[pull] master from nccgroup:master

.coveragerc

@@ -3,11 +3,11 @@ include =   ScoutSuite/*.py
             ScoutSuite/core/*.py
             ScoutSuite/output/*.py
             ScoutSuite/providers/aws/*.py
-            ScoutSuite/providers/aws/configs/*.py
-            ScoutSuite/providers/aws/services/*.py
+            ScoutSuite/providers/aws/facade/*.py
+            ScoutSuite/providers/aws/resources/*.py
             ScoutSuite/providers/azure/*.py
-            ScoutSuite/providers/azure/configs/*.py
-            ScoutSuite/providers/azure/services/*.py
+            ScoutSuite/providers/azure/facade/*.py
+            ScoutSuite/providers/azure/resources/*.py
             ScoutSuite/providers/gcp/*.py
-            ScoutSuite/providers/gcp/configs/*.py
-            ScoutSuite/providers/gcp/services/*.py
+            ScoutSuite/providers/gcp/facade/*.py
+            ScoutSuite/providers/gcp/resources/*.py

.github/PULL_REQUEST_TEMPLATE.md

@@ -2,6 +2,8 @@
 
 **Make sure the PR is against the `develop` branch (see [Contributing](https://github.com/nccgroup/ScoutSuite/blob/master/CONTRIBUTING.md)).**
 
+**Make sure to set the corresponding milestone in the PR.**
+
 Please include a summary of the change(s) and which issue(s) it addresses. Please also include relevant motivation and context.
 
 Fixes # (issue)

.github/workflows/frontend-build.yml

@@ -0,0 +1,15 @@
+name: Fronted Build CI (dummy version)
+
+on:
+  # Triggers the workflow on push or pull request events but only for the master branch
+  push:
+    branches: [ v6-master ]
+
+jobs:
+  test:
+    runs-on: ubuntu-18.04
+    steps:
+      - name: Show environment v1
+        run: env | grep ^GITHUB
+      - name: Show ref v1
+        run: echo "===============> Version from $GITHUB_REF"

.github/workflows/testing.yml

@@ -11,15 +11,15 @@ on:
 jobs:
   build:
 
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     strategy:
       matrix:
-        python-version: [3.6, 3.7, 3.8]
+        python-version: ['3.9', '3.10', '3.11']
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v2
+      uses: actions/setup-python@v4
       with:
         python-version: ${{ matrix.python-version }}
     - name: Cache pip
@@ -52,4 +52,4 @@ jobs:
     - name: Upload coverage to Codecov
       uses: codecov/codecov-action@v1
       with:
-        file: ./coverage.xml
+        file: ./coverage.xml

.gitignore

@@ -51,8 +51,9 @@ inc-scoutsuite-run*
 report-*
 *.db
 
-# PyCharm
+# IntelliJ files
 .idea/
+*.iml
 
 # Vs Code
 .vscode/
@@ -68,3 +69,8 @@ report-*
 # Private folders
 /private*/
 /**/private*/
+
+#Profiling output
+*.prof
+
+!docker/bin

MANIFEST.in

@@ -13,3 +13,5 @@ recursive-include ScoutSuite/providers/aliyun *
 recursive-include ScoutSuite/providers/aliyun/rules *
 recursive-include ScoutSuite/providers/oci *
 recursive-include ScoutSuite/providers/oci/rules *
+recursive-include ScoutSuite/providers/kubernetes *
+recursive-include ScoutSuite/providers/kubernetes/rules *

README.md

@@ -4,12 +4,13 @@
 
 #
 
-[![Travis](https://travis-ci.org/nccgroup/ScoutSuite.svg?branch=master)](https://travis-ci.org/nccgroup/ScoutSuite)
-[![Coverage Status](https://coveralls.io/repos/github/nccgroup/ScoutSuite/badge.svg?branch=master)](https://coveralls.io/github/nccgroup/ScoutSuite?branch=master)
+[![Workflow](https://github.com/nccgroup/ScoutSuite/workflows/CI%20Workflow/badge.svg)](https://github.com/nccgroup/ScoutSuite/actions)
 [![CodeCov](https://codecov.io/gh/nccgroup/ScoutSuite/branch/master/graph/badge.svg)](https://codecov.io/gh/nccgroup/ScoutSuite)
-[![Total alerts](https://img.shields.io/lgtm/alerts/g/nccgroup/ScoutSuite.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/nccgroup/ScoutSuite/alerts/)
+
 [![PyPI version](https://badge.fury.io/py/ScoutSuite.svg)](https://badge.fury.io/py/ScoutSuite)
 [![PyPI downloads](https://img.shields.io/pypi/dm/scoutsuite)](https://img.shields.io/pypi/dm/scoutsuite)
+[![Docker Hub](https://img.shields.io/badge/Docker%20Hub-rossja%2Fncc--scoutsuite-blue)](https://hub.docker.com/r/rossja/ncc-scoutsuite/)
+[![Docker Pulls](https://img.shields.io/docker/pulls/rossja/ncc-scoutsuite.svg?style=flat-square)](https://hub.docker.com/r/rossja/ncc-scoutsuite/)
 
 ## Description
 
@@ -28,6 +29,8 @@ The following cloud providers are currently supported:
 - Google Cloud Platform
 - Alibaba Cloud (alpha)
 - Oracle Cloud Infrastructure (alpha)
+- Kubernetes clusters on a cloud provider (alpha)
+- DigitalOcean Cloud (alpha)
 
 ## Installation
 
@@ -47,3 +50,5 @@ The above report was generated by running Scout Suite against https://github.com
 
 Additional information can be found in the [wiki](https://github.com/nccgroup/ScoutSuite/wiki). 
 There are also a number of handy [tools](https://github.com/nccgroup/ScoutSuite/tree/master/tools) for automation of common tasks.
+
+

ScoutSuite/__init__.py

@@ -1,5 +1,5 @@
 __author__ = 'NCC Group'
-__version__ = '5.9.1'
+__version__ = '5.14.0'
 
 ERRORS_LIST = []
 

ScoutSuite/__main__.py

@@ -1,5 +1,4 @@
 import asyncio
-import copy
 import os
 import webbrowser
 
@@ -18,6 +17,9 @@
 from ScoutSuite.output.utils import get_filename
 from ScoutSuite.providers import get_provider
 from ScoutSuite.providers.base.authentication_strategy_factory import get_authentication_strategy
+# Dirty workaround for compatibility with Python >= 3.10
+import collections
+collections.Callable = collections.abc.Callable
 
 
 def run_from_cli():
@@ -53,6 +55,16 @@ def run_from_cli():
                    organization_id=args.get('organization_id'), all_projects=args.get('all_projects'),
                    # Aliyun
                    access_key_id=args.get('access_key_id'), access_key_secret=args.get('access_key_secret'),
+                   # Kubernetes
+                   kubernetes_cluster_provider=args.get('kubernetes_cluster_provider'),
+                   kubernetes_config_file=args.get('kubernetes_config_file'),
+                   kubernetes_context=args.get('kubernetes_context'),
+                   kubernetes_persist_config=args.get('kubernetes_persist_config'),
+                   kubernetes_azure_subscription_id=args.get('kubernetes_azure_subscription_id'),
+                   #DigitalOcean
+                   token=args.get('token'),
+                   access_key=args.get('access_key'),
+                   access_secret=args.get('access_secret'),
                    # General
                    report_name=args.get('report_name'), report_dir=args.get('report_dir'),
                    timestamp=args.get('timestamp'),
@@ -99,6 +111,16 @@ def run(provider,
         project_id=None, folder_id=None, organization_id=None, all_projects=False,
         # Aliyun
         access_key_id=None, access_key_secret=None,
+        # Kubernetes
+        kubernetes_cluster_provider=None,
+        kubernetes_config_file=None,
+        kubernetes_context=None,
+        kubernetes_persist_config=True,
+        kubernetes_azure_subscription_id=None,
+        #DigitalOcean
+        token=None,
+        access_key=None,
+        access_secret=None,
         # General
         report_name=None, report_dir=None,
         timestamp=False,
@@ -151,6 +173,16 @@ async def _run(provider,
                project_id, folder_id, organization_id, all_projects,
                # Aliyun
                access_key_id, access_key_secret,
+               # Kubernetes
+               kubernetes_cluster_provider,
+               kubernetes_config_file,
+               kubernetes_context,
+               kubernetes_persist_config,
+               kubernetes_azure_subscription_id,
+               #DigitalOcean
+               token,
+               access_key,
+               access_secret,
                # General
                report_name, report_dir,
                timestamp,
@@ -199,12 +231,25 @@ async def _run(provider,
                                                  username=username,
                                                  password=password,
                                                  access_key_id=access_key_id,
-                                                 access_key_secret=access_key_secret)
+                                                 access_key_secret=access_key_secret,
+
+                                                #DigitalOcean
+                                                token=token,
+                                                access_key=access_key,
+                                                access_secret=access_secret,
+
+                                                 # Kubernetes
+                                                 kubernetes_cluster_provider=kubernetes_cluster_provider,
+                                                 kubernetes_config_file=kubernetes_config_file,
+                                                 kubernetes_context=kubernetes_context,
+                                                 kubernetes_persist_config=kubernetes_persist_config,
+                                                 kubernetes_azure_subscription_id=kubernetes_azure_subscription_id,
+                                                 kubernetes_fetch_local=fetch_local)
 
         if not credentials:
             return 101
     except Exception as e:
-        print_exception('Authentication failure: {}'.format(e))
+        print_exception(f'Authentication failure: {e}')
         return 101
 
     # Create a cloud provider object
@@ -220,6 +265,10 @@ async def _run(provider,
                                       folder_id=folder_id,
                                       organization_id=organization_id,
                                       all_projects=all_projects,
+                                      # Kubernetes
+                                      kubernetes_config_file=kubernetes_config_file,
+                                      kubernetes_context=kubernetes_context,
+                                      kubernetes_cluster_provider=kubernetes_cluster_provider,
                                       # Other
                                       report_dir=report_dir,
                                       timestamp=timestamp,
@@ -228,7 +277,7 @@ async def _run(provider,
                                       programmatic_execution=programmatic_execution,
                                       credentials=credentials)
     except Exception as e:
-        print_exception('Initialization failure: {}'.format(e))
+        print_exception(f'Initialization failure: {e}')
         return 102
 
     # Create a new report
@@ -273,11 +322,14 @@ async def _run(provider,
         if update:
             try:
                 print_info('Updating existing data')
-                current_run_services = copy.deepcopy(cloud_provider.services)
+                #Load previous results
                 last_run_dict = report.encoder.load_from_file('RESULTS')
-                cloud_provider.services = last_run_dict['services']
-                for service in cloud_provider.service_list:
-                    cloud_provider.services[service] = current_run_services[service]
+                #Get list of previous services which were not updated during this run
+                previous_services = [prev_service for prev_service in last_run_dict['service_list'] if prev_service not in cloud_provider.service_list]
+                #Add previous services
+                for service in previous_services:
+                    cloud_provider.service_list.append(service)
+                    cloud_provider.services[service] = last_run_dict['services'][service]
             except Exception as e:
                 print_exception('Failure while updating report: {}'.format(e))
 
@@ -336,7 +388,7 @@ async def _run(provider,
             exceptions.process(cloud_provider)
             exceptions = exceptions.exceptions
         except Exception as e:
-            print_exception('Failed to load exceptions: {}'.format(e))
+            print_exception(f'Failed to load exceptions: {e}')
             exceptions = {}
     else:
         exceptions = {}