Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Options ¶
type Options struct { // Namespace the namespace to run the scan Job in. Namespace string // ServiceAccountName the name of the Service Account to run the Pod controlled by the scan Job. ServiceAccountName string // ImageCredentials maps container images to Docker authentications credentials in case the images are pulled from private registries. ImageCredentials map[string]docker.Auth // ScanJobTimeout scan job timeout. ScanJobTimeout time.Duration }
Options are arguments passed to VulnerabilityScanner.NewScanJob constructor.
type VulnerabilityScanner ¶
type VulnerabilityScanner interface { NewScanJob(workload kube.Object, spec corev1.PodSpec, options Options) (*batchv1.Job, *corev1.Secret, error) ParseVulnerabilityReport(imageRef string, logsReader io.ReadCloser) (v1alpha1.VulnerabilityReport, error) }
VulnerabilityScanner defines vulnerability scanner interface.
NewScanJob constructs a new Job descriptor, which can be sent to Kubernetes API and scheduled to scan the specified Kubernetes workload with the given Pod descriptor and Options.
Click to show internal directories.
Click to hide internal directories.