search

kubescape / helm-charts

Kubescape can run as a set of microservices inside a Kubernetes cluster. This allows you to continually monitor the status of a cluster, including for compliance and vulnerability management
Apache License 2.0
29 stars 41 forks source link

Supply exceptions json in helm chart #393

Open Pionerd opened 6 months ago

Pionerd commented 6 months ago

Overview

Currently it does not seem possible to easily supply an exceptions JSON file to Kubescape when using the helm chart.

Problem

We would like to run Kubescape scans using the Operator while taking into account the exceptions. Currently there is no way to supply the json to the Operator.

Solution

I would like to see this possibility, or pointers how we can already do it. In that case I will create a PR to the helm chart to make it easier for others.

Alternatives

Entering the exceptions in the ARMO portal is not desired. Running Kubescape manually with the --exceptions flag is not desired.

Additional context

N/A

dwertent commented 6 months ago

Hi @Pionerd, This is something we have been working on for a while now. In the end, the exceptions will be handled in CRD objects to facilitate integrations. We have already started working on it and have submitted a few related PRs in the respective projects. However, we haven't been able to merge them yet. Currently, the most effective way to set exceptions is through third-party adaptors like ARMO.