Documentation
¶
Index ¶
Constants ¶
View Source
const ( ResourceFoundType = "ResourceFound" PolicyValidType = "PolicyValid" DecoysDeployedType = "DecoysDeployed" CaptorsDeployedType = "CaptorsDeployed" ResourceFoundReason_Found = "ResourceFound" ResourceFoundMessage_Found = "DeceptionPolicy found and ready" PolicyValidReason_Pending = "ValidationPending" PolicyValidReason_Valid = "TrapsSpecValid" PolicyValidReason_Invalid = "TrapsSpecInvalid" DecoysDeployedReason_Pending = "DecoyDeploymentPending" DecoysDeployedReason_Success = "DecoyDeploymentSucceeded" DecoysDeployedReason_PartialSuccess = "DecoyDeploymentSucceededPartially" DecoysDeployedReason_GenericError = "DecoyDeploymentError" DecoysDeployedReason_NoObjects = "NoObjectsMatched" TrapDeployedMessage_NoObjects = "No objects matching selection criteria" CaptorsDeployedReason_Pending = "CaptorDeploymentPending" CaptorsDeployedReason_Success = "CaptorDeploymentSucceeded" CaptorsDeployedReason_PartialSuccess = "CaptorDeploymentSucceededPartially" CaptorsDeployedReason_GenericError = "CaptorDeploymentError" CaptorsDeployedReason_NoObjects = "NoObjectsMatched" CaptorsDeployedReason_MissingTetragon = "TetragonNotInstalled" CaptorsDeployedMessage_MissingTetragon = "Cannot deploy captors without Tetragon" )
Variables ¶
View Source
var CaptorDeployedStatusConditions = TrapDeploymentStatusEnum{ ObjectName: "captors", Reasons: TrapDeploymentStatusReasonsEnum{ Unknown: CaptorsDeployedReason_Pending, Success: CaptorsDeployedReason_Success, PartialSuccess: CaptorsDeployedReason_PartialSuccess, Error: CaptorsDeployedReason_GenericError, NoObjects: CaptorsDeployedReason_NoObjects, }, Messages: TrapDeploymentStatusMessagesEnum{ NoObjects: TrapDeployedMessage_NoObjects, }, }
CaptorDeployedStatusConditions stores the status condition reasons and messages for captors.
View Source
var DecoyDeployedStatusConditions = TrapDeploymentStatusEnum{ ObjectName: "decoys", Reasons: TrapDeploymentStatusReasonsEnum{ Unknown: DecoysDeployedReason_Pending, Success: DecoysDeployedReason_Success, PartialSuccess: DecoysDeployedReason_PartialSuccess, Error: DecoysDeployedReason_GenericError, NoObjects: DecoysDeployedReason_NoObjects, }, Messages: TrapDeploymentStatusMessagesEnum{ NoObjects: TrapDeployedMessage_NoObjects, }, }
DecoyDeployedStatusConditions stores the status condition reasons and messages for decoys.
Functions ¶
Types ¶
type DeceptionPolicyReconciler ¶
type DeceptionPolicyReconciler struct {
client.Client
Scheme *runtime.Scheme
Clientset kubernetes.Clientset
Config rest.Config
}
DeceptionPolicyReconciler reconciles a DeceptionPolicy object
func (*DeceptionPolicyReconciler) Reconcile ¶
func (r *DeceptionPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (reconcilResult ctrl.Result, reconcileErr error)
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state.
func (*DeceptionPolicyReconciler) SetupWithManager ¶
func (r *DeceptionPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type TrapDeploymentStatusEnum ¶
type TrapDeploymentStatusEnum struct {
// ObjectName is the name of the traps being deployed (e.g. "decoys" or "captors").
ObjectName string
// Reasons contains the possible reasons for the trap deployment status.
Reasons TrapDeploymentStatusReasonsEnum
// Messages contains the possible messages for the trap deployment status.
Messages TrapDeploymentStatusMessagesEnum
}
TrapDeploymentStatusEnum defines the possible conditions for a trap deployment. This struct exists so that we can generically pass decoy and captor status conditions.
type TrapDeploymentStatusMessagesEnum ¶
type TrapDeploymentStatusMessagesEnum struct {
NoObjects string
}
type TrapReconcileResult ¶
type TrapReconcileResult struct {
// NumTraps is the total number of traps that were passed for reconciliation.
NumTraps int
// NumSuccesses is the number of traps that were successfully reconciled.
NumSuccesses int
// NumFailures is the number of traps that had errors during reconciliation.
NumFailures int
// ShouldRequeue is true if we encountered a situation where we should retry the deployment later.
ShouldRequeue bool
// OverrideStatusCondition is a reason that should be set when updating the status, instead of the default one.
OverrideStatusConditionReason string
// OverrideStatusConditionMessage is a message that should be set when updating the status, instead of the default one.
OverrideStatusConditionMessage string
// Errors contains all the errors that happened during the reconciliation.
Errors error
}
TrapReconcileResult unifies the deployment result after reconciling either decoys or captors.
func (TrapReconcileResult) NumSkipped ¶
func (r TrapReconcileResult) NumSkipped() int
NumSkipped is the number of traps that were skipped during reconciliation.
func (TrapReconcileResult) NumTries ¶
func (r TrapReconcileResult) NumTries() int
NumTries is the total number of traps for which we tried a reconciliation (NumSuccesses + NumFailures). This number might be lower than NumTraps if we skip traps that don't need to be reconciled.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.