audit

Documentation

Index

• func CalculateScore(p, s int) float64
• type AuditData
  • func NewAuditData(issues []*scanner.Issue, total int) *AuditData
• type AuditManager
  • func NewAuditManager(searchStorage storage.SearchStorage) (*AuditManager, error)
  • func (m *AuditManager) Audit(ctx context.Context, locator *core.Locator) (*AuditData, error)
  • func (m *AuditManager) AuditManifest(ctx context.Context, manifest string) ([]*scanner.Issue, error)
  • func (m *AuditManager) Score(ctx context.Context, issues []*scanner.Issue) (*ScoreData, error)
• type ScoreData

Functions

func CalculateScore

func CalculateScore(p, s int) float64

P is the number of issues, and S is the sum of the severity (range 1-5) of the issue S will not be less than P.

Example: - When there is one high-level issue, P=1 and S=3. - When there are three high-level issues, P=3 and S=9. - When there are ten low-level issues, P=10 and S=10.

Types

type AuditData

type AuditData struct {
	ResourcesTotal int              `json:"resourcesTotal"`
	Aggregated     map[string]int   `json:"aggregated"`
	Issues         []*scanner.Issue `json:"issues"`
}

AuditData represents the aggregated data of scanner issues, including the original list of issues and their aggregated count based on title.

func NewAuditData

func NewAuditData(issues []*scanner.Issue, total int) *AuditData

NewAuditData initializes an AuditData instance by aggregating the counts of each issue's title from the provided list of issues.

type AuditManager

type AuditManager struct {
	// contains filtered or unexported fields
}

AuditManager manages the auditing process of Kubernetes manifests using a KubeScanner.

func NewAuditManager

func NewAuditManager(searchStorage storage.SearchStorage) (*AuditManager, error)

NewAuditManager initializes a new instance of AuditManager with a KubeScanner.

func (*AuditManager) Audit

func (m *AuditManager) Audit(ctx context.Context, locator *core.Locator) (*AuditData, error)

Audit performs the audit on Kubernetes manifests with the specified locator and returns the issues found during the audit.

func (*AuditManager) AuditManifest

func (m *AuditManager) AuditManifest(ctx context.Context, manifest string) ([]*scanner.Issue, error)

Audit performs a security audit on the provided manifest, returning a list of issues discovered during scanning.

func (*AuditManager) Score

func (m *AuditManager) Score(ctx context.Context, issues []*scanner.Issue) (*ScoreData, error)

Score calculates a score based on the severity and total number of issues identified during the audit. It aggregates statistics on different severity levels and generates a cumulative score.

type ScoreData

type ScoreData struct {
	// Score represents the calculated score of the audited manifest based on
	// the number and severity of issues. It provides a quantitative measure
	// of the security posture of the resources in the manifest.
	Score float64 `json:"score"`

	// IssuesTotal is the total count of all issues found during the audit.
	// This count can be used to understand the overall number of problems
	// that need to be addressed.
	IssuesTotal int `json:"issuesTotal"`

	// SeveritySum is the sum of severity scores of all issues, which can be
	// used to gauge the cumulative severity of all problems found.
	SeveritySum int `json:"severitySum"`

	// SeverityStatistic is a mapping of severity levels to their respective
	// number of occurrences. It allows for a quick overview of the distribution
	// of issues across different severity categories.
	SeverityStatistic map[string]int `json:"severityStatistic"`
}

ScoreData encapsulates the results of scoring an audited manifest. It provides a numerical score along with statistics about the total number of issues and their severities.