kubescape

package
v7.12.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 4, 2026 License: GPL-3.0 Imports: 6 Imported by: 0

Documentation

Overview

Package kubescape provides security scanning functionality using the Kubescape engine.

It wraps the Kubescape Go SDK (github.com/kubescape/kubescape/v3/core) to scan local Kubernetes manifests against security frameworks such as NSA-CISA, MITRE ATT&CK, and CIS Benchmarks.

Index

Constants

This section is empty.

Variables

View Source 
var ErrScanFailed = errors.New("security scan failed")

ErrScanFailed indicates that the security scan encountered an error.

Functions

This section is empty.

Types

type Client 

type Client struct{}

Client provides Kubescape security scanning functionality.

func NewClient 

func NewClient() *Client

NewClient creates a new Kubescape client.

func (*Client) ScanDirectory 

func (c *Client) ScanDirectory(ctx context.Context, path string, opts *ScanOptions) error

ScanDirectory scans Kubernetes manifests in the given directory path against the configured security frameworks.

type ScanOptions 

type ScanOptions struct {
	// Frameworks is the list of security frameworks to scan against (e.g. "nsa", "mitre", "cis").
	Frameworks []string
	// Format is the output format (e.g. "pretty-printer", "json", "sarif", "junit").
	Format string
	// Output is the file path to write results to. Empty means stdout.
	Output string
	// ComplianceThreshold fails the scan if the compliance score is below this value (0-100).
	ComplianceThreshold float32
	// Verbose shows all resources in the output, not just failed ones.
	Verbose bool
}

ScanOptions configures security scan behavior.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.