auto">it is required to support console-formatted results when running starboard scan by command by default:

the console format should be the default output
the console format should be in a table structure

Example:

Vulnerability:

--------------+--------------------+----------------+--------------------------------------------------------+
|  Severity   |   Resource         |     CVE        |            Description                                 |
+-------------+--------------------+----------------+--------------------------------------------------------+
| Critial     | test/nginx         | cve-2019-20839 | libpcre in PCRE before 8.43 allows a subject buffer    | 
+-------------+--------------------+----------------+--------------------------------------------------------+
| High        | aka/alpine         | cve-2019-20838 | An issue was discovered in Mattermost Server before    |  
+-------------+--------------------+----------------+--------------------------------------------------------+
| Medium      | hstop/vari         | CVE-2020-11501 | GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography |
+-------------+--------------------+----------------+--------------------------------------------------------+
| Summary     | 
+-------------+-------------------------+
 Fail         |   3    | Pass   | 30    |
+---------------------------------------+

Config-Audit:

--------------+--------------------+----------------+------------------------------------------------------------+
|  Severity   |   Resource         |     Check ID   |            Description                                     |
+-------------+--------------------+----------------+------------------------------------------------------------+
| Critial     | test/nginx         |    KSV037      | User Pods should not be placed in kube-system namespace    | 
+-------------+--------------------+----------------+------------------------------------------------------------+
| High        | aka/alpine         |    KSV038      | Protecting Pod service account tokens                      |  
+-------------+--------------------+----------------+------------------------------------------------------------+
| Medium      | hstop/vari         |    KSV039      | Selector usage in network policies                         |
+-------------+--------------------+----------------+------------------------------------------------------------+
| Summary     | 
+-------------+-------------------------+
 Fail         |   3    | Pass   | 22    |
+---------------------------------------+



CIS-Benchmark:

-----------------------------------------------------------------------------------------------------------------------------------+
| Description                                                                                 | Node-1   |  Node-2     |  Node-3   |
+----------------------------------------------------------------------------------------------------------------------------------+
|1 Master Node Security Configuration                                                         | INFO     |    INFO     | INFO      |
|1.1 Master Node Configuration Files                                                          | INFO     |    INFO     | INFO      |
|1.1.9 Ensure that the Container Network Interface file permissions are set to 644            | WARN     |    WARN     | WARN      |
|1.1.10 Ensure that the Container Network Interface file ownership is set to root:root        | WARN     |    WARN     | WARN      |
|1.1.12 Ensure that the etcd data directory ownership is set to etcd:etcd (Automated)         | FAIL     |    FAIL     | PASS      |
|1.2 API Server                                                                               | INFO     |    INFO     | INFO      |
|1.2.1 Ensure that the --anonymous-auth argument is set to false (Manual)                     | WARN     |    WARN     | WARN      |
|1.2.5 Ensure that the --kubelet-certificate-authority argument is set as appropriate         | FAIL     |    FAIL     | FAIL      |
|1.2.9 Ensure that the admission control plugin EventRateLimit is set (Manual)                | WARN     |    WARN     | WARN      |
|1.2.11 Ensure that the admission control plugin AlwaysPullImages is set (Manual)             | FAIL     |    FAIL     | PASS      | 
|1.2.12 Ensure that the admission control plugin SecurityContextDeny is set                   | PASS     |    FAIL     | FAIL      | 
|1.2.15 Ensure that the admission control plugin PodSecurityPolicy is set (Automated)         | FAIL     |    PASS     | FAIL      | 
|1.2.20 Ensure that the --profiling argument is set to false (Automated)                      | FAIL     |    PASS     | PASS      | 
+-------------+--------------------+----------------+-----------------------------------------+----------+-------------+-----------+
| Summary     |     
+-------------+--------+------+-------+---------+------+
 Fail         |   12   | Warn | 12    |   Pass  |    5 |
+-------------+--------+------+-------+---------+------+

+--------------+------------+-----------+----------------+-----------------+-----------------------------------------------------------+
| NAMESPACE    | WORKLOAD   |    IMAGE  |  LIBRARY       |VULNERABILITY ID | SEVERITY | MORE INFO                                      |  
+--------------+------------+-----------+----------------+-----------------+-----------------------------------------------------------+
|  MY Namespace| test/nginx |   nginx   | apt:1.0.9.8.3  | CVE-2019-3462   | CRITIAL  | https://avd.aquasec.com/nvd/2019/cve-2019-3462 |
|              |            |           |                | CVE-2016-1252   | MEDIUM   | https://avd.aquasec.com/nvd/2019/cve-2016-1252 |
+--------------+------------+-----------+----------------+-----------------+----------+------------------------------------------------+

cli: support formatted console output #1097

Description

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions