v0.1.0

What's Changed

• Initial devops skeleton by @FrimIdan in #2
• Add VmClarity cloud-formation starting point by @sambetts-cisco in #1
• Orchestrator - Discovery + Run scan job by @fishkerez in #3
• backend skeleteon by @fishkerez in #4
• fix Check licenses and push .licensei.cache by @FrimIdan in #7
• Disable HTTP access for VMClarity on AWS by @sambetts-cisco in #5
• cleanup job in case of a failure by @fishkerez in #11
• DB infra by @fishkerez in #8
• Limit the resources VMClarity can manage in AWS by @sambetts-cisco in #6
• Bump alpine from 3.16 to 3.17 by @dependabot in #14
• Scanner boot script by @pbalogh-sa in #13
• Initial scanner families support by @FrimIdan in #10
• API handling scan results by @pbalogh-sa in #15
• Bump golang from 1.19.3-alpine to 1.19.4-alpine by @dependabot in #17
• Update VMClarity CLI docker build to use vmclarity-tools-base by @sambetts-cisco in #19
• Fixes to make trial run work by @sambetts-cisco in #18
• add gitleaks secret scanner by @fishkerez in #20
• Pull results on top of main. by @pbalogh-sa in #24
• Bump helm.sh/helm/v3 from 3.10.0 to 3.10.3 by @dependabot in #25
• Bump github.com/containerd/containerd from 1.6.8 to 1.6.12 by @dependabot in #26
• Bump golang from 1.19.4-alpine to 1.19.5-alpine by @dependabot in #28
• Controllers and simple db by @fishkerez in #27
• Export results from VMClarity CLI to VMClarity server by @sambetts-cisco in #22
• Turn on linting for the CLI package by @sambetts-cisco in #30
• Remove go.mod from subpackages except API and fix Makefile by @sambetts-cisco in #33
• Plumb scanner CLI into runtime scan job by @sambetts-cisco in #31
• Watch scanconfigs by @pbalogh-sa in #29
• Fixes found during trial run by @FrimIdan in #46
• Plumb secret scanning in by @FrimIdan in #35
• API read only props by @pbalogh-sa in #45
• More fixes by @FrimIdan in #50
• Debuggable scanner VM by @FrimIdan in #51
• fix export crushing when family fail to run by @fishkerez in #62
• Bump github.com/aws/aws-sdk-go-v2/config from 1.17.10 to 1.18.12 by @dependabot in #65
• Bump golang from 1.19.5-alpine to 1.20.0-alpine by @dependabot in #58
• Fix scan issues discovered during e2e testing by @sambetts-cisco in #57
• Revisit IDs in API by @pbalogh-sa in #49
• Bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #67
• Bump docker/build-push-action from 3 to 4 by @dependabot in #55
• Exploits family enricher by @fishkerez in #36
• change vpc name to VmClarityVPC by @fishkerez in #71
• Revisit Scan API model to allow for ScanConfig expand, snapshot and summary by @sambetts-cisco in #92
• E2e test guide by @sambetts-cisco in #34
• fix crush during patch by @fishkerez in #99
• Mount attached volume from CLI by @fishkerez in #90
• Add support for ODATA $filter, $select and $count on /scanConfigs by @sambetts-cisco in #84
• Resolve comments from ODATA PR and add UTs for selectTree by @sambetts-cisco in #106
• Bugs fixes by @fishkerez in #109
• Fix patch/put APIs for all the objects by @sambetts-cisco in #108
• Bump golang from 1.20.0-alpine to 1.20.2-alpine by @dependabot in #114
• backend client by @fishkerez in #110
• fix some export results issues by @FrimIdan in #123
• Clean up VMClarity documentation and repo settings according cisco-open templates by @sambetts-cisco in #112
• attach volume after running by @fishkerez in #119
• Fix AWS Scope API model validation and regions logic by @sambetts-cisco in #122
• Bump github.com/urfave/cli from 1.22.7 to 1.22.12 by @dependabot in #38
• UI with discover scopes by @akpsgit in #125
• Describe API schema for findings by @FrimIdan in #127
• scans odata by @fishkerez in #128
• add id to scan config demo data by @fishkerez in #130
• Add support for $orderby by @sambetts-cisco in #129
• Fix $select on primitive collection by @sambetts-cisco in #134
• Remove bullet list from "Type of Change" section in PR template by @sambetts-cisco in #137
• Add missing scope discovery permissions to describe VPCs and Security Groups by @akpsgit in #135
• Fix object issues by @sambetts-cisco in #143
• Fix Dockerfile.cli syntax version by @sambetts-cisco in #145
• UI backend by @fishkerez in #141
• configure number of parallel scanners from the API by @fishkerez in #147
• Fix PATCH behaviour and nil pointer issues in configwatcher by @sambetts-cisco in #148
• Fix spelling error and API field names in example scanConfig.json by @sambetts-cisco in #151
• Switch DELETE requests to 200 instead of 204 response code by @sambetts-cisco in #156
• Stop using gorm.Model to disable gorm side effects by @sambetts-cisco in #155
• Move default for maxParallelScanners out of ScanConfigData by @sambetts-cisco in #154
• Disable additional properties for majority of schemas in API by @sambetts-cisco in #152
• fix all prints in BackendClient to print the message and not the pointer by @FrimIdan in #157
• Revert "Disable additional properties for majority of schemas in API" by @akpsgit in #158
• Extend the findings APIs and export missing fields (add findings demo data) by @akpsgit in #146
• Fix a bug when scan done was never reported by @FrimIdan in #159
• UI sync and fixes new by @galiail in #162
• ui adjustments by @galiail in #165
• make sure all scan config data is being snapshot by @FrimIdan in #164
• move ui backend to a directory in root project by @fishkerez in #167
• fix an issue with verifying families errors map by @FrimIdan in #169
• workflows: api code validation by @FrimIdan in #168
• Fix relation counters in demo data by @akpsgit in #170
• Capability to use spot instance for scanner job by @pbalogh-sa in #117
• Add demo data for spot instances by @akpsgit in #173
• Move the var for disabling the orchestrator and using UI site path to be managed by viper by @akpsgit in #131
• dashboard - riskiest regions widget by @fishkerez in #163
• Make array types in API nullable by @sambetts-cisco in #166
• Periodic scan using cron api + backend support by @FrimIdan in #161
• Allow setting VMClarity images in CloudFormation template by @chrisgacsal in #177
• Define misconfiguration family result/report format and export by @sambetts-cisco in #98
• UI config updates new by @galiail in #180
• Make sure that scan init failures are captured by scan state by @sambetts-cisco in #144
• Most risky assets by @FrimIdan in #172
• Add support for comparing datetimes to odatasql by @sambetts-cisco in #183
• Propagate context.Context to operations with support for it by @chrisgacsal in #181
• Malware family and ClamAV implementation by @Tavh in #118
• Fix exporter check in waitForAttached by @chrisgacsal in #185
• UI null fields by @galiail in #188
• Fix odata queries for TargetScanResult/Status by @sambetts-cisco in #184
• Findings trends dashboard widget by @FrimIdan in #182
• Add a new DB error type for validation errors by @FrimIdan in #189
• Add infrastructure for scan result post processing by @sambetts-cisco in #136
• set disabled to true for a non periodic scan once started by @FrimIdan in #190
• UI dashboard by @galiail in #191
• Switch result processor vulnerabilties map print to debug level by @sambetts-cisco in #192
• fix nil summary crash in Region findings widget by @akpsgit in #194
• Add lynis scanner to the misconfiguration scanner by @sambetts-cisco in #153
• UI support for trends findings wizard by @galiail in #197
• api(ui backend): findings impact dashboard widget by @FrimIdan in #193
• Add DB indexes to increase performace by @sambetts-cisco in #198
• Implement proper queue for reconciling logic by @sambetts-cisco in #196
• fix typo in findings impact api by @FrimIdan in #200
• fix nil finding crash in post-processing and riskiest assets by @akpsgit in #204
• Add separate CLI option for waiting for server attached status by @sambetts-cisco in #209
• Ensure that poller's timeoutCtx isn't leaking memory by @sambetts-cisco in #207
• Add grype-server to VMClarity infrastructure and wire it into the scanner by @sambetts-cisco in #206
• Bump KubeClarity after CPE and PURL panic fixes by @sambetts-cisco in #205
• Include cloud formation lint in validation checks by @sambetts-cisco in #203
• Handle unique constraint on patch and put by @pbalogh-sa in #178
• fix sortby logic and refactor BuildSQLQuery ut by @FrimIdan in #210
• Findings impact dashboard widget by @FrimIdan in #202
• add nil verification to vulnerabilities post processing and fix some vulnerabilities typos by @FrimIdan in #212
• Fix licenses extraction logic by @FrimIdan in #213
• Add support for aborting scans to the API by @chrisgacsal in #176
• UI impact widget new by @galiail in #214
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.63.1 to 1.92.0 by @dependabot in #217
• Ensure that uniqueness checks on PATCH check the PATCHed object by @sambetts-cisco in #215
• UI asset scans pages new by @galiail in #220
• format numbers by @galiail in #221
• dashboard empty state by @galiail in #222
• UI table sorting by @galiail in #223
• Make sure the target vul summary count is filtered on target ID by @sambetts-cisco in #225
• delete unused CreateBackend function and Backend struct by @FrimIdan in #228
• save table page by @galiail in #229
• Fix export vuln severity and nullable APIs by @akpsgit in #227
• Add img/logos directory and vmclarity logo to README by @shmcfarl in #201
• save table sort by @galiail in #234
• update scan config watcher window to include also operation times before now but within window/2 time frame by @FrimIdan in #233
• Don't allow empty strings in AWS scope types by @akpsgit in #235
• ui backend background processing - findings impact by @FrimIdan in #226
• Added a new README and all associated images by @shmcfarl in #231
• Reword and slightly restructure the README by @sambetts-cisco in #239
• Redraw VMClarity architechture diagram and fix other img backgrounds by @sambetts-cisco in #240
• Refactor Exporter in CLI by @chrisgacsal in #230
• Update delete job policy and change default by @sambetts-cisco in #236
• Update README.md by @zohard1 in #242
• Add chkrootkit to rootkit scanner family by @shalevr in #195
• Bump golang from 1.20.2-alpine to 1.20.3-alpine by @dependabot in #238
• Update README.md by @fishkerez in #244
• fix: add volume to job after creation, in order for the volume to be deleted with job by @fishkerez in #245
• Added freshclam execution and config to clam plugin by @Tavh in #224
• update vmclarity-tools-base image and freshclam-mirror image by @FrimIdan in #246
• Remove deployment reference - this will come later by @shmcfarl in #241

New Contributors

• @sambetts-cisco made their first contribution in #1
• @fishkerez made their first contribution in #3
• @dependabot made their first contribution in #14
• @chrisgacsal made their first contribution in #177
• @shmcfarl made their first contribution in #201
• @zohard1 made their first contribution in #242
• @shalevr made their first contribution in #195

Full Changelog: https://github.com/openclarity/vmclarity/commits/v0.1.0