starboard

package
v0.10.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 14, 2021 License: Apache-2.0 Imports: 17 Imported by: 3

Documentation

Overview

Package starboard provides primitives for working with Starboard toolkit.

Index

Constants

View Source 
const (
	// NamespaceName the name of the namespace in which Starboard stores its
	// configuration and where it runs scan jobs.
	NamespaceName = "starboard"

	// ServiceAccountName the name of the service account used to provide
	// identity for scan jobs run by Starboard.
	ServiceAccountName = "starboard"

	// ConfigMapName the name of the ConfigMap where Starboard stores its
	// configuration.
	ConfigMapName = "starboard"

	// SecretName the name of the secret where Starboard stores is sensitive
	// configuration.
	SecretName = "starboard"
)
View Source 
const (
	LabelResourceKind      = "starboard.resource.kind"
	LabelResourceName      = "starboard.resource.name"
	LabelResourceNamespace = "starboard.resource.namespace"
	LabelContainerName     = "starboard.container.name"
	LabelPodSpecHash       = "pod-spec-hash"
	LabelPluginConfigHash  = "plugin-config-hash"

	LabelConfigAuditReportScanner   = "configAuditReport.scanner"
	LabelVulnerabilityReportScanner = "vulnerabilityReport.scanner"
	LabelKubeBenchReportScanner     = "kubeBenchReport.scanner"

	LabelK8SAppManagedBy = "app.kubernetes.io/managed-by"
	AppStarboard         = "starboard"
)
View Source 
const (
	AnnotationContainerImages = "starboard.container-images"
)

Variables

This section is empty.

Functions

func GetDefaultConftestConfig added in v0.10.2 

func GetDefaultConftestConfig() map[string]string

GetDefaultConftestConfig return the defautl Conftest configuration.

func GetDefaultPolarisConfig added in v0.10.1 

func GetDefaultPolarisConfig() map[string]string

GetDefaultPolarisConfig returns the default Polaris configuration.

func GetPluginConfigMapName added in v0.10.0 

func GetPluginConfigMapName(pluginName string) string

GetPluginConfigMapName returns the name of a ConfigMap used to configure a plugin with the given name.

func GetVersionFromImageRef 

func GetVersionFromImageRef(imageRef string) (string, error)

GetVersionFromImageRef returns the image identifier for the specified image reference.

func LinuxNodeAffinity added in v0.9.0 

func LinuxNodeAffinity() *corev1.Affinity

LinuxNodeAffinity constructs a new Affinity resource with linux supported nodes.

func NewScheme added in v0.7.0 

func NewScheme() *runtime.Scheme

Types

type BuildInfo 

type BuildInfo struct {
	Version    string
	Commit     string
	Date       string
	Executable string
}

BuildInfo holds build info such as Git revision, Git SHA-1, build datetime, and the name of the executable binary.

type ConfigData 

type ConfigData map[string]string

ConfigData holds Starboard configuration settings as a set of key-value pairs.

func GetDefaultConfig 

func GetDefaultConfig() ConfigData

GetDefaultConfig returns the default configuration settings.

func (ConfigData) GetAquaImageRef added in v0.8.0 

func (c ConfigData) GetAquaImageRef() (string, error)

func (ConfigData) GetConfigAuditReportsScanner added in v0.10.0 

func (c ConfigData) GetConfigAuditReportsScanner() (Scanner, error)

func (ConfigData) GetConftestImageRef added in v0.10.0 

func (c ConfigData) GetConftestImageRef() (string, error)

func (ConfigData) GetKubeBenchImageRef 

func (c ConfigData) GetKubeBenchImageRef() (string, error)

func (ConfigData) GetKubeHunterImageRef added in v0.8.0 

func (c ConfigData) GetKubeHunterImageRef() (string, error)

func (ConfigData) GetKubeHunterQuick added in v0.9.0 

func (c ConfigData) GetKubeHunterQuick() (bool, error)

func (ConfigData) GetPolarisImageRef added in v0.8.0 

func (c ConfigData) GetPolarisImageRef() (string, error)

func (ConfigData) GetTrivyImageRef 

func (c ConfigData) GetTrivyImageRef() (string, error)

func (ConfigData) GetTrivyInsecureRegistries added in v0.10.2 

func (c ConfigData) GetTrivyInsecureRegistries() map[string]bool

func (ConfigData) GetTrivyMode added in v0.7.0 

func (c ConfigData) GetTrivyMode() (TrivyMode, error)

func (ConfigData) GetTrivyServerURL added in v0.7.0 

func (c ConfigData) GetTrivyServerURL() (string, error)

func (ConfigData) GetVulnerabilityReportsScanner added in v0.8.0 

func (c ConfigData) GetVulnerabilityReportsScanner() (Scanner, error)

type ConfigManager added in v0.7.0 

type ConfigManager interface {
	EnsureDefault(ctx context.Context) error
	Read(ctx context.Context) (ConfigData, error)
	Delete(ctx context.Context) error
}

ConfigManager defines methods for managing ConfigData.

func NewConfigManager added in v0.7.0 

func NewConfigManager(client kubernetes.Interface, namespace string) ConfigManager

NewConfigManager constructs a new ConfigManager that is using kubernetes.Interface to manage ConfigData backed by the ConfigMap stored in the specified namespace.

type PluginContext added in v0.10.0 

type PluginContext interface {
	// GetName returns the name of the plugin.
	GetName() string
	// GetConfig returns the v1.ConfigMap object that holds configuration settings of the plugin.
	GetConfig() (*corev1.ConfigMap, error)
	// GetNamespace return the name of the K8s Namespace where Starboard creates Jobs
	// and other helper objects.
	GetNamespace() string
	// GetServiceAccountName return the name of the K8s Service Account used to run workloads
	// created by Starboard.
	GetServiceAccountName() string
}

PluginContext is plugin's execution context within the Starboard toolkit. The context is used to grant access to other methods so that this plugin can interact with the toolkit.

type PluginContextBuilder added in v0.10.0 

type PluginContextBuilder struct {
	// contains filtered or unexported fields
}

func NewPluginContext added in v0.10.0 

func NewPluginContext() *PluginContextBuilder

func (*PluginContextBuilder) Get added in v0.10.2 

func (b *PluginContextBuilder) Get() PluginContext

func (*PluginContextBuilder) WithClient added in v0.10.0 

func (b *PluginContextBuilder) WithClient(client client.Client) *PluginContextBuilder

func (*PluginContextBuilder) WithName added in v0.10.0 

func (b *PluginContextBuilder) WithName(name string) *PluginContextBuilder

func (*PluginContextBuilder) WithNamespace added in v0.10.0 

func (b *PluginContextBuilder) WithNamespace(namespace string) *PluginContextBuilder

func (*PluginContextBuilder) WithServiceAccountName added in v0.10.0 

func (b *PluginContextBuilder) WithServiceAccountName(name string) *PluginContextBuilder

type Scanner added in v0.8.0 

type Scanner string

Scanner represents unique, human readable identifier of a security scanner. 

const (
	Trivy    Scanner = "Trivy"
	Aqua     Scanner = "Aqua"
	Polaris  Scanner = "Polaris"
	Conftest Scanner = "Conftest"
)

type TrivyMode added in v0.7.0 

type TrivyMode string

TrivyMode describes mode in which Trivy client operates. 

const (
	Standalone   TrivyMode = "Standalone"
	ClientServer TrivyMode = "ClientServer"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.