KSail should support modern scanning tools to help shift-left. Being able to catch issues with ksail scan in local and CI environments can help harden Kubernetes cluster before the issues are deployed to production.
The implementation should include the following:
.NET libraries to embed KubeScape CLI, Polaris CLI, and K8sGPT CLI.
.NET library to provide a shared interface, with implementations for KubeScape, Polaris and K8sGPT. This ensures that any future implementations will be compatible with KSail.
New KSail command ksail scan with options to enable/disable scanners, and to choose if warnings/errors should cause an interruptible error (makes it possible for CI workflows to enforce high standards)
Use declarative configuration of KubeScape, Polaris an K8sGPT. If there are none by default, I should build yaml configs for each.
devantler
commented
2 weeks ago
Description
KSail should support modern scanning tools to help shift-left. Being able to catch issues with
ksail scanin local and CI environments can help harden Kubernetes cluster before the issues are deployed to production.The implementation should include the following:
ksail scanwith options to enable/disable scanners, and to choose if warnings/errors should cause an interruptible error (makes it possible for CI workflows to enforce high standards)