utils

package
v1.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 3, 2024 License: Apache-2.0 Imports: 44 Imported by: 0

Documentation

Overview

Copyright © 2020 Red Hat Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Index

Constants

View Source 
const (
	OPENSCAP = iota
	OPERATOR
	CONTENT
)

Variables

This section is empty.

Functions

func AnyMcfgPoolLabelMatches 

func AnyMcfgPoolLabelMatches(nodeSelector map[string]string, poolList *mcfgv1.MachineConfigPoolList) (bool, *mcfgv1.MachineConfigPool)

AnyMcfgPoolLabelMatches verifies if the given nodeSelector matches the nodeSelector in any of the given MachineConfigPools

func ComplianceOperatorRootCA 

func ComplianceOperatorRootCA(certname string, expire int) ([]byte, []byte, error)

func DNSLengthName 

func DNSLengthName(hashPrefix string, format string, a ...interface{}) string

func FindNewestPod 

func FindNewestPod(pods []corev1.Pod) *corev1.Pod

FindNewestPod finds the newest pod in the given set

func GetComponentImage 

func GetComponentImage(component ComplianceComponent) string

GetComponentImage returns a full image pull spec for a given component based on the component type

func GetControlPlaneTopology added in v1.5.0 

func GetControlPlaneTopology() string

func GetFirstNodeRole 

func GetFirstNodeRole(nodeSelector map[string]string) string

func GetFirstNodeRoleLabel 

func GetFirstNodeRoleLabel(nodeSelector map[string]string) string

func GetInstructionsForRule 

func GetInstructionsForRule(rule *xmlquery.Node, ocilTable NodeByIdHashTable, valuesList map[string]string) (instructionText string, valuesRendered []string)

func GetKCFromMC 

func GetKCFromMC(mc *mcfgv1.MachineConfig, client runtimeclient.Client) (*mcfgv1.KubeletConfig, error)

func GetNodeRoleSelector 

func GetNodeRoleSelector(role string) map[string]string

func GetNodeRoles 

func GetNodeRoles(nodeSelector map[string]string) []string

func GetPlatform added in v1.5.0 

func GetPlatform() string

func GetResultConfigMap 

func GetResultConfigMap(owner metav1.Object, configMapName, filename, nodeName string, contents io.Reader, compressed bool, exitcode string, warnings string) *corev1.ConfigMap

GetResultConfigMap gets a configmap that reflects a result or an error for a scan

func GetScanNameFromProfile added in v1.5.0 

func GetScanNameFromProfile(profileName string, nodeSelector map[string]string) string

func GetScanType added in v1.4.0 

func GetScanType(annotations map[string]string) compliancev1alpha1.ComplianceScanType

func GetWarningsForRule 

func GetWarningsForRule(rule *xmlquery.Node) []string

func HaveOutdatedRemediations 

func HaveOutdatedRemediations(client runtimeclient.Client) (error, bool)

func IDToDNSFriendlyName 

func IDToDNSFriendlyName(ruleIdRef string) string

IDToDNSFriendlyName gets the ID from the scan and returns a DNS friendly name

func IsHostedControlPlane added in v1.5.0 

func IsHostedControlPlane() bool

func IsKind 

func IsKind(obj *unstructured.Unstructured, kind string) bool

func IsKubeletConfig 

func IsKubeletConfig(obj *unstructured.Unstructured) bool

func IsMachineConfig 

func IsMachineConfig(obj *unstructured.Unstructured) bool

IsMachineConfig checks if the specified object is a MachineConfig object

func IsMcfgPoolUsingKC 

func IsMcfgPoolUsingKC(pool *mcfgv1.MachineConfigPool) (bool, string, error)

isMcfgPoolUsingKC check if a MachineConfig Pool is using a custom Kubelet Config if any custom Kublet Config used, return name of generated latest KC machine config from the custom kubelet config

func LengthName 

func LengthName(maxLen int, hashPrefix string, format string, a ...interface{}) (string, error)

LengthName creates a string of maximum defined length.

func McfgPoolLabelMatches 

func McfgPoolLabelMatches(nodeSelector map[string]string, pool *mcfgv1.MachineConfigPool) bool

McfgPoolLabelMatches verifies if the given nodeSelector matches the given MachineConfigPool's nodeSelector

func NewClientCert 

func NewClientCert(caCert, caKey []byte, certname string, expire int) ([]byte, []byte, error)

func NewServerCert 

func NewServerCert(caCert, caKey []byte, certname string, expire int) ([]byte, []byte, error)

func ParseContent 

func ParseContent(dsReader io.Reader) (*xmlquery.Node, error)

ParseContent parses the DataStream and returns the XML document

func ParseMachineConfig 

func ParseMachineConfig(rem *compv1alpha1.ComplianceRemediation, obj *unstructured.Unstructured) (*mcfgv1.MachineConfig, error)

ParseMachineConfig parses a Machineconfig object from an unstructured object for a specific remediation.

func ReadObjectsFromYAML 

func ReadObjectsFromYAML(r io.Reader) ([]*unstructured.Unstructured, error)

Reads a YAML file and returns an unstructured object from it. This object can be taken into use by the dynamic client

func RemoveDuplicate added in v1.1.0 

func RemoveDuplicate(input []string) []string

func RenderValues 

func RenderValues(in string, valuesList map[string]string) (string, []string, error)

func RuleHasApiObjectWarning 

func RuleHasApiObjectWarning(rule *xmlquery.Node) bool

func RuleHasHideTagWarning added in v0.1.60 

func RuleHasHideTagWarning(rule *xmlquery.Node) bool

func ValidatePriorityClassExist 

func ValidatePriorityClassExist(name string, client client.Client) (bool, string)

validate priority class exists by name

func XmlNodeAsMarkdown 

func XmlNodeAsMarkdown(node *xmlquery.Node) string

func XmlNodeAsMarkdownPreRender 

func XmlNodeAsMarkdownPreRender(node *xmlquery.Node, needsSpace bool) string

Types

type ComplianceComponent 

type ComplianceComponent uint

type CtlplaneSchedulingInfo 

type CtlplaneSchedulingInfo struct {
	Selector    map[string]string
	Tolerations []corev1.Toleration
}

type Directory 

type Directory struct {
	CreationTime time.Time
	Path         string
}

Directory is a holding struct used to sort directories by time

func NewDirectory 

func NewDirectory(path string, info os.FileInfo) Directory

type NodeByIdHashTable 

type NodeByIdHashTable map[string]*xmlquery.Node

func GetRuleOvalTest 

func GetRuleOvalTest(rule *xmlquery.Node, defTable NodeByIdHashTable) NodeByIdHashTable

func GetRuleProfile added in v1.4.0 

func GetRuleProfile(rule *xmlquery.Node, profileTable NodeByIdHashTable) NodeByIdHashTable

func NewDefHashTable 

func NewDefHashTable(dsDom *xmlquery.Node) NodeByIdHashTable

func NewOcilQuestionTable 

func NewOcilQuestionTable(dsDom *xmlquery.Node) NodeByIdHashTable

func NewProfileTable added in v1.4.0 

func NewProfileTable(dsDom *xmlquery.Node) NodeByIdHashTable

type ParseResult 

type ParseResult struct {
	Id           string
	CheckResult  *compv1alpha1.ComplianceCheckResult
	Remediations []*compv1alpha1.ComplianceRemediation
}

func ParseResultsFromContentAndXccdf 

func ParseResultsFromContentAndXccdf(scheme *runtime.Scheme, scanName string, namespace string,
	dsDom *xmlquery.Node, resultsReader io.Reader, manualRules []string) ([]*ParseResult, error)

type ParseResultContext 

type ParseResultContext struct {
	// contains filtered or unexported fields
}

ParseResultContext keeps track of items that are consistent across all "sources" in a ComplianceScan as well as items that are inconsistent

func NewParseResultContext 

func NewParseResultContext() *ParseResultContext

func (*ParseResultContext) AddResults 

func (prCtx *ParseResultContext) AddResults(source string, parsedResList []*ParseResult)

ParseResultContext.AddResults adds a batch of results coming from the parser and partitions them into either the consistent or the inconsistent list

func (*ParseResultContext) GetConsistentResults 

func (prCtx *ParseResultContext) GetConsistentResults() []*ParseResultContextItem

type ParseResultContextItem 

type ParseResultContextItem struct {
	ParseResult

	Annotations map[string]string
	Labels      map[string]string
	// contains filtered or unexported fields
}

ParseResultContextItem wraps ParseResult with some metadata that need to be added to the created k8s object based on the processing result as well as which nodes the result comes from and whether it's been processed during a single loop that processes a single CM yet or not. The sources are used to keep track of which nodes differ from the "canonical" state of the check

type ResourcePath 

type ResourcePath struct {
	ObjPath         string
	DumpPath        string
	Filter          string
	SuppressWarning bool
}

func GetPathFromWarningXML 

func GetPathFromWarningXML(in *xmlquery.Node, valuesList map[string]string) ([]ResourcePath, error)

getPathsFromRuleWarning finds the API endpoint from in. The expected structure is: 

<warning category="general" lang="en-US"><code class="ocp-api-endpoint">/apis/config.openshift.io/v1/oauths/cluster
</code></warning>

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.