Documentation
¶
Overview ¶
Package configauditreport provides primitives for working with Kubernetes workload configuration checkers.
Index ¶
- type ConfigAuditConfig
- type PluginInMemory
- type ReadWriter
- type Reader
- type ReportBuilder
- func (b *ReportBuilder) AdditionalReportLabels(additionalReportLabels map[string]string) *ReportBuilder
- func (b *ReportBuilder) Controller(controller client.Object) *ReportBuilder
- func (b *ReportBuilder) Data(data v1alpha1.ConfigAuditReportData) *ReportBuilder
- func (b *ReportBuilder) GetClusterReport() (v1alpha1.ClusterConfigAuditReport, error)
- func (b *ReportBuilder) GetReport() (v1alpha1.ConfigAuditReport, error)
- func (b *ReportBuilder) PluginConfigHash(hash string) *ReportBuilder
- func (b *ReportBuilder) ReportTTL(ttl *time.Duration) *ReportBuilder
- func (b *ReportBuilder) ResourceLabelsToInclude(resourceLabelsToInclude []string) *ReportBuilder
- func (b *ReportBuilder) ResourceSpecHash(hash string) *ReportBuilder
- func (b *ReportBuilder) Write(ctx context.Context, writer Writer) error
- type Writer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConfigAuditConfig ¶
type ConfigAuditConfig interface {
// GetUseBuiltinRegoPolicies return vul config which associated to configauditreport plugin
GetUseBuiltinRegoPolicies() bool
// GetSupportedConfigAuditKinds list of supported kinds to be scanned by the config audit scanner
GetSupportedConfigAuditKinds() []string
// GetSeverity get security level
GetSeverity() string
}
ConfigAuditConfig defines the interface between vul-operator and vul configuration which related to configauditreport
type PluginInMemory ¶
type PluginInMemory interface {
// Init is a callback to initialize this plugin, e.g. ensure the default
// configuration.
Init(ctx vuloperator.PluginContext) error
NewConfigForConfigAudit(ctx vuloperator.PluginContext) (ConfigAuditConfig, error)
}
PluginInMemory defines the interface between vul-operator and vul configuration
type ReadWriter ¶
func NewReadWriter ¶
func NewReadWriter(ObjectResolver *kube.ObjectResolver) ReadWriter
NewReadWriter constructs a new ReadWriter which is using the client package provided by the controller-runtime libraries for interacting with the Kubernetes API server.
type Reader ¶
type Reader interface {
// FindReportByOwner returns a v1alpha1.ConfigAuditReport owned by the given
// kube.ObjectRef or nil if the report is not found.
FindReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error)
// FindClusterReportByOwner returns a v1alpha1.ClusterConfigAuditReport owned by the given
// kube.ObjectRef or nil if the report is not found.
FindClusterReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error)
}
Reader is the interface that wraps methods for finding v1alpha1.ConfigAuditReport and v1alpha1.ClusterConfigAuditReport objects.
type ReportBuilder ¶
type ReportBuilder struct {
// contains filtered or unexported fields
}
func NewReportBuilder ¶
func NewReportBuilder(scheme *runtime.Scheme) *ReportBuilder
func (*ReportBuilder) AdditionalReportLabels ¶
func (b *ReportBuilder) AdditionalReportLabels(additionalReportLabels map[string]string) *ReportBuilder
func (*ReportBuilder) Controller ¶
func (b *ReportBuilder) Controller(controller client.Object) *ReportBuilder
func (*ReportBuilder) Data ¶
func (b *ReportBuilder) Data(data v1alpha1.ConfigAuditReportData) *ReportBuilder
func (*ReportBuilder) GetClusterReport ¶
func (b *ReportBuilder) GetClusterReport() (v1alpha1.ClusterConfigAuditReport, error)
func (*ReportBuilder) GetReport ¶
func (b *ReportBuilder) GetReport() (v1alpha1.ConfigAuditReport, error)
func (*ReportBuilder) PluginConfigHash ¶
func (b *ReportBuilder) PluginConfigHash(hash string) *ReportBuilder
func (*ReportBuilder) ReportTTL ¶
func (b *ReportBuilder) ReportTTL(ttl *time.Duration) *ReportBuilder
func (*ReportBuilder) ResourceLabelsToInclude ¶
func (b *ReportBuilder) ResourceLabelsToInclude(resourceLabelsToInclude []string) *ReportBuilder
func (*ReportBuilder) ResourceSpecHash ¶
func (b *ReportBuilder) ResourceSpecHash(hash string) *ReportBuilder
type Writer ¶
type Writer interface {
// WriteReport creates or updates the given v1alpha1.ConfigAuditReport instance.
WriteReport(ctx context.Context, report v1alpha1.ConfigAuditReport) error
// WriteClusterReport creates or updates the given v1alpha1.ClusterConfigAuditReport instance.
WriteClusterReport(ctx context.Context, report v1alpha1.ClusterConfigAuditReport) error
}
Writer is the interface for saving v1alpha1.ClusterConfigAuditReport and v1alpha1.ConfigAuditReport instances.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.