The highest tagged major version is
Documentation
¶
Index ¶
- Constants
- Variables
- func AdoptClusterName(clusterName string) string
- func ConfigFileFullPath() string
- func ConvertLabelsToString(labels map[string]string) string
- func ConvertStringToLabels(labelsStr string) map[string]string
- func DeleteConfigFile() error
- func ErrorDisplay(str string)
- func GetValueFromConfigJson(key string) (string, error)
- func IsSilent() bool
- func PrettyJson(data interface{}) ([]byte, error)
- func ProgressTextDisplay(str string)
- func ReportV2ToV1(opaSessionObj *OPASessionObj)
- func ScanStartDisplay()
- func SetKeyValueInConfigJson(key string, value string) error
- func SetSilentMode(s bool)
- func StartSpinner()
- func StopSpinner()
- func StringInSlice(strSlice []string, str string) int
- func SuccessTextDisplay(str string)
- type BoolPtrFlag
- type ClusterConfig
- func (clusterConfig *ClusterConfig) DeleteConfig() error
- func (clusterConfig *ClusterConfig) DeleteConfigMap() error
- func (c *ClusterConfig) GetClusterName() string
- func (c *ClusterConfig) GetConfigObj() *ConfigObj
- func (c *ClusterConfig) GetCustomerGUID() string
- func (c *ClusterConfig) GetDefaultNS() string
- func (c *ClusterConfig) GetValueByKeyFromConfigMap(key string) (string, error)
- func (c *ClusterConfig) IsConfigFound() bool
- func (clusterConfig *ClusterConfig) IsRegistered() bool
- func (clusterConfig *ClusterConfig) IsSubmitted() bool
- func (c *ClusterConfig) SetCustomerGUID(customerGUID string)
- func (c *ClusterConfig) SetKeyValueInConfigmap(key string, value string) error
- func (c *ClusterConfig) SetTenant() error
- func (c *ClusterConfig) ToMapString() map[string]interface{}
- type ComponentConfig
- type ConfigObj
- type DownloadInfo
- type Exception
- type Getters
- type ITenantConfig
- type IVersionCheckHandler
- type K8SResources
- type ListPolicies
- type LocalConfig
- type OPASessionObj
- type Policies
- type RBACObjects
- type RegoInputData
- type ScanInfo
- type VersionCheckHandler
- type VersionCheckHandlerMock
- type VersionCheckRequest
- type VersionCheckResponse
Constants ¶
View Source
const ( ScanCluster string = "cluster" ScanLocalFiles string = "yaml" )
View Source
const SKIP_VERSION_CHECK = "KUBESCAPE_SKIP_UPDATE_CHECK"
View Source
const UnknownBuildNumber = "unknown"
View Source
const ValueNotFound = -1
Variables ¶
View Source
var ( CustomerGUID = "" ClusterName = "" EventReceiverURL = "" NotificationServerURL = "" DashboardBackendURL = "" RestAPIPort = "4001" )
CA environment vars
View Source
var BuildNumber string
View Source
var InfoDisplay = color.New(color.Bold, color.FgHiYellow).FprintfFunc()
View Source
var InfoTextDisplay = color.New(color.Bold, color.FgHiYellow).FprintfFunc()
View Source
var SimpleDisplay = color.New().FprintfFunc()
View Source
var Spinner *spinner.Spinner
Functions ¶
func AdoptClusterName ¶ added in v1.0.136
func ConfigFileFullPath ¶ added in v1.0.65
func ConfigFileFullPath() string
func ConvertLabelsToString ¶
func ConvertStringToLabels ¶
ConvertStringToLabels convert a string "a=b;c=d" to map: {"a":"b", "c":"d"}
func DeleteConfigFile ¶ added in v1.0.65
func DeleteConfigFile() error
func ErrorDisplay ¶
func ErrorDisplay(str string)
func GetValueFromConfigJson ¶ added in v1.0.47
func PrettyJson ¶ added in v1.0.37
func ProgressTextDisplay ¶
func ProgressTextDisplay(str string)
func ReportV2ToV1 ¶ added in v1.0.155
func ReportV2ToV1(opaSessionObj *OPASessionObj)
func ScanStartDisplay ¶
func ScanStartDisplay()
func SetKeyValueInConfigJson ¶ added in v1.0.47
func SetSilentMode ¶
func SetSilentMode(s bool)
func StartSpinner ¶
func StartSpinner()
func StopSpinner ¶
func StopSpinner()
func StringInSlice ¶
func SuccessTextDisplay ¶
func SuccessTextDisplay(str string)
Types ¶
type BoolPtrFlag ¶ added in v1.0.133
type BoolPtrFlag struct {
// contains filtered or unexported fields
}
func (*BoolPtrFlag) Get ¶ added in v1.0.133
func (bpf *BoolPtrFlag) Get() *bool
func (*BoolPtrFlag) Set ¶ added in v1.0.133
func (bpf *BoolPtrFlag) Set(val string) error
func (*BoolPtrFlag) SetBool ¶ added in v1.0.133
func (bpf *BoolPtrFlag) SetBool(val bool)
func (*BoolPtrFlag) String ¶ added in v1.0.133
func (bpf *BoolPtrFlag) String() string
func (*BoolPtrFlag) Type ¶ added in v1.0.133
func (bpf *BoolPtrFlag) Type() string
type ClusterConfig ¶ added in v1.0.42
type ClusterConfig struct {
// contains filtered or unexported fields
}
ClusterConfig configuration of specific cluster
Supported environments variables: KS_DEFAULT_CONFIGMAP_NAME // name of configmap, if not set default is 'kubescape' KS_DEFAULT_CONFIGMAP_NAMESPACE // configmap namespace, if not set default is 'default'
TODO - supprot: KS_ACCOUNT // Account ID KS_CACHE // path to cached files
func NewClusterConfig ¶ added in v1.0.42
func NewClusterConfig(k8s *k8sinterface.KubernetesApi, backendAPI getter.IBackend, customerGUID, clusterName string) *ClusterConfig
func (*ClusterConfig) DeleteConfig ¶ added in v1.0.133
func (clusterConfig *ClusterConfig) DeleteConfig() error
func (*ClusterConfig) DeleteConfigMap ¶ added in v1.0.137
func (clusterConfig *ClusterConfig) DeleteConfigMap() error
func (*ClusterConfig) GetClusterName ¶ added in v1.0.84
func (c *ClusterConfig) GetClusterName() string
func (*ClusterConfig) GetConfigObj ¶ added in v1.0.65
func (c *ClusterConfig) GetConfigObj() *ConfigObj
func (*ClusterConfig) GetCustomerGUID ¶ added in v1.0.42
func (c *ClusterConfig) GetCustomerGUID() string
func (*ClusterConfig) GetDefaultNS ¶ added in v1.0.65
func (c *ClusterConfig) GetDefaultNS() string
func (*ClusterConfig) GetValueByKeyFromConfigMap ¶ added in v1.0.47
func (c *ClusterConfig) GetValueByKeyFromConfigMap(key string) (string, error)
func (*ClusterConfig) IsConfigFound ¶ added in v1.0.133
func (c *ClusterConfig) IsConfigFound() bool
func (*ClusterConfig) IsRegistered ¶ added in v1.0.133
func (clusterConfig *ClusterConfig) IsRegistered() bool
Check if the customer is registered
func (*ClusterConfig) IsSubmitted ¶ added in v1.0.133
func (clusterConfig *ClusterConfig) IsSubmitted() bool
Check if the customer is submitted
func (*ClusterConfig) SetCustomerGUID ¶ added in v1.0.42
func (c *ClusterConfig) SetCustomerGUID(customerGUID string)
func (*ClusterConfig) SetKeyValueInConfigmap ¶ added in v1.0.47
func (c *ClusterConfig) SetKeyValueInConfigmap(key string, value string) error
func (*ClusterConfig) SetTenant ¶ added in v1.0.133
func (c *ClusterConfig) SetTenant() error
func (*ClusterConfig) ToMapString ¶ added in v1.0.42
func (c *ClusterConfig) ToMapString() map[string]interface{}
type ComponentConfig ¶
type ComponentConfig struct {
Exceptions Exception `json:"exceptions"`
}
type ConfigObj ¶ added in v1.0.42
type ConfigObj struct {
CustomerGUID string `json:"customerGUID"`
Token string `json:"invitationParam"`
CustomerAdminEMail string `json:"adminMail"`
ClusterName string `json:"clusterName"`
}
type DownloadInfo ¶ added in v1.0.35
type Exception ¶
type Exception struct {
Ignore *bool `json:"ignore"` // ignore test results
MultipleScore *reporthandling.AlertScore `json:"multipleScore"` // MultipleScore number - float32
Namespaces []string `json:"namespaces"`
Regex string `json:"regex"` // not supported
}
type Getters ¶ added in v1.0.36
type Getters struct {
ExceptionsGetter getter.IExceptionsGetter
ControlsInputsGetter getter.IControlsInputsGetter
PolicyGetter getter.IPolicyGetter
}
type ITenantConfig ¶ added in v1.0.133
type ITenantConfig interface {
// set
SetTenant() error
// getters
GetClusterName() string
GetCustomerGUID() string
GetConfigObj() *ConfigObj
IsConfigFound() bool
}
====================================================================================== =============================== interface ============================================ ======================================================================================
type IVersionCheckHandler ¶ added in v1.0.131
type IVersionCheckHandler interface {
CheckLatestVersion(*VersionCheckRequest) error
}
func NewIVersionCheckHandler ¶ added in v1.0.131
func NewIVersionCheckHandler() IVersionCheckHandler
type K8SResources ¶
K8SResources map[<api group>/<api version>/<resource>][]<resourceID>
type ListPolicies ¶ added in v1.0.153
type LocalConfig ¶ added in v1.0.133
type LocalConfig struct {
// contains filtered or unexported fields
}
====================================================================================== ============================ Local Config ============================================ ====================================================================================== Config when scanning YAML files or URL but not a Kubernetes cluster
func NewLocalConfig ¶ added in v1.0.133
func NewLocalConfig(backendAPI getter.IBackend, customerGUID, clusterName string) *LocalConfig
func (*LocalConfig) GetClusterName ¶ added in v1.0.133
func (lc *LocalConfig) GetClusterName() string
func (*LocalConfig) GetConfigObj ¶ added in v1.0.133
func (lc *LocalConfig) GetConfigObj() *ConfigObj
func (*LocalConfig) GetCustomerGUID ¶ added in v1.0.133
func (lc *LocalConfig) GetCustomerGUID() string
func (*LocalConfig) IsConfigFound ¶ added in v1.0.133
func (lc *LocalConfig) IsConfigFound() bool
func (*LocalConfig) SetCustomerGUID ¶ added in v1.0.150
func (lc *LocalConfig) SetCustomerGUID(customerGUID string)
func (*LocalConfig) SetTenant ¶ added in v1.0.133
func (lc *LocalConfig) SetTenant() error
type OPASessionObj ¶
type OPASessionObj struct {
K8SResources *K8SResources // input k8s objects
Frameworks []reporthandling.Framework // list of frameworks to scan
AllResources map[string]workloadinterface.IMetadata // all scanned resources, map[<rtesource ID>]<resource>
ResourcesResult map[string]resourcesresults.Result // resources scan results, map[<rtesource ID>]<resource result>
PostureReport *reporthandling.PostureReport // scan results v1
Report *reporthandlingv2.PostureReport // scan results v2
Exceptions []armotypes.PostureExceptionPolicy // list of exceptions to apply on scan results
RegoInputData RegoInputData // input passed to rgo for scanning. map[<control name>][<input arguments>]
}
func NewOPASessionObj ¶
func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SResources) *OPASessionObj
func NewOPASessionObjMock ¶
func NewOPASessionObjMock() *OPASessionObj
type Policies ¶ added in v1.0.148
type Policies struct {
Frameworks []string
Controls map[string]reporthandling.Control // map[<control ID>]<control>
}
func NewPolicies ¶ added in v1.0.148
func NewPolicies() *Policies
type RBACObjects ¶ added in v1.0.133
type RBACObjects struct {
// contains filtered or unexported fields
}
func NewRBACObjects ¶ added in v1.0.133
func NewRBACObjects(scanner *rbacscanner.RbacScannerFromK8sAPI) *RBACObjects
func (*RBACObjects) ListAllResources ¶ added in v1.0.133
func (rbacObjects *RBACObjects) ListAllResources() (map[string]workloadinterface.IMetadata, error)
func (*RBACObjects) SetResourcesReport ¶ added in v1.0.133
func (rbacObjects *RBACObjects) SetResourcesReport() (*reporthandling.PostureReport, error)
type RegoInputData ¶ added in v1.0.101
type ScanInfo ¶ added in v1.0.35
type ScanInfo struct {
Getters
PolicyIdentifier []reporthandling.PolicyIdentifier
UseExceptions string // Load file with exceptions configuration
ControlsInputs string // Load file with inputs for controls
UseFrom []string // Load framework from local file (instead of download). Use when running offline
UseDefault bool // Load framework from cached file (instead of download). Use when running offline
VerboseMode bool // Display all of the input resources and not only failed resources
Format string // Format results (table, json, junit ...)
Output string // Store results in an output file, Output file name
ExcludedNamespaces string // used for host sensor namespace
IncludeNamespaces string // DEPRECATED?
InputPatterns []string // Yaml files input patterns
Silent bool // Silent mode - Do not print progress logs
FailThreshold uint16 // Failure score threshold
Submit bool // Submit results to Armo BE
HostSensor BoolPtrFlag // Deploy ARMO K8s host sensor to collect data from certain controls
Local bool // Do not submit results
Account string // account ID
KubeContext string // context name
FrameworkScan bool // false if scanning control
ScanAll bool // true if scan all frameworks
}
func (*ScanInfo) GetScanningEnvironment ¶ added in v1.0.133
func (*ScanInfo) SetPolicyIdentifiers ¶ added in v1.0.132
func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind reporthandling.NotificationPolicyKind)
type VersionCheckHandler ¶ added in v1.0.131
type VersionCheckHandler struct {
// contains filtered or unexported fields
}
func NewVersionCheckHandler ¶ added in v1.0.131
func NewVersionCheckHandler() *VersionCheckHandler
func (*VersionCheckHandler) CheckLatestVersion ¶ added in v1.0.131
func (v *VersionCheckHandler) CheckLatestVersion(versionData *VersionCheckRequest) error
type VersionCheckHandlerMock ¶ added in v1.0.131
type VersionCheckHandlerMock struct {
}
func NewVersionCheckHandlerMock ¶ added in v1.0.131
func NewVersionCheckHandlerMock() *VersionCheckHandlerMock
func (*VersionCheckHandlerMock) CheckLatestVersion ¶ added in v1.0.131
func (v *VersionCheckHandlerMock) CheckLatestVersion(versionData *VersionCheckRequest) error
type VersionCheckRequest ¶ added in v1.0.131
type VersionCheckRequest struct {
Client string `json:"client"` // kubescape
ClientVersion string `json:"clientVersion"` // kubescape version
Framework string `json:"framework"` // framework name
FrameworkVersion string `json:"frameworkVersion"` // framework version
ScanningTarget string `json:"target"` // scanning target- cluster/yaml
}
func NewVersionCheckRequest ¶ added in v1.0.131
func NewVersionCheckRequest(buildNumber, frameworkName, frameworkVersion, scanningTarget string) *VersionCheckRequest
type VersionCheckResponse ¶ added in v1.0.131
type VersionCheckResponse struct {
Client string `json:"client"` // kubescape
ClientUpdate string `json:"clientUpdate"` // kubescape latest version
Framework string `json:"framework"` // framework name
FrameworkUpdate string `json:"frameworkUpdate"` // framework latest version
Message string `json:"message"` // alert message
}
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.