Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type IngressAnalyzer ¶
type IngressAnalyzer struct {
// contains filtered or unexported fields
}
IngressAnalyzer provides API to analyze Ingress/Route resources, to allow inferring potential connectivity from ingress-controller to pods in the cluster
func NewIngressAnalyzerWithObjects ¶
func NewIngressAnalyzerWithObjects(objects []parser.K8sObject, pe *eval.PolicyEngine, l logger.Logger, muteErrsAndWarns bool) (*IngressAnalyzer, error)
NewIngressAnalyzerWithObjects returns a new IngressAnalyzer with relevant objects
func (*IngressAnalyzer) AllowedIngressConnections ¶
func (ia *IngressAnalyzer) AllowedIngressConnections() (map[string]*PeerAndIngressConnSet, error)
AllowedIngressConnections returns a map of the possible connections from ingress-controller pod to workload peers, as inferred from Ingress and Route resources. The map is from a workload name to its PeerAndIngressConnSet object.
func (*IngressAnalyzer) IsEmpty ¶
func (ia *IngressAnalyzer) IsEmpty() bool
IsEmpty returns whether there are no services to consider for Ingress analysis
type PeerAndIngressConnSet ¶
type PeerAndIngressConnSet struct { Peer eval.Peer ConnSet *common.ConnectionSet IngressObjects map[string][]string }
PeerAndIngressConnSet captures Peer object as allowed target from ingress-controller Pod, with its possible connections