Repository scanning

You can scan a local repository or a remote repository and submit the scan results to the Kubescape Cloud Platform

Supported vendors: github.com, gitlab.com, azure.com, bitbucket

Scan a remote or cloned local repository

  1. Open the Repository Scanning page and click on Get started with repository scanning

  2. Select your operating system in the following dialog open your cloud shell or terminal, copy the script below and run it, and then click "I run the script".

  1. In the following dialog, Replace the REPOSITORY_LOCATION placeholder with your repository remote URL or local path, and then copy the script below and run it. After you run it, click "I ran the script".

  1. Wait for the Repository scanning to complete...

  1. When the scan is completed successfully, it shows the following dialog, and you can now view and fix your resources for that repository.

Private Repository - Configure Authentication Using Environment Variables

If authentication is required, you can use environment variables to set the authorization token for the kubescape scanner. To configure environment variables in your local system, run one of the following commands:

GitHub

  1. Generate a GitHub token as described here
  2. Run the following command and use the generated token instead of my-access-token:
    1. Linux/Mac: export GITHUB_TOKEN=my-access-token
    2. Windows: set GITHUB_TOKEN=my-access-token

GitLab

  1. Generate a GitLab token as described here
  2. Run one of the following commands and use your token instead of my-access-token:
    1. Linux/Mac: export GITLAB_TOKEN=my-access-token
    2. Windows: set GITLAB_TOKEN=my-access-token

Azure

  1. Generate an Azure token as described here
  2. Run one of the following commands and use your token instead of my-access-token:
    1. Linux/Mac: export AZURE_TOKEN=my-access-token
    2. Windows: set AZURE_TOKEN=my-access-token

BitBucket

  1. Generate a BitBucket token as described here
  2. Run one of the following commands and use your token instead of my-access-token:
    1. Linux/Mac: export BITBUCKET_TOKEN=my-access-token
    2. Windows: set BITBUCKET_TOKEN=my-access-token