Add choco/brew packages to install KICS binaries

[elit-cx]

Describe the solution you'd like
Existing packages for one command installation of kics binaries on Windows/linux

[adam-moss]

Starter for 10 on the homebrew side of things:

class Kics < Formula                                                    
  desc "Find vulnerabilities, compliance issues, and misconfigurations in IaC"
  homepage "https://kics.io"                                            
  url "https://github.com/Checkmarx/kics/archive/v1.2.1.tar.gz"         
  sha256 "213b5f0f9411187acc71e02afe4c36f4da50f3fdbea266b6f8d38157f78db773"
  license "Apache-2.0"                                                  
                                                                        
  depends_on "go" => :build                                             
                                                                        
  def install                                                           
    system "go", "build", *std_go_args, "./cmd/console/main.go"         
                                                                        
    bin.install "assets"                                                
  end                                                                   
                                                                        
  test do                                                               
    system bin/"kics", "--help"                                         
  end                                                                   
end 

This builds and install correctly, however when executing as kics scan --exclude-paths .cache --minimal-ui --path .

Scanning with Keeping Infrastructure as Code Secure dev

Error: failed to get queries: failed to get query Source: lstat ./assets/queries: no such file or directory

it errors out as you can see. When executing as kics scan --exclude-paths .cache --minimal-ui --queries-path $(brew --prefix)/Cellar/kics/1.2.1/bin --path .

Scanning with Keeping Infrastructure as Code Secure dev

Executing queries: [========== 100.0% ==========]

Files scanned: 81
Parsed files: 22
Queries loaded: 1224
Queries failed to execute: 0

------------------------------------

Healthcheck Instruction Missing, Severity: LOW, Results: 2
	[1]: /Users/adam.moss/Projects/iot/Dockerfile:15
	[2]: /Users/adam.moss/Projects/iot/Dockerfile:23
Not Using JSON In CMD And ENTRYPOINT Arguments, Severity: MEDIUM, Results: 1
	[1]: /Users/adam.moss/Projects/iot/Dockerfile:26
Yum Install Allows Manual Input, Severity: MEDIUM, Results: 1
	[1]: /Users/adam.moss/Projects/iot/Dockerfile:18
Yum install Without Version, Severity: MEDIUM, Results: 2
	[1]: /Users/adam.moss/Projects/iot/Dockerfile:18
	[2]: /Users/adam.moss/Projects/iot/Dockerfile:18
Secrets Stored In Dockerfile, Severity: MEDIUM, Results: 1
	[1]: /Users/adam.moss/Projects/iot/Dockerfile:17
Missing User Instruction, Severity: HIGH, Results: 2
	[1]: /Users/adam.moss/Projects/iot/Dockerfile:23
	[2]: /Users/adam.moss/Projects/iot/Dockerfile:15
Passwords And Secrets In Infrastructure Code, Severity: HIGH, Results: 2
	[1]: /Users/adam.moss/Projects/iot/group_vars/iot/vars_vault.yml:3
	[2]: /Users/adam.moss/Projects/iot/group_vars/pihole/vars_vault.yml:3

Results Summary:
HIGH: 4
MEDIUM: 5
LOW: 2
INFO: 0
TOTAL: 11

Scan duration: 4.174454954s

it works fine. I'm not entirely sure if this is expected behaviour or not.

[rogeriopeixotocx]

@adam-moss we have updated our Homebrew tap https://github.com/Checkmarx/homebrew-tap.

by default, KICS will search for queries placed under KICS_QUERIES_PATH

during installation homebrew will print the path to where the queries were placed:

e.g:

export KICS_QUERIES_PATH=/opt/homebrew/opt/kics/share/kics/assets/queries

ascii cinema demo