Documentation ¶
Overview ¶
Package v1alpha1 is the v1alpha1 version of the API.
Index ¶
- Constants
- Variables
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type Artifact
- type CISKubeBenchOutput
- type CISKubeBenchReport
- type CISKubeBenchReportList
- type CISKubeBenchResult
- type CISKubeBenchSection
- type CISKubeBenchSummary
- type CISKubeBenchTests
- type Check
- type ConfigAudit
- type ConfigAuditReport
- type ConfigAuditReportList
- type ConfigAuditSummary
- type KubeHunterOutput
- type KubeHunterReport
- type KubeHunterReportList
- type KubeHunterSummary
- type KubeHunterVulnerability
- type Registry
- type Scanner
- type Severity
- type Vulnerability
- type VulnerabilityReport
- type VulnerabilityReportList
- type VulnerabilityScanResult
- type VulnerabilitySummary
Constants ¶
const ( CISKubeBenchReportCRName = "ciskubebenchreports.aquasecurity.github.io" CISKubeBenchReportCRVersion = "v1alpha1" CISKubeBenchReportKind = "CISKubeBenchReport" CISKubeBenchReportListKind = "CISKubeBenchReportList" )
const ( ConfigAuditReportCRName = "configauditreports.aquasecurity.github.io" ConfigAuditReportCRVersion = "v1alpha1" ConfigAuditReportKind = "ConfigAuditReport" ConfigAuditReportListKind = "ConfigAuditReportList" )
const ( ConfigAuditDangerSeverity = "danger" ConfigAuditWarningSeverity = "warning" )
const ( KubeHunterReportCRName = "kubehunterreports.aquasecurity.github.io" KubeHunterReportCRVersion = "v1alpha1" KubeHunterReportKind = "KubeHunterReport" KubeHunterReportListKind = "KubeHunterReportList" )
const ( VulnerabilityReportsCRName = "vulnerabilityreports.aquasecurity.github.io" VulnerabilityReportsCRVersion = "v1alpha1" VulnerabilityReportKind = "VulnerabilityReport" VulnerabilityReportListKind = "VulnerabilityReportList" )
Variables ¶
var ( // SchemeBuilder initializes a scheme builder SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme is a global function that registers this API group & version to a scheme AddToScheme = SchemeBuilder.AddToScheme )
var ( CISKubeBenchReportCRD = extv1beta1.CustomResourceDefinition{ ObjectMeta: meta.ObjectMeta{ Name: CISKubeBenchReportCRName, Labels: labels.Set{ "app.kubernetes.io/managed-by": "starboard", }, }, Spec: extv1beta1.CustomResourceDefinitionSpec{ Group: aquasecurity.GroupName, Versions: []extv1beta1.CustomResourceDefinitionVersion{ { Name: CISKubeBenchReportCRVersion, Served: true, Storage: true, }, }, Scope: extv1beta1.ClusterScoped, Names: extv1beta1.CustomResourceDefinitionNames{ Singular: "ciskubebenchreport", Plural: "ciskubebenchreports", Kind: CISKubeBenchReportKind, ListKind: CISKubeBenchReportListKind, Categories: []string{"all"}, ShortNames: []string{"kubebench"}, }, AdditionalPrinterColumns: []extv1beta1.CustomResourceColumnDefinition{ { JSONPath: ".report.scanner.name", Type: "string", Name: "Scanner", }, { JSONPath: ".metadata.creationTimestamp", Type: "date", Name: "Age", }, { JSONPath: ".report.summary.passCount", Type: "integer", Name: "Pass", Priority: 1, }, { JSONPath: ".report.summary.infoCount", Type: "integer", Name: "Info", Priority: 1, }, { JSONPath: ".report.summary.warnCount", Type: "integer", Name: "Warn", Priority: 1, }, { JSONPath: ".report.summary.failCount", Type: "integer", Name: "Fail", Priority: 1, }, }, }, } )
var ( ConfigAuditReportCRD = extv1beta1.CustomResourceDefinition{ ObjectMeta: meta.ObjectMeta{ Name: ConfigAuditReportCRName, Labels: labels.Set{ "app.kubernetes.io/managed-by": "starboard", }, }, Spec: extv1beta1.CustomResourceDefinitionSpec{ Group: aquasecurity.GroupName, Versions: []extv1beta1.CustomResourceDefinitionVersion{ { Name: ConfigAuditReportCRVersion, Served: true, Storage: true, }, }, Scope: extv1beta1.NamespaceScoped, Names: extv1beta1.CustomResourceDefinitionNames{ Singular: "configauditreport", Plural: "configauditreports", Kind: ConfigAuditReportKind, ListKind: ConfigAuditReportListKind, Categories: []string{"all"}, ShortNames: []string{"configaudit"}, }, AdditionalPrinterColumns: []extv1beta1.CustomResourceColumnDefinition{ { JSONPath: ".report.scanner.name", Type: "string", Name: "Scanner", }, { JSONPath: ".metadata.creationTimestamp", Type: "date", Name: "Age", }, { JSONPath: ".report.summary.dangerCount", Type: "integer", Name: "Danger", Priority: 1, }, { JSONPath: ".report.summary.warningCount", Type: "integer", Name: "Warning", Priority: 1, }, }, }, } )
var ( KubeHunterReportCRD = extv1beta1.CustomResourceDefinition{ ObjectMeta: meta.ObjectMeta{ Name: KubeHunterReportCRName, Labels: labels.Set{ "app.kubernetes.io/managed-by": "starboard", }, }, Spec: extv1beta1.CustomResourceDefinitionSpec{ Group: aquasecurity.GroupName, Versions: []extv1beta1.CustomResourceDefinitionVersion{ { Name: KubeHunterReportCRVersion, Served: true, Storage: true, }, }, Scope: extv1beta1.ClusterScoped, Names: extv1beta1.CustomResourceDefinitionNames{ Singular: "kubehunterreport", Plural: "kubehunterreports", Kind: KubeHunterReportKind, ListKind: KubeHunterReportListKind, Categories: []string{"all"}, ShortNames: []string{"kubehunter"}, }, AdditionalPrinterColumns: []extv1beta1.CustomResourceColumnDefinition{ { JSONPath: ".report.scanner.name", Type: "string", Name: "Scanner", }, { JSONPath: ".metadata.creationTimestamp", Type: "date", Name: "Age", }, { JSONPath: ".report.summary.highCount", Type: "integer", Name: "High", Priority: 1, }, { JSONPath: ".report.summary.mediumCount", Type: "integer", Name: "Medium", Priority: 1, }, { JSONPath: ".report.summary.lowCount", Type: "integer", Name: "Low", Priority: 1, }, }, }, } )
var SchemeGroupVersion = schema.GroupVersion{Group: aquasecurity.GroupName, Version: "v1alpha1"}
SchemeGroupVersion is group version used to register these objects
var ( VulnerabilityReportsCRD = extv1beta1.CustomResourceDefinition{ ObjectMeta: metav1.ObjectMeta{ Name: VulnerabilityReportsCRName, Labels: labels.Set{ "app.kubernetes.io/managed-by": "starboard", }, }, Spec: extv1beta1.CustomResourceDefinitionSpec{ Group: aquasecurity.GroupName, Versions: []extv1beta1.CustomResourceDefinitionVersion{ { Name: VulnerabilityReportsCRVersion, Served: true, Storage: true, }, }, Scope: extv1beta1.NamespaceScoped, Names: extv1beta1.CustomResourceDefinitionNames{ Singular: "vulnerabilityreport", Plural: "vulnerabilityreports", Kind: VulnerabilityReportKind, ListKind: VulnerabilityReportListKind, Categories: []string{"all"}, ShortNames: []string{"vulns", "vuln"}, }, AdditionalPrinterColumns: []extv1beta1.CustomResourceColumnDefinition{ { JSONPath: ".report.artifact.repository", Type: "string", Name: "Repository", }, { JSONPath: ".report.artifact.tag", Type: "string", Name: "Tag", }, { JSONPath: ".report.scanner.name", Type: "string", Name: "Scanner", }, { JSONPath: ".metadata.creationTimestamp", Type: "date", Name: "Age", }, { JSONPath: ".report.summary.criticalCount", Type: "integer", Name: "Critical", Priority: 1, }, { JSONPath: ".report.summary.highCount", Type: "integer", Name: "High", Priority: 1, }, { JSONPath: ".report.summary.mediumCount", Type: "integer", Name: "Medium", Priority: 1, }, { JSONPath: ".report.summary.lowCount", Type: "integer", Name: "Low", Priority: 1, }, { JSONPath: ".report.summary.unknownCount", Type: "integer", Name: "Unknown", Priority: 1, }, }, Validation: &extv1beta1.CustomResourceValidation{ OpenAPIV3Schema: &extv1beta1.JSONSchemaProps{ Type: "object", Required: []string{ "apiVersion", "kind", "metadata", "report", }, Properties: map[string]extv1beta1.JSONSchemaProps{ "apiVersion": {Type: "string"}, "kind": {Type: "string"}, "metadata": {Type: "object"}, "report": { Type: "object", Required: []string{ "scanner", "artifact", "vulnerabilities", }, Properties: map[string]extv1beta1.JSONSchemaProps{ "scanner": { Type: "object", Required: []string{ "name", "vendor", "version", }, Properties: map[string]extv1beta1.JSONSchemaProps{ "name": {Type: "string"}, "vendor": {Type: "string"}, "version": {Type: "string"}, }, }, "registry": { Type: "object", Properties: map[string]extv1beta1.JSONSchemaProps{ "server": {Type: "string"}, }, }, "artifact": { Type: "object", Properties: map[string]extv1beta1.JSONSchemaProps{ "repository": {Type: "string"}, "digest": {Type: "string"}, "tag": {Type: "string"}, "mimeType": {Type: "string"}, }, }, "summary": { Type: "object", Required: []string{ "criticalCount", "highCount", "mediumCount", "lowCount", "unknownCount", }, Properties: map[string]extv1beta1.JSONSchemaProps{ "criticalCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, "highCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, "mediumCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, "lowCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, "unknownCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, }, }, "vulnerabilities": { Type: "array", Items: &extv1beta1.JSONSchemaPropsOrArray{ Schema: &extv1beta1.JSONSchemaProps{ Type: "object", Required: []string{ "vulnerabilityID", "resource", "installedVersion", "fixedVersion", "severity", "title", }, Properties: map[string]extv1beta1.JSONSchemaProps{ "vulnerabilityID": {Type: "string"}, "resource": {Type: "string"}, "installedVersion": {Type: "string"}, "fixedVersion": {Type: "string"}, "severity": { Type: "string", Enum: []extv1beta1.JSON{ {Raw: []byte(strconv.Quote(string(SeverityCritical)))}, {Raw: []byte(strconv.Quote(string(SeverityHigh)))}, {Raw: []byte(strconv.Quote(string(SeverityMedium)))}, {Raw: []byte(strconv.Quote(string(SeverityLow)))}, {Raw: []byte(strconv.Quote(string(SeverityUnknown)))}, }, }, "title": {Type: "string"}, "description": {Type: "string"}, "links": { Type: "array", Items: &extv1beta1.JSONSchemaPropsOrArray{ Schema: &extv1beta1.JSONSchemaProps{ Type: "string", }, }, }, }, }, }, }, }, }, }, }, }, }, } )
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type Artifact ¶
type Artifact struct { Repository string `json:"repository"` Digest string `json:"digest,omitempty"` Tag string `json:"tag,omitempty"` MimeType string `json:"mimeType,omitempty"` }
Artifact is the spec for an artifact that can be scanned.
func (*Artifact) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact.
func (*Artifact) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CISKubeBenchOutput ¶
type CISKubeBenchOutput struct { Scanner Scanner `json:"scanner"` Summary CISKubeBenchSummary `json:"summary"` Sections []CISKubeBenchSection `json:"sections"` }
func (*CISKubeBenchOutput) DeepCopy ¶
func (in *CISKubeBenchOutput) DeepCopy() *CISKubeBenchOutput
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchOutput.
func (*CISKubeBenchOutput) DeepCopyInto ¶
func (in *CISKubeBenchOutput) DeepCopyInto(out *CISKubeBenchOutput)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CISKubeBenchReport ¶
type CISKubeBenchReport struct { meta.TypeMeta `json:",inline"` meta.ObjectMeta `json:"metadata,omitempty"` Report CISKubeBenchOutput `json:"report"` }
CISKubeBenchReport is a specification for the CISKubeBenchReport resource.
func (*CISKubeBenchReport) DeepCopy ¶
func (in *CISKubeBenchReport) DeepCopy() *CISKubeBenchReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchReport.
func (*CISKubeBenchReport) DeepCopyInto ¶
func (in *CISKubeBenchReport) DeepCopyInto(out *CISKubeBenchReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CISKubeBenchReport) DeepCopyObject ¶
func (in *CISKubeBenchReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CISKubeBenchReportList ¶
type CISKubeBenchReportList struct { meta.TypeMeta `json:",inline"` meta.ListMeta `json:"metadata"` Items []CISKubeBenchReport `json:"items"` }
CISKubeBenchReportList is a list of CISKubeBenchReport resources.
func (*CISKubeBenchReportList) DeepCopy ¶
func (in *CISKubeBenchReportList) DeepCopy() *CISKubeBenchReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchReportList.
func (*CISKubeBenchReportList) DeepCopyInto ¶
func (in *CISKubeBenchReportList) DeepCopyInto(out *CISKubeBenchReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CISKubeBenchReportList) DeepCopyObject ¶
func (in *CISKubeBenchReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CISKubeBenchResult ¶
type CISKubeBenchResult struct { TestNumber string `json:"test_number"` TestDesc string `json:"test_desc"` Remediation string `json:"remediation"` Status string `json:"status"` Scored bool `json:"scored"` }
func (*CISKubeBenchResult) DeepCopy ¶
func (in *CISKubeBenchResult) DeepCopy() *CISKubeBenchResult
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchResult.
func (*CISKubeBenchResult) DeepCopyInto ¶
func (in *CISKubeBenchResult) DeepCopyInto(out *CISKubeBenchResult)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CISKubeBenchSection ¶
type CISKubeBenchSection struct { ID string `json:"id"` Version string `json:"version"` Text string `json:"text"` NodeType string `json:"node_type"` TotalPass int `json:"total_pass"` TotalFail int `json:"total_fail"` TotalWarn int `json:"total_warn"` TotalInfo int `json:"total_info"` Tests []CISKubeBenchTests `json:"tests"` }
func (*CISKubeBenchSection) DeepCopy ¶
func (in *CISKubeBenchSection) DeepCopy() *CISKubeBenchSection
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchSection.
func (*CISKubeBenchSection) DeepCopyInto ¶
func (in *CISKubeBenchSection) DeepCopyInto(out *CISKubeBenchSection)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CISKubeBenchSummary ¶ added in v0.4.0
type CISKubeBenchSummary struct { PassCount int `json:"passCount"` InfoCount int `json:"infoCount"` WarnCount int `json:"warnCount"` FailCount int `json:"failCount"` }
func (*CISKubeBenchSummary) DeepCopy ¶ added in v0.4.0
func (in *CISKubeBenchSummary) DeepCopy() *CISKubeBenchSummary
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchSummary.
func (*CISKubeBenchSummary) DeepCopyInto ¶ added in v0.4.0
func (in *CISKubeBenchSummary) DeepCopyInto(out *CISKubeBenchSummary)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CISKubeBenchTests ¶
type CISKubeBenchTests struct { Section string `json:"section"` Pass int `json:"pass"` Fail int `json:"fail"` Warn int `json:"warn"` Info int `json:"info"` Desc string `json:"desc"` Results []CISKubeBenchResult `json:"results"` }
func (*CISKubeBenchTests) DeepCopy ¶
func (in *CISKubeBenchTests) DeepCopy() *CISKubeBenchTests
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubeBenchTests.
func (*CISKubeBenchTests) DeepCopyInto ¶
func (in *CISKubeBenchTests) DeepCopyInto(out *CISKubeBenchTests)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Check ¶
type Check struct { ID string `json:"checkID"` Message string `json:"message"` Success bool `json:"success"` Severity string `json:"severity"` Category string `json:"category"` }
func (*Check) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Check.
func (*Check) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConfigAudit ¶
type ConfigAudit struct { Scanner Scanner `json:"scanner"` Summary ConfigAuditSummary `json:"summary"` PodChecks []Check `json:"podChecks"` ContainerChecks map[string][]Check `json:"containerChecks"` }
TODO We can make this type even more generic and applicable not only to Pods or Controllers TODO by defining scope type (e.g. Pod, Container, Node) and the name of the scope (e.g. my-pod, my-container, TODO my-node)
func (*ConfigAudit) DeepCopy ¶
func (in *ConfigAudit) DeepCopy() *ConfigAudit
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAudit.
func (*ConfigAudit) DeepCopyInto ¶
func (in *ConfigAudit) DeepCopyInto(out *ConfigAudit)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConfigAuditReport ¶
type ConfigAuditReport struct { meta.TypeMeta `json:",inline"` meta.ObjectMeta `json:"metadata,omitempty"` Report ConfigAudit `json:"report"` }
ConfigAuditReport is a specification for the ConfigAuditReport resource.
func (*ConfigAuditReport) DeepCopy ¶
func (in *ConfigAuditReport) DeepCopy() *ConfigAuditReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditReport.
func (*ConfigAuditReport) DeepCopyInto ¶
func (in *ConfigAuditReport) DeepCopyInto(out *ConfigAuditReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ConfigAuditReport) DeepCopyObject ¶
func (in *ConfigAuditReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ConfigAuditReportList ¶
type ConfigAuditReportList struct { meta.TypeMeta `json:",inline"` meta.ListMeta `json:"metadata"` Items []ConfigAuditReport `json:"items"` }
ConfigAuditReportList is a list of AuditConfig resources.
func (*ConfigAuditReportList) DeepCopy ¶
func (in *ConfigAuditReportList) DeepCopy() *ConfigAuditReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditReportList.
func (*ConfigAuditReportList) DeepCopyInto ¶
func (in *ConfigAuditReportList) DeepCopyInto(out *ConfigAuditReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ConfigAuditReportList) DeepCopyObject ¶
func (in *ConfigAuditReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ConfigAuditSummary ¶ added in v0.5.0
type KubeHunterOutput ¶
type KubeHunterOutput struct { Scanner Scanner `json:"scanner"` Summary KubeHunterSummary `json:"summary"` Vulnerabilities []KubeHunterVulnerability `json:"vulnerabilities"` }
func (*KubeHunterOutput) DeepCopy ¶
func (in *KubeHunterOutput) DeepCopy() *KubeHunterOutput
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterOutput.
func (*KubeHunterOutput) DeepCopyInto ¶
func (in *KubeHunterOutput) DeepCopyInto(out *KubeHunterOutput)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KubeHunterReport ¶
type KubeHunterReport struct { meta.TypeMeta `json:",inline"` meta.ObjectMeta `json:"metadata,omitempty"` Report KubeHunterOutput `json:"report"` }
KubeHunterReport is a specification for the KubeHunterReport resource.
func (*KubeHunterReport) DeepCopy ¶
func (in *KubeHunterReport) DeepCopy() *KubeHunterReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterReport.
func (*KubeHunterReport) DeepCopyInto ¶
func (in *KubeHunterReport) DeepCopyInto(out *KubeHunterReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KubeHunterReport) DeepCopyObject ¶
func (in *KubeHunterReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type KubeHunterReportList ¶
type KubeHunterReportList struct { meta.TypeMeta `json:",inline"` meta.ListMeta `json:"metadata"` Items []KubeHunterReport `json:"items"` }
KubeHunterReportList is a list of KubeHunterReport resources.
func (*KubeHunterReportList) DeepCopy ¶
func (in *KubeHunterReportList) DeepCopy() *KubeHunterReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterReportList.
func (*KubeHunterReportList) DeepCopyInto ¶
func (in *KubeHunterReportList) DeepCopyInto(out *KubeHunterReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KubeHunterReportList) DeepCopyObject ¶
func (in *KubeHunterReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type KubeHunterSummary ¶ added in v0.5.0
type KubeHunterVulnerability ¶
type KubeHunterVulnerability struct { Location string `json:"location"` // e.g. "Local to Pod(kube-hunter-sj7zj)" ID string `json:"vid"` // e.g. "KHV050" Category string `json:"category"` // e.g. "Access Risk" Severity Severity `json:"severity"` // e.g. "low" Vulnerability string `json:"vulnerability"` // e.g. "Read access to pod's service account token" Description string `json:"description"` // e.g. "Accessing the pod service account token gives an attacker the option to use the server API" Evidence string `json:"evidence"` // e.g. "eyJhbGciOiJSUzI1NiIMXA1..." Hunter string `json:"hunter"` // e.g. "Access Secrets" }
func (*KubeHunterVulnerability) DeepCopy ¶
func (in *KubeHunterVulnerability) DeepCopy() *KubeHunterVulnerability
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterVulnerability.
func (*KubeHunterVulnerability) DeepCopyInto ¶
func (in *KubeHunterVulnerability) DeepCopyInto(out *KubeHunterVulnerability)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Registry ¶
type Registry struct {
Server string `json:"server"`
}
func (*Registry) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Registry.
func (*Registry) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Scanner ¶
type Scanner struct { Name string `json:"name"` Vendor string `json:"vendor"` Version string `json:"version"` }
Scanner is the spec for a scanner generating a security assessment report.
func (*Scanner) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scanner.
func (*Scanner) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Vulnerability ¶
type Vulnerability struct { VulnerabilityID string `json:"vulnerabilityID"` Resource string `json:"resource"` InstalledVersion string `json:"installedVersion"` FixedVersion string `json:"fixedVersion"` Severity Severity `json:"severity"` Title string `json:"title"` Description string `json:"description"` Links []string `json:"links"` }
Vulnerability is the spec for a vulnerability record.
func (*Vulnerability) DeepCopy ¶
func (in *Vulnerability) DeepCopy() *Vulnerability
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Vulnerability.
func (*Vulnerability) DeepCopyInto ¶
func (in *Vulnerability) DeepCopyInto(out *Vulnerability)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VulnerabilityReport ¶
type VulnerabilityReport struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Report VulnerabilityScanResult `json:"report"` }
VulnerabilityReport is a specification for the VulnerabilityReport resource.
func (*VulnerabilityReport) DeepCopy ¶
func (in *VulnerabilityReport) DeepCopy() *VulnerabilityReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityReport.
func (*VulnerabilityReport) DeepCopyInto ¶
func (in *VulnerabilityReport) DeepCopyInto(out *VulnerabilityReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VulnerabilityReport) DeepCopyObject ¶ added in v0.4.0
func (in *VulnerabilityReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type VulnerabilityReportList ¶ added in v0.4.0
type VulnerabilityReportList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []VulnerabilityReport `json:"items"` }
VulnerabilityReportList is a list of VulnerabilityReport resources.
func (*VulnerabilityReportList) DeepCopy ¶ added in v0.4.0
func (in *VulnerabilityReportList) DeepCopy() *VulnerabilityReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityReportList.
func (*VulnerabilityReportList) DeepCopyInto ¶ added in v0.4.0
func (in *VulnerabilityReportList) DeepCopyInto(out *VulnerabilityReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*VulnerabilityReportList) DeepCopyObject ¶ added in v0.4.0
func (in *VulnerabilityReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type VulnerabilityScanResult ¶ added in v0.4.0
type VulnerabilityScanResult struct { Scanner Scanner `json:"scanner"` Registry Registry `json:"registry"` Artifact Artifact `json:"artifact"` Summary VulnerabilitySummary `json:"summary"` Vulnerabilities []Vulnerability `json:"vulnerabilities"` }
VulnerabilityScanResult is the spec for the vulnerability scan result.
The spec follows the Pluggable Scanners API defined for Harbor. @see https://github.com/goharbor/pluggable-scanner-spec/blob/master/api/spec/scanner-adapter-openapi-v1.0.yaml
func (*VulnerabilityScanResult) DeepCopy ¶ added in v0.4.0
func (in *VulnerabilityScanResult) DeepCopy() *VulnerabilityScanResult
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityScanResult.
func (*VulnerabilityScanResult) DeepCopyInto ¶ added in v0.4.0
func (in *VulnerabilityScanResult) DeepCopyInto(out *VulnerabilityScanResult)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type VulnerabilitySummary ¶
type VulnerabilitySummary struct { CriticalCount int `json:"criticalCount"` HighCount int `json:"highCount"` MediumCount int `json:"mediumCount"` LowCount int `json:"lowCount"` NoneCount int `json:"noneCount"` UnknownCount int `json:"unknownCount"` }
func (*VulnerabilitySummary) DeepCopy ¶
func (in *VulnerabilitySummary) DeepCopy() *VulnerabilitySummary
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilitySummary.
func (*VulnerabilitySummary) DeepCopyInto ¶
func (in *VulnerabilitySummary) DeepCopyInto(out *VulnerabilitySummary)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.