Documentation ¶
Index ¶
- func FixUnavailableReason(image string, v metadata.Vulnerability, isp v1beta1.ImageSecurityPolicy) policy.Reason
- func ImageSecurityPolicies(namespace string) ([]v1beta1.ImageSecurityPolicy, error)
- func SeverityReason(image string, v metadata.Vulnerability, isp v1beta1.ImageSecurityPolicy) policy.Reason
- func UnqualifiedImageReason(image string) policy.Reason
- func ValidateImageSecurityPolicy(isp v1beta1.ImageSecurityPolicy, image string, client metadata.ReadWriteClient) ([]policy.Violation, error)
- type ValidateFunc
- type Violation
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func FixUnavailableReason ¶
func FixUnavailableReason(image string, v metadata.Vulnerability, isp v1beta1.ImageSecurityPolicy) policy.Reason
FixUnavailabileReason returns a detailed reason if an unfixable CVE exceeds max severity
func ImageSecurityPolicies ¶
func ImageSecurityPolicies(namespace string) ([]v1beta1.ImageSecurityPolicy, error)
ImageSecurityPolicies returns all ISPs in the specified namespaces Pass in an empty string to get all ISPs in all namespaces
func SeverityReason ¶
func SeverityReason(image string, v metadata.Vulnerability, isp v1beta1.ImageSecurityPolicy) policy.Reason
SeverityReason returns a detailed reason if a CVE exceeds max severity
func UnqualifiedImageReason ¶
UnqualifiedImageReason returns a detailed reason if the image is unqualified
func ValidateImageSecurityPolicy ¶
func ValidateImageSecurityPolicy(isp v1beta1.ImageSecurityPolicy, image string, client metadata.ReadWriteClient) ([]policy.Violation, error)
ValidateImageSecurityPolicy checks if an image satisfies ISP requirements It returns a list of vulnerabilities that don't pass
Types ¶
type ValidateFunc ¶
type ValidateFunc func(isp v1beta1.ImageSecurityPolicy, image string, client metadata.ReadWriteClient) ([]policy.Violation, error)
ValidateFunc defines the type for Validating Image Security Policies
type Violation ¶
type Violation struct {
// contains filtered or unexported fields
}
Violation represents a vulnerability that violates an ISP
func NewViolation ¶
func NewViolation(vulnz *metadata.Vulnerability, t policy.ViolationType, r policy.Reason) Violation
func (Violation) Details ¶
func (v Violation) Details() interface{}
Details returns the detailed violtation
func (Violation) Type ¶
func (v Violation) Type() policy.ViolationType
Type returns the violation type