-
Notifications
You must be signed in to change notification settings - Fork 819
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
scan-images report missing from json output format #1601
Comments
Hi @agarcia-oss Indeed, we haven't finalized our approach for integrating the vulnerability scanning report with the compliance report. From my perspective, this is of lesser priority as the preferred method for scanning images for vulnerabilities is via the kubescape helm chart rather than the CLI. The CLI is primarily intended for providing an overview of capabilities and for gating in CI/CD pipelines. If you intend to continuously scan your cluster, I strongly advise installing the helm chart. This being said, if adding the report to the CLI is needed we are more than open to suggestions and contributions. Thoughts? |
Hi @dwertent thanks for the answer, your suggestion of using the helm chart for image scanning makes perfect sense. We're considering alternatives, but sure, updating the report with the Thanks in advance! |
Hi @agarcia-oss, I appreciate your willingness to contribute. The JSON report is divided into several sections:
We have two options for adding the report:
My suggestion is to add the vulnerability report to the
Now, let's focus on a couple of remaining points:
Just something to consider. |
@agarcia-oss can you help us giving your thoughts on David's questions? |
Hi @dwertent and @matthyx thanks for the feedback and apologies for not answering earlier. I think the proposed approach of adding the image scanning results to the As for adding the scan results to the rest of the report format, this seems a bit out of scope for us. Regards! |
Resolved in release v3.0.4 |
Description
When running a
kubescape scan --scan-images --format json -o result.json
we get the same json report as without the--scan-images
flag, even though the pretty printer output is different. As it is, the report is not consistent with the pretty-printer output and it's missing some very valuable information.Environment
OS:
Darwin Kernel Version 23.3.0 x86_64
Version:
v3.0.3
Steps To Reproduce
kubescape scan https://github.com/mongodb/helm-charts --format json -o result_no_scan.json
kubescape scan https://github.com/mongodb/helm-charts --scan-images --format json -o result_scan.json
However, this information is missing from the
result_scan.json
file, which is essentially the same asresult_no_scan.json
Expected behavior
Reports should be consistent with the CLI output and contain all the information requested.
Actual Behavior
We observe an inconsistency between the report and the displayed output.
Additional context
N/A
The text was updated successfully, but these errors were encountered: