collector

package
v1.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 4, 2024 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	NodePath                = "nodes.json"
	EndpointPath            = "endpointslices.discovery.k8s.io.json"
	ClusterRolesPath        = "clusterroles.rbac.authorization.k8s.io.json"
	ClusterRoleBindingsPath = "clusterrolebindings.rbac.authorization.k8s.io.json"
	PodPath                 = "pods.json"
	RolesPath               = "roles.rbac.authorization.k8s.io.json"
	RoleBindingsPath        = "rolebindings.rbac.authorization.k8s.io.json"
)

Expect a file structure of the following |____<namespace> | |____rolebindings.rbac.authorization.k8s.io.json | |____pods.json | |____endpointslices.discovery.k8s.io.json | |____roles.rbac.authorization.k8s.io.json |____<namespace> | |____rolebindings.rbac.authorization.k8s.io.json | |____pods.json | |____endpointslices.discovery.k8s.io.json | |____roles.rbac.authorization.k8s.io.json |____nodes.json |____clusterroles.rbac.authorization.k8s.io.json |____clusterrolebindings.rbac.authorization.k8s.io.json

View Source 
const (
	FileCollectorName = "local-file-collector"
)
View Source 
const (
	K8sAPICollectorName = "k8s-api-collector"
)

Variables

View Source 
var (
	CollectorUserAgent = fmt.Sprintf("KubeHound-Collector-v%s", config.BuildVersion)
)

Functions

func FakeClusterRole added in v1.3.1 

func FakeClusterRole(name string) *rbacv1.ClusterRole

func FakeClusterRoleBinding added in v1.3.1 

func FakeClusterRoleBinding(name string) *rbacv1.ClusterRoleBinding

func FakeEndpoint added in v1.3.1 

func FakeEndpoint(name string, namespace string, ports []int32) *discoveryv1.EndpointSlice

func FakeNode added in v1.3.1 

func FakeNode(name string, providerID string) *corev1.Node

func FakePod added in v1.3.1 

func FakePod(namespace string, name string, status string) *corev1.Pod

func FakePort added in v1.3.1 

func FakePort(name string, port int32) *discoveryv1.EndpointPort

func FakeRole added in v1.3.1 

func FakeRole(namespace string, name string) *rbacv1.Role

func FakeRoleBinding added in v1.3.1 

func FakeRoleBinding(namespace, name string) *rbacv1.RoleBinding

Types

type ClusterRoleBindingIngestor 

type ClusterRoleBindingIngestor interface {
	IngestClusterRoleBinding(context.Context, types.ClusterRoleBindingType) error
	Complete(context.Context) error
}

ClusterRoleBindingIngestor defines the interface to allow an ingestor to consume cluster role binding inputs from a collector.

type ClusterRoleIngestor 

type ClusterRoleIngestor interface {
	IngestClusterRole(context.Context, types.ClusterRoleType) error
	Complete(context.Context) error
}

ClusterRoleIngestor defines the interface to allow an ingestor to consume cluster role inputs from a collector.

type CollectorClient 

type CollectorClient interface {
	services.Dependency

	// ClusterInfo returns the target cluster information for the current run.
	ClusterInfo(ctx context.Context) (*config.ClusterInfo, error)

	// Tags return the tags for the current run.
	Tags(ctx context.Context) []string

	// StreamNodes will iterate through all NodeType objects collected by the collector and invoke the ingestor.IngestNode method on each.
	// Once all the NodeType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamNodes(ctx context.Context, ingestor NodeIngestor) error

	// StreamPods will iterate through all PodType objects collected by the collector and invoke the ingestor.IngestPod method on each.
	// Once all the PodType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamPods(ctx context.Context, ingestor PodIngestor) error

	// StreamRoles will iterate through all RoleType objects collected by the collector and invoke ingestor.IngestRole method on each.
	// Once all the RoleType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamRoles(ctx context.Context, ingestor RoleIngestor) error

	// StreamClusterRoles will iterate through all ClusterRoleType objects collected by the collector and invoke the ingestor.IngestRole method on each.
	// Once all the ClusterRoleType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamClusterRoles(ctx context.Context, ingestor ClusterRoleIngestor) error

	// StreamRoleBindings will iterate through all RoleBindingType objects collected by the collector and invoke the ingestor.IngestRoleBinding method on each.
	// Once all the RoleBindingType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamRoleBindings(ctx context.Context, ingestor RoleBindingIngestor) error

	// StreamClusterRoleBindings will iterate through all ClusterRoleBindingType objects collected by the collector and invoke the ingestor.ClusterRoleBinding method on each.
	// Once all the ClusterRoleBindingType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamClusterRoleBindings(ctx context.Context, ingestor ClusterRoleBindingIngestor) error

	// StreamEndpoints will iterate through all EndpointType objects collected by the collector and invoke the ingestor.IngestEndpoint method on each.
	// Once all the EndpointType objects have been exhausted the ingestor.Complete method will be invoked to signal the end of the stream.
	StreamEndpoints(ctx context.Context, ingestor EndpointIngestor) error

	// Close cleans up any resources used by the collector client implementation. Client cannot be reused after this call.
	Close(ctx context.Context) error
}

func ClientFactory 

func ClientFactory(ctx context.Context, cfg *config.KubehoundConfig) (CollectorClient, error)

ClientFactory creates an initialized instance of a collector client based on the provided application configuration.

func NewFileCollector 

func NewFileCollector(ctx context.Context, cfg *config.KubehoundConfig) (CollectorClient, error)

NewFileCollector creates a new instance of the file collector from the provided application config.

func NewK8sAPICollector 

func NewK8sAPICollector(ctx context.Context, cfg *config.KubehoundConfig) (CollectorClient, error)

NewK8sAPICollector creates a new instance of the k8s live API collector from the provided application config.

func NewTestK8sAPICollector added in v1.3.1 

func NewTestK8sAPICollector(ctx context.Context, clientset *fake.Clientset) CollectorClient

type EndpointIngestor 

type EndpointIngestor interface {
	IngestEndpoint(context.Context, types.EndpointType) error
	Complete(context.Context) error
}

EndpointIngestor defines the interface to allow an ingestor to consume endpoint slice inputs from a collector.

type FileCollector 

type FileCollector struct {
	// contains filtered or unexported fields
}

FileCollector implements a collector based on local K8s API json files generated outside the KubeHound application via e.g kubectl.

func (*FileCollector) Close 

func (c *FileCollector) Close(_ context.Context) error

func (*FileCollector) ClusterInfo added in v1.2.0 

func (c *FileCollector) ClusterInfo(ctx context.Context) (*config.ClusterInfo, error)

func (*FileCollector) HealthCheck 

func (c *FileCollector) HealthCheck(_ context.Context) (bool, error)

func (*FileCollector) Name 

func (c *FileCollector) Name() string

func (*FileCollector) StreamClusterRoleBindings 

func (c *FileCollector) StreamClusterRoleBindings(ctx context.Context, ingestor ClusterRoleBindingIngestor) error

func (*FileCollector) StreamClusterRoles 

func (c *FileCollector) StreamClusterRoles(ctx context.Context, ingestor ClusterRoleIngestor) error

func (*FileCollector) StreamEndpoints 

func (c *FileCollector) StreamEndpoints(ctx context.Context, ingestor EndpointIngestor) error

func (*FileCollector) StreamNodes 

func (c *FileCollector) StreamNodes(ctx context.Context, ingestor NodeIngestor) error

func (*FileCollector) StreamPods 

func (c *FileCollector) StreamPods(ctx context.Context, ingestor PodIngestor) error

func (*FileCollector) StreamRoleBindings 

func (c *FileCollector) StreamRoleBindings(ctx context.Context, ingestor RoleBindingIngestor) error

func (*FileCollector) StreamRoles 

func (c *FileCollector) StreamRoles(ctx context.Context, ingestor RoleIngestor) error

func (*FileCollector) Tags added in v1.3.1 

func (c *FileCollector) Tags(ctx context.Context) []string

TODO: remove this after all PR

type GenericIngestor added in v1.3.1 

type GenericIngestor interface {
	NodeIngestor
	PodIngestor
	RoleIngestor
	ClusterRoleIngestor
	RoleBindingIngestor
	ClusterRoleBindingIngestor
	EndpointIngestor
}

Generic interface to allow an ingestor to consume stream inputs from a collector.

type NodeIngestor 

type NodeIngestor interface {
	IngestNode(context.Context, types.NodeType) error
	Complete(context.Context) error
}

NodeIngestor defines the interface to allow an ingestor to consume node inputs from a collector.

type PodIngestor 

type PodIngestor interface {
	IngestPod(context.Context, types.PodType) error
	Complete(context.Context) error
}

PodIngestor defines the interface to allow an ingestor to consume pod inputs from a collector.

type RoleBindingIngestor 

type RoleBindingIngestor interface {
	IngestRoleBinding(context.Context, types.RoleBindingType) error
	Complete(context.Context) error
}

RoleBindingIngestor defines the interface to allow an ingestor to consume role binding inputs from a collector.

type RoleIngestor 

type RoleIngestor interface {
	IngestRole(context.Context, types.RoleType) error
	Complete(context.Context) error
}

RoleIngestor defines the interface to allow an ingestor to consume role inputs from a collector.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.