Documentation ¶
Index ¶
- Constants
- Variables
- func ConvertMapListToMeta(resourceMap []map[string]interface{}) []workloadinterface.IMetadata
- func ScanRepository(command string, branchOptional string) ([]string, error)
- type EmptySelector
- type ExcludeSelector
- type FileResourceHandler
- type GitHubRepository
- type IFieldSelector
- type IRepository
- type IResourceHandler
- type IncludeSelector
- type K8sResourceHandler
- type RegistryAdaptors
Constants ¶
View Source
const ( ImagevulnerabilitiesObjectGroup = "armo.vuln.images" ImagevulnerabilitiesObjectVersion = "v1" ImagevulnerabilitiesObjectKind = "ImageVulnerabilities" )
Variables ¶
View Source
var ( ClusterDescribe = "ClusterDescribe" KubeletConfiguration = "KubeletConfiguration" OsReleaseFile = "OsReleaseFile" KernelVersion = "KernelVersion" LinuxSecurityHardeningStatus = "LinuxSecurityHardeningStatus" OpenPortsList = "OpenPortsList" LinuxKernelVariables = "LinuxKernelVariables" KubeletCommandLine = "KubeletCommandLine" ImageVulnerabilities = "ImageVulnerabilities" KubeletInfo = "KubeletInfo" KubeProxyInfo = "KubeProxyInfo" ControlPlaneInfo = "ControlPlaneInfo" MapResourceToApiGroup = map[string]string{ KubeletConfiguration: "hostdata.kubescape.cloud/v1beta0", OsReleaseFile: "hostdata.kubescape.cloud/v1beta0", KubeletCommandLine: "hostdata.kubescape.cloud/v1beta0", KernelVersion: "hostdata.kubescape.cloud/v1beta0", LinuxSecurityHardeningStatus: "hostdata.kubescape.cloud/v1beta0", OpenPortsList: "hostdata.kubescape.cloud/v1beta0", LinuxKernelVariables: "hostdata.kubescape.cloud/v1beta0", KubeletInfo: "hostdata.kubescape.cloud/v1beta0", KubeProxyInfo: "hostdata.kubescape.cloud/v1beta0", ControlPlaneInfo: "hostdata.kubescape.cloud/v1beta0", } MapResourceToApiGroupVuln = map[string][]string{ ImageVulnerabilities: {"armo.vuln.images/v1", "image.vulnscan.com/v1"}} MapResourceToApiGroupCloud = map[string][]string{ ClusterDescribe: {"container.googleapis.com/v1", "eks.amazonaws.com/v1", "management.azure.com/v1"}} )
Functions ¶
func ConvertMapListToMeta ¶
func ConvertMapListToMeta(resourceMap []map[string]interface{}) []workloadinterface.IMetadata
Types ¶
type EmptySelector ¶
type EmptySelector struct { }
func (*EmptySelector) GetClusterScope ¶
func (es *EmptySelector) GetClusterScope(*schema.GroupVersionResource) bool
func (*EmptySelector) GetNamespacesSelectors ¶
func (es *EmptySelector) GetNamespacesSelectors(resource *schema.GroupVersionResource) []string
type ExcludeSelector ¶
type ExcludeSelector struct {
// contains filtered or unexported fields
}
func NewExcludeSelector ¶
func NewExcludeSelector(ns string) *ExcludeSelector
func (*ExcludeSelector) GetClusterScope ¶
func (es *ExcludeSelector) GetClusterScope(resource *schema.GroupVersionResource) bool
func (*ExcludeSelector) GetNamespacesSelectors ¶
func (es *ExcludeSelector) GetNamespacesSelectors(resource *schema.GroupVersionResource) []string
type FileResourceHandler ¶
type FileResourceHandler struct {
// contains filtered or unexported fields
}
FileResourceHandler handle resources from files and URLs
func NewFileResourceHandler ¶
func NewFileResourceHandler(inputPatterns []string, registryAdaptors *RegistryAdaptors) *FileResourceHandler
func (*FileResourceHandler) GetClusterAPIServerInfo ¶
func (fileHandler *FileResourceHandler) GetClusterAPIServerInfo() *version.Info
func (*FileResourceHandler) GetResources ¶
func (fileHandler *FileResourceHandler) GetResources(sessionObj *cautils.OPASessionObj, designator *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.KSResources, error)
type GitHubRepository ¶
type GitHubRepository struct {
// contains filtered or unexported fields
}
func NewGitHubRepository ¶
func NewGitHubRepository() *GitHubRepository
type IFieldSelector ¶
type IFieldSelector interface { GetNamespacesSelectors(*schema.GroupVersionResource) []string GetClusterScope(*schema.GroupVersionResource) bool }
type IRepository ¶
type IRepository interface {
// contains filtered or unexported methods
}
type IResourceHandler ¶
type IResourceHandler interface { GetResources(*cautils.OPASessionObj, *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.KSResources, error) GetClusterAPIServerInfo() *version.Info }
type IncludeSelector ¶
type IncludeSelector struct {
// contains filtered or unexported fields
}
func NewIncludeSelector ¶
func NewIncludeSelector(ns string) *IncludeSelector
func (*IncludeSelector) GetClusterScope ¶
func (is *IncludeSelector) GetClusterScope(resource *schema.GroupVersionResource) bool
func (*IncludeSelector) GetNamespacesSelectors ¶
func (is *IncludeSelector) GetNamespacesSelectors(resource *schema.GroupVersionResource) []string
type K8sResourceHandler ¶
type K8sResourceHandler struct {
// contains filtered or unexported fields
}
func NewK8sResourceHandler ¶
func NewK8sResourceHandler(k8s *k8sinterface.KubernetesApi, fieldSelector IFieldSelector, hostSensorHandler hostsensorutils.IHostSensor, rbacObjects *cautils.RBACObjects, registryAdaptors *RegistryAdaptors) *K8sResourceHandler
func (*K8sResourceHandler) GetClusterAPIServerInfo ¶
func (k8sHandler *K8sResourceHandler) GetClusterAPIServerInfo() *version.Info
func (*K8sResourceHandler) GetResources ¶
func (k8sHandler *K8sResourceHandler) GetResources(sessionObj *cautils.OPASessionObj, designator *armotypes.PortalDesignator) (*cautils.K8SResources, map[string]workloadinterface.IMetadata, *cautils.KSResources, error)
type RegistryAdaptors ¶
type RegistryAdaptors struct {
// contains filtered or unexported fields
}
func NewRegistryAdaptors ¶
func NewRegistryAdaptors() (*RegistryAdaptors, error)
Click to show internal directories.
Click to hide internal directories.