Jose Donizetti
Jose Donizetti
Signed-off-by: Jose Donizetti ## Description Adds a new table with checks for infra assesment. ``` trivy k8s all --report=summary --namespace=kube-system 34 / 34 [--------------------------------------------------------------------------------------------------------------------] 100.00% 1 p/s Summary Report for...
``` trivy k8s -n tracee-system all --report=summary 2022-07-26T11:08:03.844-0300 FATAL failed getting k8s cluster: The gcp auth plugin has been removed. Please use the "gke-gcloud-auth-plugin" kubectl/client-go credential plugin instead. ``` This...
## Prerequisites - [X] This issue is an EPIC issue (add label: EPIC). - [ ] This issue is an EPIC TASK (add issue to EPIC description). Select one OR...
Currently, there is two separate ways to configure trivy-operator settings. There are settings configured as environment variables to the deployment, and some other options configured in a configmap. This leads...
https://github.com/aquasecurity/trivy-operator/pull/440
We want to always have a release candidate before a release, though, currently when we release the RC the changelog is tied to it, then when we release the final...
- add "Observability" session to docs, and remove metrics from "integrations" - pre-requisite - config: enable ServiceMonitor (after crds install) - a reference to Prometheus install - example of how...
`trivy` is able to scan exposed secrets on kubernetes resources. The operator should be able to create those reports, currently it only creates for exposed secrets on images.
There were rules added to defsec specifically for kubernetes infra components. (apiserver, controller manager, etcd, scheduler). We would like to display those checks in a summary table differently than misconfigurations,...
Signed-off-by: Jose Donizetti This is a minor cleanup on `tracee-rules/main.go`: - check for commands vs flags first - fix errors returned for the flag `rego-runtime-target` because the var `target` is...