-
## Overview
See https://github.com/cncf/tag-security/issues/1025
We are in the process of implementing supply chain security best practices in the Kubescape project.
The first phase of this pr…
-
# Description
`sarif` file does not have the findings in it.
# Environment
OS: ` MacOS Venture 13`
Version: ` Your current version is: v2.9.1`
# Steps To Reproduce
1. Create a `deployment…
-
# Description
Not able to define registry name as wildcard for imageRepositoryAllowList in controls-inputs.json
In earlier version wildcard entry was allow but in latest version seems like wildcar…
-
The [kube-linter](https://github.com/stackrox/kube-linter) project does a subset of the work that Kubescape does, but it may also include some checks that Kubescape does not.
Someone should look th…
-
Currently Kubescape scan image does not allow us whitelist CVE's which we accept this can be useful when wanting to use kubescape as a quality gate but dont want to be blocking deployments due to upst…
-
We need to get not just the syscall but also the params, so we can tell for example if ptrace attach occurred.
-
```
craigbox@mac:~/Documents/Projects/kubescape.io$ kubescape scan image nginx -f yaml
✅ Successfully scanned image: nginx
❌ format "yaml"is not supported for image scanning
```
expected: outpu…
-
**Description**
Currently, Kubescape scans YAMLs and Helm templates but not [Terraform](https://www.terraform.io/).
**Additional context**
Kubescape should generate the Kubernetes YAMLs from the …
-
Hi, I see the namespace default failed, but Kubescape did not provide any remediation.
How can I fix the YAML so it will pass?
YAML:
```
apiVersion: v1
kind: Namespace
metadata:
labels:
…
-
**Describe the bug**
I installed Loki using the 5.0.0 Helm Chart, using GCS as my `storage.type`, but it does not work.
As an aside, _if feels like the documentation surrounding GCS is lacking…