Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scan API - support for exception rules #1580

Open
RomanTheLegend opened this issue Jan 9, 2024 · 4 comments · May be fixed by #1591
Open

Scan API - support for exception rules #1580

RomanTheLegend opened this issue Jan 9, 2024 · 4 comments · May be fixed by #1591
Assignees
@Sriramkashyapks
Labels
feature New feature or request good first issue Good for newcomers

Comments

@RomanTheLegend
Copy link

Overview

Even the latest version of API (V2 API on Kubescape v3.0.3) doesn't let to send scan exclusions as a part of HTTP request

Valid model arguments:

account | [...]
excludedNamespaces | [...]
failThreshold | [...]
complianceThreshold | [...]
format | [...]
hostScanner | [...]
includeNamespaces | [...]
keepLocal | [...]
submit | [...]
targetNames | [...]
targetType | [...]
useCachedArtifacts | [...]

all while CLI client has --exceptions argument

Solution

Enable a new field in the model to accept JSON with exceptions:
https://github.com/kubescape/kubescape/blob/master/examples/exceptions/exclude-allowed-hostPath-control.json
@RomanTheLegend RomanTheLegend added the feature New feature or request label Jan 9, 2024
@RomanTheLegend RomanTheLegend changed the title Scan API - support for exclusion Scan API - support for exception rules Jan 9, 2024
@dwertent dwertent added the good first issue Good for newcomers label Jan 9, 2024
@KrishAryan
Copy link

I would like to work on this issue

@KrishAryan
Copy link

@dwertent I am having trouble solving this issue and don't know where to start can you give me some resources to solve this issue so that I can learn and solve these kinds of issue in the future by myself.

@Sanskarzz
Copy link

Sanskarzz commented Jan 13, 2024
edited

please correct me if i'm wrong
we need to add
Exceptions []armotypes.PostureExceptionPolicy // list of exceptions to apply on scan results
field in type PostScanRequest struct
in https://github.com/kubescape/opa-utils/edit/main/httpserver/meta/v1/datastructure.go

@Sanskarzz Sanskarzz mentioned this issue Jan 13, 2024
Closed
@Sanskarzz Sanskarzz linked a pull request Jan 21, 2024 that will close this issue
Open
@Sriramkashyapks
Copy link

I would like to take on this issue please assign this to me

Sriramkashyapks added a commit to Sriramkashyapks/kubescape that referenced this issue Mar 19, 2024
@Sriramkashyapks
support for exception rules kubescape#1580
8eed34b
Sriramkashyapks added a commit to Sriramkashyapks/kubescape that referenced this issue Mar 19, 2024
@Sriramkashyapks
support for exception rules kubescape#1580
f99cb0d 
Signed-off-by: Sriram Kashyap <kssriramkashyap002@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Sriramkashyapks Sriramkashyapks

Labels
feature New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

added support for exception rules in Scan API ( As a HTTP request) Sanskarzz/kubescape
5 participants
@RomanTheLegend @dwertent @KrishAryan @Sriramkashyapks @Sanskarzz