Replies: 2 comments
-
|
Handling rules was split into #28 |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I think if we will register a command for each plugin, it will be easier to use the tool. Of course, we lose the option to scan with multiple plugins at once, but I think it is worth it. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
2ms currently only has flags for the scan. We want to create commands to support different operations.
Reference to the concept can be seen at https://kubernetes.io/docs/reference/kubectl/ and https://docs.kics.io/latest/commands/
list - list plugins / engines / rules
scan - (default) scan for secrets
help - show cli help (same as -h today)
global flags
-v version
-h help
scan options
--log-level (same as today)
--all-plugins (default)
--plugin-include string, comma separated (add to plugins list, starts from empty)
--plugin-exclude string, comma separated (remove from all plugin list, starts from full)
--all-rules (default)
--rule-include string, comma separated
--rule-exclude string, comma separated
--config (file path)
list sub commands
plugins - list plugins
rules - list rules
config - list configs detected (env variables / files)
Notice each plugins brings its own flags to the scan command
e.g. confluence has
--confluence-url (mandatory)
--confluence-username (optional, for private instances)
--confluence-token(optional, for private instances)
--confluence-spaces (comma separated list, or all if not present)
if time allows:
scan sub commands
(plugin name) - scan with just one plugin (e.g. 2ms scan confluence)
confluence
Beta Was this translation helpful? Give feedback.
All reactions