[bitnami/kubescape] Release 3.0.5-debian-12-r1 (#63811)

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

bitnami/kubescape/3/debian-12/Dockerfile

@@ -7,10 +7,10 @@ ARG TARGETARCH
 
 LABEL com.vmware.cp.artifact.flavor="sha256:c50c90cfd9d12b445b011e6ad529f1ad3daea45c26d20b00732fae3cd71f6a83" \
       org.opencontainers.image.base.name="docker.io/bitnami/minideb:bookworm" \
-      org.opencontainers.image.created="2024-03-13T15:39:24Z" \
+      org.opencontainers.image.created="2024-03-13T17:36:27Z" \
       org.opencontainers.image.description="Application packaged by VMware, Inc" \
       org.opencontainers.image.licenses="Apache-2.0" \
-      org.opencontainers.image.ref.name="3.0.5-debian-12-r0" \
+      org.opencontainers.image.ref.name="3.0.5-debian-12-r1" \
       org.opencontainers.image.title="kubescape" \
       org.opencontainers.image.vendor="VMware, Inc." \
       org.opencontainers.image.version="3.0.5"

bitnami/kubescape/3/debian-12/rootfs/opt/bitnami/scripts/libkubescape.sh

@@ -60,7 +60,6 @@ Flags:
   -l, --log-level string                       Log level for the kubescape scan and kubescape scan image commands.
   -r, --retries                                Number of retries for each 'kubescape scan image' command.
   -s, --silent                                 Do not display any logs in stdout, only the resulting report.
-  --skip-default-frameworks                    If set to true, skips the default frameworks configuration
 
   # NOTE: Additionally, other 'kubescape scan' flags can be added, run 'kubescape scan -h' for additional information.
   """
@@ -80,10 +79,19 @@ kubescape_oss_assessment() {
   local scan_args=("scan" "--format=json")
   local scan_image_args=("scan" "image" "--format=json")
   local silent="false"
-  local skip_frameworks="false"
   local output=""
   local retries="3"
 
+  # By default, Kubescape only runs NSA and MITRE frameworks
+  # We want to extend that to also include SOC2 and CIS frameworks
+  readarray -t frameworks < <(${cmd} list frameworks --format=json | jq '.[]' | grep -Ei "nsa|mitre|soc2|cis-v" | sed 's/"//g')
+  if [[ "${#frameworks[@]}" -gt 0 ]]; then
+    info  "OSS Assessment scan will use the following frameworks: ${frameworks[*]}"
+    scan_args+=("framework" "$(tr ' ' ',' <<< "${frameworks[*]}")")
+  else
+    warn "Could not obtain frameworks, using default ones."
+  fi
+
   # Handle input
   while [[ $# -gt 0 ]]; do
     key="$1"
@@ -107,10 +115,6 @@ kubescape_oss_assessment() {
           retries="$2"
           shift 2
           ;;
-      --skip-default-frameworks)
-          skip_frameworks="true"
-          shift 1
-          ;;
       *)
           scan_args+=("$1")
           shift
@@ -125,18 +129,6 @@ kubescape_oss_assessment() {
     error "The Bitnami Catalog JSON file is missing: ${TANZU_APPLICATION_CATALOG_FILE}"
   fi
 
-  # By default, Kubescape only runs NSA and MITRE frameworks
-  # We want to extend that to also include SOC2 and CIS frameworks
-  if ! is_boolean_yes "$skip_frameworks"; then
-    readarray -t frameworks < <(${cmd} list frameworks --format=json | jq '.[]' | grep -Ei "nsa|mitre|soc2|cis-v" | sed 's/"//g')
-    if [[ "${#frameworks[@]}" -gt 0 ]]; then
-      info  "OSS Assessment scan will use the following frameworks: ${frameworks[*]}"
-      scan_args+=("frameworks" "$(tr ' ' ',' <<< "${frameworks[*]}")")
-    else
-      warn "Could not obtain frameworks, using default ones."
-    fi
-  fi
-
   # Run Kubescape scan for the provided project and add custom field 'security'
   info "Running command '${cmd} ${scan_args[*]}'"
   if is_boolean_yes "$silent"; then