policy

package
v0.19.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 20, 2024 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source
const (
	PoliciesNotFoundError = "failed to load rego policies from [externalPolicies]: stat externalPolicies: file does not exist"
)

Variables

This section is empty.

Functions

func LoadPoliciesData added in v0.19.0

func LoadPoliciesData(policyPath []string) ([]string, error)

Types

type Loader added in v0.19.0

type Loader interface {
	GetPolicies() ([]string, error)
}

func NewPolicyLoader added in v0.19.0

func NewPolicyLoader(pr string, cache gcache.Cache, opts ...mp.Option) Loader

type Policies

type Policies struct {
	// contains filtered or unexported fields
}

func NewPolicies

func NewPolicies(data map[string]string, cac configauditreport.ConfigAuditConfig, log logr.Logger, pl Loader, serverVersion string) *Policies

func (*Policies) Applicable

func (p *Policies) Applicable(resourceKind string) (bool, string, error)

Applicable check if policies exist either built in or via policies configmap

func (*Policies) Eval

func (p *Policies) Eval(ctx context.Context, resource client.Object, inputs ...[]byte) (scan.Results, error)

Eval evaluates Rego policies with Kubernetes resource client.Object as input.

func (*Policies) ExternalPoliciesApplicable added in v0.11.0

func (p *Policies) ExternalPoliciesApplicable(resourceKind string) (bool, error)

func (*Policies) GetResultID added in v0.2.0

func (r *Policies) GetResultID(result scan.Result) string

GetResultID return the result id found in aliases (legacy) otherwise use AvdID

func (*Policies) HasSeverity added in v0.12.0

func (r *Policies) HasSeverity(resultSeverity severity.Severity) bool

func (*Policies) Hash

func (p *Policies) Hash(kind string) (string, error)

func (*Policies) Libraries

func (p *Policies) Libraries() map[string]string

func (*Policies) ModulesByKind

func (p *Policies) ModulesByKind(kind string) (map[string]string, error)

func (*Policies) PoliciesByKind

func (p *Policies) PoliciesByKind(kind string) (map[string]string, error)

func (*Policies) SupportedKind added in v0.1.4

func (p *Policies) SupportedKind(resource client.Object, rbacDEnable bool) (bool, error)

SupportedKind scan policies supported for this kind

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL