audit

package
v3.20.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 29, 2025 License: Apache-2.0 Imports: 49 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddToManager 

func AddToManager(m manager.Manager, deps *Dependencies) error

AddToManager adds audit manager to the Manager.

Types

type CacheLister 

type CacheLister struct {
	// contains filtered or unexported fields
}

CacheLister lists objects from the audit controller's cache.

func NewAuditCacheLister 

func NewAuditCacheLister(auditCache client.Reader, lister WatchIterator) *CacheLister

NewAuditCacheLister instantiates a new AuditCache which will read objects in watched from auditCache.

func (*CacheLister) ListObjects 

func (l *CacheLister) ListObjects(ctx context.Context) ([]unstructured.Unstructured, error)

ListObjects lists all objects from the audit cache.

type Dependencies 

type Dependencies struct {
	Client          *constraintclient.Client
	ProcessExcluder *process.Excluder
	CacheLister     *CacheLister
	ExpansionSystem *expansion.System
	ExportSystem    *export.System
	GetPod          func(context.Context) (*corev1.Pod, error)
}

type LimitQueue added in v3.16.0 

type LimitQueue struct {
	// contains filtered or unexported fields
}

LimitQueue implements logic to ensure priority queue len <= limit in order to provide performance guarantees on heap methods.

func (*LimitQueue) Len added in v3.16.0 

func (lq *LimitQueue) Len() int

func (*LimitQueue) Peek added in v3.16.0 

func (lq *LimitQueue) Peek() *StatusViolation

func (*LimitQueue) Pop added in v3.16.0 

func (lq *LimitQueue) Pop() *StatusViolation

func (*LimitQueue) Push added in v3.16.0 

func (lq *LimitQueue) Push(x *StatusViolation)

type Manager 

type Manager struct {
	// contains filtered or unexported fields
}

Manager allows us to audit resources periodically.

func New 

func New(mgr manager.Manager, deps *Dependencies) (*Manager, error)

New creates a new manager for audit.

func (*Manager) Start 

func (am *Manager) Start(ctx context.Context) error

Start implements controller.Controller.

type Result 

type Result struct {
	*types.Result
	// contains filtered or unexported fields
}

func ToResults 

func ToResults(obj *unstructured.Unstructured, resp *types.Responses) []Result

type SVQueue added in v3.16.0 

type SVQueue []*StatusViolation

A max PriorityQueue implements heap.Interface and holds StatusViolation.

func (SVQueue) Len added in v3.16.0 

func (svq SVQueue) Len() int

func (SVQueue) Less added in v3.16.0 

func (svq SVQueue) Less(i, j int) bool

Implements sort.Interface based on the group, version, kind, namespace, name, message and enforcement action fields. For Pop to give us the highest priority, use greater than here.

func (*SVQueue) Pop added in v3.16.0 

func (svq *SVQueue) Pop() any

func (*SVQueue) Push added in v3.16.0 

func (svq *SVQueue) Push(x any)

func (SVQueue) Swap added in v3.16.0 

func (svq SVQueue) Swap(i, j int)

type StatusViolation 

type StatusViolation struct {
	Group              string   `json:"group"`
	Version            string   `json:"version"`
	Kind               string   `json:"kind"`
	Name               string   `json:"name"`
	Namespace          string   `json:"namespace,omitempty"`
	Message            string   `json:"message"`
	EnforcementAction  string   `json:"enforcementAction"`
	EnforcementActions []string `json:"enforcementActions,omitempty"`
}

StatusViolation represents each violation under status.

type WatchIterator added in v3.14.0 

type WatchIterator interface {
	DoForEach(listFunc func(gvk schema.GroupVersionKind) error) error
}

wraps DoForEach from a watch.Set.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.