UD-1129: Update reconciliation of misconfigurations and vulnerabiliti…

undistro / zora

Zora is an open source solution that helps you achieve compliance with Kubernetes best practices recommended by industry-leading frameworks. By scanning your cluster with multiple plugins, Zora identifies potential issues, misconfigurations, and vulnerabilities.

Apache License 2.0

278 stars 23 forks source link

…es to check for deltas before sending to SaaS

Description

This PR forces the reconciliation process to check whether the same information has previously been sent to the SaaS, greatly reducing the impact on the service.

Linked Issues

How has this been tested?

Scanning was set up on a cluster, with trivy, marvin and popeye scheduled.
Monitor SaaS service for PUT calls to the vulnerabilityreports and scan endpoints
Monitor logs in zora for Skipping misconfigurations and Skipping vulnerabilities messages
Check clusterscan resources to ensure their status section contains processedMisconfigurations and/or processedVulnerabilities

Checklist

[X] I have labeled this PR with the relevant Type labels
[ ] I have documented my code (if applicable)
[ ] My changes are covered by tests

undistro / zora