controller

package
v0.18.0-rc Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 26, 2023 License: Apache-2.0 Imports: 36 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Policies added in v0.11.0 

func Policies(ctx context.Context, config etc.Config, c client.Client, cac configauditreport.ConfigAuditConfig, log logr.Logger, clusterVersion ...string) (*policy.Policies, error)

Types

type Misconfiguration added in v0.7.0 

type Misconfiguration struct {
	// contains filtered or unexported fields
}

type NodeCollectorJobController added in v0.11.0 

type NodeCollectorJobController struct {
	logr.Logger
	etc.Config
	kube.ObjectResolver
	kube.LogsReader
	trivyoperator.ConfigData
	trivyoperator.PluginContext
	configauditreport.PluginInMemory
	InfraReadWriter infraassessment.ReadWriter
	trivyoperator.BuildInfo
}

NodeCollectorJobController watches Kubernetes jobs generates v1alpha1.ClusterInfraAssessmentReport instances using infra assessment scanner

func (*NodeCollectorJobController) SetupWithManager added in v0.11.0 

func (r *NodeCollectorJobController) SetupWithManager(mgr ctrl.Manager) error

type NodeReconciler added in v0.11.0 

type NodeReconciler struct {
	logr.Logger
	etc.Config
	trivyoperator.ConfigData
	kube.ObjectResolver
	trivyoperator.PluginContext
	configauditreport.PluginInMemory
	jobs.LimitChecker
	InfraReadWriter  infraassessment.ReadWriter
	CacheSyncTimeout time.Duration
	trivyoperator.BuildInfo
}
NodeReconciler reconciles corev1.Node and corev1.Job objects

to collect cluster nodes information (fileSystem permission and process arguments) the node information will be evaluated by the complaince control checks per relevant reports, examples: cis-benchmark and nsa

func (*NodeReconciler) SetupWithManager added in v0.11.0 

func (r *NodeReconciler) SetupWithManager(mgr ctrl.Manager) error

type PolicyConfigController added in v0.8.0 

type PolicyConfigController struct {
	logr.Logger
	etc.Config
	kube.ObjectResolver
	trivyoperator.PluginContext
	configauditreport.PluginInMemory
	ClusterVersion string
}

PolicyConfigController watches changes on policies config map and generates v1alpha1.ConfigAuditReport instances based on OPA Rego policies as fast as possible.

func (*PolicyConfigController) SetupWithManager added in v0.8.0 

func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error

type ResourceController 

type ResourceController struct {
	logr.Logger
	etc.Config
	trivyoperator.ConfigData
	kube.ObjectResolver
	trivyoperator.PluginContext
	configauditreport.PluginInMemory
	configauditreport.ReadWriter
	RbacReadWriter  rbacassessment.ReadWriter
	InfraReadWriter infraassessment.ReadWriter
	trivyoperator.BuildInfo
	ClusterVersion   string
	CacheSyncTimeout time.Duration
}

ResourceController watches all Kubernetes kinds and generates v1alpha1.ConfigAuditReport instances based on OPA Rego policies as fast as possible.

func (*ResourceController) SetupWithManager 

func (r *ResourceController) SetupWithManager(mgr ctrl.Manager) error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.