Thanks for this great project. ShiftLeft scan internally use this tool for scanning Kubernetes configuration files. Scan uses an open standard format called SARIF for reporting and can automatically convert a range of JSON files to this format.
Conversion of kube-score json (both v1 and v2) is a bit tricky but possible. The following mandatory attributes are however required, though.
- File name (Name of the yaml file or stdin)
- Line number
- Severity (Text such as low, medium, high, critical)
Thanks for your help in advance.
zegl / kube-score
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
2.8k
How does funding with Polar work?
1
Pay now to fund the work behind this issue.
2
Get updates on progress being made.
3
Maintainer is rewarded once the issue is completed.
FAQ
Backer
You're funding impactful open source efforts
Contributor
You want to contribute to this effort
Maintainer
You want to get funding like this too