Documentation ¶
Overview ¶
Package configauditreport provides primitives for working with Kubernetes workload configuration checkers.
Index ¶
- type ConfigAuditConfig
- type PluginInMemory
- type ReadWriter
- type Reader
- type ReportBuilder
- func (b *ReportBuilder) Controller(controller client.Object) *ReportBuilder
- func (b *ReportBuilder) Data(data v1alpha1.ConfigAuditReportData) *ReportBuilder
- func (b *ReportBuilder) GetClusterReport() (v1alpha1.ClusterConfigAuditReport, error)
- func (b *ReportBuilder) GetReport() (v1alpha1.ConfigAuditReport, error)
- func (b *ReportBuilder) PluginConfigHash(hash string) *ReportBuilder
- func (b *ReportBuilder) ReportTTL(ttl *time.Duration) *ReportBuilder
- func (b *ReportBuilder) ResourceLabelsToInclude(resourceLabelsToInclude []string) *ReportBuilder
- func (b *ReportBuilder) ResourceSpecHash(hash string) *ReportBuilder
- func (b *ReportBuilder) Write(ctx context.Context, writer Writer) error
- type Writer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ConfigAuditConfig ¶ added in v0.1.0
type ConfigAuditConfig interface { // GetUseBuiltinRegoPolicies return trivy config which associated to configauditreport plugin GetUseBuiltinRegoPolicies() bool // GetSupportedConfigAuditKinds list of supported kinds to be scanned by the config audit scanner GetSupportedConfigAuditKinds() []string // GetSeverity get security level GetSeverity() string }
ConfigAuditConfig defines the interface between trivy-operator and trivy configuration which related to configauditreport
type PluginInMemory ¶ added in v0.1.0
type PluginInMemory interface { // Init is a callback to initialize this plugin, e.g. ensure the default // configuration. Init(ctx trivyoperator.PluginContext) error NewConfigForConfigAudit(ctx trivyoperator.PluginContext) (ConfigAuditConfig, error) }
PluginInMemory defines the interface between trivy-operator and trivy configuration
type ReadWriter ¶
func NewReadWriter ¶
func NewReadWriter(ObjectResolver *kube.ObjectResolver) ReadWriter
NewReadWriter constructs a new ReadWriter which is using the client package provided by the controller-runtime libraries for interacting with the Kubernetes API server.
type Reader ¶
type Reader interface { // FindReportByOwner returns a v1alpha1.ConfigAuditReport owned by the given // kube.ObjectRef or nil if the report is not found. FindReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error) // FindClusterReportByOwner returns a v1alpha1.ClusterConfigAuditReport owned by the given // kube.ObjectRef or nil if the report is not found. FindClusterReportByOwner(ctx context.Context, owner kube.ObjectRef) (interface{}, error) }
Reader is the interface that wraps methods for finding v1alpha1.ConfigAuditReport and v1alpha1.ClusterConfigAuditReport objects.
type ReportBuilder ¶
type ReportBuilder struct {
// contains filtered or unexported fields
}
func NewReportBuilder ¶
func NewReportBuilder(scheme *runtime.Scheme) *ReportBuilder
func (*ReportBuilder) Controller ¶
func (b *ReportBuilder) Controller(controller client.Object) *ReportBuilder
func (*ReportBuilder) Data ¶
func (b *ReportBuilder) Data(data v1alpha1.ConfigAuditReportData) *ReportBuilder
func (*ReportBuilder) GetClusterReport ¶
func (b *ReportBuilder) GetClusterReport() (v1alpha1.ClusterConfigAuditReport, error)
func (*ReportBuilder) GetReport ¶
func (b *ReportBuilder) GetReport() (v1alpha1.ConfigAuditReport, error)
func (*ReportBuilder) PluginConfigHash ¶
func (b *ReportBuilder) PluginConfigHash(hash string) *ReportBuilder
func (*ReportBuilder) ReportTTL ¶ added in v0.5.0
func (b *ReportBuilder) ReportTTL(ttl *time.Duration) *ReportBuilder
func (*ReportBuilder) ResourceLabelsToInclude ¶ added in v0.5.0
func (b *ReportBuilder) ResourceLabelsToInclude(resourceLabelsToInclude []string) *ReportBuilder
func (*ReportBuilder) ResourceSpecHash ¶
func (b *ReportBuilder) ResourceSpecHash(hash string) *ReportBuilder
type Writer ¶
type Writer interface { // WriteReport creates or updates the given v1alpha1.ConfigAuditReport instance. WriteReport(ctx context.Context, report v1alpha1.ConfigAuditReport) error // WriteClusterReport creates or updates the given v1alpha1.ClusterConfigAuditReport instance. WriteClusterReport(ctx context.Context, report v1alpha1.ClusterConfigAuditReport) error }
Writer is the interface for saving v1alpha1.ClusterConfigAuditReport and v1alpha1.ConfigAuditReport instances.