Jan 4, 2021
Documentation
Overview ¶
Copyright © 2020 Red Hat Inc.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Index ¶
- Constants
- func AnyMcfgPoolLabelMatches(nodeSelector map[string]string, poolList *mcfgv1.MachineConfigPoolList) bool
- func ComplianceOperatorRootCA(certname string, expire int) ([]byte, []byte, error)
- func DNSLengthName(hashPrefix string, format string, a ...interface{}) string
- func FindNewestPod(pods []corev1.Pod) *corev1.Pod
- func GetComponentImage(component ComplianceComponent) string
- func GetFirstNodeRole(nodeSelector map[string]string) string
- func GetFirstNodeRoleLabel(nodeSelector map[string]string) string
- func GetNodeRoleSelector(role string) map[string]string
- func GetResultConfigMap(owner metav1.Object, configMapName, filename, nodeName string, ...) *corev1.ConfigMap
- func HaveOutdatedRemediations(client runtimeclient.Client) (error, bool)
- func IsMachineConfig(obj *unstructured.Unstructured) bool
- func LengthName(maxLen int, hashPrefix string, format string, a ...interface{}) (string, error)
- func McfgPoolLabelMatches(nodeSelector map[string]string, pool *mcfgv1.MachineConfigPool) bool
- func NewClientCert(caCert, caKey []byte, certname string, expire int) ([]byte, []byte, error)
- func NewServerCert(caCert, caKey []byte, certname string, expire int) ([]byte, []byte, error)
- func ParseMachineConfig(rem *compv1alpha1.ComplianceRemediation, obj *unstructured.Unstructured) (*mcfgv1.MachineConfig, error)
- type ComplianceComponent
- type Directory
- type ParseResult
- type ParseResultContext
- type ParseResultContextItem
- type XMLDocument
Constants ¶
const ( OPENSCAP = iota OPERATOR DEFAULT_PROFILE_BUNDLES )
Variables ¶
Functions ¶
func AnyMcfgPoolLabelMatches ¶
func AnyMcfgPoolLabelMatches(nodeSelector map[string]string, poolList *mcfgv1.MachineConfigPoolList) bool
AnyMcfgPoolLabelMatches verifies if the given nodeSelector matches the nodeSelector in any of the given MachineConfigPools
func DNSLengthName ¶
func FindNewestPod ¶
FindNewestPod finds the newest pod in the given set
func GetComponentImage ¶
func GetComponentImage(component ComplianceComponent) string
GetComponentImage returns a full image pull spec for a given component based on the component type
func GetFirstNodeRole ¶
func GetFirstNodeRoleLabel ¶
func GetNodeRoleSelector ¶
func GetResultConfigMap ¶
func GetResultConfigMap(owner metav1.Object, configMapName, filename, nodeName string, contents io.Reader, compressed bool, exitcode string, warnings string) *corev1.ConfigMap
GetResultConfigMap gets a configmap that reflects a result or an error for a scan
func HaveOutdatedRemediations ¶
func HaveOutdatedRemediations(client runtimeclient.Client) (error, bool)
func IsMachineConfig ¶
func IsMachineConfig(obj *unstructured.Unstructured) bool
IsMachineConfig checks if the specified object is a MachineConfig object
func LengthName ¶
LengthName creates a string of maximum defined length.
func McfgPoolLabelMatches ¶
func McfgPoolLabelMatches(nodeSelector map[string]string, pool *mcfgv1.MachineConfigPool) bool
McfgPoolLabelMatches verifies if the given nodeSelector matches the given MachineConfigPool's nodeSelector
func NewClientCert ¶
func NewServerCert ¶
func ParseMachineConfig ¶
func ParseMachineConfig(rem *compv1alpha1.ComplianceRemediation, obj *unstructured.Unstructured) (*mcfgv1.MachineConfig, error)
ParseMachineConfig parses a Machineconfig object from an unstructured object for a specific remediation.
Types ¶
type ComplianceComponent ¶
type ComplianceComponent uint
type ParseResult ¶
type ParseResult struct {
Id string
CheckResult *compv1alpha1.ComplianceCheckResult
Remediation *compv1alpha1.ComplianceRemediation
}
func ParseResultsFromContentAndXccdf ¶
func ParseResultsFromContentAndXccdf(scheme *runtime.Scheme, scanName string, namespace string, dsDom *XMLDocument, resultsReader io.Reader) ([]*ParseResult, error)
type ParseResultContext ¶
type ParseResultContext struct {
// contains filtered or unexported fields
}
ParseResultContext keeps track of items that are consistent across all "sources" in a ComplianceScan as well as items that are inconsistent
func NewParseResultContext ¶
func NewParseResultContext() *ParseResultContext
func (*ParseResultContext) AddResults ¶
func (prCtx *ParseResultContext) AddResults(source string, parsedResList []*ParseResult)
ParseResultContext.AddResults adds a batch of results coming from the parser and partitions them into either the consistent or the inconsistent list
func (*ParseResultContext) GetConsistentResults ¶
func (prCtx *ParseResultContext) GetConsistentResults() []*ParseResultContextItem
type ParseResultContextItem ¶
type ParseResultContextItem struct {
ParseResult
Annotations map[string]string
Labels map[string]string
// contains filtered or unexported fields
}
ParseResultContextItem wraps ParseResult with some metadata that need to be added to the created k8s object based on the processing result as well as which nodes the result comes from and whether it's been processed during a single loop that processes a single CM yet or not. The sources are used to keep track of which nodes differ from the "canonical" state of the check
type XMLDocument ¶
type XMLDocument struct {
*xmldom.Document
}
XMLDocument is a wrapper that keeps the interface XML-parser-agnostic
func ParseContent ¶
func ParseContent(dsReader io.Reader) (*XMLDocument, error)
ParseContent parses the DataStream and returns the XML document
Source Files
Valid 
Stable version