configauditreport

package

v0.9.0-rc1 Latest Latest Go to latest Published: Jan 26, 2021 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aquasecurity/starboard

Documentation ¶

Overview ¶

This package provides primitives for working with Kubernetes workload configuration checkers.

Index ¶

type Builder
- func NewBuilder(scheme *runtime.Scheme) Builder
type Plugin
type ReadWriter
- func NewControllerRuntimeReadWriter(client client.Client) ReadWriter
- func NewReadWriter(clientset versioned.Interface) ReadWriter
type Reader
type Scanner
- func NewScanner(scheme *runtime.Scheme, clientset kubernetes.Interface, opts kube.ScannerOpts, ...) *Scanner
- func (s *Scanner) Scan(ctx context.Context, workload kube.Object, gvk schema.GroupVersionKind) (v1alpha1.ConfigAuditReport, error)
type Writer

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Builder ¶

type Builder interface {
	Owner(owner metav1.Object) Builder
	PodSpecHash(hash string) Builder
	Result(result v1alpha1.ConfigAuditResult) Builder
	Get() (v1alpha1.ConfigAuditReport, error)
}

func NewBuilder ¶

func NewBuilder(scheme *runtime.Scheme) Builder

type Plugin ¶ added in v0.9.0

type Plugin interface {
	GetScanJobSpec(workload kube.Object, gvk schema.GroupVersionKind) (corev1.PodSpec, error)

	GetContainerName() string

	ParseConfigAuditResult(logsReader io.ReadCloser) (v1alpha1.ConfigAuditResult, error)
}

Plugin defines the interface between Starboard and Kubernetes workload configuration checkers / linters / sanitizers. Not a final version, rather first step to separate generic workloads discovery code and Polaris implementation details.

type ReadWriter ¶

type ReadWriter interface {
	Writer
	Reader
}

func NewControllerRuntimeReadWriter ¶ added in v0.9.0

func NewControllerRuntimeReadWriter(client client.Client) ReadWriter

NewControllerRuntimeReadWriter constructs a new ReadWriter which is using the client package provided by the controller-runtime libraries for interacting with the Kubernetes API server.

func NewReadWriter ¶

func NewReadWriter(clientset versioned.Interface) ReadWriter

NewReadWriter constructs a new ReadWriter which is using the client-go module for interacting with the Kubernetes API server.

type Reader ¶

type Reader interface {
	FindByOwner(ctx context.Context, owner kube.Object) (*v1alpha1.ConfigAuditReport, error)
}

Reader is the interface that wraps basic FindByOwner method.

FindByOwner returns a v1alpha1.ConfigAuditReport owned by the given kube.Object or nil if the report is not found.

type Scanner ¶ added in v0.9.0

type Scanner struct {
	ext.IDGenerator
	// contains filtered or unexported fields
}

func NewScanner ¶ added in v0.9.0

func NewScanner(
	scheme *runtime.Scheme,
	clientset kubernetes.Interface,
	opts kube.ScannerOpts,
	plugin Plugin,
) *Scanner

func (*Scanner) Scan ¶ added in v0.9.0

func (s *Scanner) Scan(ctx context.Context, workload kube.Object, gvk schema.GroupVersionKind) (v1alpha1.ConfigAuditReport, error)

type Writer ¶

type Writer interface {
	Write(ctx context.Context, report v1alpha1.ConfigAuditReport) error
}

Writer is the interface that wraps the basic Write method.

Write creates or updates the given v1alpha1.ConfigAuditReport instance.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL