Releases: lacework/go-sdk
Releases · lacework/go-sdk
v0.2.8
Release Notes
Another day, another release. These are the release notes for the version v0.2.8.
Bug Fixes
- fix(cli): generate html for scan commands (Salim Afiune Maya)(6846ffd)
Other Changes
- ci: improve release notes and changelog generation (Salim Afiune Maya)(af22a7a)
- ci: avoid release.sh to update version multiple times (Salim Afiune Maya)(d72149b)
- test(cli): HTML for container vulnerability (Salim Afiune Maya)(fee8505)
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.7
Release Notes
Another day, another release. These are the release notes for the version v0.2.7.
Container Vulnerability Assessments in HTML format
You have now the ability to output container vulnerability assessments in HTML format, this will help teams have clear, actionable insights to understand vulnerabilities so they can remediate.
Use the new flag --html in the following commands:
lacework vulnerability container scanlacework vulnerability container scan-statuslacework vulnerability container show-assessment
The flag will generate a vulnerability assessment in HTML format in addition to the regular human-readable output.
$ lacework vuln ctr show sha256:4861f2bca4e9087558cf9594249da90f42fb781f9b8a857db21e25abc2c57486 --html
CONTAINER IMAGE DETAILS | VULNERABILITIES
------------------------------------------------------------------------------------------+---------------------------------
ID sha256:948cb0da5637b7d7662168a030930e9ab115c302b7d6833c21cb20dac9deb2e4 | SEVERITY COUNT FIXABLE
Digest sha256:4861f2bca4e9087558cf9594249da90f42fb781f9b8a857db21e25abc2c57486 | -----------+-------+----------
Registry index.docker.io | Critical 33 28
Repository dhubtesting/test | High 220 192
Size 163.2 MB | Medium 432 310
Created At 2020-10-06T07:58:58+0000 | Low 246 124
Tags sentry_8.6-onbuild_06102020075836 | Info 219 38
|
The container vulnerability assessment was stored at 'dhubtesting-test-sha256:4861f2bca4e9087558cf9594249da90f42fb781f9b8a857db21e25abc2c57486.html'
The HTML is a standalone file that can be shared without additional artifacts!
Features
- feat(cli): enable html copy to clipboard icons (Salim Afiune Maya)(ec2d1fa)
- feat(cli): HTML format for vulnerability assessments (Salim Afiune Maya)(00c2f43)
- feat(cli): add ARM support (#236) (Salim Afiune)(821b8e6)
Bug Fixes
- fix(cli): remove html column sort icons (Salim Afiune Maya)(dc4c0f6)
Other Changes
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.6
Release Notes
Another day, another release. These are the release notes for the version v0.2.6.
Features
Documentation Updates
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.5
Release Notes
Another day, another release. These are the release notes for the version v0.2.5.
Bug Fixes
- fix(cli): add epoch to package manifest (Salim Afiune Maya)(17da487)
Other Changes
- chore(ci): make GH org a readonly parameter (Salim Afiune Maya)(b4f5f6d)
- chore(cli): update pkg-manifest message for 0 vuln (Salim Afiune Maya)(5029dc8)
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.4
Release Notes
Another day, another release. These are the release notes for the version v0.2.4.
Allow custom installation directory
Now you can install the Lacework CLI on any directory you wish to install it!
$ curl https://raw.githubusercontent.com/lacework/go-sdk/master/cli/install.sh | bash -s -- -d $HOME/bin
The install.sh script has other flags like -v that allows you to rollback
to a previous version of the Lacework CLI:
bash: Installs the Lacework Command Line Interface.
Authors: Technology Alliances <[email protected]>
USAGE:
bash [FLAGS]
FLAGS:
-h Prints help information
-v Specifies a version (ex: v0.1.0)
-d The installation directory (default: /usr/local/bin)
-t Specifies the target of the program to download (default: linux-amd64)
Programatic access to profile data
We have seen a number of Lacework CLI users with a high number of configured
profiles, to help them manage their profiles we have introduced a new list
command that lists all profiles configured into the config file located at
~/.lacework.toml:
$ lacework configure list
Additionally, there is a new show command that allows you to programmatically
access the current computed configuration data. This makes it easy to export
the necessary environment variables for different workflows:
$ export LW_API_KEY="$(lacework configure show api_key --profile dev)"
Features
- feat(cli): programatic access to profile data (#225) (Salim Afiune)(ab7ce7c)
- feat(cli): allow custom installation directory -d 📁 (#223) (Salim Afiune)(ee9e686)
Documentation Updates
Other Changes
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.3
Release Notes
Another day, another release. These are the release notes for the version v0.2.3.
Features
- feat(cli): add scan-pkg-manifest summary 📈 (#220) (Salim Afiune)(9b009c3)
- feat(ux): generate package-manifest command (#217) (Salim Afiune)(0c842ab)
Refactor
- refactor: remove 'apk' as supported pkg manager (Salim Afiune Maya)(4165783)
Other Changes
- chore(ci): update lacework circleci orb (Salim Afiune Maya)(3952c66)
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.2
Release Notes
Another day, another release. These are the release notes for the version v0.2.2.
Features
- feat(lql): --file flag to load LQL query from disk (Salim Afiune Maya)(4804319)
- feat(cli): --file to pass a package manifest file (Salim Afiune Maya)(75680d8)
- feat: human-readable output for scan-pkg-manifest (Salim Afiune Maya)(783f550)
- feat(lql): improve running queries (Salim Afiune Maya)(61c5ee5)
Bug Fixes
Other Changes
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.1
Release Notes
Another day, another release. These are the release notes for the version v0.2.1.
Features
- feat(ctr): use new lacework/lacework-cli repository (#206) (Salim Afiune)(fa1e268)
- feat: add DockerV2, ECR and GCR container registries (#205) (Salim Afiune)(18a8c8b)
- feat: add decoder for jira custom_template_file (#201) (Salim Afiune)(2630ab5)
- feat(cli): ask for JIRA Custom Template file 🚨 (Salim Afiune Maya)(5a4eb17)
- feat(api): encode custom_template_file for Jira int (Salim Afiune Maya)(887ca15)
Documentation Updates
Other Changes
- chore(api): remove MinAlertSeverity field from examples/ (Salim Afiune Maya)(274b8e9)
- ci(cli): fix event time range test (Salim Afiune Maya)(9c2336b)
Docker Images
docker pull lacework/lacework-cli:latestdocker pull lacework/lacework-cli:scratchdocker pull lacework/lacework-cli:ubi-8docker pull lacework/lacework-cli:centos-8docker pull lacework/lacework-cli:debian-10docker pull lacework/lacework-cli:ubuntu-1804docker pull lacework/lacework-cli:amazonlinux-2
v0.2.0
Release Notes
Introducing the new Lacework CLI v0.2.0
What's new?
Top-level vulnerability command
The new lacework vulnerability command have two new sub-commands:
container: for container vulnerability assessmentshost: for host vulnerability assessments
Container Vulnerability
The new lacework vulnerability container command has the following sub-commands:
list-assessments: list container vulnerability assessments (default last 7 days)show-assessment: show results of a container vulnerability assessmentscan: request an on-demand container vulnerability assessmentscan-status: check the status of an on-demand container vulnerability assessment
Host Vulnerability
The new lacework vulnerability host command has the following sub-commands:
list-cves: list the CVEs found in the hosts in your environmentlist-hosts: list the hosts that contain a specified CVE id in your environmentshow-assessment: show results of a host vulnerability assessmentscan-pkg-manifest: request an on-demand host vulnerability assessment from a package-manifest
Lacework Events
- The new
lacework event open <event_id>allows you to quickly open events in the Lacework Console to do further investigation - The
lacework event show <event_id>also provides a direct link to the event in the Lacework Console - The
lacework events listcommand can now filter by event severity, as well as filter by a specific number of days (max 7 days)
What's deprecated?
The following commands have been deprecated:
lacework vulnerability reportuse nowlacework vulnerability container show-assessmentlacework vulnerability scan runuse nowlacework vulnerability container scanlacework vulnerability scan showuse nowlacework vulnerability container scan-status
These commands will continue to work for a number of releases showing a deprecation message similar to:
$ lacework vulnerability report
(DEPRECATED) This command has been moved, use now the following command:
$ lacework vulnerability container show-assessment <sha256:hash>
Features
- feat(cli): new event open command (#197) (Salim Afiune)(42e0309)
- feat(cli): filter events by severity (Salim Afiune Maya)(2d8fdf4)
- feat(cli): list events from a number of days (Salim Afiune Maya)(0474765)
- feat(cli): allow users to pass only --start flag (Salim Afiune Maya)(547dc1d)
- feat(cli): filter assessments for specific repos (Salim Afiune Maya)(6482d8e)
- feat(cli): --active & --fixable flags to container vuln (Salim Afiune Maya)(9f027b9)
- feat(cli): --active & --fixable flags to host vuln (Salim Afiune Maya)(27f5197)
- feat(cli): add emoji support for windows (Salim Afiune Maya)(0762814)
- feat(cli): add an emoji Go package for 🍺 🍕 🌮 (Salim Afiune Maya)(cafb8d8)
- feat(cli): order vulnerabilities by total of hosts (Salim Afiune Maya)(5cfe695)
- feat(cli): new vulnerability list-assessments command (Salim Afiune Maya)(7e7191a)
Refactor
- refactor(cli): container and host vulnerability cmds (Salim Afiune Maya)(c5c0117)
- refactor: host vulnerability feature (Salim Afiune Maya)(5e9f770)
- refactor: container vulnerability feature (Salim Afiune Maya)(bdaf126)
Performance Improvements
- perf(cli): retry polling on-demand container scan statuses (Salim Afiune Maya)(d14ea35)
Other Changes
- chore(cli): update help messages (Salim Afiune Maya)(f1c164c)
- chore(cli): consistent help message for vuln cmds (Salim Afiune Maya)(f796c58)
- chore(cli): leave breadcrumbs for host vuln cmds (Salim Afiune Maya)(45d8427)
- ci(integration): run full tests on windows (#190) (Salim Afiune)(c5c8cf4)
- test(integration): add host vulnerability tests (Salim Afiune Maya)(a5cb795)
- test(integration): add container vulnerability tests (Salim Afiune Maya)(9b2c49d)
Docker Images
docker pull techallylw/lacework-cli:latestdocker pull techallylw/lacework-cli:scratchdocker pull techallylw/lacework-cli:ubi-8docker pull techallylw/lacework-cli:centos-8docker pull techallylw/lacework-cli:debian-10docker pull techallylw/lacework-cli:ubuntu-1804docker pull techallylw/lacework-cli:amazonlinux-2
v0.1.24
Release Notes
Another day, another release. These are the release notes for the version v0.1.24.
Features
- feat(cli): better ux in account validation (#187) (Salim Afiune)(cdd045a)
- feat(cli): new access-tokens command (#184) (Salim Afiune)(ee338c4)
- feat(cli): Create Jira Alert Channels 🚨 (Salim Afiune Maya)(6ca8cef)
- feat(api): add Jira alert channel integrations (Salim Afiune Maya)(0cdb2a4)
Refactor
Bug Fixes
- fix(cli): display integration update by/update time (Salim Afiune Maya)(7060078)
Docker Images
docker pull techallylw/lacework-cli:latestdocker pull techallylw/lacework-cli:scratchdocker pull techallylw/lacework-cli:ubi-8docker pull techallylw/lacework-cli:centos-8docker pull techallylw/lacework-cli:debian-10docker pull techallylw/lacework-cli:ubuntu-1804docker pull techallylw/lacework-cli:amazonlinux-2