Documentation ¶
Overview ¶
Package rule implements the inspector rules and the engine that runs the rules according to the conditions.
Index ¶
- func DumpDefaultRules(writer io.Writer) error
- type CheckMapper
- type DefaultCheckMapper
- type DockerInPath
- type Engine
- type ExecutableInPath
- type FileContentMatches
- type FreeSpace
- type Meta
- type PackageDependency
- type PackageNotInstalled
- type Python2Version
- type Result
- type Rule
- type TCPPortAccessible
- type TCPPortAvailable
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DumpDefaultRules ¶
DumpDefaultRules writes the default rule set to a file
Types ¶
type CheckMapper ¶
CheckMapper implements a mapping between a rule and a check.
type DefaultCheckMapper ¶
type DefaultCheckMapper struct { PackageManager check.PackageManager // IP of the remote node that is being inspected when in client mode TargetNodeIP string // PackageInstallationDisabled determines whether Kismatic is allowed to install packages on the node PackageInstallationDisabled bool // DisconnectedInstallation determines whether Kismatic can access the internet DisconnectedInstallation bool // DockerInstallationDisabled determines whether Kismatic is expected to install docker // If set to false, Kismatic will validate that a docker executable is present on the machine DockerInstallationDisabled bool }
The DefaultCheckMapper contains the mappings for all supported rules and checks.
func (DefaultCheckMapper) GetCheckForRule ¶
func (m DefaultCheckMapper) GetCheckForRule(rule Rule) (check.Check, error)
GetCheckForRule returns the check for the given rule. If the rule is unknown to the mapper, it returns an error.
type DockerInPath ¶ added in v1.8.0
type DockerInPath struct {
Meta
}
DockerInPath is a rule that ensures the docker executable is in the system's path
func (DockerInPath) IsRemoteRule ¶ added in v1.8.0
func (d DockerInPath) IsRemoteRule() bool
func (DockerInPath) Name ¶ added in v1.8.0
func (d DockerInPath) Name() string
func (DockerInPath) Validate ¶ added in v1.8.0
func (d DockerInPath) Validate() []error
type Engine ¶
type Engine struct { RuleCheckMapper CheckMapper // contains filtered or unexported fields }
The Engine executes rules and reports the results
func (*Engine) CloseChecks ¶
CloseChecks that need to be closed
type ExecutableInPath ¶
ExecutableInPath is a rule that ensures the given executable is in the system's path
func (ExecutableInPath) IsRemoteRule ¶
func (e ExecutableInPath) IsRemoteRule() bool
IsRemoteRule returns true if the rule is to be run from outside of the node
type FileContentMatches ¶
FileContentMatches is a rule that verifies that the contents of a file match the regular expression provided
func (FileContentMatches) IsRemoteRule ¶
func (f FileContentMatches) IsRemoteRule() bool
IsRemoteRule returns true if the rule is to be run from outside of the node
func (FileContentMatches) Name ¶
func (f FileContentMatches) Name() string
Name is the name of the rule
func (FileContentMatches) Validate ¶
func (f FileContentMatches) Validate() []error
Validate the rule
type FreeSpace ¶ added in v1.3.0
The FreeSpace rule declares that the given path must have enough free space
func (FreeSpace) IsRemoteRule ¶ added in v1.3.0
IsRemoteRule returns true if the rule is to be run from outside of the node
type PackageDependency ¶ added in v1.3.0
The PackageDependency rule declares a dependency on a software package that can be installed via an operating system's package manager.
func (PackageDependency) IsRemoteRule ¶ added in v1.3.0
func (p PackageDependency) IsRemoteRule() bool
IsRemoteRule returns true if the rule is to be run from outside of the node
func (PackageDependency) Name ¶ added in v1.3.0
func (p PackageDependency) Name() string
Name returns the name of the rule
func (PackageDependency) Validate ¶ added in v1.3.0
func (p PackageDependency) Validate() []error
Validate the rule
type PackageNotInstalled ¶ added in v1.7.0
type PackageNotInstalled struct { Meta PackageName string PackageVersion string AcceptablePackageVersion string }
The PackageNotInstalled validates that a specified package in not installed.
func (PackageNotInstalled) IsRemoteRule ¶ added in v1.7.0
func (p PackageNotInstalled) IsRemoteRule() bool
IsRemoteRule returns true if the rule is to be run from outside of the node
func (PackageNotInstalled) Name ¶ added in v1.7.0
func (p PackageNotInstalled) Name() string
Name returns the name of the rule
func (PackageNotInstalled) Validate ¶ added in v1.7.0
func (p PackageNotInstalled) Validate() []error
Validate the rule
type Python2Version ¶
PythonVersion rule for checking the host's python version
func (Python2Version) IsRemoteRule ¶
func (p Python2Version) IsRemoteRule() bool
func (Python2Version) Name ¶
func (p Python2Version) Name() string
func (Python2Version) Validate ¶
func (p Python2Version) Validate() []error
type Result ¶
type Result struct { // Name is the rule's name Name string // Success is true when the rule was asserted Success bool // Error message if there was an error executing the rule Error string // Remediation contains potential remediation steps for the rule Remediation string }
Result contains the results from executing the rule
type Rule ¶
Rule is an inspector rule
func DefaultRules ¶
DefaultRules returns the list of rules that are built into the inspector
func ReadFromFile ¶
ReadFromFile returns the list of rules contained in the specified file
func UnmarshalRulesJSON ¶
UnmarshalRulesJSON unmarshals the JSON rules into a list of rules
func UnmarshalRulesYAML ¶
UnmarshalRulesYAML unmarshals the data into a list of rules
func UpgradeRules ¶ added in v1.3.0
type TCPPortAccessible ¶
TCPPortAccessible is a rule that ensures the given port on a remote node is accessible from the network
func (TCPPortAccessible) IsRemoteRule ¶
func (p TCPPortAccessible) IsRemoteRule() bool
IsRemoteRule returns true if the rule is to be run from a remote node
func (TCPPortAccessible) Name ¶
func (p TCPPortAccessible) Name() string
Name returns the name of the rule
type TCPPortAvailable ¶
type TCPPortAvailable struct { Meta // The port number to verify Port int // The name of the process that owns this port after KET installation ProcName string }
TCPPortAvailable is a rule that ensures that a given port is available on the node. The port is considered available if: - The port is free and ready to be bound by a new process, or - The port is bound to the process defined in ProcName
func (TCPPortAvailable) IsRemoteRule ¶
func (p TCPPortAvailable) IsRemoteRule() bool
IsRemoteRule returns true if the rule is to be run from outside the node