sx+HMYqO9xHHuBFXGIyuM
 github.com/armosec/go-git-url v0.0.13/go.mod h1:GzfssG3IW9KiURSpK7c/bySBRTlghpObQ7NQ1O4hcMI=
 github.com/armosec/k8s-interface v0.0.78 h1:zqIzbFQqSxVMjcDsB4+lgGNgkHVqDZ369/WTGGdLKCE=
 github.com/armosec/k8s-interface v0.0.78/go.mod h1:8NX4xWXh8mwW7QyZdZea1czNdM2azCK9BbUNmiZYXW0=
-github.com/armosec/opa-utils v0.0.160 h1:KgYN57Fh4t0+EELE/napAB+ysX1X3kDg28Sh34hxt1Y=
-github.com/armosec/opa-utils v0.0.160/go.mod h1:ce7GrjUmp4A2bkw6ItJxnE1GeDeVQxwb3HiwKBbEZTA=
+github.com/armosec/opa-utils v0.0.159 h1:GREyXsM8v1tdIY6FDYjM7roXozt191JTjwpfrjkDJIU=
+github.com/armosec/opa-utils v0.0.159/go.mod h1:ce7GrjUmp4A2bkw6ItJxnE1GeDeVQxwb3HiwKBbEZTA=
 github.com/armosec/rbac-utils v0.0.14 h1:CKYKcgqJEXWF2Hen/B1pVGtS3nDAG1wp9dDv6oNtq90=
 github.com/armosec/rbac-utils v0.0.14/go.mod h1:Ex/IdGWhGv9HZq6Hs8N/ApzCKSIvpNe/ETqDfnuyah0=
 github.com/armosec/utils-go v0.0.7 h1:YGyIzfo7JKocx0SVrKEpQLSKLNLgm+JOEeH0XkO23yQ=

httphandler/go.mod

@@ -6,7 +6,7 @@ replace github.com/armosec/kubescape/v2 => ../
 
 require (
 	github.com/armosec/kubescape/v2 v2.0.0-00010101000000-000000000000
-	github.com/armosec/opa-utils v0.0.160
+	github.com/armosec/opa-utils v0.0.159
 	github.com/armosec/utils-go v0.0.7
 	github.com/google/uuid v1.3.0
 	github.com/gorilla/mux v1.8.0

httphandler/go.sum

@@ -193,8 +193,8 @@ github.com/armosec/go-git-url v0.0.13 h1:kwzHBL7oFqf2UsR0h4Sx+HMYqO9xHHuBFXGIyuM
 github.com/armosec/go-git-url v0.0.13/go.mod h1:GzfssG3IW9KiURSpK7c/bySBRTlghpObQ7NQ1O4hcMI=
 github.com/armosec/k8s-interface v0.0.78 h1:zqIzbFQqSxVMjcDsB4+lgGNgkHVqDZ369/WTGGdLKCE=
 github.com/armosec/k8s-interface v0.0.78/go.mod h1:8NX4xWXh8mwW7QyZdZea1czNdM2azCK9BbUNmiZYXW0=
-github.com/armosec/opa-utils v0.0.160 h1:KgYN57Fh4t0+EELE/napAB+ysX1X3kDg28Sh34hxt1Y=
-github.com/armosec/opa-utils v0.0.160/go.mod h1:ce7GrjUmp4A2bkw6ItJxnE1GeDeVQxwb3HiwKBbEZTA=
+github.com/armosec/opa-utils v0.0.159 h1:GREyXsM8v1tdIY6FDYjM7roXozt191JTjwpfrjkDJIU=
+github.com/armosec/opa-utils v0.0.159/go.mod h1:ce7GrjUmp4A2bkw6ItJxnE1GeDeVQxwb3HiwKBbEZTA=
 github.com/armosec/rbac-utils v0.0.14 h1:CKYKcgqJEXWF2Hen/B1pVGtS3nDAG1wp9dDv6oNtq90=
 github.com/armosec/rbac-utils v0.0.14/go.mod h1:Ex/IdGWhGv9HZq6Hs8N/ApzCKSIvpNe/ETqDfnuyah0=
 github.com/armosec/utils-go v0.0.7 h1:YGyIzfo7JKocx0SVrKEpQLSKLNLgm+JOEeH0XkO23yQ=