👍🎉 First off, thanks for taking the time to contribute! 🎉👍
Kubesec is Apache 2.0 licensed and accepts contributions via GitHub pull requests.
The following is a set of guidelines for contributing to kubesec and it's related projects. We generally have stricter rules as it's a security tool but don't let that discourage you from creating your PR, it can be incrementally fixed to fit the rules. Also feel free to propose changes to this document in a pull request.
- Code of Conduct
- I Don't Want To Read This Whole Thing I Just Have a Question!!!
- What Should I Know Before I Get Started?
- How Can I Contribute?
- Style Guides
This project and everyone participating are governed by the Code of Conduct. By participating, you are expected to uphold this code. Please report unacceptable behaviour to andy@control-plane.io.
We have an official message board with a detailed FAQ and where the community chimes in with helpful advice if you have questions.
We also have an issue template for questions here.
- controlplaneio/kubesec
- The main Kubesec repository! The main command-line tool for local scanning or running as a HTTP service. You should also use this repository for feedback related to the API and for large, overarching design proposals
- controlplaneio/kubectl-kubesec
- A
kubectl
plugin that can feed your deployments, pods, etc into Kubesec
- A
This section guides you through submitting a bug report for Kubesec. Following these guidelines helps maintainers and the community understand your report, reproduce the behaviour, and find related reports.
Before creating bug reports, please check this list as you might find out that you don't need to create one. When you are creating a bug report, please include as many details as possible. Fill out the issue template for bugs, the information it asks for helps us resolve issues faster.
Note: If you find a Closed issue that seems like it is the same thing that you're experiencing, open a new issue and include a link to the original issue in the body of your new one.
- Determine which repository the problem should be reported in
- Perform a cursory search to see if the problem has already been reported. If it has and the issue is still open, add a comment to the existing issue instead of opening a new one
Bugs are tracked as GitHub issues. After you've determined which repository your bug is related to, create an issue on that repository and provide the following information by filling in the issue template here.
Explain the problem and include additional details to help maintainers reproduce the problem:
- Use a clear and descriptive title for the issue to identify the problem
- Describe the exact steps which reproduce the problem in as many details as possible. For example, start by explaining
- how you started
kubectl
, e.g. which command you used in the terminal, or how you started Kubesec otherwise - Provide specific examples to demonstrate the steps. Include links to files or GitHub projects, or copy/pasteable snippets, which you use in those examples. If you're providing snippets in the issue, use Markdown code blocks
- Describe the behaviour you observed after following the steps and point out what exactly is the problem with that behaviour
- Explain which behaviour you expected to see instead and why.
Provide more context by answering these questions:
- Did the problem start happening recently (e.g. after updating to a new version of Kubesec) or was this always a problem?
- If the problem started happening recently, can you reproduce the problem in an older version of Kubesec? What's the most recent version in which the problem doesn't happen? You can download older versions of Kubesec from the releases page
- Can you reliably reproduce the issue? If not, provide details about how often the problem happens and under which conditions it normally happens
- If the problem is related to scanning files, does the problem happen for all files and projects or only some? Is there anything else special about the files you are using? Please include them in your report, censor any sensitive information but ensure the issue still exists with the censored file
This section guides you through submitting an enhancement suggestion for Kubesec, including completely new features and minor improvements to existing functionality. Following these guidelines helps maintainers and the community understand your suggestion and find related suggestions.
Before creating enhancement suggestions, please check this list as you might find out that you don't need to create one. When you are creating an enhancement suggestion, please include as many details as possible. Fill in the template feature request template, including the steps that you imagine you would take if the feature you're requesting existed.
- Check if there's already project covering that enhancement if it's a larger enhancement
- Determine which repository the enhancement should be suggested in
- Perform a cursory search to see if the enhancement has already been suggested. If it has, add a comment to the existing issue instead of opening a new one
Enhancement suggestions are tracked as GitHub issues. After you've determined which repository your enhancement suggestion is related to, create an issue on that repository and provide the following information:
- Use a clear and descriptive title for the issue to identify the suggestion
- Provide a step-by-step description of the suggested enhancement in as many details as possible
- Provide specific examples to demonstrate the steps. Include copy/pasteable snippets which you use in those examples, as Markdown code blocks
- Describe the current behaviour and explain which behaviour you expected to see instead and why
- Explain why this enhancement would be useful to most Kubesec users and isn't something that can or should be implemented as a separate community project
- List some other tools where this enhancement exists.
- Specify which version of Kubesec you're using. You can get the exact version by running
kubesec version
in your terminal - Specify the name and version of the OS you're using.
Unsure where to begin contributing to Kubesec? You can start by looking through these Good First Issue
and Help Wanted
issues:
- Good First Issue issues - issues which should only require a few lines of code, and a test or two
- Help wanted issues - issues which should be a bit more involved than
Good First Issue
issues
Both issue lists are sorted by total number of comments. While not perfect, number of comments is a reasonable proxy for impact a given change will have.
To build the project you can use make build
. The resulting binary will be in ./dist
.
To test the project you can run make test
for unit and make test-acceptance
command-line acceptance testing.
For http testing also run make test-remote
.
Note: The acceptance tests require some dependencies fetched via submodules. You can either clone the repo with
--recurse-submodules
or it will automatically fetch them if they're missing when running
make test-acceptance
/make test-remote
.
The process described here has several goals:
- Maintain Kubesec's quality
- Fix problems that are important to users
- Engage the community in working toward the best possible Kubesec
- Enable a sustainable system for Kubesec's maintainers to review contributions
Please follow these steps to have your contribution considered by the maintainers:
- Follow all instructions in the template
- Follow the style guides
- After you submit your pull request, verify that all status checks
are passing
What if the status checks are failing?
If a status check is failing, and you believe that the failure is unrelated to your change, please leave a comment on the pull request explaining why you believe the failure is unrelated. A maintainer will re-run the status check for you. If we conclude that the failure was a false positive, then we will open an issue to track that problem with our status check suite.
While the prerequisites above must be satisfied prior to having your pull request reviewed, the reviewer(s) may ask you to complete additional tests, or other changes before your pull request can be ultimately accepted.
- It's strongly preferred you GPG Verify your commits if you can
- Follow Conventional Commits
- Use the present tense ("add feature" not "added feature")
- Use the imperative mood ("move cursor to..." not "moves cursor to...")
- Limit the first line to 72 characters or less
- Reference issues and pull requests liberally after the first line
Look at installing an .editorconfig
plugin or configure your editor to match the .editorconfig
file in the root of the
repository.
All Go code is linted with golangci-lint.
For formatting rely on gofmt
to handle styling.
We follow the Google Shell Style Guide. All bash/bats code is linted with shellcheck. In the future it will also be formatted with shfmt.
All markdown code is linted with markdownlint-cli.