fengshunli
diff --git a/‎.github/workflows/build.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/build_dev.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build_dev.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎build.py
Lines changed: 1 addition & 1 deletion b/‎build.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎build/Dockerfile
Lines changed: 1 addition & 1 deletion b/‎build/Dockerfile
Lines changed: 1 addition & 1 deletion
diff --git a/‎cmd/download/download.go
Lines changed: 2 additions & 2 deletions b/‎cmd/download/download.go
Lines changed: 2 additions & 2 deletions
diff --git a/‎cmd/list/list.go
Lines changed: 3 additions & 6 deletions b/‎cmd/list/list.go
Lines changed: 3 additions & 6 deletions
diff --git a/‎cmd/scan/control.go
Lines changed: 2 additions & 2 deletions b/‎cmd/scan/control.go
Lines changed: 2 additions & 2 deletions
diff --git a/‎cmd/submit/rbac.go
Lines changed: 5 additions & 4 deletions b/‎cmd/submit/rbac.go
Lines changed: 5 additions & 4 deletions
diff --git a/‎cmd/submit/submit.go
Lines changed: 8 additions & 3 deletions b/‎cmd/submit/submit.go
Lines changed: 8 additions & 3 deletions
diff --git a/‎core/cautils/controllink.go
Lines changed: 12 additions & 0 deletions b/‎core/cautils/controllink.go
Lines changed: 12 additions & 0 deletions
@@ -86,6 +86,6 @@ jobs:
       client: "image-release"
       image_name: "quay.io/${{ github.repository_owner }}/kubescape"
       image_tag: "v2.0.${{ github.run_number }}"
-      support_platforms: false
+      support_platforms: true
       cosign: true
     secrets: inherit
@@ -21,6 +21,6 @@ jobs:
       client: "image-dev"
       image_name: "quay.io/${{ github.repository_owner }}/kubescape"
       image_tag: "dev-v2.0.${{ github.run_number }}"
-      support_platforms: false
+      support_platforms: true
       cosign: true
     secrets: inherit
@@ -57,7 +57,7 @@ def main():
     if client_name:
         ldflags += " -X {}={}".format(client_var, client_name)
 
-    build_command = ["go", "build", "-tags=static", "-o", ks_file, "-ldflags" ,ldflags]
+    build_command = ["go", "build", "-buildmode=pie", "-tags=static", "-o", ks_file, "-ldflags" ,ldflags]
 
     print("Building kubescape and saving here: {}".format(ks_file))
     print("Build command: {}".format(" ".join(build_command)))
 
@@ -12,7 +12,7 @@ ENV CGO_ENABLED=1
 
 # Install required python/pip
 ENV PYTHONUNBUFFERED=1
-RUN apk add --update --no-cache python3 git openssl-dev musl-dev gcc make cmake pkgconfig && ln -sf python3 /usr/bin/python
+RUN apk add --update --no-cache python3 gcc make git libc-dev binutils-gold cmake pkgconfig && ln -sf python3 /usr/bin/python
 RUN python3 -m ensurepip
 RUN pip3 install --no-cache --upgrade pip setuptools
 
 
@@ -24,8 +24,8 @@ var (
   # Download the NSA framework. Run 'kubescape list frameworks' for all frameworks names
   kubescape download framework nsa
 
-  # Download the "Allowed hostPath" control. Run 'kubescape list controls' for all controls names
-  kubescape download control "Allowed hostPath"
+  # Download the "HostPath mount" control. Run 'kubescape list controls' for all controls names
+  kubescape download control "HostPath mount"
 
   # Download the "C-0001" control. Run 'kubescape list controls --id' for all controls ids
   kubescape download control C-0001
 
@@ -20,11 +20,8 @@ var (
   # List all supported frameworks names
   kubescape list frameworks --account <account id>
 	
-  # List all supported controls names
+  # List all supported controls names with ids
   kubescape list controls
-
-  # List all supported controls ids
-  kubescape list controls --id 
   
   Control documentation:
   https://hub.armosec.io/docs/controls
@@ -67,8 +64,8 @@ func GetListCmd(ks meta.IKubescape) *cobra.Command {
 	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.Account, "account", "", "", "Kubescape SaaS account ID. Default will load account ID from cache")
 	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.ClientID, "client-id", "", "", "Kubescape SaaS client ID. Default will load client ID from cache, read more - https://hub.armosec.io/docs/authentication")
 	listCmd.PersistentFlags().StringVarP(&listPolicies.Credentials.SecretKey, "secret-key", "", "", "Kubescape SaaS secret key. Default will load secret key from cache, read more - https://hub.armosec.io/docs/authentication")
-	listCmd.PersistentFlags().StringVar(&listPolicies.Format, "format", "pretty-print", "output format. supported: 'pretty-printer'/'json'")
-	listCmd.PersistentFlags().BoolVarP(&listPolicies.ListIDs, "id", "", false, "List control ID's instead of controls names")
+	listCmd.PersistentFlags().StringVar(&listPolicies.Format, "format", "pretty-print", "output format. supported: 'pretty-print'/'json'")
+	listCmd.PersistentFlags().MarkDeprecated("id", "Control ID's are included in list outpus")
 
 	return listCmd
 }
 
@@ -23,7 +23,7 @@ var (
   kubescape scan control "privileged container"
 	
   # Scan list of controls separated with a comma
-  kubescape scan control "privileged container","allowed hostpath"
+  kubescape scan control "privileged container","HostPath mount"
   
   # Scan list of controls using the control ID separated with a comma
   kubescape scan control C-0058,C-0057
@@ -61,7 +61,7 @@ func getControlCmd(ks meta.IKubescape, scanInfo *cautils.ScanInfo) *cobra.Comman
 			if err := validateFrameworkScanInfo(scanInfo); err != nil {
 				return err
 			}
-			
+
 			// flagValidationControl(scanInfo)
 			scanInfo.PolicyIdentifier = []cautils.PolicyIdentifier{}
 
 
@@ -31,10 +31,11 @@ var (
 // getRBACCmd represents the RBAC command
 func getRBACCmd(ks meta.IKubescape, submitInfo *v1.Submit) *cobra.Command {
 	return &cobra.Command{
-		Use:     "rbac",
-		Example: rbacExamples,
-		Short:   "Submit cluster's Role-Based Access Control(RBAC)",
-		Long:    ``,
+		Use:        "rbac",
+		Deprecated: "This command is deprecated and will not be supported after 1/Jan/2023. Please use the 'scan' command instead.",
+		Example:    rbacExamples,
+		Short:      "Submit cluster's Role-Based Access Control(RBAC)",
+		Long:       ``,
 		RunE: func(cmd *cobra.Command, args []string) error {
 
 			if err := flagValidationSubmit(submitInfo); err != nil {
 
@@ -7,16 +7,21 @@ import (
 )
 
 var submitCmdExamples = `
+# Submit Kubescape scan results file
+kubescape submit results
 
+# Submit exceptions file to Kubescape SaaS
+kubescape submit exceptions
 `
 
 func GetSubmitCmd(ks meta.IKubescape) *cobra.Command {
 	var submitInfo metav1.Submit
 
 	submitCmd := &cobra.Command{
-		Use:   "submit <command>",
-		Short: "Submit an object to the Kubescape SaaS version",
-		Long:  ``,
+		Use:     "submit <command>",
+		Short:   "Submit an object to the Kubescape SaaS version",
+		Long:    ``,
+		Example: submitCmdExamples,
 		Run: func(cmd *cobra.Command, args []string) {
 		},
 	}
 
@@ -0,0 +1,12 @@
+package cautils
+
+import (
+	"fmt"
+	"strings"
+)
+
+func GetControlLink(controlID string) string {
+	// For CIS Controls, cis-1.1.3 will be transformed to cis-1-1-3 in documentation link.
+	docLinkID := strings.ReplaceAll(controlID, ".", "-")
+	return fmt.Sprintf("https://hub.armosec.io/docs/%s", strings.ToLower(docLinkID))
+}