search

kubescape / github-action

GitHub action to run Kubescape scans
Apache License 2.0
18 stars 20 forks source link

framework 'cis' not found after v2.3.6 #53

Closed thatdogmachine closed 6 months ago

thatdogmachine commented 9 months ago

hi,

while investigating an issue specific to the exclusion of "controlID": "C-0211" against v2.3.0 I attempted to version bump to latest. Below are the outputs against an empty repo. This seems to match my experience on a Github Enterprise installation where I cannot share logs from.

tldr: is cis framework deliberately removed?

thanks!

Below: logs from github actions runs on github.com. Repo is empty except for a README.md and the workflow.yml

Run kubescape/github-action@v2.3.0
/usr/bin/docker run --name ed93b97cd4d43f6b4e18b60f3be1da10a8f7_5ca950 --label 47ed93 --workdir /github/workspace --rm -e "INPUT_FORMAT" -e "INPUT_OUTPUTFILE" -e "INPUT_FRAMEWORKS" -e "INPUT_FAILEDTHRESHOLD" -e "INPUT_SEVERITYTHRESHOLD" -e "INPUT_FILES" -e "INPUT_VERBOSE" -e "INPUT_CONTROLS" -e "INPUT_CONTROLSCONFIG" -e "INPUT_ACCOUNT" -e "INPUT_EXCEPTIONS" -e "INPUT_FIXFILES" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/kubescape/kubescape":"/github/workspace" 47ed93:b97cd4d43f6b4e18b60f3be1da10a8f7
kubescape scan framework cis  .   --severity-threshold high --format sarif --format-version v2 --output results   config
{"level":"info","ts":"2023-11-28T18:12:31Z","msg":"Kubescape scanner starting"}
{"level":"warn","ts":"2023-11-28T18:12:32Z","msg":"current version 'v2.3.0' is not updated to the latest release: 'v3.0.0'"}
{"level":"info","ts":"2023-11-28T18:12:32Z","msg":"Downloading/Loading policy definitions"}
{"level":"info","ts":"2023-11-28T18:12:32Z","msg":"Downloaded/Loaded policy"}
{"level":"info","ts":"2023-11-28T18:12:32Z","msg":"Accessing local objects"}
{"level":"error","ts":"2023-11-28T18:12:32Z","msg":"no files found to scan","input":"config"}
{"level":"info","ts":"2023-11-28T18:12:32Z","msg":"Done accessing local objects"}
{"level":"info","ts":"2023-11-28T18:12:32Z","msg":"Scanning GitLocal"}
{"level":"info","ts":"2023-11-28T18:12:32Z","msg":"Done scanning GitLocal"}

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Controls: 121 (Failed: 0, Passed: 121, Action Required: 0)
Failed Resources by Severity: Critical — 0, High — 0, Medium — 0, Low — 0

+----------+-------------------------------------------------------+------------------+---------------+--------------------+
| SEVERITY |                     CONTROL NAME                      | FAILED RESOURCES | ALL RESOURCES | % COMPLIANCE-SCORE |
+----------+-------------------------------------------------------+------------------+---------------+--------------------+
| High     | CIS-1.1.11 Ensure that the etcd data directory per... |        0         |       0       |        -1%         |

<snip>

#############################################
#############################################
#############################################
#############################################
#############################################

Run kubescape/github-action@v2.9.2

/usr/bin/docker run --name ed9323ba5cbca7844f3b8f18588c1719fde3_e08448 --label 47ed93 --workdir /github/workspace --rm -e "INPUT_FORMAT" -e "INPUT_OUTPUTFILE" -e "INPUT_FRAMEWORKS" -e "INPUT_FAILEDTHRESHOLD" -e "INPUT_SEVERITYTHRESHOLD" -e "INPUT_FILES" -e "INPUT_VERBOSE" -e "INPUT_CONTROLS" -e "INPUT_CONTROLSCONFIG" -e "INPUT_ACCOUNT" -e "INPUT_EXCEPTIONS" -e "INPUT_FIXFILES" -e "INPUT_IMAGE" -e "INPUT_REGISTRYUSERNAME" -e "INPUT_REGISTRYPASSWORD" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/kubescape/kubescape":"/github/workspace" 47ed93:23ba5cbca7844f3b8f18588c1719fde3
image is <>
kubescape scan  framework cis  .   --severity-threshold high --format sarif --output results   
{"level":"info","ts":"2023-11-28T18:13:36Z","msg":"Kubescape scanner initializing"}
{"level":"warn","ts":"2023-11-28T18:13:37Z","msg":"current version 'v2.9.2' is not updated to the latest release: 'v3.0.0'"}
{"level":"info","ts":"2023-11-28T18:13:37Z","msg":"Initialized scanner"}
{"level":"info","ts":"2023-11-28T18:13:37Z","msg":"Loading policies"}
{"level":"fatal","ts":"2023-11-28T18:13:37Z","msg":"framework 'cis' not found"}
<snip>
dwertent commented 6 months ago

Hi @thatdogmachine Please see the thread here. In short, the framework name is cis-v1.23-t1.0.1