FairwindsOps/pluto

Auto conversion of detections

geowalrus4gh opened this issue · 2 comments

feature

Is it possible to replace the scan findings with the target version's declarations?

Describe the solution you'd like

Something like "pluto detect-files --target-versions k8s=v1.24.0 --replace"

This will replace the version definition with the target definition and ensure the yaml is compatible with target spec. Throw error if not backward compatible.

This is an interesting idea. We've talked about it in the past I believe, but never made any serious effort. This would be a fairly large change, as we would have to modify the versions spec to include an indicator of backward compatibility

Isnt it already working kinda working?
Tried to replicate it:
pluto detect-files -f api-dreprecated.yaml
image
You see the replacement column, in my case i had the yaml files with deprecations in the directory i launched the command.
To fix the "issues" you can just change the apiVersion to the one indicated to the column of the replacement.