feat: k8s policy subtype support

[chen-keinan]

k8s policy subtype support

• Related #Lots of issues with Trivy helm chart misconfiguration scanning trivy#5679

[simar7]

Couple of points on this:

1. We have a test for this here if you can update that test and use the latest defsec within trivy-iac to try it out, it'll be great.
2. We might also need to revisit this

   defsec/pkg/rego/scanner.go

   Lines 299 to 306 in d640376

   	case string: // k8s
   	// TODO(simar): This logic probably needs to be revisited
   	if services == st.Group ||
   	services == st.Version ||
   	services == st.Kind {
   	return true
   	}
   	}

[chen-keinan]

Couple of points on this:

1. We have a test for this here if you can update that test and use the latest defsec within trivy-iac to try it out, it'll be great.
2. We might also need to revisit this

   defsec/pkg/rego/scanner.go

   Lines 299 to 306 in d640376

   	case string: // k8s
   	// TODO(simar): This logic probably needs to be revisited
   	if services == st.Group ||
   	services == st.Version ||
   	services == st.Kind {
   	return true
   	}
   	}

@simar7 I assume this need to be done after merging the PR and updating trivy-iac dep.

[simar7]

Couple of points on this:

1. We have a test for this here if you can update that test and use the latest defsec within trivy-iac to try it out, it'll be great.
2. We might also need to revisit this

   defsec/pkg/rego/scanner.go

   Lines 299 to 306 in d640376

   	case string: // k8s
   	// TODO(simar): This logic probably needs to be revisited
   	if services == st.Group ||
   	services == st.Version ||
   	services == st.Kind {
   	return true
   	}
   	}

@simar7 I assume this need to be done after merging the PR and updating trivy-iac dep.

Sure just wanted to remind. You can add it later or you can use this SHA as a commit hash to test this while adding the testcase. But I assume you've tested it locally.