polaris

package

v0.5.0 Latest Latest Go to latest Published: Oct 7, 2020 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aquasecurity/starboard

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Check
type ClusterInfo
type ContainerResult
type Converter
- func NewConverter() Converter
type PodResult
type ReadWriter
type Reader
type Report
type Result
type Scanner
- func NewScanner(opts kube.ScannerOpts, clientset kubernetes.Interface) *Scanner
- func (s *Scanner) Scan(ctx context.Context, workload kube.Object, gvk schema.GroupVersionKind) (report starboard.ConfigAudit, owner meta.Object, err error)
type Writer

Constants ¶

This section is empty.

Variables ¶

View Source

var DefaultConverter = NewConverter()

Functions ¶

This section is empty.

Types ¶

type Check ¶

type Check struct {
	ID       string `json:"ID"`
	Message  string `json:"Message"`
	Success  bool   `json:"Success"`
	Severity string `json:"Severity"`
	Category string `json:"Category"`
}

type ClusterInfo ¶

type ClusterInfo struct {
	Version     string `json:"Version"`
	Nodes       int    `json:"Nodes"`
	Pods        int    `json:"Pods"`
	Namespaces  int    `json:"Namespaces"`
	Controllers int    `json:"Controllers"`
}

type ContainerResult ¶

type ContainerResult struct {
	Name    string           `json:"Name"`
	Results map[string]Check `json:"Results"`
}

type Converter ¶

type Converter interface {
	Convert(reader io.Reader) (sec.ConfigAudit, error)
}

func NewConverter ¶

func NewConverter() Converter

type PodResult ¶

type PodResult struct {
	Name             string            `json:"Name"`
	Results          map[string]Check  `json:"Results"`
	ContainerResults []ContainerResult `json:"ContainerResults"`
}

type ReadWriter ¶ added in v0.3.0

type ReadWriter interface {
	Writer
	Reader
}

type Reader ¶ added in v0.3.0

type Reader interface {
	Read(ctx context.Context, workload kube.Object) (starboard.ConfigAuditReport, error)
}

Reader is the interface that wraps basic methods for persistent reading of ConfigAudit reports.

Read will return a single ConfigAuditReport that match a specific workload

type Report ¶

type Report struct {
	PolarisOutputVersion string       `json:"PolarisOutputVersion"`
	SourceType           string       `json:"SourceType"`
	SourceName           string       `json:"SourceName"`
	DisplayName          string       `json:"DisplayName"`
	ClusterInfo          *ClusterInfo `json:"ClusterInfo"`
	Results              []Result     `json:"Results"`
}

type Result ¶

type Result struct {
	Name      string    `json:"Name"`
	Namespace string    `json:"Namespace"`
	Kind      string    `json:"Kind"`
	PodResult PodResult `json:"PodResult"`
}

type Scanner ¶

type Scanner struct {
	// contains filtered or unexported fields
}

func NewScanner ¶

func NewScanner(opts kube.ScannerOpts, clientset kubernetes.Interface) *Scanner

func (*Scanner) Scan ¶

func (s *Scanner) Scan(ctx context.Context, workload kube.Object, gvk schema.GroupVersionKind) (report starboard.ConfigAudit, owner meta.Object, err error)

type Writer ¶

type Writer interface {
	Write(ctx context.Context, report sec.ConfigAudit, owner metav1.Object) (err error)
}

Write is the interface that wraps basic methods for persisting ConfigAudit reports.

Write persists the given ConfigAudit report.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
crd

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL