cautils

package
v3.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2024 License: Apache-2.0 Imports: 74 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ScanCommand                OperatorSubCommand = "scan"
	ScanConfigCommand          OperatorSubCommand = "config"
	ScanVulnerabilitiesCommand OperatorSubCommand = "vulnerabilities"
	KubescapeScanV1            string             = "scanV1"
)
View Source 
const (
	DefaultPortForwardPortEnv   string = "DEFAULT_PORT_FORWARDER_PORT"
	DefaultPortForwardPortValue string = "4444"
)
View Source 
const (
	ScopeCluster = "cluster"
	ScopeYAML    = "yaml"
)
View Source 
const (
	LocalExceptionsFilename   string = "exceptions.json"
	LocalAttackTracksFilename string = "attack-tracks.json"
)
View Source 
const (
	CommentFormat = `#This is the (?P<line>\d*) line`
)

Variables

View Source 
var (
	YAML_PREFIX = []string{"yaml", "yml"}
	JSON_PREFIX = []string{"json"}
)
View Source 
var (
	ImageVulnResources  = []string{"ImageVulnerabilities"}
	HostSensorResources = []string{"KubeletConfiguration",
		"KubeletCommandLine",
		"OsReleaseFile",
		"KernelVersion",
		"LinuxSecurityHardeningStatus",
		"OpenPortsList",
		"LinuxKernelVariables",
		"KubeletInfo",
		"KubeProxyInfo",
		"ControlPlaneInfo",
		"CloudProviderInfo",
		"CNIInfo",
	}
	CloudResources = []string{
		cloudapis.CloudProviderDescribeKind,
		cloudapis.CloudProviderDescribeRepositoriesKind,
		cloudapis.CloudProviderListEntitiesForPoliciesKind,
		cloudapis.CloudProviderPolicyVersionKind,
		string(cloudsupport.TypeApiServerInfo),
	}
)
View Source 
var BuildNumber string
View Source 
var Client string

Functions

func AdoptClusterName 

func AdoptClusterName(clusterName string) string

func BoldDisplay 

func BoldDisplay(w io.Writer, format string, a ...interface{})

func ConfigFileFullPath 

func ConfigFileFullPath() string

func DeleteConfigFile 

func DeleteConfigFile() error

func DescriptionDisplay 

func DescriptionDisplay(w io.Writer, format string, a ...interface{})

func ExecName 

func ExecName() string

ExecName returns the correct name to use in examples depending on how kubescape is invoked

func FailureDisplay 

func FailureDisplay(w io.Writer, format string, a ...interface{})

func FailureTextDisplay 

func FailureTextDisplay(w io.Writer, format string, a ...interface{})

func Float16ToInt 

func Float16ToInt(x float32) int

Float16ToInt convert float16 to int

func Float32ToInt 

func Float32ToInt(x float32) int

Float32ToInt convert float32 to int

func Float64ToInt 

func Float64ToInt(x float64) int

Float64ToInt convert float64 to int

func GetConfigMapNamespace 

func GetConfigMapNamespace() string

GetConfigMapNamespace returns the namespace of the cluster config, which is the same for all in-cluster components 

func GetControlLink(controlID string) string

func GetScanningScope added in v3.0.4 

func GetScanningScope(ContextMetadata reporthandlingv2.ContextMetadata) reporthandling.ScanningScopeType

func GetTemplateMapping added in v3.0.4 

func GetTemplateMapping(sourceToFile map[string]string, fileMapping map[string]MappingNodes)

func InfoDisplay 

func InfoDisplay(w io.Writer, format string, a ...interface{})

func InfoTextDisplay 

func InfoTextDisplay(w io.Writer, format string, a ...interface{})

func IsHelmDirectory 

func IsHelmDirectory(path string) (bool, error)

func IsJson 

func IsJson(filePath string) bool

func IsKrewPlugin 

func IsKrewPlugin() bool

func IsKustomizeFile 

func IsKustomizeFile(path string) bool

Used for checking if the path is Kustomization file.

func IsYaml 

func IsYaml(filePath string) bool

func LineDisplay added in v3.0.1 

func LineDisplay(w io.Writer, format string, a ...interface{})

func LoadResourcesFromFiles 

func LoadResourcesFromFiles(ctx context.Context, input, rootPath string) map[string][]workloadinterface.IMetadata

func LoadResourcesFromHelmCharts 

func LoadResourcesFromHelmCharts(ctx context.Context, basePath string) (map[string][]workloadinterface.IMetadata, map[string]Chart, map[string]MappingNodes)

LoadResourcesFromHelmCharts scans a given path (recursively) for helm charts, renders the templates and returns a map of workloads and a map of chart names

func LoadResourcesFromKustomizeDirectory 

func LoadResourcesFromKustomizeDirectory(ctx context.Context, basePath string) (map[string][]workloadinterface.IMetadata, string)

If the contents at given path is a Kustomize Directory, LoadResourcesFromKustomizeDirectory will generate yaml files using "Kustomize" & renders a map of workloads from those yaml files

func MapCloudResources 

func MapCloudResources(externalResourceMap ExternalResources) []string

func MapExternalResource 

func MapExternalResource(externalResourceMap ExternalResources, resources []string) []string

func MapHostResources 

func MapHostResources(externalResourceMap ExternalResources) []string

func MapImageVulnResources 

func MapImageVulnResources(externalResourceMap ExternalResources) []string

func NormalizeImageName 

func NormalizeImageName(img string) (string, error)

func ParseBoolEnvVar 

func ParseBoolEnvVar(varName string, defaultValue bool) (bool, error)

func ParseIntEnvVar 

func ParseIntEnvVar(varName string, defaultValue int) (int, error)

func PrettyJson 

func PrettyJson(data interface{}) ([]byte, error)

func ReadFile 

func ReadFile(fileContent []byte, fileFormat FileFormat) ([]workloadinterface.IMetadata, error)

func RemoveComment added in v3.0.4 

func RemoveComment(sourceToFile map[string]string)

func ReportV2ToV1 

func ReportV2ToV1(opaSessionObj *OPASessionObj) *reporthandling.PostureReport

func ScanningContextToScanningScope 

func ScanningContextToScanningScope(scanningContext ScanningContext) string

ScanningContextToScanningScope convert the context to the deprecated scope

func SectionHeadingDisplay added in v3.0.1 

func SectionHeadingDisplay(w io.Writer, format string, a ...interface{})

func SetInfoMapForResources 

func SetInfoMapForResources(info string, resources []string, errorMap map[string]apis.StatusInfo)

func ShouldSkipRule added in v3.0.4 

func ShouldSkipRule(control reporthandling.Control, rule reporthandling.PolicyRule, scanningScope reporthandling.ScanningScopeType) bool

ShouldSkipRule checks if the rule should be skipped It checks the following:

  1. Rule is compatible with the current kubescape version
  2. Rule fits the current scanning scope

func SimpleDisplay 

func SimpleDisplay(w io.Writer, format string, a ...interface{})

func StarDisplay added in v3.0.1 

func StarDisplay(w io.Writer, format string, a ...interface{})

func StartSpinner 

func StartSpinner()

func StopSpinner 

func StopSpinner()

func StringSlicesAreEqual 

func StringSlicesAreEqual(a, b []string) bool

func SuccessDisplay 

func SuccessDisplay(w io.Writer, format string, a ...interface{})

func ValidateAccountID 

func ValidateAccountID(accountID string) error

To check if the provided account ID is valid

func WarningDisplay 

func WarningDisplay(w io.Writer, format string, a ...interface{})

Types

type BoolPtrFlag 

type BoolPtrFlag struct {
	// contains filtered or unexported fields
}

func NewBoolPtr 

func NewBoolPtr(b *bool) BoolPtrFlag

func (*BoolPtrFlag) Get 

func (bpf *BoolPtrFlag) Get() *bool

func (*BoolPtrFlag) GetBool 

func (bpf *BoolPtrFlag) GetBool() bool

func (*BoolPtrFlag) Set 

func (bpf *BoolPtrFlag) Set(val string) error

func (*BoolPtrFlag) SetBool 

func (bpf *BoolPtrFlag) SetBool(val bool)

func (*BoolPtrFlag) String 

func (bpf *BoolPtrFlag) String() string

func (*BoolPtrFlag) Type 

func (bpf *BoolPtrFlag) Type() string

type Chart 

type Chart struct {
	Name string
	Path string
}

type CloudURLs 

type CloudURLs struct {
	CloudReportURL string
	CloudAPIURL    string
}

type ClusterConfig 

type ClusterConfig struct {
	// contains filtered or unexported fields
}

func NewClusterConfig 

func NewClusterConfig(k8s *k8sinterface.KubernetesApi, accountID, accessKey, clusterName, customClusterName string) *ClusterConfig

func (*ClusterConfig) DeleteCachedConfig 

func (c *ClusterConfig) DeleteCachedConfig(ctx context.Context) error

func (*ClusterConfig) DeleteCredentials 

func (c *ClusterConfig) DeleteCredentials() error

func (*ClusterConfig) GenerateAccountID 

func (c *ClusterConfig) GenerateAccountID() (string, error)

func (*ClusterConfig) GetAccessKey 

func (c *ClusterConfig) GetAccessKey() string

func (*ClusterConfig) GetAccountID 

func (c *ClusterConfig) GetAccountID() string

func (*ClusterConfig) GetCloudAPIURL 

func (c *ClusterConfig) GetCloudAPIURL() string

func (*ClusterConfig) GetCloudReportURL 

func (c *ClusterConfig) GetCloudReportURL() string

func (*ClusterConfig) GetConfigObj 

func (c *ClusterConfig) GetConfigObj() *ConfigObj

func (*ClusterConfig) GetContextName 

func (c *ClusterConfig) GetContextName() string

func (*ClusterConfig) GetDefaultNS 

func (c *ClusterConfig) GetDefaultNS() string

func (*ClusterConfig) ToMapString 

func (c *ClusterConfig) ToMapString() map[string]interface{}

func (*ClusterConfig) UpdateCachedConfig 

func (c *ClusterConfig) UpdateCachedConfig() error

type ComponentConfig 

type ComponentConfig struct {
	Exceptions Exception `json:"exceptions"`
}

type ConfigObj 

type ConfigObj struct {
	AccountID      string `json:"accountID,omitempty"`
	ClusterName    string `json:"clusterName,omitempty"`
	CloudReportURL string `json:"cloudReportURL,omitempty"`
	CloudAPIURL    string `json:"cloudAPIURL,omitempty"`
	AccessKey      string `json:"accessKey,omitempty"`
}

func (*ConfigObj) Config 

func (co *ConfigObj) Config() []byte

Config - convert ConfigObj to config file

type ConfigScanInfo 

type ConfigScanInfo struct {
	ExcludedNamespaces []string
	IncludedNamespaces []string
	Frameworks         []string
	HostScanner        bool
}

func (*ConfigScanInfo) GetRequestPayload 

func (c *ConfigScanInfo) GetRequestPayload() *apis.Commands

func (*ConfigScanInfo) ValidatePayload 

func (c *ConfigScanInfo) ValidatePayload(commands *apis.Commands) error

type EnvScopeTypes 

type EnvScopeTypes string

type Exception 

type Exception struct {
	Ignore        *bool                      `json:"ignore"`        // ignore test results
	MultipleScore *reporthandling.AlertScore `json:"multipleScore"` // MultipleScore number - float32
	Namespaces    []string                   `json:"namespaces"`
	Regex         string                     `json:"regex"` // not supported
}

type ExternalResources 

type ExternalResources map[string][]string

type FileFormat 

type FileFormat string
const (
	YAML_FILE_FORMAT FileFormat = "yaml"
	JSON_FILE_FORMAT FileFormat = "json"
)

type Getters 

type Getters struct {
	ExceptionsGetter     getter.IExceptionsGetter
	ControlsInputsGetter getter.IControlsInputsGetter
	PolicyGetter         getter.IPolicyGetter
	AttackTracksGetter   getter.IAttackTracksGetter
}

type HelmChart 

type HelmChart struct {
	// contains filtered or unexported fields
}

func NewHelmChart 

func NewHelmChart(path string) (*HelmChart, error)

func (*HelmChart) AddCommentToTemplate added in v3.0.4 

func (hc *HelmChart) AddCommentToTemplate()

func (*HelmChart) GetDefaultValues 

func (hc *HelmChart) GetDefaultValues() map[string]interface{}

func (*HelmChart) GetName 

func (hc *HelmChart) GetName() string

func (*HelmChart) GetWorkloads 

func (hc *HelmChart) GetWorkloads(values map[string]interface{}) (map[string][]workloadinterface.IMetadata, map[string]MappingNodes, []error)

GetWorkloads renders chart template using the provided values and returns a map of source (absolute) file path to its workloads

func (*HelmChart) GetWorkloadsWithDefaultValues 

func (hc *HelmChart) GetWorkloadsWithDefaultValues() (map[string][]workloadinterface.IMetadata, map[string]MappingNodes, []error)

GetWorkloads renders chart template using the default values and returns a map of source file to its workloads

type ITenantConfig 

type ITenantConfig interface {
	UpdateCachedConfig() error
	DeleteCachedConfig(ctx context.Context) error
	GenerateAccountID() (string, error)
	DeleteCredentials() error

	// getters
	GetContextName() string
	GetAccountID() string
	GetAccessKey() string
	GetConfigObj() *ConfigObj
	GetCloudReportURL() string
	GetCloudAPIURL() string
}

====================================================================================== =============================== interface ============================================ ======================================================================================

func GetTenantConfig 

func GetTenantConfig(accountID, accessKey, clusterName, customClusterName string, k8s *k8sinterface.KubernetesApi) ITenantConfig

type ImageScanData 

type ImageScanData struct {
	PresenterConfig *models.PresenterConfig
	Image           string
}

type K8SResources 

type K8SResources map[string][]string

K8SResources map[<api group>/<api version>/<resource>][]<resourceID>

type KustomizeDirectory 

type KustomizeDirectory struct {
	// contains filtered or unexported fields
}

func NewKustomizeDirectory 

func NewKustomizeDirectory(path string) *KustomizeDirectory

func (*KustomizeDirectory) GetWorkloads 

func (kd *KustomizeDirectory) GetWorkloads(kustomizeDirectoryPath string) (map[string][]workloadinterface.IMetadata, []error)

Get Workloads, creates the yaml files(K8s resources) using Kustomize and renders the workloads from the yaml files (k8s resources)

type LocalConfig 

type LocalConfig struct {
	// contains filtered or unexported fields
}

func NewLocalConfig 

func NewLocalConfig(accountID, accessKey, clusterName, customClusterName string) *LocalConfig

func (*LocalConfig) DeleteCachedConfig 

func (lc *LocalConfig) DeleteCachedConfig(ctx context.Context) error

func (*LocalConfig) DeleteCredentials 

func (lc *LocalConfig) DeleteCredentials() error

func (*LocalConfig) GenerateAccountID 

func (lc *LocalConfig) GenerateAccountID() (string, error)

func (*LocalConfig) GetAccessKey 

func (lc *LocalConfig) GetAccessKey() string

func (*LocalConfig) GetAccountID 

func (lc *LocalConfig) GetAccountID() string

func (*LocalConfig) GetCloudAPIURL 

func (lc *LocalConfig) GetCloudAPIURL() string

func (*LocalConfig) GetCloudReportURL 

func (lc *LocalConfig) GetCloudReportURL() string

func (*LocalConfig) GetConfigObj 

func (lc *LocalConfig) GetConfigObj() *ConfigObj

func (*LocalConfig) GetContextName 

func (lc *LocalConfig) GetContextName() string

func (*LocalConfig) UpdateCachedConfig 

func (lc *LocalConfig) UpdateCachedConfig() error

type LocalGitRepository 

type LocalGitRepository struct {
	// contains filtered or unexported fields
}

func NewLocalGitRepository 

func NewLocalGitRepository(path string) (*LocalGitRepository, error)

func (*LocalGitRepository) GetBranchName 

func (g *LocalGitRepository) GetBranchName() string

GetBranchName get current branch name

func (LocalGitRepository) GetFileLastCommit 

func (g LocalGitRepository) GetFileLastCommit(filePath string) (*apis.Commit, error)

func (*LocalGitRepository) GetLastCommit 

func (g *LocalGitRepository) GetLastCommit() (*apis.Commit, error)

GetLastCommit get latest commit object

func (*LocalGitRepository) GetName 

func (g *LocalGitRepository) GetName() (string, error)

GetName get origin name without the .git suffix

func (*LocalGitRepository) GetRemoteUrl 

func (g *LocalGitRepository) GetRemoteUrl() (string, error)

GetRemoteUrl get default remote URL

func (*LocalGitRepository) GetRootDir 

func (g *LocalGitRepository) GetRootDir() (string, error)

type ManageClusterTypes 

type ManageClusterTypes string

type MappingNode added in v3.0.4 

type MappingNode struct {
	ObjectID           *ObjectID
	Field              string
	Value              string
	TemplateFileName   string
	TemplateLineNumber int
}

type MappingNodes added in v3.0.4 

type MappingNodes struct {
	Nodes            []map[string]MappingNode //Map line number of chart to template obj map[int]MappingNode
	TemplateFileName string
}

func GetMapping added in v3.0.4 

func GetMapping(fileName string, fileContent string) (*MappingNodes, error)

change to use go func

func NewMappingNodes added in v3.0.4 

func NewMappingNodes() *MappingNodes

type OPASessionObj 

type OPASessionObj struct {
	K8SResources          K8SResources                                  // input k8s objects
	ExternalResources     ExternalResources                             // input non-k8s objects (external resources)
	AllPolicies           *Policies                                     // list of all frameworks
	ExcludedRules         map[string]bool                               // rules to exclude map[rule name>]X
	AllResources          map[string]workloadinterface.IMetadata        // all scanned resources, map[<resource ID>]<resource>
	ResourcesResult       map[string]resourcesresults.Result            // resources scan results, map[<resource ID>]<resource result>
	ResourceSource        map[string]reporthandling.Source              // resources sources, map[<resource ID>]<resource result>
	ResourcesPrioritized  map[string]prioritization.PrioritizedResource // resources prioritization information, map[<resource ID>]<prioritized resource>
	ResourceAttackTracks  map[string]v1alpha1.IAttackTrack              // resources attack tracks, map[<resource ID>]<attack track>
	AttackTracks          map[string]v1alpha1.IAttackTrack
	Report                *reporthandlingv2.PostureReport // scan results v2 - Remove
	RegoInputData         RegoInputData                   // input passed to rego for scanning. map[<control name>][<input arguments>]
	Metadata              *reporthandlingv2.Metadata
	InfoMap               map[string]apis.StatusInfo         // Map errors of resources to StatusInfo
	ResourceToControlsMap map[string][]string                // map[<apigroup/apiversion/resource>] = [<control_IDs>]
	SessionID             string                             // SessionID
	Policies              []reporthandling.Framework         // list of frameworks to scan
	Exceptions            []armotypes.PostureExceptionPolicy // list of exceptions to apply on scan results
	OmitRawResources      bool                               // omit raw resources from output
	SingleResourceScan    workloadinterface.IWorkload        // single resource scan
	TopWorkloadsByScore   []reporthandling.IResource
	TemplateMapping       map[string]MappingNodes // Map chart obj to template (only for rendering from path)
}

func NewOPASessionObj 

func NewOPASessionObj(ctx context.Context, frameworks []reporthandling.Framework, k8sResources K8SResources, scanInfo *ScanInfo) *OPASessionObj

func NewOPASessionObjMock 

func NewOPASessionObjMock() *OPASessionObj

func (*OPASessionObj) SetMapNamespaceToNumberOfResources 

func (sessionObj *OPASessionObj) SetMapNamespaceToNumberOfResources(mapNamespaceToNumberOfResources map[string]int)

func (*OPASessionObj) SetNumberOfWorkerNodes 

func (sessionObj *OPASessionObj) SetNumberOfWorkerNodes(n int)

func (*OPASessionObj) SetTopWorkloads 

func (sessionObj *OPASessionObj) SetTopWorkloads()

SetTopWorkloads sets the top workloads by score

type ObjectID added in v3.0.4 

type ObjectID struct {
	// contains filtered or unexported fields
}

type OperatorConnector 

type OperatorConnector interface {
	StartPortForwarder() error
	StopPortForwarder()
	GetPortForwardLocalhost() string
}

func CreatePortForwarder 

func CreatePortForwarder(k8sClient *k8sinterface.KubernetesApi, pod *v1.Pod, forwardingPort, namespace string) (OperatorConnector, error)

type OperatorInfo 

type OperatorInfo struct {
	Namespace string
	OperatorScanInfo
	Subcommands []OperatorSubCommand
}

type OperatorScanInfo 

type OperatorScanInfo interface {
	GetRequestPayload() *apis.Commands
	ValidatePayload(*apis.Commands) error
}

type OperatorSubCommand 

type OperatorSubCommand string

type Policies 

type Policies struct {
	Controls   map[string]reporthandling.Control // map[<control ID>]<control>
	Frameworks []string
}

func NewPolicies 

func NewPolicies() *Policies

func (*Policies) Set 

func (policies *Policies) Set(frameworks []reporthandling.Framework, excludedRules map[string]bool, scanningScope reporthandling.ScanningScopeType)

type PolicyIdentifier 

type PolicyIdentifier struct {
	Identifier string                        // policy Identifier e.g. c-0012 for control, nsa,mitre for frameworks
	Kind       apisv1.NotificationPolicyKind // policy kind e.g. Framework,Control,Rule
}

type ProgressHandler 

type ProgressHandler struct {
	// contains filtered or unexported fields
}

func NewProgressHandler 

func NewProgressHandler(title string) *ProgressHandler

func (*ProgressHandler) ProgressJob 

func (p *ProgressHandler) ProgressJob(step int, message string)

func (*ProgressHandler) Start 

func (p *ProgressHandler) Start(allSteps int)

func (*ProgressHandler) Stop 

func (p *ProgressHandler) Stop()

type RBACObjects 

type RBACObjects struct {
	// contains filtered or unexported fields
}

func NewRBACObjects 

func NewRBACObjects(scanner *rbacscanner.RbacScannerFromK8sAPI) *RBACObjects

func (*RBACObjects) ListAllResources 

func (rbacObjects *RBACObjects) ListAllResources() (map[string]workloadinterface.IMetadata, error)

func (*RBACObjects) SetResourcesReport 

func (rbacObjects *RBACObjects) SetResourcesReport() (*reporthandlingv2.PostureReport, error)

type RegoInputData 

type RegoInputData struct {
	PostureControlInputs map[string][]string `json:"postureControlInputs"`
	DataControlInputs    map[string]string   `json:"dataControlInputs"`
}

type RootInfo 

type RootInfo struct {
	Logger             string // logger level
	LoggerName         string // logger name ("pretty"/"zap"/"none")
	CacheDir           string // cached dir
	DisableColor       bool   // Disable Color
	EnableColor        bool   // Force enable Color
	DiscoveryServerURL string // Discovery Server URL  (See https://github.com/kubescape/backend/tree/main/pkg/servicediscovery)
	KubeContext        string //  context name
}

type ScanInfo 

type ScanInfo struct {
	Getters                                            // TODO - remove from object
	PolicyIdentifier      []PolicyIdentifier           // TODO - remove from object
	UseExceptions         string                       // Load file with exceptions configuration
	ControlsInputs        string                       // Load file with inputs for controls
	AttackTracks          string                       // Load file with attack tracks
	UseFrom               []string                     // Load framework from local file (instead of download). Use when running offline
	UseDefault            bool                         // Load framework from cached file (instead of download). Use when running offline
	UseArtifactsFrom      string                       // Load artifacts from local path. Use when running offline
	VerboseMode           bool                         // Display all of the input resources and not only failed resources
	View                  string                       // Display all of the input resources and not only failed resources
	Format                string                       // Format results (table, json, junit ...)
	Output                string                       // Store results in an output file, Output file name
	FormatVersion         string                       // Output object can be different between versions, this is for testing and backward compatibility
	CustomClusterName     string                       // Set the custom name of the cluster
	ExcludedNamespaces    string                       // used for host scanner namespace
	IncludeNamespaces     string                       //
	InputPatterns         []string                     // Yaml files input patterns
	Silent                bool                         // Silent mode - Do not print progress logs
	FailThreshold         float32                      // DEPRECATED - Failure score threshold
	ComplianceThreshold   float32                      // Compliance score threshold
	FailThresholdSeverity string                       // Severity at and above which the command should fail
	Submit                bool                         // Submit results to Kubescape Cloud BE
	ScanID                string                       // Report id of the current scan
	HostSensorEnabled     BoolPtrFlag                  // Deploy Kubescape K8s host scanner to collect data from certain controls
	HostSensorYamlPath    string                       // Path to hostsensor file
	Local                 bool                         // Do not submit results
	AccountID             string                       // account ID
	AccessKey             string                       // access key
	FrameworkScan         bool                         // false if scanning control
	ScanAll               bool                         // true if scan all frameworks
	OmitRawResources      bool                         // true if omit raw resources from the output
	PrintAttackTree       bool                         // true if print attack tree
	ScanObject            *objectsenvelopes.ScanObject // identifies a single resource (k8s object) to be scanned
	IsDeletedScanObject   bool                         // indicates whether the ScanObject is a deleted K8S resource
	ScanType              ScanTypes
	ScanImages            bool
	ChartPath             string
	FilePath              string
}

func (*ScanInfo) Formats 

func (scanInfo *ScanInfo) Formats() []string

Formats returns a slice of output formats that have been requested for a given scan

func (*ScanInfo) GetScanningContext 

func (scanInfo *ScanInfo) GetScanningContext() ScanningContext

func (*ScanInfo) Init 

func (scanInfo *ScanInfo) Init(ctx context.Context)

func (*ScanInfo) SetPolicyIdentifiers 

func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind apisv1.NotificationPolicyKind)

func (*ScanInfo) SetScanType 

func (scanInfo *ScanInfo) SetScanType(scanType ScanTypes)

type ScanTypes 

type ScanTypes string
const (
	TopWorkloadsNumber           = 3
	ScanTypeCluster    ScanTypes = "cluster"
	ScanTypeRepo       ScanTypes = "repo"
	ScanTypeImage      ScanTypes = "image"
	ScanTypeWorkload   ScanTypes = "workload"
	ScanTypeFramework  ScanTypes = "framework"
	ScanTypeControl    ScanTypes = "control"
)

type ScanningContext 

type ScanningContext string
const (
	ContextCluster  ScanningContext = "cluster"
	ContextFile     ScanningContext = "single-file"
	ContextDir      ScanningContext = "local-dir"
	ContextGitURL   ScanningContext = "git-url"
	ContextGitLocal ScanningContext = "git-local"
)

func GetScanningContext 

func GetScanningContext(input string) ScanningContext

GetScanningContext get scanning context from the input param

type ViewTypes 

type ViewTypes string

TODO - UPDATE 

const (
	ResourceViewType ViewTypes = "resource"
	SecurityViewType ViewTypes = "security"
	ControlViewType  ViewTypes = "control"
)

type VulnerabilitiesScanInfo 

type VulnerabilitiesScanInfo struct {
	ClusterName       string
	IncludeNamespaces []string
}

func (*VulnerabilitiesScanInfo) GetRequestPayload 

func (v *VulnerabilitiesScanInfo) GetRequestPayload() *apis.Commands

func (*VulnerabilitiesScanInfo) ValidatePayload 

func (v *VulnerabilitiesScanInfo) ValidatePayload(commands *apis.Commands) error

Source Files

View all Source files

Directories

Path Synopsis
Package getter provides functionality to retrieve policy objects.
 Package getter provides functionality to retrieve policy objects.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.