configauditreport

package

v0.9.2 Latest Latest Go to latest Published: Dec 14, 2023 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/khulnasoft/tunnel-operator

Links

Open Source Insights

Documentation ¶

Overview ¶

Package configauditreport provides primitives for working with Kubernetes workload configuration checkers.

Index ¶

type ConfigAuditConfig
type PluginInMemory
type ReadWriter
- func NewReadWriter(ObjectResolver *kube.ObjectResolver) ReadWriter
type Reader
type ReportBuilder
- func NewReportBuilder(scheme *runtime.Scheme) *ReportBuilder
type Writer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ConfigAuditConfig ¶

type ConfigAuditConfig interface {

	// GetUseBuiltinRegoPolicies return trivy config which associated to configauditreport plugin
	GetUseBuiltinRegoPolicies() bool
	// GetSupportedConfigAuditKinds list of supported kinds to be scanned by the config audit scanner
	GetSupportedConfigAuditKinds() []string

	// GetSeverity get security level
	GetSeverity() string
}

ConfigAuditConfig defines the interface between tunnel-operator and trivy configuration which related to configauditreport

type PluginInMemory ¶

type PluginInMemory interface {

	// Init is a callback to initialize this plugin, e.g. ensure the default
	// configuration.
	Init(ctx tunneloperator.PluginContext) error

	NewConfigForConfigAudit(ctx tunneloperator.PluginContext) (ConfigAuditConfig, error)
}

PluginInMemory defines the interface between tunnel-operator and trivy configuration

type ReadWriter ¶

type ReadWriter interface {
	Writer
	Reader
}

func NewReadWriter ¶

func NewReadWriter(ObjectResolver *kube.ObjectResolver) ReadWriter

NewReadWriter constructs a new ReadWriter which is using the client package provided by the controller-runtime libraries for interacting with the Kubernetes API server.

type Reader ¶

type Reader interface {

	// FindReportByOwner returns a v1alpha1.ConfigAuditReport owned by the given
	// kube.ObjectRef or nil if the report is not found.
	FindReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error)

	// FindClusterReportByOwner returns a v1alpha1.ClusterConfigAuditReport owned by the given
	// kube.ObjectRef or nil if the report is not found.
	FindClusterReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error)
}

Reader is the interface that wraps methods for finding v1alpha1.ConfigAuditReport and v1alpha1.ClusterConfigAuditReport objects.

type ReportBuilder ¶

type ReportBuilder struct {
	// contains filtered or unexported fields
}

func NewReportBuilder ¶

func NewReportBuilder(scheme *runtime.Scheme) *ReportBuilder

func (*ReportBuilder) AdditionalReportLabels ¶

func (b *ReportBuilder) AdditionalReportLabels(additionalReportLabels map[string]string) *ReportBuilder

func (*ReportBuilder) Controller ¶

func (b *ReportBuilder) Controller(controller client.Object) *ReportBuilder

func (*ReportBuilder) Data ¶

func (b *ReportBuilder) Data(data v1alpha1.ConfigAuditReportData) *ReportBuilder

func (*ReportBuilder) GetClusterReport ¶

func (b *ReportBuilder) GetClusterReport() (v1alpha1.ClusterConfigAuditReport, error)

func (*ReportBuilder) GetReport ¶

func (b *ReportBuilder) GetReport() (v1alpha1.ConfigAuditReport, error)

func (*ReportBuilder) PluginConfigHash ¶

func (b *ReportBuilder) PluginConfigHash(hash string) *ReportBuilder

func (*ReportBuilder) ReportTTL ¶

func (b *ReportBuilder) ReportTTL(ttl *time.Duration) *ReportBuilder

func (*ReportBuilder) ResourceLabelsToInclude ¶

func (b *ReportBuilder) ResourceLabelsToInclude(resourceLabelsToInclude []string) *ReportBuilder

func (*ReportBuilder) ResourceSpecHash ¶

func (b *ReportBuilder) ResourceSpecHash(hash string) *ReportBuilder

func (*ReportBuilder) Write ¶

func (b *ReportBuilder) Write(ctx context.Context, writer Writer) error

type Writer ¶

type Writer interface {

	// WriteReport creates or updates the given v1alpha1.ConfigAuditReport instance.
	WriteReport(ctx context.Context, report v1alpha1.ConfigAuditReport) error

	// WriteClusterReport creates or updates the given v1alpha1.ClusterConfigAuditReport instance.
	WriteClusterReport(ctx context.Context, report v1alpha1.ClusterConfigAuditReport) error
}

Writer is the interface for saving v1alpha1.ClusterConfigAuditReport and v1alpha1.ConfigAuditReport instances.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
controller

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL