🚓 Integrate kube-bench scanner for K8S CIS Test

[rseedorff]

🚓 New Scanner implementation request

Is your feature request related to a problem

As a secureCodeBox user i want to use the kube-bench scanner to check my kubernetes cluster with the CIS Benchmark on a regular basis.

Describe the solution you'd like

Integrate kube-bench as new security scanner.

Additional context

• kube-bench
• DefectDojo already has implemented a kube-bench parser: https://github.com/DefectDojo/django-DefectDojo/issues/2907

Steps to implement a new scanner

Hint: A general guide how to implement a new SCB scanner is documented here.

• [ ] Create a new folder with the name of the scanner here
• [ ] Add a README.gotmpl and give a brief overview of the scanner and its configuration options.
• [ ] Add a HelmChart and document all configuration options.
• [ ] Implement a new scanner specific scan-type.yaml
• [ ] Implement a new scanner specific parse-definition.yaml
• [ ] Add (optional) some cascading-rules.yaml like documented here
• [ ] Add (optional) a Dockerfile for the scanner if there is no existing one publicly available on dockerHub
• [ ] Use the parser-SDK to implement a new findings parser (currently based on NodeJS)
• [ ] Add unit tests with at minimum 80% test coverage
• [ ] Add some example scan.yaml and finding.yaml files in the example folder
• [ ] Implement a new integration or E2E test for the hook here

[sameeraksc]

its better to have this scanner since nothing there can do K8S CIS tests.

[Freedisch]

@Weltraumschaf @rseedorff , Seems like good issue to get started, I would like to work on this