Act as part of the business code and will report aqua scan report after application installed

Related tags

starboard-report
Overview

starboard-report

This repo aim to enrich the functionality of starboard.

Starboard integrates security tools into the Kubernetes environment, so that users can find and view the risks that relate to different resources in a Kubernetes-native way. starboard

The starboard will watch a certain namespace for workload(basically the pod), if pod created or changed it will do scan(vulnerability scan by Trivy and config audit by Polaris) on it.


The problem is the scan report display, see the picture upper, two way to check the report;

  • With CLI command starboard get report to generate html file.
  • Install software LENS or Octant outside the cluster then connect to the cluster to get a panoramic view of whole cluster

The former is not possible in a cluster which from cloud provider. And the latter is not follow the insight of devsecops.

From the perspective of devsecops, we believe a application should be self-governing, means after update/installed(by gitops maybe), there should be a specific report for the application avaiabled for administrator, just for the application.

So, the repo will be part of application's artifact, act as a security/compliance reporter after every upgrade.

A reference for the Go community that covers the fundamentals of writing clean code and discusses concrete refactoring examples specific to Go.

A reference for the Go community that covers the fundamentals of writing clean code and discusses concrete refactoring examples specific to Go.

Lasse Martin Jakobsen 1.9k Oct 19, 2021
Clean architecture validator for go, like a The Dependency Rule and interaction between packages in your Go projects.

Clean Architecture checker for Golang go-cleanarch was created to keep Clean Architecture rules, like a The Dependency Rule and interaction between mo

Robert Laszczak 513 Oct 6, 2021
Type check the empty interface{}

Static type checker for interface{} with a type list This is an experiment. This is a tool that performs a static type check on values of type interfa

Sina Siadat 15 Sep 13, 2021
🔒🌍 Security scanner for your Terraform code

????tfsec uses static analysis of your terraform templates to spot potential security issues.

tfsec 3.4k Oct 19, 2021
A toy deadlock detector written in Go.

Toy Deadlock Detector This package aims to provide a DSL to represent processes as finite state machines and their concurrent composition. A detector

Yuto Takahashi 27 Apr 27, 2021
A static code analyzer for annotated TODO comments

todocheck todocheck is a static code analyzer for annotated TODO comments. It let's you create actionable TODOs by annotating them with issues from an

Preslav Mihaylov 357 Oct 18, 2021
Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go

Sloc Cloc and Code (scc) A tool similar to cloc, sloccount and tokei. For counting physical the lines of code, blank lines, comment lines, and physica

Ben Boyter 2.8k Oct 16, 2021
Nightly binary builds of Emacs for macOS as a self-contained Emacs.app, with native-compilation.

Emacs Builds Nightly binary builds of Emacs for macOS as a self-contained Emacs.app, with native-compilation. Features Self-contained Emacs.app applic

Jim Myhrberg 66 Oct 22, 2021
Know when GC runs from inside your golang code

gcnotifier gcnotifier provides a way to receive notifications after every run of the garbage collector (GC). Knowing when GC runs is useful to instruc

Carlo Alberto Ferraris 162 Oct 10, 2021
Refactoring and code transformation tool for Go.

gopatch is a tool to match and transform Go code. It is meant to aid in refactoring and restyling.

Uber Go 377 Oct 13, 2021
Run linters from Go code -

Lint - run linters from Go Lint makes it easy to run linters from Go code. This allows lint checks to be part of a regular go build + go test workflow

Surul Software Labs GmbH 66 Oct 5, 2020
The Golang linter that checks that there is no simultaneous return of `nil` error and an invalid value.

nilnil Checks that there is no simultaneous return of nil error and an invalid value. Installation & usage $ go install github.com/Antonboom/[email protected]

Anton Telyshev 3 Sep 28, 2021
Fast division, modulus and divisibility checks in Go for divisors known only at runtime.

fastdiv Fast division, modulus and divisibility checks for divisors known only at runtime via the method of: "Faster Remainder by Direct Computation:

null 89 Jul 19, 2021
🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

reviewdog - A code review dog who keeps your codebase healthy. reviewdog provides a way to post review comments to code hosting service, such as GitHu

reviewdog 4.3k Oct 20, 2021
A report card for your Go application

Go Report Card A web application that generates a report on the quality of an open source go project. It uses several measures, including gofmt, go ve

GoJP 1.6k Oct 16, 2021
apicompat checks recent changes to a Go project for backwards incompatible changes

Introduction apicompat is a tool to check for the introduction of backwards incompatible changes. apicompat: Guarantees that all consumers of a librar

Bradley Falzon 174 Aug 9, 2021
A Go linter to check that errors from external packages are wrapped

Wrapcheck A simple Go linter to check that errors from external packages are wrapped during return to help identify the error source during debugging.

Tom Arrell 88 Oct 22, 2021
Manage your repository's TODOs, tickets and checklists as config in your codebase.

tickgit ??️ tickgit is a tool to help you manage latent work in a codebase. Use the tickgit command to view pending tasks, progress reports, completio

Augmentable 266 Oct 21, 2021