Release requirements for CLI

[a-thaler]

Description In order to release the CLI the first time, specific requirements need to be fullfilled:

• do a threat modelling and assure that no critical issues are left
• integrate with a license scanning tool for dependencies
• integrate with a static code analysis tool for known security problems
• integrate automated static code analysis specific for golang
• integrate automated test execution

AC:

• all listed requirements are assured on a regular schedule

Details:

• threat modelling session is organized already
• for license scanning the fossa tool will be used as for kyma itself, contact @a-thaler for configuring of the tool
• for security scan "snyk" should be used, contact @kubadz for configuration

[clebs]

Threat modelling was conducted with the following issues to be solved:

• kyma-project/cli#69
• kyma-project/cli#71

The issues will be tracked separatedly in their respective github issues.

There are no other foreseeable challenges on this topic.

[clebs]

The CLI repository has been integrated into FOSSA and all License issues have been solved.

[clebs]

CI jobs have been updated to run on the moved repository and are passing.

[clebs]

CLI has been added to SNyk for periodic and PR security scans: https://app.snyk.io/org/kyma-project/project/0cbf5597-2330-4486-8c3a-b97715af6267

No vulnerabilities detected.

[a-thaler]

done