docs(kics.io): Removed binaries and changed all cmds to Docker cmds

docs/configuration-file.md

@@ -40,12 +40,13 @@ output-path: "results"
 ---
 
 ## Supported Formats
+
 KICS supports the following formats for the configuration files.
 
-- JSON
-- TOML
-- YAML
-- HCL
+-   JSON
+-   TOML
+-   YAML
+-   HCL
 
 Notice that format is about the content and not the file extension.
 
@@ -179,39 +180,43 @@ disable-full-descriptions = "disable request for full descriptions and use defau
 
 ---
 
-
 ## How to Use
+
 You can enclose all your configurations in a file and use it in two different ways.
 
 #### Command Argument File
 
 1. Create a file with any name/any extension. For the sake of example, let's call it `kics-config.json`
 2. Add the necessary configurations as shown in the templates section in any of the supported formats.
 3. Pass the configuration file as argument:
+
 ```
-kics scan --config kics-config.json
+docker run -v {​​​​path_to_kics_config}​​​​:/kics -v {path_to_host_folder_to_scan}:/path checkmarx/kics scan -p "/path" --config /kics/kics-config.json
 ```
 
 #### Configuration as Code
 
 1. Create a file named `kics.config` and place it in the root of your project repository.
 2. Add the necessary configurations as shown in the templates section in any of the supported formats.
 3. Invoke KICS without arguments (KICS will search for the specific file in the root)
+
 ```
-kics scan
+docker run -v {path_to_host_folder_to_scan}:/path checkmarx/kics scan -p "/path"
 ```
 
 **Note**: If more than one path is given, KICS will warn that `--config` must be used to explicit decide.
 
 #### Environment variables
+
 KICS also accepts environment variables to fill flags values. To use it you just need to have the flag with a `KICS_` prefix. For example:
 
-- To use path flag as environment variable, you should have `KICS_PATH` on your environment;
-- To use multiple names variables, like `--output-path`, you should use it with `KICS_` and each word separated by `_`, e.g.: `KICS_OUTPUT_PATH`
+-   To use path flag as environment variable, you should have `KICS_PATH` on your environment;
+-   To use multiple names variables, like `--output-path`, you should use it with `KICS_` and each word separated by `_`, e.g.: `KICS_OUTPUT_PATH`
 
 ## Flags precedence
+
 KICS will use the following precende to fill flags:
 
-- CLI flags
-- Environment variables
-- Configuration file
+-   CLI flags
+-   Environment variables
+-   Configuration file

docs/getting-started.md

@@ -10,12 +10,12 @@ To scan a directory/file on your host you have to mount it as a volume to the co
 
 ```shell
 docker pull checkmarx/kics:latest
-docker run -v {​​​​path_to_host_folder_to_scan}​​​​:/path checkmarx/kics:latest scan -p "/path" -o "/path/"
+docker run -v {​​​​path_to_host_folder_to_scan}​​​​:/path checkmarx/kics scan -p "/path" -o "/path/"
 ```
 
 You can see the list of available tags in [dockerhub](https://hub.docker.com/r/checkmarx/kics/tags?page=1&ordering=-name)
 
-ℹ️  **UBI Based Images**
+ℹ️ **UBI Based Images**
 
 When using [UBI7](https://catalog.redhat.com) based image, the KICS process will run under the `kics` user and `kics` group with default UID=1000 and GID=1000, when using bind mount to share host files with the container, the UID and GID can be overriden to match current user with the `-u` flag that overrides the username:group or UID:GID. e.g:
 
@@ -30,7 +30,7 @@ Another option is [rebuilding the dockerfile](https://github.com/Checkmarx/kics/
 KICS is avaiable on Checkmarx [homebrew-tap](https://github.com/Checkmarx/homebrew-tap). It can be used as follows:
 
 ```
-brew install Checkmarx/tap/kics 
+brew install Checkmarx/tap/kics
 ```
 
 To use KICS default queries add KICS_QUERIES_PATH env to your `~/.zshrc`, `~/.zprofile`:
@@ -41,65 +41,35 @@ echo 'export KICS_QUERIES_PATH=/usr/local/opt/kics/share/kics/assets/queries' >>
 
 #### Custom Queries
 
-You can provide your own path to the queries directory with `-q` CLI option (see CLI Options section below), otherwise the default directory will be used The default *./assets/queries* is built-in in the image. You can use this to provide a path to your own custom queries. Check [create a new query guide](creating-queries.md) to learn how to define your own queries.
-
-#### One-liner Install Script
-
-Run the following command to download and install kics. It will detect your current OS and download the appropriate binary package, defaults installation to `./bin` and the queries will be placed alongside the binary in `./bin/assets/queries`:
-
-```shell
-curl -sfL 'https://raw.githubusercontent.com/Checkmarx/kics/master/install.sh' | bash
-```
-
-If you want to place it somewhere else like `/usr/local/bin`:
-
-```shell
-sudo curl -sfL 'https://raw.githubusercontent.com/Checkmarx/kics/master/install.sh' | bash -s -- -b /usr/local/bin
-```
-
-#### Binary
-
-KICS release process is pretty straightforward.
-When we're releasing a new version, we'll pack KICS executables for Linux, Windows and macOS operating systems.
-Our security queries will be included in the ZIP files and tarballs, so that you can scan your IaC code with the out-of-the-box queries.
-
-So all you need is:
-
-1. Go to <a href="https://github.com/Checkmarx/kics/releases/latest" target="_blank">KICS releases</a>
-2. Download KICS binaries based on your OS
-3. Extract files
-4. Run kics executable with the cli options as described below (note that kics binary should be located in the same directory as queries directory)
-   ```shell
-   ./kics scan -p '<path-of-your-project-to-scan>' -o '<output-results.json>'
-   ```
+You can provide your own path to the queries directory with `-q` CLI option (see CLI Options section below), otherwise the default directory will be used The default _./assets/queries_ is built-in in the image. You can use this to provide a path to your own custom queries. Check [create a new query guide](creating-queries.md) to learn how to define your own queries.
 
 #### Build from Sources
 
 1. Download and install Go from <a href="https://golang.org/dl/" target="_blank">https://golang.org/dl/</a>
 2. Clone the repository:
-   ```shell
-   git clone https://github.com/Checkmarx/kics.git
-   ```
+    ```shell
+    git clone https://github.com/Checkmarx/kics.git
+    ```
 3. Build the binaries:
-   ```shell
-   cd kics
-   make build
-   ```
+    ```shell
+    cd kics
+    make build
+    ```
 4. Kick a scan!
-   ```shell
-   ./bin/kics scan -p '<path-of-your-project-to-scan>' --report-formats json -o ./results
-   ```
+    ```shell
+    ./bin/kics scan -p '<path-of-your-project-to-scan>' --report-formats json -o ./results
+    ```
 
 ---
 
 **Note**: KICS does not execute scan by default anymore.
 
 ## Next Steps
-- [Understand how to configure KICS](configuration-file.md) so you can have a better KICS experience.
-- [Explore KICS commands](commands.md) to see what you can do with KICS.
-- [Explore supported platforms](platforms.md) to see which files you can scan with KICS.
-- [Explore the queries internals](queries.md) for better understanding how KICS works.
-- [Create a new query](creating-queries.md) to learn how to create your own custom queries.
-- [Explore the output results format](results.md) and quickly fix the issues detected.
-- [Contribute](CONTRIBUTING.md) if you want to go the extra mile.
 
+-   [Understand how to configure KICS](configuration-file.md) so you can have a better KICS experience.
+-   [Explore KICS commands](commands.md) to see what you can do with KICS.
+-   [Explore supported platforms](platforms.md) to see which files you can scan with KICS.
+-   [Explore the queries internals](queries.md) for better understanding how KICS works.
+-   [Create a new query](creating-queries.md) to learn how to create your own custom queries.
+-   [Explore the output results format](results.md) and quickly fix the issues detected.
+-   [Contribute](CONTRIBUTING.md) if you want to go the extra mile.

docs/index.md

@@ -1,4 +1,3 @@
-
 <div class="row" >
     <div class="col-6 text-center" >
         <img alt="KICS - Keeping Infrastructure as Code Secure" src="img/logo/kics-logo-docs.png" width="250">
@@ -11,20 +10,12 @@
         <br/><br/>
         <h4>Version 1.5.0</h4>
         <p style="font-size:8pt">2022.01.19<p>
-        <h4>Downloads:</h4>
-        <a class="btn btn-success" href="https://github.com/Checkmarx/kics/releases/download/v1.5.0/kics_1.5.0_windows_x64.zip">Windows</a>
-        <a class="btn btn-success" href="https://github.com/Checkmarx/kics/releases/download/v1.5.0/kics_1.5.0_linux_x64.tar.gz">Linux</a>
-        <a class="btn btn-success" href="https://github.com/Checkmarx/kics/releases/download/v1.5.0/kics_1.5.0_darwin_x64.tar.gz">MacOS</a>
-        <hr/>
         <a class="btn btn-outline-success"  href="https://docs.kics.io/latest/CONTRIBUTING">Contribute!</a>
     </div>
 </div>
 
-
 ---
 
-
-
 #### Supported Platforms
 
 KICS scans and detects issues in following Infrastructure as Code solutions:
@@ -64,33 +55,32 @@ KICS scans and detects issues in following Infrastructure as Code solutions:
 
 Support of other solutions, such as Chef, and of additional cloud providers are on the [roadmap](roadmap.md).
 
-
 ## Getting Started
 
 Setting up and using KICS is super-easy.
 
-- First, see how to [install and get KICS running](getting-started.md).
-- Then explore KICS [output results format](results.md) and quickly fix the issues detected.
+-   First, see how to [install and get KICS running](getting-started.md).
+-   Then explore KICS [output results format](results.md) and quickly fix the issues detected.
 
 Interested in more advanced stuff?
-- Deep dive into KICS [queries](queries.md).
-- Understand how you to [integrate](integrations.md) KICS in your favorite CI/CD pipelines.
+
+-   Deep dive into KICS [queries](queries.md).
+-   Understand how you to [integrate](integrations.md) KICS in your favorite CI/CD pipelines.
 
 ## How it Works
 
 What makes KICS really powerful and popular is its built-in extensibility. This extensibility is achieved by:
 
-- Fully customizable and adjustable heuristics rules, called [queries](queries.md). These can be easily edited, extended and added.
-- Robust but yet simple [architecture](architecture.md), which allows quick addition of support for new Infrastructure as Code solutions.
-
+-   Fully customizable and adjustable heuristics rules, called [queries](queries.md). These can be easily edited, extended and added.
+-   Robust but yet simple [architecture](architecture.md), which allows quick addition of support for new Infrastructure as Code solutions.
 
 ## Contribution
 
 KICS is a true community project. It's built as an open source project from day one and anyone can find his own way to contribute to the project.
 [Check out how](CONTRIBUTING.md), within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers.
 
-- [How can I help?!](CONTRIBUTING.md)
-- <a href="https://github.com/Checkmarx/kics/" target="_blank">Take me to the repo on GitHub!</a>
+-   [How can I help?!](CONTRIBUTING.md)
+-   <a href="https://github.com/Checkmarx/kics/" target="_blank">Take me to the repo on GitHub!</a>
 
 ## About the Project
 
@@ -104,10 +94,9 @@ Now, Software <span style="color: #5FBB46">**=**</span> **Security**.
 
 Looking for more info? Explore KICS project in details:
 
-- [Roadmap](roadmap.md)
-- <a href="https://github.com/Checkmarx/kics/projects" target="_blank">Project plans</a>
-- <a href="https://github.com/Checkmarx/kics/issues" target="_blank">Issues</a>
+-   [Roadmap](roadmap.md)
+-   <a href="https://github.com/Checkmarx/kics/projects" target="_blank">Project plans</a>
+-   <a href="https://github.com/Checkmarx/kics/issues" target="_blank">Issues</a>
 
 Join the chat <a href="https://gitter.im/kics-io/community" target="_blank">on Gitter</a>.
 Or contact KICS core team at [[email protected]](mailto:[email protected])
-

docs/integrations_jenkins.md

@@ -22,54 +22,15 @@ Click on the build number to download the reports stored as artifacts.
 
 <img src="https://raw.githubusercontent.com/Checkmarx/kics/master/docs/img/jenkins-pipeline-artifacts.png" width="850">
 
-### Install and run
-
-The following pipeline uses downloads KICS binaries and place them under `/usr/bin/kics` before scanning a project:
-
-```groovy
-pipeline {
-  agent any
-  stages {
-    stage('Checkout Code') {
-      steps {
-        git(branch: 'master', url: 'https://github.com/GoogleCloudPlatform/terraform-google-examples')
-      }
-    }
-    // Other stages ...
-    stage('KICS scan') {
-      steps {
-        installKICS()
-        sh "mkdir -p results"
-        sh(script: '/usr/bin/kics scan --ci --no-color -p ${WORKSPACE} --output-path results --ignore-on-exit results --report-formats "json,sarif,html"')
-        archiveArtifacts(artifacts: 'results/*.html,results/*.sarif,results/*.json', fingerprint: true)
-      }
-    }
-  }
-}
-
-def installKICS(){
-  def installScript = '''
-    LATEST_VERSION=1.2.4
-    if ! command -v /usr/bin/kics; then
-      wget -q -c https://github.com/Checkmarx/kics/releases/download/v${LATEST_VERSION}/kics_${LATEST_VERSION}_Linux_x64.tar.gz -O /tmp/kics.tar.gz
-      tar xfzv /tmp/kics.tar.gz -C /usr/bin
-      rm -f kics.tar.gz
-    fi
-    /usr/bin/kics version
-  '''
-
-  sh(script: installScript)
-}
-```
-
 ### Using Docker
 
 The following pipeline uses KICS docker image to scan a project and publishes the HTML report in Jenkins.
 
 Plugins required:
-- [HTML Publisher Plugin](https://plugins.jenkins.io/htmlpublisher/)
-- [Docker Plugin](https://plugins.jenkins.io/docker-plugin/)
-- [Docker Pipeline Plugin](https://plugins.jenkins.io/docker-workflow/)
+
+-   [HTML Publisher Plugin](https://plugins.jenkins.io/htmlpublisher/)
+-   [Docker Plugin](https://plugins.jenkins.io/docker-plugin/)
+-   [Docker Pipeline Plugin](https://plugins.jenkins.io/docker-workflow/)
 
 ```groovy
 pipeline {
@@ -109,7 +70,7 @@ pipeline {
 The report will be published in pure HTML by default, if you want to enable your browser to load css and javascript embedded in the report.html you'll have to configure a custom Content-Security-Policy HTTP header.
 
 | 📝 &nbsp; WARNING                                                    |
-|:---------------------------------------------------------------------|
+| :------------------------------------------------------------------- |
 | Only disable Jenkins security features if you know what you're doing |
 
 </br>
@@ -129,20 +90,23 @@ The default Content-Security-Policy is currently overridden using the hudson.mod
 ```
 
 ### Using KICS with JUnit plugin
+
 First of all you need to check if the JUnit plugin is installed:
 
 <img src="https://raw.githubusercontent.com/Checkmarx/kics/master/docs/img/jenkins-junit-plugin.png" width="850">
 
 If it is not installed, you can install it by clicking on **Plugins** on the left menu bar, then click on **Install Plugin** and select **JUnit**.
 
 After that, you can add the following line to your pipeline script:
+
 ```groovy
     junit testResults: 'results/junit-results.xml', skipPublishingChecks: true
 ```
 
 The skipPublishingChecks option is important, otherwise the JUnit plugin will try to publish the results to GitHub in Jenkins. If you want to do this, you should check the [JUnit plugin documentation](https://plugins.jenkins.io/junit/) for more information.
 
 If you are using our example script, it will look like the following:
+
 ```groovy
 pipeline {
   agent any
@@ -152,7 +116,7 @@ pipeline {
         git(branch: 'master', url: 'https://github.com/GoogleCloudPlatform/terraform-google-examples')
       }
     }
-    
+
     stage('KICS scan') {
       steps {
         sh "mkdir -p results"

docs/releases.md

@@ -4,15 +4,13 @@ For our release versions we follow the <a href="https://semver.org/" target="_bl
 
 Our current release process is structured in the following way:
 
-- PATCH versions for minor backwards compatible bug fixes and new small features. This should have a bi-weekly cadence.
-- MINOR versions will include functionality that is backwards compatible. This should have a monthly cadence.
-- MAJOR versions for major functionality that it's added or changes that are not backwards compatible.
+-   PATCH versions for minor backwards compatible bug fixes and new small features. This should have a bi-weekly cadence.
+-   MINOR versions will include functionality that is backwards compatible. This should have a monthly cadence.
+-   MAJOR versions for major functionality that it's added or changes that are not backwards compatible.
 
 Every release is packed with:
 
-- Source code .zip/tarballs
-- Binaries for Windows, Linux and macOS
-- Docker image uploaded to <a href="https://hub.docker.com/r/checkmarx/kics" target="_blank">DockerHub</a>
+-   Docker image uploaded to <a href="https://hub.docker.com/r/checkmarx/kics" target="_blank">DockerHub</a>
 
 If waiting for a new release it's not enough, we also provide nightly builds that include the latest changes.
 
@@ -23,5 +21,6 @@ You can find our releases <a href="https://github.com/Checkmarx/kics/releases" t
 KICS docker images are pushed to [DockerHub](https://hub.docker.com/repository/docker/checkmarx/kics)
 
 List of images digests:
-- [Release versions](./docker-img/digests.md)
-- [Nightly images](./docker-img/nightly.md)
+
+-   [Release versions](./docker-img/digests.md)
+-   [Nightly images](./docker-img/nightly.md)