Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add ability to specify which Kubernetes workload resources to scan #523

Merged
merged 20 commits into from
Sep 21, 2022
Merged

feat: add ability to specify which Kubernetes workload resources to scan #523

merged 20 commits into from
Sep 21, 2022

Conversation

tks98
Copy link
Contributor

@tks98 tks98 commented Sep 16, 2022

Description

This PR adds the "targetWorkloads" config field which lets users specify the Kubernetes workload resources they want to scan using the vulnerability-report and config-audit report scanners. By default, all workload resource types are scanned.

PR adds logic to do this, adds a test case for the config, updates the usage documentation, updates the helm chart and static manifests.

I had a use-case similar to the related issue and made these modifications for personal use. I saw the related issue today and wanted to open this PR in case it could also benefit the wider community.

Please let me know if anything else is required, or needs to be changed. Thanks!

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@CLAassistant
Copy link

CLAassistant commented Sep 16, 2022
edited

CLA assistant check
All committers have signed the CLA.

@tks98 tks98 changed the title Add ability to specify which Kubernetes workload resources to scan feat: add ability to specify which Kubernetes workload resources to scan Sep 16, 2022
chen-keinan
chen-keinan requested changes Sep 18, 2022
View reviewed changes
pkg/configauditreport/controller/controller.go Outdated Show resolved Hide resolved
deploy/helm/values.yaml Outdated Show resolved Hide resolved
@chen-keinan
Copy link
Collaborator

chen-keinan commented Sep 18, 2022
edited

@tks98 Look's good 🚀 thank you for the contribution , I have added couple of comments

chen-keinan
chen-keinan requested changes Sep 19, 2022
View reviewed changes
pkg/kube/object.go Outdated Show resolved Hide resolved
@chen-keinan chen-keinan merged commit ac41935 into aquasecurity:main Sep 21, 2022
@tks98 tks98 deleted the workload-scan-configuration branch September 30, 2022 18:15
This was referenced Oct 12, 2022
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chen-keinan chen-keinan chen-keinan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@tks98 @CLAassistant @chen-keinan