Replies: 2 comments
-
|
Handling rules was split into #28 |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
I think if we will register a command for each plugin, it will be easier to use the tool. Of course, we lose the option to scan with multiple plugins at once, but I think it is worth it. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
2ms currently only has flags for the scan. We want to create commands to support different operations.
Reference to the concept can be seen at https://kubernetes.io/docs/reference/kubectl/ and https://docs.kics.io/latest/commands/
list - list plugins / engines / rules
scan - (default) scan for secrets
help - show cli help (same as -h today)
global flags
-v version
-h help
scan options
--log-level (same as today)
--all-plugins (default)
--plugin-include string, comma separated (add to plugins list, starts from empty)
--plugin-exclude string, comma separated (remove from all plugin list, starts from full)
--all-rules (default)
--rule-include string, comma separated
--rule-exclude string, comma separated
--config (file path)
list sub commands
plugins - list plugins
rules - list rules
config - list configs detected (env variables / files)
Notice each plugins brings its own flags to the scan command
e.g. confluence has
--confluence-url (mandatory)
--confluence-username (optional, for private instances)
--confluence-token(optional, for private instances)
--confluence-spaces (comma separated list, or all if not present)
if time allows:
scan sub commands
(plugin name) - scan with just one plugin (e.g. 2ms scan confluence)
confluence
Beta Was this translation helpful? Give feedback.
All reactions