From f57437c6b8f50147cc75d657d5cd559843744c90 Mon Sep 17 00:00:00 2001 From: Ramanan Ravikumar <38394463+ramanan-ravi@users.noreply.github.com> Date: Fri, 29 Sep 2023 18:51:15 +0530 Subject: [PATCH] Update docs (#1634) --- deepfence_agent/plugins/YaraHunter | 2 +- deepfence_worker/go.mod | 4 ++-- deepfence_worker/go.sum | 8 ++++---- docs/docs/architecture/cloudscanner.md | 2 +- docs/docs/architecture/sensors.md | 2 +- docs/docs/cloudscanner/aws.md | 2 +- docs/docs/cloudscanner/azure.md | 2 +- docs/docs/cloudscanner/gcp.md | 2 +- docs/docs/cloudscanner/index.md | 2 +- docs/docs/cloudscanner/other.md | 4 ++-- docs/docs/console/index.md | 4 ++-- docs/docs/developers/build.md | 2 +- docs/docs/developers/deploy-agent.md | 6 +++--- docs/docs/developers/deploy-console.md | 8 ++++---- docs/docs/integrations/index.md | 2 +- docs/docs/kubernetes-scanner/index.md | 2 +- docs/docs/operations/compliance.md | 4 ++-- docs/docs/sensors/docker.md | 2 +- docs/docs/sensors/index.md | 4 ++-- docs/docs/sensors/linux-host.md | 2 +- docs/docs/tips/automating-scans.md | 2 +- .../version-v1.5/architecture/cloudscanner.md | 2 +- docs/versioned_docs/version-v1.5/architecture/sensors.md | 2 +- docs/versioned_docs/version-v1.5/cloudscanner/aws.md | 2 +- docs/versioned_docs/version-v1.5/cloudscanner/azure.md | 2 +- docs/versioned_docs/version-v1.5/cloudscanner/gcp.md | 2 +- docs/versioned_docs/version-v1.5/cloudscanner/index.md | 2 +- docs/versioned_docs/version-v1.5/cloudscanner/other.md | 4 ++-- docs/versioned_docs/version-v1.5/console/index.md | 4 ++-- docs/versioned_docs/version-v1.5/developers/build.md | 2 +- .../version-v1.5/developers/deploy-agent.md | 6 +++--- .../version-v1.5/developers/deploy-console.md | 8 ++++---- docs/versioned_docs/version-v1.5/integrations/index.md | 2 +- docs/versioned_docs/version-v1.5/operations/compliance.md | 4 ++-- docs/versioned_docs/version-v1.5/sensors/docker.md | 2 +- docs/versioned_docs/version-v1.5/sensors/index.md | 4 ++-- docs/versioned_docs/version-v1.5/sensors/linux-host.md | 2 +- docs/versioned_docs/version-v1.5/tips/automating-scans.md | 2 +- golang_deepfence_sdk | 2 +- 39 files changed, 61 insertions(+), 61 deletions(-) diff --git a/deepfence_agent/plugins/YaraHunter b/deepfence_agent/plugins/YaraHunter index 5bac6af10f..a784633c97 160000 --- a/deepfence_agent/plugins/YaraHunter +++ b/deepfence_agent/plugins/YaraHunter @@ -1 +1 @@ -Subproject commit 5bac6af10f1b1630ed31b26c472926730cf77a99 +Subproject commit a784633c97c9596fe6752cc1bca4d5956e584902 diff --git a/deepfence_worker/go.mod b/deepfence_worker/go.mod index 0ccc85a1a4..c741a7e711 100644 --- a/deepfence_worker/go.mod +++ b/deepfence_worker/go.mod @@ -79,11 +79,11 @@ require ( github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect github.com/containerd/ttrpc v1.2.2 // indirect github.com/containerd/typeurl/v2 v2.1.1 // indirect - github.com/cyphar/filepath-securejoin v0.2.3 // indirect + github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect github.com/deepfence/golang_deepfence_sdk/client v0.0.0-20230817093436-faaacc23dfd8 // indirect - github.com/deepfence/golang_deepfence_sdk/utils v0.0.0-20230817093436-faaacc23dfd8 // indirect + github.com/deepfence/golang_deepfence_sdk/utils v0.0.0-20230922050328-b19457df35dc // indirect github.com/deepfence/vessel v0.11.1 // indirect github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect github.com/docker/cli v24.0.2+incompatible // indirect diff --git a/deepfence_worker/go.sum b/deepfence_worker/go.sum index 4de1508c3a..098004a7e6 100644 --- a/deepfence_worker/go.sum +++ b/deepfence_worker/go.sum @@ -178,16 +178,16 @@ github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSV github.com/cpuguy83/go-md2man/v2 v2.0.1/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= -github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= -github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= +github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= +github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= -github.com/deepfence/golang_deepfence_sdk/utils v0.0.0-20230817093436-faaacc23dfd8 h1:dR65mjFib0ygj9kyn45q+64PuJfYsYBiRt08RWNklPw= -github.com/deepfence/golang_deepfence_sdk/utils v0.0.0-20230817093436-faaacc23dfd8/go.mod h1:C3CqMr7oE9RmHZWXIVDWFLuGaNDDaoSBSlILLQJxlew= +github.com/deepfence/golang_deepfence_sdk/utils v0.0.0-20230922050328-b19457df35dc h1:ssSB/g+JiOYBF4OB0m4cvGVcVaBPXf2KamJpEX9CDKI= +github.com/deepfence/golang_deepfence_sdk/utils v0.0.0-20230922050328-b19457df35dc/go.mod h1:C3CqMr7oE9RmHZWXIVDWFLuGaNDDaoSBSlILLQJxlew= github.com/deepfence/vessel v0.11.1 h1:RSnPHv/HX9Vrcujxzp6l4cjzF7a/34lVvh+jr8Hq8YA= github.com/deepfence/vessel v0.11.1/go.mod h1:uSMZ7HZePuQzHH2kKdRJ/r8kYPz9ZgkffYhFiccmeHk= github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1/go.mod h1:+hnT3ywWDTAFrW5aE+u2Sa/wT555ZqwoCS+pk3p6ry4= diff --git a/docs/docs/architecture/cloudscanner.md b/docs/docs/architecture/cloudscanner.md index 86ed114a13..8a050f1ad7 100644 --- a/docs/docs/architecture/cloudscanner.md +++ b/docs/docs/architecture/cloudscanner.md @@ -25,7 +25,7 @@ Each Cloud Scanner task runs in your cloud environment, gathering inventory and Cloud Scanner tasks are deployed using the appropriate Terraform module for each cloud, and are configured with the address and API key of your management console. They 'phone home' to your management console and take instructions on demand; they do not listen for remote connections or control. :::info -Refer to the Installation Documentation to [Learn how to install Cloud Scanner tasks](/docs/cloudscanner) +Refer to the Installation Documentation to [Learn how to install Cloud Scanner tasks](/docs/v2.0/cloudscanner) ::: diff --git a/docs/docs/architecture/sensors.md b/docs/docs/architecture/sensors.md index f762d3fddb..13bd0b3c1f 100644 --- a/docs/docs/architecture/sensors.md +++ b/docs/docs/architecture/sensors.md @@ -14,5 +14,5 @@ The sensors support the following production platforms: * **AWS Fargate** The sensor is deployed as a daemon service alongside each serverless instance. :::info -Refer to the Installation Documentation to [Learn how to install Sensor Agents](/docs/sensors) +Refer to the Installation Documentation to [Learn how to install Sensor Agents](/docs/v2.0/sensors) ::: \ No newline at end of file diff --git a/docs/docs/cloudscanner/aws.md b/docs/docs/cloudscanner/aws.md index e731b5ed93..acec23db3c 100644 --- a/docs/docs/cloudscanner/aws.md +++ b/docs/docs/cloudscanner/aws.md @@ -102,7 +102,7 @@ Controls are grouped into **benchmarks**. Where multiple benchmarks are availabl When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v2.0/operations/compliance). :::tip Maximizing Coverage For maximum coverage, you can use both Cloud Scanner and local Sensor Agent compliance scans together. You could scan your AWS infrastructure using Cloud Scanner, and [scan selected VMs deployed within AWS](other) using the Sensor Agent. diff --git a/docs/docs/cloudscanner/azure.md b/docs/docs/cloudscanner/azure.md index e5a051917a..5325fd2244 100644 --- a/docs/docs/cloudscanner/azure.md +++ b/docs/docs/cloudscanner/azure.md @@ -45,7 +45,7 @@ Controls are grouped into **benchmarks**. Where multiple benchmarks are availabl When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v2.0/operations/compliance). :::tip Maximizing Coverage For maximum coverage, you can use both Cloud Scanner and local Sensor Agent compliance scans together. You could scan your Azure infrastructure using Cloud Scanner, and [scan selected VMs deployed within Azure](other) using the Sensor Agent. diff --git a/docs/docs/cloudscanner/gcp.md b/docs/docs/cloudscanner/gcp.md index a1781fe283..6ce8b9184b 100644 --- a/docs/docs/cloudscanner/gcp.md +++ b/docs/docs/cloudscanner/gcp.md @@ -70,7 +70,7 @@ Controls are grouped into **benchmarks**. Where multiple benchmarks are availabl When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v2.0/operations/compliance). :::tip Maximizing Coverage For maximum coverage, you can use both Cloud Scanner and local Sensor Agent compliance scans together. You could scan your GCP infrastructure using Cloud Scanner, and [scan selected VMs deployed within GCP](other) using the Sensor Agent. diff --git a/docs/docs/cloudscanner/index.md b/docs/docs/cloudscanner/index.md index e77634c98e..5e02371c47 100644 --- a/docs/docs/cloudscanner/index.md +++ b/docs/docs/cloudscanner/index.md @@ -10,7 +10,7 @@ The Cloud Scanner task interacts with the local cloud APIs under the instruction ## Before You Begin -Review the architecture for compliance scanning, as described in [Architecture: Cloud Scanner task](/docs/architecture/cloudscanner). +Review the architecture for compliance scanning, as described in [Architecture: Cloud Scanner task](/docs/v2.0/architecture/cloudscanner). ## Configuring Cloud Posture Management diff --git a/docs/docs/cloudscanner/other.md b/docs/docs/cloudscanner/other.md index 10558a569a..9074a6e04c 100644 --- a/docs/docs/cloudscanner/other.md +++ b/docs/docs/cloudscanner/other.md @@ -6,7 +6,7 @@ title: Other Platforms ThreatMapper can perform compliance posture scanning on linux hosts and Kubernetes master and worker nodes. -Scanning is done directly, using a local [Sensor Agent](/docs/sensors) rather than by using the Cloud Scanner task employed by the cloud platform integrations. +Scanning is done directly, using a local [Sensor Agent](/docs/v2.0/sensors) rather than by using the Cloud Scanner task employed by the cloud platform integrations. ## What Compliance Scans are Performed? @@ -15,7 +15,7 @@ The sensor agent has direct visibility into the configuration of the base operat When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v2.0/operations/compliance). :::tip Maximizing Coverage diff --git a/docs/docs/console/index.md b/docs/docs/console/index.md index a3346ce5fc..86a0daa543 100644 --- a/docs/docs/console/index.md +++ b/docs/docs/console/index.md @@ -8,9 +8,9 @@ The ThreatMapper Management Console ("Console") is a standalone application, imp ## Before You Begin -Review the architecture for the Management Console, as described in [Architecture: Management Console](/docs/architecture/console). +Review the architecture for the Management Console, as described in [Architecture: Management Console](/docs/v2.0/architecture/console). -Review the requirements for the Management Console, as described in [System Requirements](/docs/console/requirements). +Review the requirements for the Management Console, as described in [System Requirements](/docs/v2.0/console/requirements). ## Installing the Management Console diff --git a/docs/docs/developers/build.md b/docs/docs/developers/build.md index cbf7b82c01..95830d45e8 100644 --- a/docs/docs/developers/build.md +++ b/docs/docs/developers/build.md @@ -33,7 +33,7 @@ cd ThreatMapper/deployment-scripts docker-compose -f docker-compose.yml up --detach ``` -Once started, you can point a web browser at `https://--IP-ADDRESS---/` to register a first user on the Deepfence Management Console. See [Initial Configuration](/docs/console/initial-configuration) for more information. +Once started, you can point a web browser at `https://--IP-ADDRESS---/` to register a first user on the Deepfence Management Console. See [Initial Configuration](/docs/v2.0/console/initial-configuration) for more information. To stop the Deepfence Management Console: diff --git a/docs/docs/developers/deploy-agent.md b/docs/docs/developers/deploy-agent.md index 238b7df946..e8bf6f079f 100644 --- a/docs/docs/developers/deploy-agent.md +++ b/docs/docs/developers/deploy-agent.md @@ -4,13 +4,13 @@ title: Deploy Sensors # Deploy custom ThreatMapper Sensor Agents -You should first [build the management console and agents](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/sensors/docker), [Kubernetes](/docs/sensors/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. +You should first [build the management console and agents](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/v2.0/sensors/docker), [Kubernetes](/docs/v2.0/sensors/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. ## Installing and Running the Sensor Agents on a Docker Host :::tip -Refer to the [Docker Installation Instructions](/docs/sensors/docker) along with the modifications below. +Refer to the [Docker Installation Instructions](/docs/v2.0/sensors/docker) along with the modifications below. ::: Execute the following command to install and start the sensors: @@ -42,7 +42,7 @@ docker run -dit \ ## Installing and Running the Sensor Agents in a Kubernetes Cluster :::tip -Refer to the [Kubernetes Installation Instructions](/docs/sensors/kubernetes) along with the modifications below. +Refer to the [Kubernetes Installation Instructions](/docs/v2.0/sensors/kubernetes) along with the modifications below. ::: You can use these instructions for helm-based installations in standalone and hosted Kubernetes clusters diff --git a/docs/docs/developers/deploy-console.md b/docs/docs/developers/deploy-console.md index d3f4d215ec..3dca30041f 100644 --- a/docs/docs/developers/deploy-console.md +++ b/docs/docs/developers/deploy-console.md @@ -4,14 +4,14 @@ title: Deploy Console # Deploy a custom ThreatMapper Console -You should first [build the management console](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/console/docker), [Kubernetes](/docs/console/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. +You should first [build the management console](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/v2.0/console/docker), [Kubernetes](/docs/v2.0/console/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. ## Installing and Running the Management Console on a Docker Host :::tip -Refer to the [Docker Installation Instructions](/docs/console/docker) along with the modifications below. +Refer to the [Docker Installation Instructions](/docs/v2.0/console/docker) along with the modifications below. ::: 1. Download the file [docker-compose.yml](https://github.com/deepfence/ThreatMapper/blob/release-2.0/deployment-scripts/docker-compose.yml) to the system that will host the Console @@ -31,12 +31,12 @@ Refer to the [Docker Installation Instructions](/docs/console/docker) along with ## Installing and Running the Management Console in a Kubernetes Cluster :::tip -Refer to the [Kubernetes Installation Instructions](/docs/console/kubernetes) along with the modifications below. +Refer to the [Kubernetes Installation Instructions](/docs/v2.0/console/kubernetes) along with the modifications below. ::: 1. Prepare the cluster, installing the storage driver and metrics service - Follow the instructions to install the OpenEBS storage and metrics server: [Installation Instructions](/docs/console/kubernetes) + Follow the instructions to install the OpenEBS storage and metrics server: [Installation Instructions](/docs/v2.0/console/kubernetes) 2. Install your Management Console diff --git a/docs/docs/integrations/index.md b/docs/docs/integrations/index.md index 38927d15bc..e097f40eec 100644 --- a/docs/docs/integrations/index.md +++ b/docs/docs/integrations/index.md @@ -4,7 +4,7 @@ title: Integrations # Integrations -You can integrate ThreatMapper with a variety of notification services. Any time a new vulnerability is detected (for example, during [CI](/docs/operations/scanning-ci) or an [automated scan](/docs/operations/scanning)), ThreatMapper will submit the details to the configured notification services. +You can integrate ThreatMapper with a variety of notification services. Any time a new vulnerability is detected (for example, during [CI](/docs/v2.0/operations/scanning-ci) or an [automated scan](/docs/v2.0/operations/scanning)), ThreatMapper will submit the details to the configured notification services. | ![Integrations](../img/integrations.png) | |:----------------------------------------------:| diff --git a/docs/docs/kubernetes-scanner/index.md b/docs/docs/kubernetes-scanner/index.md index 99b9099db7..5666f3c7e2 100644 --- a/docs/docs/kubernetes-scanner/index.md +++ b/docs/docs/kubernetes-scanner/index.md @@ -10,4 +10,4 @@ NSA & CISA Cybersecurity Technical Report describes the complexities of securely ## Configuring Kubernetes Scanner -Deepfence Kubernetes Scanner is installed with agent sensors. Follow the documentation [here](/docs/sensors/kubernetes) to install Deepfence agent sensors in the kubernetes cluster. \ No newline at end of file +Deepfence Kubernetes Scanner is installed with agent sensors. Follow the documentation [here](/docs/v2.0/sensors/kubernetes) to install Deepfence agent sensors in the kubernetes cluster. \ No newline at end of file diff --git a/docs/docs/operations/compliance.md b/docs/docs/operations/compliance.md index 15c2755dc8..a970664bda 100644 --- a/docs/docs/operations/compliance.md +++ b/docs/docs/operations/compliance.md @@ -38,7 +38,7 @@ The benchmarks available vary by cloud provider: Begin on the **Posture** page in the ThreatMapper console. -Select a cloud instance that you have [configured previously](/docs/cloudscanner/). You may have several instances of a given cloud type: +Select a cloud instance that you have [configured previously](/docs/v2.0/cloudscanner/). You may have several instances of a given cloud type: | ![Cloud Compliance Scan - Select](../img/compliance-scan-1.png) | |:---------------------------------------------------------------:| @@ -48,7 +48,7 @@ Select a cloud instance that you have [configured previously](/docs/cloudscanner |:---------------------------------------------------------------:| | Select target for Cloud Compliance Scan | -If you want to scan a host (Linux host or Kubernetes master or slave node), ensure that the [threatmapper sensor](/docs/sensors) is deployed on that host. +If you want to scan a host (Linux host or Kubernetes master or slave node), ensure that the [threatmapper sensor](/docs/v2.0/sensors) is deployed on that host. Select the compliance benchmarks you wish to run on the target cloud instance or host: diff --git a/docs/docs/sensors/docker.md b/docs/docs/sensors/docker.md index 3576e14839..98100904cc 100644 --- a/docs/docs/sensors/docker.md +++ b/docs/docs/sensors/docker.md @@ -6,7 +6,7 @@ title: Docker On a Linux-based Docker host, the ThreatMapper agents are deployed as a lightweight container. -Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/architecture#threatmapper-sensor-containers) for minimum supported platforms. +Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/v2.0/architecture#threatmapper-sensor-containers) for minimum supported platforms. For Windows Server hosts, experimental support exists, but it is not suitable for production use. diff --git a/docs/docs/sensors/index.md b/docs/docs/sensors/index.md index caf097ea49..88889c6989 100644 --- a/docs/docs/sensors/index.md +++ b/docs/docs/sensors/index.md @@ -10,11 +10,11 @@ A single ThreatMapper Console can manage multiple workload types, and on-premise ## Before You Begin -Before you install the Sensors, obtain the Management Console URL and API key as described in the [Initial Configuration](/docs/console/initial-configuration). +Before you install the Sensors, obtain the Management Console URL and API key as described in the [Initial Configuration](/docs/v2.0/console/initial-configuration). You should take care to install the sensor version that matches your Management Console version, as compatibility across versions is not guaranteed. -Review the architecture for the Sensor Agent, as described in [Architecture: Sensor Agent](/docs/architecture/sensors). +Review the architecture for the Sensor Agent, as described in [Architecture: Sensor Agent](/docs/v2.0/architecture/sensors). ## System Requirements diff --git a/docs/docs/sensors/linux-host.md b/docs/docs/sensors/linux-host.md index 83362cc45d..ba06e495a8 100644 --- a/docs/docs/sensors/linux-host.md +++ b/docs/docs/sensors/linux-host.md @@ -8,7 +8,7 @@ On a Linux-based bare-metal or virtual machine workload, the ThreatMapper sensor ## ThreatMapper Sensor Agents -Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/architecture#threatmapper-sensor-containers) for minimum supported platforms. +Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/v2.0/architecture#threatmapper-sensor-containers) for minimum supported platforms. Run the following command to start the Sensor Agent on the host. You can find the Deepfence API key under `Setting>User Management>API Key`. diff --git a/docs/docs/tips/automating-scans.md b/docs/docs/tips/automating-scans.md index e76db5a0e2..323905760f 100644 --- a/docs/docs/tips/automating-scans.md +++ b/docs/docs/tips/automating-scans.md @@ -15,7 +15,7 @@ ThreatMapper can scan your production platforms periodically, using the most up- ## Automating ThreatMapper -The results of automated scans are added to the **Vulnerability Scans** report, and can be raised through any configured [Notification](/docs/integrations) method. +The results of automated scans are added to the **Vulnerability Scans** report, and can be raised through any configured [Notification](/docs/v2.0/integrations) method. ThreatMapper presents a series of APIs that you can use to enumerate nodes and run scans: diff --git a/docs/versioned_docs/version-v1.5/architecture/cloudscanner.md b/docs/versioned_docs/version-v1.5/architecture/cloudscanner.md index 1e81a9b18a..ddad621e75 100644 --- a/docs/versioned_docs/version-v1.5/architecture/cloudscanner.md +++ b/docs/versioned_docs/version-v1.5/architecture/cloudscanner.md @@ -25,7 +25,7 @@ Each Cloud Scanner task runs in your cloud environment, gathering inventory and Cloud Scanner tasks are deployed using the appropriate Terraform module for each cloud, and are configured with the address and API key of your management console. They 'phone home' to your management console and take instructions on demand; they do not listen for remote connections or control. :::info -Refer to the Installation Documentation to [Learn how to install Cloud Scanner tasks](/docs/cloudscanner) +Refer to the Installation Documentation to [Learn how to install Cloud Scanner tasks](/docs/v1.5/cloudscanner) ::: diff --git a/docs/versioned_docs/version-v1.5/architecture/sensors.md b/docs/versioned_docs/version-v1.5/architecture/sensors.md index 65e7976e0f..7ab6394b1a 100644 --- a/docs/versioned_docs/version-v1.5/architecture/sensors.md +++ b/docs/versioned_docs/version-v1.5/architecture/sensors.md @@ -14,5 +14,5 @@ The sensors support the following production platforms: * **AWS Fargate** The sensor is deployed as a daemon service alongside each serverless instance. :::info -Refer to the Installation Documentation to [Learn how to install Sensor Agent containers](/docs/sensors) +Refer to the Installation Documentation to [Learn how to install Sensor Agent containers](/docs/v1.5/sensors) ::: \ No newline at end of file diff --git a/docs/versioned_docs/version-v1.5/cloudscanner/aws.md b/docs/versioned_docs/version-v1.5/cloudscanner/aws.md index 4c31e48c07..0ac18c16d4 100644 --- a/docs/versioned_docs/version-v1.5/cloudscanner/aws.md +++ b/docs/versioned_docs/version-v1.5/cloudscanner/aws.md @@ -102,7 +102,7 @@ Controls are grouped into **benchmarks**. Where multiple benchmarks are availabl When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v1.5/operations/compliance). :::tip Maximizing Coverage For maximum coverage, you can use both Cloud Scanner and local Sensor Agent compliance scans together. You could scan your AWS infrastructure using Cloud Scanner, and [scan selected VMs deployed within AWS](other) using the Sensor Agent. diff --git a/docs/versioned_docs/version-v1.5/cloudscanner/azure.md b/docs/versioned_docs/version-v1.5/cloudscanner/azure.md index 3f20a892b0..d9b3dd4bee 100644 --- a/docs/versioned_docs/version-v1.5/cloudscanner/azure.md +++ b/docs/versioned_docs/version-v1.5/cloudscanner/azure.md @@ -45,7 +45,7 @@ Controls are grouped into **benchmarks**. Where multiple benchmarks are availabl When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v1.5/operations/compliance). :::tip Maximizing Coverage For maximum coverage, you can use both Cloud Scanner and local Sensor Agent compliance scans together. You could scan your Azure infrastructure using Cloud Scanner, and [scan selected VMs deployed within Azure](other) using the Sensor Agent. diff --git a/docs/versioned_docs/version-v1.5/cloudscanner/gcp.md b/docs/versioned_docs/version-v1.5/cloudscanner/gcp.md index f753686d42..c640396e6b 100644 --- a/docs/versioned_docs/version-v1.5/cloudscanner/gcp.md +++ b/docs/versioned_docs/version-v1.5/cloudscanner/gcp.md @@ -70,7 +70,7 @@ Controls are grouped into **benchmarks**. Where multiple benchmarks are availabl When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v1.5/operations/compliance). :::tip Maximizing Coverage For maximum coverage, you can use both Cloud Scanner and local Sensor Agent compliance scans together. You could scan your GCP infrastructure using Cloud Scanner, and [scan selected VMs deployed within GCP](other) using the Sensor Agent. diff --git a/docs/versioned_docs/version-v1.5/cloudscanner/index.md b/docs/versioned_docs/version-v1.5/cloudscanner/index.md index e77634c98e..4e72755a0a 100644 --- a/docs/versioned_docs/version-v1.5/cloudscanner/index.md +++ b/docs/versioned_docs/version-v1.5/cloudscanner/index.md @@ -10,7 +10,7 @@ The Cloud Scanner task interacts with the local cloud APIs under the instruction ## Before You Begin -Review the architecture for compliance scanning, as described in [Architecture: Cloud Scanner task](/docs/architecture/cloudscanner). +Review the architecture for compliance scanning, as described in [Architecture: Cloud Scanner task](/docs/v1.5/architecture/cloudscanner). ## Configuring Cloud Posture Management diff --git a/docs/versioned_docs/version-v1.5/cloudscanner/other.md b/docs/versioned_docs/version-v1.5/cloudscanner/other.md index 10558a569a..f55a41ec73 100644 --- a/docs/versioned_docs/version-v1.5/cloudscanner/other.md +++ b/docs/versioned_docs/version-v1.5/cloudscanner/other.md @@ -6,7 +6,7 @@ title: Other Platforms ThreatMapper can perform compliance posture scanning on linux hosts and Kubernetes master and worker nodes. -Scanning is done directly, using a local [Sensor Agent](/docs/sensors) rather than by using the Cloud Scanner task employed by the cloud platform integrations. +Scanning is done directly, using a local [Sensor Agent](/docs/v1.5/sensors) rather than by using the Cloud Scanner task employed by the cloud platform integrations. ## What Compliance Scans are Performed? @@ -15,7 +15,7 @@ The sensor agent has direct visibility into the configuration of the base operat When you run a compliance scan, you can select which benchmarks you wish to measure against, and ThreatMapper will then evaluate the appropriate controls and present the results, by benchmark, once the scan has completed. -For full information, refer to [Operations: Compliance Scanning](/docs/operations/compliance). +For full information, refer to [Operations: Compliance Scanning](/docs/v1.5/operations/compliance). :::tip Maximizing Coverage diff --git a/docs/versioned_docs/version-v1.5/console/index.md b/docs/versioned_docs/version-v1.5/console/index.md index a3346ce5fc..5ebdda76b9 100644 --- a/docs/versioned_docs/version-v1.5/console/index.md +++ b/docs/versioned_docs/version-v1.5/console/index.md @@ -8,9 +8,9 @@ The ThreatMapper Management Console ("Console") is a standalone application, imp ## Before You Begin -Review the architecture for the Management Console, as described in [Architecture: Management Console](/docs/architecture/console). +Review the architecture for the Management Console, as described in [Architecture: Management Console](/docs/v1.5/architecture/console). -Review the requirements for the Management Console, as described in [System Requirements](/docs/console/requirements). +Review the requirements for the Management Console, as described in [System Requirements](/docs/v1.5/console/requirements). ## Installing the Management Console diff --git a/docs/versioned_docs/version-v1.5/developers/build.md b/docs/versioned_docs/version-v1.5/developers/build.md index 04ef0fff55..9c12cd2311 100644 --- a/docs/versioned_docs/version-v1.5/developers/build.md +++ b/docs/versioned_docs/version-v1.5/developers/build.md @@ -34,7 +34,7 @@ cd ThreatMapper/deployment-scripts docker-compose -f docker-compose.yml up --detach ``` -Once started, you can point a web browser at `https://--IP-ADDRESS---/` to register a first user on the Deepfence Management Console. See [Initial Configuration](/docs/console/initial-configuration) for more information. +Once started, you can point a web browser at `https://--IP-ADDRESS---/` to register a first user on the Deepfence Management Console. See [Initial Configuration](/docs/v1.5/console/initial-configuration) for more information. To stop the Deepfence Management Console: diff --git a/docs/versioned_docs/version-v1.5/developers/deploy-agent.md b/docs/versioned_docs/version-v1.5/developers/deploy-agent.md index 89197770e7..e1bdde5268 100644 --- a/docs/versioned_docs/version-v1.5/developers/deploy-agent.md +++ b/docs/versioned_docs/version-v1.5/developers/deploy-agent.md @@ -4,13 +4,13 @@ title: Deploy Sensors # Deploy custom ThreatMapper Sensor Agents -You should first [build the management console and agents](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/sensors/docker), [Kubernetes](/docs/sensors/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. +You should first [build the management console and agents](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/v1.5/sensors/docker), [Kubernetes](/docs/v1.5/sensors/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. ## Installing and Running the Sensor Agents on a Docker Host :::tip -Refer to the [Docker Installation Instructions](/docs/sensors/docker) along with the modifications below. +Refer to the [Docker Installation Instructions](/docs/v1.5/sensors/docker) along with the modifications below. ::: Execute the following command to install and start the sensors: @@ -30,7 +30,7 @@ docker run -dit --cpus=".2" --name=deepfence-agent --restart on-failure --pid=ho ## Installing and Running the Sensor Agents in a Kubernetes Cluster :::tip -Refer to the [Kubernetes Installation Instructions](/docs/sensors/kubernetes) along with the modifications below. +Refer to the [Kubernetes Installation Instructions](/docs/v1.5/sensors/kubernetes) along with the modifications below. ::: You can use these instructions for helm-based installations in standalone and hosted Kubernetes clusters diff --git a/docs/versioned_docs/version-v1.5/developers/deploy-console.md b/docs/versioned_docs/version-v1.5/developers/deploy-console.md index 3cb1dafc58..e7496f3d0a 100644 --- a/docs/versioned_docs/version-v1.5/developers/deploy-console.md +++ b/docs/versioned_docs/version-v1.5/developers/deploy-console.md @@ -4,14 +4,14 @@ title: Deploy Console # Deploy a custom ThreatMapper Console -You should first [build the management console](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/console/docker), [Kubernetes](/docs/console/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. +You should first [build the management console](build) and push the images to a suitable repository. You can then adapt the standard installation instructions ([Docker](/docs/v1.5/console/docker), [Kubernetes](/docs/v1.5/console/kubernetes)) to refer to your custom images rather than the Deepfence-provided ones. ## Installing and Running the Management Console on a Docker Host :::tip -Refer to the [Docker Installation Instructions](/docs/console/docker) along with the modifications below. +Refer to the [Docker Installation Instructions](/docs/v1.5/console/docker) along with the modifications below. ::: 1. Download the file [docker-compose.yml](https://github.com/deepfence/ThreatMapper/blob/release-1.5/deployment-scripts/docker-compose.yml) to the system that will host the Console @@ -31,12 +31,12 @@ Refer to the [Docker Installation Instructions](/docs/console/docker) along with ## Installing and Running the Management Console in a Kubernetes Cluster :::tip -Refer to the [Kubernetes Installation Instructions](/docs/console/kubernetes) along with the modifications below. +Refer to the [Kubernetes Installation Instructions](/docs/v1.5/console/kubernetes) along with the modifications below. ::: 1. Prepare the cluster, installing the storage driver and metrics service - Follow the instructions to install the OpenEBS storage and metrics server: [Installation Instructions](/docs/console/kubernetes) + Follow the instructions to install the OpenEBS storage and metrics server: [Installation Instructions](/docs/v1.5/console/kubernetes) 2. Install your Management Console diff --git a/docs/versioned_docs/version-v1.5/integrations/index.md b/docs/versioned_docs/version-v1.5/integrations/index.md index d2f71ba861..4a2a55f77a 100644 --- a/docs/versioned_docs/version-v1.5/integrations/index.md +++ b/docs/versioned_docs/version-v1.5/integrations/index.md @@ -4,7 +4,7 @@ title: Integrations # Integrations -You can integrate ThreatMapper with a variety of notification services. Any time a new vulnerability is detected (for example, during [CI](/docs/operations/scanning-ci) or an [automated scan](/docs/operations/scanning)), ThreatMapper will submit the details to the configured notification services. +You can integrate ThreatMapper with a variety of notification services. Any time a new vulnerability is detected (for example, during [CI](/docs/v1.5/operations/scanning-ci) or an [automated scan](/docs/v1.5/operations/scanning)), ThreatMapper will submit the details to the configured notification services. | ![Notifications](../img/notifications-2.jpg) | | :--: | diff --git a/docs/versioned_docs/version-v1.5/operations/compliance.md b/docs/versioned_docs/version-v1.5/operations/compliance.md index 13ae475589..3b89aef329 100644 --- a/docs/versioned_docs/version-v1.5/operations/compliance.md +++ b/docs/versioned_docs/version-v1.5/operations/compliance.md @@ -38,13 +38,13 @@ The benchmarks available vary by cloud provider: Begin on the **Posture** page in the ThreatMapper console. -Select a cloud instance that you have [configured previously](/docs/cloudscanner/). You may have several instances of a given cloud type: +Select a cloud instance that you have [configured previously](/docs/v1.5/cloudscanner/). You may have several instances of a given cloud type: | ![Cloud Compliance Scan - Select](../img/compliance-scan-1.jpg) | | :--: | | Select target for Cloud Compliance Scan | -If you want to scan a host (Linux host or Kubernetes master or slave node), ensure that the [threatmapper sensor](/docs/sensors) is deployed on that host. +If you want to scan a host (Linux host or Kubernetes master or slave node), ensure that the [threatmapper sensor](/docs/v1.5/sensors) is deployed on that host. Select the compliance benchmarks you wish to run on the target cloud instance or host: diff --git a/docs/versioned_docs/version-v1.5/sensors/docker.md b/docs/versioned_docs/version-v1.5/sensors/docker.md index 101f0d89a2..17327fa211 100644 --- a/docs/versioned_docs/version-v1.5/sensors/docker.md +++ b/docs/versioned_docs/version-v1.5/sensors/docker.md @@ -6,7 +6,7 @@ title: Docker On a Linux-based Docker host, the ThreatMapper agents are deployed as a lightweight container. -Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/architecture#threatmapper-sensor-containers) for minimum supported platforms. +Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/v1.5/architecture#threatmapper-sensor-containers) for minimum supported platforms. For Windows Server hosts, experimental support exists, but it is not suitable for production use. diff --git a/docs/versioned_docs/version-v1.5/sensors/index.md b/docs/versioned_docs/version-v1.5/sensors/index.md index 6a69491d13..6093d373d2 100644 --- a/docs/versioned_docs/version-v1.5/sensors/index.md +++ b/docs/versioned_docs/version-v1.5/sensors/index.md @@ -10,11 +10,11 @@ A single ThreatMapper Console can manage multiple workload types, and on-premise ## Before You Begin -Before you install the Sensors, obtain the Management Console URL and API key as described in the [Initial Configuration](/docs/console/initial-configuration). +Before you install the Sensors, obtain the Management Console URL and API key as described in the [Initial Configuration](/docs/v1.5/console/initial-configuration). You should take care to install the sensor version that matches your Management Console version, as compatibility across versions is not guaranteed. -Review the architecture for the Sensor Agent, as described in [Architecture: Sensor Agent container](/docs/architecture/sensors). +Review the architecture for the Sensor Agent, as described in [Architecture: Sensor Agent container](/docs/v1.5/architecture/sensors). ## System Requirements diff --git a/docs/versioned_docs/version-v1.5/sensors/linux-host.md b/docs/versioned_docs/version-v1.5/sensors/linux-host.md index ef4ea503d4..20ceaae5bf 100644 --- a/docs/versioned_docs/version-v1.5/sensors/linux-host.md +++ b/docs/versioned_docs/version-v1.5/sensors/linux-host.md @@ -8,7 +8,7 @@ On a Linux-based bare-metal or virtual machine workload, the ThreatMapper sensor ## ThreatMapper Sensor Agents -Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/architecture#threatmapper-sensor-containers) for minimum supported platforms. +Install a docker runtime on the Linux host. Refer to the [Prerequisites for the Sensor Agents](/docs/v1.5/architecture#threatmapper-sensor-containers) for minimum supported platforms. Run the following command to start the Sensor Agent on the host. You can find the Deepfence API key under `Setting>User Management>API Key`. diff --git a/docs/versioned_docs/version-v1.5/tips/automating-scans.md b/docs/versioned_docs/version-v1.5/tips/automating-scans.md index d8b0b34312..994e0ac4eb 100644 --- a/docs/versioned_docs/version-v1.5/tips/automating-scans.md +++ b/docs/versioned_docs/version-v1.5/tips/automating-scans.md @@ -15,7 +15,7 @@ ThreatMapper can scan your production platforms periodically, using the most up- ## Automating ThreatMapper -The results of automated scans are added to the **Vulnerability Scans** report, and can be raised through any configured [Notification](/docs/integrations) method. +The results of automated scans are added to the **Vulnerability Scans** report, and can be raised through any configured [Notification](/docs/v1.5/integrations) method. ThreatMapper presents a series of APIs that you can use to enumerate nodes and run scans: diff --git a/golang_deepfence_sdk b/golang_deepfence_sdk index b19457df35..1713a043ef 160000 --- a/golang_deepfence_sdk +++ b/golang_deepfence_sdk @@ -1 +1 @@ -Subproject commit b19457df35dc1968f283a40a856573172dc45491 +Subproject commit 1713a043efe5bffa1b0f8ac8b7236056bc48b54a