DEV Community

Cover image for My CNCF LFX Mentorship Spring 2023 Project at Kubescape
Hollow Man
Hollow Man

Posted on • Updated on

My CNCF LFX Mentorship Spring 2023 Project at Kubescape

https://www.youtube.com/watch?v=uZCoipC6qRU&t=1773s

Project Link: CNCF - Kubescape: Release engineering: add Kubescape to commonly-requested package managers

kubescape is a Cloud Native Computing Foundation (CNCF) sandbox project. It is an open-source Kubernetes security platform and includes risk analysis, security compliance, and misconfiguration scanning. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities.

List of things I have done

Documentations:

Repo and Packages created:

PRs opened:

Issues opened/helped with:

Project summaries

Packaging

Other packages managers that have already been available and not introduced by me during this project period:

GitHub Actions Release CI

I helped improve the Kubescape GitHub Actions release CI process, where I added the ARM64 build and tested for the GitHub Actions release CI workflow. I use QEMU with Docker to simulate the Linux ARM64 environment for building and testing the binaries. For macOS M1/M2, I investigated how to cross-build libgit2 C code and use Golang cross-compilation to build the binaries.

I also helped add the auto version bumping CI for kubescape/homebrew-tap, kubescape/packaging, and kubescape/github-action. After the release is made, we trigger these CIs so that the kubescape versions in these repositories can get upgraded automatically.

GitHub Actions Code Review

I helped improve the Kubescape GitHub Actions fix suggestions code review process, where I created the workflow which works by collecting the SARIF (Static Analysis Results Interchange Format) file that kubescape generates. Then, with the help of HollowMan6/sarif4reviewdog, convert the SARIF file into RDFormat (Reviewdog Diagnostic Format) and generate reviews for code fix suggestions on GitHub Actions using Reviewdog. I also helped add the “fix" object support for the Kubescape-generated SARIF report.

In addition to the main project, I also helped the community with other issues like bug-fixing as well as feature-adding.

Top comments (0)