v1alpha1

package
v0.10.0-rc3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 6, 2021 License: Apache-2.0 Imports: 8 Imported by: 28

Documentation

Overview

Package v1alpha1 is the v1alpha1 version of the API.

Index

Constants

View Source 
const (
	CISKubeBenchReportCRName    = "ciskubebenchreports.aquasecurity.github.io"
	CISKubeBenchReportCRVersion = "v1alpha1"
	CISKubeBenchReportKind      = "CISKubeBenchReport"
	CISKubeBenchReportListKind  = "CISKubeBenchReportList"
)
View Source 
const (
	ConfigAuditReportCRName    = "configauditreports.aquasecurity.github.io"
	ConfigAuditReportCRVersion = "v1alpha1"
	ConfigAuditReportKind      = "ConfigAuditReport"
	ConfigAuditReportListKind  = "ConfigAuditReportList"
)
View Source 
const (
	ConfigAuditDangerSeverity  = "danger"
	ConfigAuditWarningSeverity = "warning"
)
View Source 
const (
	KubeHunterReportCRName    = "kubehunterreports.aquasecurity.github.io"
	KubeHunterReportCRVersion = "v1alpha1"
	KubeHunterReportKind      = "KubeHunterReport"
	KubeHunterReportListKind  = "KubeHunterReportList"
)
View Source 
const (
	VulnerabilityReportsCRName    = "vulnerabilityreports.aquasecurity.github.io"
	VulnerabilityReportsCRVersion = "v1alpha1"
	VulnerabilityReportKind       = "VulnerabilityReport"
	VulnerabilityReportListKind   = "VulnerabilityReportList"
)

Variables

View Source 
var (
	// SchemeBuilder initializes a scheme builder
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// AddToScheme is a global function that registers this API group & version to a scheme
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	// TODO Once we migrate to Go 1.16 we can use the embed package to load the CRD from ./deploy/crd/ciskubebenchreports.crd.yaml
	CISKubeBenchReportCRD = apiextensionsv1.CustomResourceDefinition{
		ObjectMeta: metav1.ObjectMeta{
			Name: CISKubeBenchReportCRName,
			Labels: labels.Set{
				"app.kubernetes.io/managed-by": "starboard",
			},
		},
		Spec: apiextensionsv1.CustomResourceDefinitionSpec{
			Group: aquasecurity.GroupName,
			Versions: []apiextensionsv1.CustomResourceDefinitionVersion{
				{
					Name:    CISKubeBenchReportCRVersion,
					Served:  true,
					Storage: true,
					AdditionalPrinterColumns: []apiextensionsv1.CustomResourceColumnDefinition{
						{
							JSONPath: ".report.scanner.name",
							Type:     "string",
							Name:     "Scanner",
						},
						{
							JSONPath: ".metadata.creationTimestamp",
							Type:     "date",
							Name:     "Age",
						},
						{
							JSONPath: ".report.summary.failCount",
							Type:     "integer",
							Name:     "Fail",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.warnCount",
							Type:     "integer",
							Name:     "Warn",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.infoCount",
							Type:     "integer",
							Name:     "Info",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.passCount",
							Type:     "integer",
							Name:     "Pass",
							Priority: 1,
						},
					},
					Schema: &apiextensionsv1.CustomResourceValidation{
						OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
							XPreserveUnknownFields: pointer.BoolPtr(true),
							Type:                   "object",
						},
					},
				},
			},
			Scope: apiextensionsv1.ClusterScoped,
			Names: apiextensionsv1.CustomResourceDefinitionNames{
				Singular:   "ciskubebenchreport",
				Plural:     "ciskubebenchreports",
				Kind:       CISKubeBenchReportKind,
				ListKind:   CISKubeBenchReportListKind,
				Categories: []string{"all"},
				ShortNames: []string{"kubebench"},
			},
		},
	}
)
View Source 
var (
	// TODO Once we migrate to Go 1.16 we can use the embed package to load the CRD from ./deploy/crd/configauditreports.crd.yaml
	ConfigAuditReportCRD = apiextensionsv1.CustomResourceDefinition{
		ObjectMeta: metav1.ObjectMeta{
			Name: ConfigAuditReportCRName,
			Labels: labels.Set{
				"app.kubernetes.io/managed-by": "starboard",
			},
		},
		Spec: apiextensionsv1.CustomResourceDefinitionSpec{
			Group: aquasecurity.GroupName,
			Versions: []apiextensionsv1.CustomResourceDefinitionVersion{
				{
					Name:    ConfigAuditReportCRVersion,
					Served:  true,
					Storage: true,
					AdditionalPrinterColumns: []apiextensionsv1.CustomResourceColumnDefinition{
						{
							JSONPath: ".report.scanner.name",
							Type:     "string",
							Name:     "Scanner",
						},
						{
							JSONPath: ".metadata.creationTimestamp",
							Type:     "date",
							Name:     "Age",
						},
						{
							JSONPath: ".report.summary.dangerCount",
							Type:     "integer",
							Name:     "Danger",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.warningCount",
							Type:     "integer",
							Name:     "Warning",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.passCount",
							Type:     "integer",
							Name:     "Pass",
							Priority: 1,
						},
					},
					Schema: &apiextensionsv1.CustomResourceValidation{
						OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
							XPreserveUnknownFields: pointer.BoolPtr(true),
							Type:                   "object",
						},
					},
				},
			},
			Scope: apiextensionsv1.NamespaceScoped,
			Names: apiextensionsv1.CustomResourceDefinitionNames{
				Singular:   "configauditreport",
				Plural:     "configauditreports",
				Kind:       ConfigAuditReportKind,
				ListKind:   ConfigAuditReportListKind,
				Categories: []string{"all"},
				ShortNames: []string{"configaudit"},
			},
		},
	}
)
View Source 
var (
	// TODO Once we migrate to Go 1.16 we can use the embed package to load the CRD from ./deploy/crd/kubehunterreports.crd.yaml
	KubeHunterReportCRD = apiextensionsv1.CustomResourceDefinition{
		ObjectMeta: metav1.ObjectMeta{
			Name: KubeHunterReportCRName,
			Labels: labels.Set{
				"app.kubernetes.io/managed-by": "starboard",
			},
		},
		Spec: apiextensionsv1.CustomResourceDefinitionSpec{
			Group: aquasecurity.GroupName,
			Versions: []apiextensionsv1.CustomResourceDefinitionVersion{
				{
					Name:    KubeHunterReportCRVersion,
					Served:  true,
					Storage: true,
					AdditionalPrinterColumns: []apiextensionsv1.CustomResourceColumnDefinition{
						{
							JSONPath: ".report.scanner.name",
							Type:     "string",
							Name:     "Scanner",
						},
						{
							JSONPath: ".metadata.creationTimestamp",
							Type:     "date",
							Name:     "Age",
						},
						{
							JSONPath: ".report.summary.highCount",
							Type:     "integer",
							Name:     "High",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.mediumCount",
							Type:     "integer",
							Name:     "Medium",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.lowCount",
							Type:     "integer",
							Name:     "Low",
							Priority: 1,
						},
					},
					Schema: &apiextensionsv1.CustomResourceValidation{
						OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
							Type: "object",
							Required: []string{
								"apiVersion",
								"kind",
								"metadata",
								"report",
							},
							Properties: map[string]apiextensionsv1.JSONSchemaProps{
								"apiVersion": {Type: "string"},
								"kind":       {Type: "string"},
								"metadata":   {Type: "object"},
								"report": {
									Type: "object",
									Required: []string{
										"scanner",
										"vulnerabilities",
									},
									Properties: map[string]apiextensionsv1.JSONSchemaProps{
										"scanner": {
											Type: "object",
											Required: []string{
												"name",
												"vendor",
												"version",
											},
											Properties: map[string]apiextensionsv1.JSONSchemaProps{
												"name":    {Type: "string"},
												"vendor":  {Type: "string"},
												"version": {Type: "string"},
											},
										},
										"summary": {
											Type: "object",
											Required: []string{
												"highCount",
												"mediumCount",
												"lowCount",
												"unknownCount",
											},
											Properties: map[string]apiextensionsv1.JSONSchemaProps{
												"highCount":    {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"mediumCount":  {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"lowCount":     {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"unknownCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)},
											},
										},
										"updateTimestamp": {
											Type:   "string",
											Format: "date-time",
										},
										"vulnerabilities": {
											Type: "array",
											Items: &apiextensionsv1.JSONSchemaPropsOrArray{
												Schema: &apiextensionsv1.JSONSchemaProps{
													Type: "object",
													Required: []string{
														"category",
														"severity",
														"vulnerability",
														"description",
														"evidence",
													},
													Properties: map[string]apiextensionsv1.JSONSchemaProps{
														"id":       {Type: "string"},
														"category": {Type: "string"},
														"severity": {
															Type: "string",
															Enum: []apiextensionsv1.JSON{
																{Raw: []byte(strconv.Quote(string(KubeHunterSeverityHigh)))},
																{Raw: []byte(strconv.Quote(string(KubeHunterSeverityMedium)))},
																{Raw: []byte(strconv.Quote(string(KubeHunterSeverityLow)))},
																{Raw: []byte(strconv.Quote(string(KubeHunterSeverityUnknown)))},
															},
														},
														"vulnerability": {Type: "string"},
														"description":   {Type: "string"},
														"evidence":      {Type: "string"},
														"avd_reference": {Type: "string"},
													},
												},
											},
										},
									},
								},
							},
						},
					},
				},
			},
			Scope: apiextensionsv1.ClusterScoped,
			Names: apiextensionsv1.CustomResourceDefinitionNames{
				Singular:   "kubehunterreport",
				Plural:     "kubehunterreports",
				Kind:       KubeHunterReportKind,
				ListKind:   KubeHunterReportListKind,
				Categories: []string{"all"},
				ShortNames: []string{"kubehunter"},
			},
		},
	}
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: aquasecurity.GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

View Source 
var (
	// TODO Once we migrate to Go 1.16 we can use the embed package to load the CRD from ./deploy/crd/vulnerabilityreports.crd.yaml
	VulnerabilityReportsCRD = apiextensionsv1.CustomResourceDefinition{
		ObjectMeta: metav1.ObjectMeta{
			Name: VulnerabilityReportsCRName,
			Labels: labels.Set{
				"app.kubernetes.io/managed-by": "starboard",
			},
		},
		Spec: apiextensionsv1.CustomResourceDefinitionSpec{
			Group: aquasecurity.GroupName,
			Versions: []apiextensionsv1.CustomResourceDefinitionVersion{
				{
					Name:    VulnerabilityReportsCRVersion,
					Served:  true,
					Storage: true,
					AdditionalPrinterColumns: []apiextensionsv1.CustomResourceColumnDefinition{
						{
							JSONPath: ".report.artifact.repository",
							Type:     "string",
							Name:     "Repository",
						},
						{
							JSONPath: ".report.artifact.tag",
							Type:     "string",
							Name:     "Tag",
						},
						{
							JSONPath: ".report.scanner.name",
							Type:     "string",
							Name:     "Scanner",
						},
						{
							JSONPath: ".metadata.creationTimestamp",
							Type:     "date",
							Name:     "Age",
						},
						{
							JSONPath: ".report.summary.criticalCount",
							Type:     "integer",
							Name:     "Critical",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.highCount",
							Type:     "integer",
							Name:     "High",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.mediumCount",
							Type:     "integer",
							Name:     "Medium",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.lowCount",
							Type:     "integer",
							Name:     "Low",
							Priority: 1,
						},
						{
							JSONPath: ".report.summary.unknownCount",
							Type:     "integer",
							Name:     "Unknown",
							Priority: 1,
						},
					},
					Schema: &apiextensionsv1.CustomResourceValidation{
						OpenAPIV3Schema: &apiextensionsv1.JSONSchemaProps{
							Type: "object",
							Required: []string{
								"apiVersion",
								"kind",
								"metadata",
								"report",
							},
							Properties: map[string]apiextensionsv1.JSONSchemaProps{
								"apiVersion": {Type: "string"},
								"kind":       {Type: "string"},
								"metadata":   {Type: "object"},
								"report": {
									Type: "object",
									Required: []string{
										"scanner",
										"artifact",
										"vulnerabilities",
									},
									Properties: map[string]apiextensionsv1.JSONSchemaProps{
										"scanner": {
											Type: "object",
											Required: []string{
												"name",
												"vendor",
												"version",
											},
											Properties: map[string]apiextensionsv1.JSONSchemaProps{
												"name":    {Type: "string"},
												"vendor":  {Type: "string"},
												"version": {Type: "string"},
											},
										},
										"registry": {
											Type: "object",
											Properties: map[string]apiextensionsv1.JSONSchemaProps{
												"server": {Type: "string"},
											},
										},
										"artifact": {
											Type: "object",
											Properties: map[string]apiextensionsv1.JSONSchemaProps{
												"repository": {Type: "string"},
												"digest":     {Type: "string"},
												"tag":        {Type: "string"},
												"mimeType":   {Type: "string"},
											},
										},
										"summary": {
											Type: "object",
											Required: []string{
												"criticalCount",
												"highCount",
												"mediumCount",
												"lowCount",
												"unknownCount",
											},
											Properties: map[string]apiextensionsv1.JSONSchemaProps{
												"criticalCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"highCount":     {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"mediumCount":   {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"lowCount":      {Type: "integer", Minimum: pointer.Float64Ptr(0)},
												"unknownCount":  {Type: "integer", Minimum: pointer.Float64Ptr(0)},
											},
										},
										"updateTimestamp": {
											Type:   "string",
											Format: "date-time",
										},
										"vulnerabilities": {
											Type: "array",
											Items: &apiextensionsv1.JSONSchemaPropsOrArray{
												Schema: &apiextensionsv1.JSONSchemaProps{
													Type: "object",
													Required: []string{
														"vulnerabilityID",
														"resource",
														"installedVersion",
														"fixedVersion",
														"severity",
														"title",
													},
													Properties: map[string]apiextensionsv1.JSONSchemaProps{
														"vulnerabilityID":  {Type: "string"},
														"resource":         {Type: "string"},
														"installedVersion": {Type: "string"},
														"fixedVersion":     {Type: "string"},
														"severity": {
															Type: "string",
															Enum: []apiextensionsv1.JSON{
																{Raw: []byte(strconv.Quote(string(SeverityCritical)))},
																{Raw: []byte(strconv.Quote(string(SeverityHigh)))},
																{Raw: []byte(strconv.Quote(string(SeverityMedium)))},
																{Raw: []byte(strconv.Quote(string(SeverityLow)))},
																{Raw: []byte(strconv.Quote(string(SeverityUnknown)))},
															},
														},
														"title":       {Type: "string"},
														"description": {Type: "string"},
														"primaryLink": {Type: "string"},
														"score":       {Type: "number"},
														"links": {
															Type: "array",
															Items: &apiextensionsv1.JSONSchemaPropsOrArray{
																Schema: &apiextensionsv1.JSONSchemaProps{
																	Type: "string",
																},
															},
														},
													},
												},
											},
										},
									},
								},
							},
						},
					},
				},
			},
			Scope: apiextensionsv1.NamespaceScoped,
			Names: apiextensionsv1.CustomResourceDefinitionNames{
				Singular:   "vulnerabilityreport",
				Plural:     "vulnerabilityreports",
				Kind:       VulnerabilityReportKind,
				ListKind:   VulnerabilityReportListKind,
				Categories: []string{"all"},
				ShortNames: []string{"vulns", "vuln"},
			},
		},
	}
)

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type Artifact 

type Artifact struct {
	Repository string `json:"repository"`
	Digest     string `json:"digest,omitempty"`
	Tag        string `json:"tag,omitempty"`
	MimeType   string `json:"mimeType,omitempty"`
}

Artifact is the spec for an artifact that can be scanned.

func (*Artifact) DeepCopy 

func (in *Artifact) DeepCopy() *Artifact

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact.

func (*Artifact) DeepCopyInto 

func (in *Artifact) DeepCopyInto(out *Artifact)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CISKubeBenchOutput 

type CISKubeBenchOutput struct {
	UpdateTimestamp metav1.Time           `json:"updateTimestamp"`
	Scanner         Scanner               `json:"scanner"`
	Summary         CISKubeBenchSummary   `json:"summary"`
	Sections        []CISKubeBenchSection `json:"sections"`
}

func (*CISKubeBenchOutput) DeepCopy 

func (in *CISKubeBenchOutput) DeepCopy() *CISKubeBenchOutput

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchOutput.

func (*CISKubeBenchOutput) DeepCopyInto 

func (in *CISKubeBenchOutput) DeepCopyInto(out *CISKubeBenchOutput)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CISKubeBenchReport 

type CISKubeBenchReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Report CISKubeBenchOutput `json:"report"`
}

CISKubeBenchReport is a specification for the CISKubeBenchReport resource.

func (*CISKubeBenchReport) DeepCopy 

func (in *CISKubeBenchReport) DeepCopy() *CISKubeBenchReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchReport.

func (*CISKubeBenchReport) DeepCopyInto 

func (in *CISKubeBenchReport) DeepCopyInto(out *CISKubeBenchReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CISKubeBenchReport) DeepCopyObject 

func (in *CISKubeBenchReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CISKubeBenchReportList 

type CISKubeBenchReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []CISKubeBenchReport `json:"items"`
}

CISKubeBenchReportList is a list of CISKubeBenchReport resources.

func (*CISKubeBenchReportList) DeepCopy 

func (in *CISKubeBenchReportList) DeepCopy() *CISKubeBenchReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchReportList.

func (*CISKubeBenchReportList) DeepCopyInto 

func (in *CISKubeBenchReportList) DeepCopyInto(out *CISKubeBenchReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CISKubeBenchReportList) DeepCopyObject 

func (in *CISKubeBenchReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CISKubeBenchResult 

type CISKubeBenchResult struct {
	TestNumber  string `json:"test_number"`
	TestDesc    string `json:"test_desc"`
	Remediation string `json:"remediation"`
	Status      string `json:"status"`
	Scored      bool   `json:"scored"`
}

func (*CISKubeBenchResult) DeepCopy 

func (in *CISKubeBenchResult) DeepCopy() *CISKubeBenchResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchResult.

func (*CISKubeBenchResult) DeepCopyInto 

func (in *CISKubeBenchResult) DeepCopyInto(out *CISKubeBenchResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CISKubeBenchSection 

type CISKubeBenchSection struct {
	ID        string `json:"id"`
	Version   string `json:"version"`
	Text      string `json:"text"`
	NodeType  string `json:"node_type"`
	TotalPass int    `json:"total_pass"`
	TotalFail int    `json:"total_fail"`
	TotalWarn int    `json:"total_warn"`
	TotalInfo int    `json:"total_info"`

	Tests []CISKubeBenchTests `json:"tests"`
}

func (*CISKubeBenchSection) DeepCopy 

func (in *CISKubeBenchSection) DeepCopy() *CISKubeBenchSection

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchSection.

func (*CISKubeBenchSection) DeepCopyInto 

func (in *CISKubeBenchSection) DeepCopyInto(out *CISKubeBenchSection)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CISKubeBenchSummary added in v0.4.0 

type CISKubeBenchSummary struct {
	PassCount int `json:"passCount"`
	InfoCount int `json:"infoCount"`
	WarnCount int `json:"warnCount"`
	FailCount int `json:"failCount"`
}

func (*CISKubeBenchSummary) DeepCopy added in v0.4.0 

func (in *CISKubeBenchSummary) DeepCopy() *CISKubeBenchSummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchSummary.

func (*CISKubeBenchSummary) DeepCopyInto added in v0.4.0 

func (in *CISKubeBenchSummary) DeepCopyInto(out *CISKubeBenchSummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CISKubeBenchTests 

type CISKubeBenchTests struct {
	Section string `json:"section"`
	Pass    int    `json:"pass"`
	Fail    int    `json:"fail"`
	Warn    int    `json:"warn"`
	Info    int    `json:"info"`
	Desc    string `json:"desc"`

	Results []CISKubeBenchResult `json:"results"`
}

func (*CISKubeBenchTests) DeepCopy 

func (in *CISKubeBenchTests) DeepCopy() *CISKubeBenchTests

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchTests.

func (*CISKubeBenchTests) DeepCopyInto 

func (in *CISKubeBenchTests) DeepCopyInto(out *CISKubeBenchTests)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Check 

type Check struct {
	ID       string `json:"checkID"`
	Message  string `json:"message"`
	Success  bool   `json:"success"`
	Severity string `json:"severity"`
	Category string `json:"category"`
}

func (*Check) DeepCopy 

func (in *Check) DeepCopy() *Check

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Check.

func (*Check) DeepCopyInto 

func (in *Check) DeepCopyInto(out *Check)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigAuditReport 

type ConfigAuditReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Report ConfigAuditResult `json:"report"`
}

ConfigAuditReport is a specification for the ConfigAuditReport resource.

func (*ConfigAuditReport) DeepCopy 

func (in *ConfigAuditReport) DeepCopy() *ConfigAuditReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditReport.

func (*ConfigAuditReport) DeepCopyInto 

func (in *ConfigAuditReport) DeepCopyInto(out *ConfigAuditReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigAuditReport) DeepCopyObject 

func (in *ConfigAuditReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ConfigAuditReportList 

type ConfigAuditReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []ConfigAuditReport `json:"items"`
}

ConfigAuditReportList is a list of AuditConfig resources.

func (*ConfigAuditReportList) DeepCopy 

func (in *ConfigAuditReportList) DeepCopy() *ConfigAuditReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditReportList.

func (*ConfigAuditReportList) DeepCopyInto 

func (in *ConfigAuditReportList) DeepCopyInto(out *ConfigAuditReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigAuditReportList) DeepCopyObject 

func (in *ConfigAuditReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ConfigAuditResult added in v0.7.0 

type ConfigAuditResult struct {
	UpdateTimestamp metav1.Time        `json:"updateTimestamp"`
	Scanner         Scanner            `json:"scanner"`
	Summary         ConfigAuditSummary `json:"summary"`
	PodChecks       []Check            `json:"podChecks"`
	ContainerChecks map[string][]Check `json:"containerChecks"`
}

func (*ConfigAuditResult) DeepCopy added in v0.7.0 

func (in *ConfigAuditResult) DeepCopy() *ConfigAuditResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditResult.

func (*ConfigAuditResult) DeepCopyInto added in v0.7.0 

func (in *ConfigAuditResult) DeepCopyInto(out *ConfigAuditResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigAuditSummary added in v0.5.0 

type ConfigAuditSummary struct {
	PassCount    int `json:"passCount"`
	DangerCount  int `json:"dangerCount"`
	WarningCount int `json:"warningCount"`
}

func (*ConfigAuditSummary) DeepCopy added in v0.7.0 

func (in *ConfigAuditSummary) DeepCopy() *ConfigAuditSummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditSummary.

func (*ConfigAuditSummary) DeepCopyInto added in v0.7.0 

func (in *ConfigAuditSummary) DeepCopyInto(out *ConfigAuditSummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeHunterOutput 

type KubeHunterOutput struct {
	UpdateTimestamp metav1.Time               `json:"updateTimestamp"`
	Scanner         Scanner                   `json:"scanner"`
	Summary         KubeHunterSummary         `json:"summary"`
	Vulnerabilities []KubeHunterVulnerability `json:"vulnerabilities"`
}

func (*KubeHunterOutput) DeepCopy 

func (in *KubeHunterOutput) DeepCopy() *KubeHunterOutput

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterOutput.

func (*KubeHunterOutput) DeepCopyInto 

func (in *KubeHunterOutput) DeepCopyInto(out *KubeHunterOutput)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeHunterReport 

type KubeHunterReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Report KubeHunterOutput `json:"report"`
}

KubeHunterReport is a specification for the KubeHunterReport resource.

func (*KubeHunterReport) DeepCopy 

func (in *KubeHunterReport) DeepCopy() *KubeHunterReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterReport.

func (*KubeHunterReport) DeepCopyInto 

func (in *KubeHunterReport) DeepCopyInto(out *KubeHunterReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeHunterReport) DeepCopyObject 

func (in *KubeHunterReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeHunterReportList 

type KubeHunterReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []KubeHunterReport `json:"items"`
}

KubeHunterReportList is a list of KubeHunterReport resources.

func (*KubeHunterReportList) DeepCopy 

func (in *KubeHunterReportList) DeepCopy() *KubeHunterReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterReportList.

func (*KubeHunterReportList) DeepCopyInto 

func (in *KubeHunterReportList) DeepCopyInto(out *KubeHunterReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeHunterReportList) DeepCopyObject 

func (in *KubeHunterReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeHunterSummary added in v0.5.0 

type KubeHunterSummary struct {
	HighCount    int `json:"highCount"`
	MediumCount  int `json:"mediumCount"`
	LowCount     int `json:"lowCount"`
	UnknownCount int `json:"unknownCount"`
}

func (*KubeHunterSummary) DeepCopy added in v0.7.0 

func (in *KubeHunterSummary) DeepCopy() *KubeHunterSummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterSummary.

func (*KubeHunterSummary) DeepCopyInto added in v0.7.0 

func (in *KubeHunterSummary) DeepCopyInto(out *KubeHunterSummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeHunterVulnerability 

type KubeHunterVulnerability struct {
	Location      string   `json:"location"`      // e.g. "Local to Pod(kube-hunter-sj7zj)"
	ID            string   `json:"vid"`           // e.g. "KHV050"
	Category      string   `json:"category"`      // e.g. "Access Risk"
	Severity      Severity `json:"severity"`      // e.g. "low"
	Vulnerability string   `json:"vulnerability"` // e.g. "Read access to pod's service account token"
	Description   string   `json:"description"`   // e.g. "Accessing the pod service account token gives an attacker the option to use the server API"
	Evidence      string   `json:"evidence"`      // e.g. "eyJhbGciOiJSUzI1NiIMXA1..."
	Hunter        string   `json:"hunter"`        // e.g. "Access Secrets"
	AvdReference  string   `json:"avd_reference"` // e.g. "Aqua vulnerability database reference"
}

func (*KubeHunterVulnerability) DeepCopy 

func (in *KubeHunterVulnerability) DeepCopy() *KubeHunterVulnerability

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterVulnerability.

func (*KubeHunterVulnerability) DeepCopyInto 

func (in *KubeHunterVulnerability) DeepCopyInto(out *KubeHunterVulnerability)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Registry 

type Registry struct {
	Server string `json:"server"`
}

func (*Registry) DeepCopy 

func (in *Registry) DeepCopy() *Registry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Registry.

func (*Registry) DeepCopyInto 

func (in *Registry) DeepCopyInto(out *Registry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Scanner 

type Scanner struct {
	Name    string `json:"name"`
	Vendor  string `json:"vendor"`
	Version string `json:"version"`
}

Scanner is the spec for a scanner generating a security assessment report.

func (*Scanner) DeepCopy 

func (in *Scanner) DeepCopy() *Scanner

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scanner.

func (*Scanner) DeepCopyInto 

func (in *Scanner) DeepCopyInto(out *Scanner)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Severity 

type Severity string
const (
	KubeHunterSeverityHigh    Severity = "high"
	KubeHunterSeverityMedium  Severity = "medium"
	KubeHunterSeverityLow     Severity = "low"
	KubeHunterSeverityUnknown Severity = "unknown"
)
const (
	SeverityCritical Severity = "CRITICAL"
	SeverityHigh     Severity = "HIGH"
	SeverityMedium   Severity = "MEDIUM"
	SeverityLow      Severity = "LOW"
	SeverityNone     Severity = "NONE"
	SeverityUnknown  Severity = "UNKNOWN"
)

type Vulnerability 

type Vulnerability struct {
	VulnerabilityID  string   `json:"vulnerabilityID"`
	Resource         string   `json:"resource"`
	InstalledVersion string   `json:"installedVersion"`
	FixedVersion     string   `json:"fixedVersion"`
	Severity         Severity `json:"severity"`
	Title            string   `json:"title"`
	Description      string   `json:"description,omitempty"`
	PrimaryLink      string   `json:"primaryLink,omitempty"`
	Links            []string `json:"links"`
	Score            *float64 `json:"score,omitempty"`
}

Vulnerability is the spec for a vulnerability record.

func (*Vulnerability) DeepCopy 

func (in *Vulnerability) DeepCopy() *Vulnerability

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Vulnerability.

func (*Vulnerability) DeepCopyInto 

func (in *Vulnerability) DeepCopyInto(out *Vulnerability)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VulnerabilityReport 

type VulnerabilityReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Report VulnerabilityScanResult `json:"report"`
}

VulnerabilityReport is a specification for the VulnerabilityReport resource.

func (*VulnerabilityReport) DeepCopy 

func (in *VulnerabilityReport) DeepCopy() *VulnerabilityReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityReport.

func (*VulnerabilityReport) DeepCopyInto 

func (in *VulnerabilityReport) DeepCopyInto(out *VulnerabilityReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VulnerabilityReport) DeepCopyObject added in v0.4.0 

func (in *VulnerabilityReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type VulnerabilityReportList added in v0.4.0 

type VulnerabilityReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []VulnerabilityReport `json:"items"`
}

VulnerabilityReportList is a list of VulnerabilityReport resources.

func (*VulnerabilityReportList) DeepCopy added in v0.4.0 

func (in *VulnerabilityReportList) DeepCopy() *VulnerabilityReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityReportList.

func (*VulnerabilityReportList) DeepCopyInto added in v0.4.0 

func (in *VulnerabilityReportList) DeepCopyInto(out *VulnerabilityReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*VulnerabilityReportList) DeepCopyObject added in v0.4.0 

func (in *VulnerabilityReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type VulnerabilityScanResult added in v0.4.0 

type VulnerabilityScanResult struct {
	UpdateTimestamp metav1.Time          `json:"updateTimestamp"`
	Scanner         Scanner              `json:"scanner"`
	Registry        Registry             `json:"registry"`
	Artifact        Artifact             `json:"artifact"`
	Summary         VulnerabilitySummary `json:"summary"`
	Vulnerabilities []Vulnerability      `json:"vulnerabilities"`
}

VulnerabilityScanResult is the spec for the vulnerability scan result.

The spec follows the Pluggable Scanners API defined for Harbor. @see https://github.com/goharbor/pluggable-scanner-spec/blob/master/api/spec/scanner-adapter-openapi-v1.0.yaml

func (*VulnerabilityScanResult) DeepCopy added in v0.4.0 

func (in *VulnerabilityScanResult) DeepCopy() *VulnerabilityScanResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityScanResult.

func (*VulnerabilityScanResult) DeepCopyInto added in v0.4.0 

func (in *VulnerabilityScanResult) DeepCopyInto(out *VulnerabilityScanResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type VulnerabilitySummary 

type VulnerabilitySummary struct {
	CriticalCount int `json:"criticalCount"`
	HighCount     int `json:"highCount"`
	MediumCount   int `json:"mediumCount"`
	LowCount      int `json:"lowCount"`
	NoneCount     int `json:"noneCount"`
	UnknownCount  int `json:"unknownCount"`
}

func (*VulnerabilitySummary) DeepCopy 

func (in *VulnerabilitySummary) DeepCopy() *VulnerabilitySummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilitySummary.

func (*VulnerabilitySummary) DeepCopyInto 

func (in *VulnerabilitySummary) DeepCopyInto(out *VulnerabilitySummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.