cautils

package
v1.0.165 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2022 License: Apache-2.0 Imports: 28 Imported by: 1

Documentation

Index

Constants

View Source
const (
	ScanCluster    string = "cluster"
	ScanLocalFiles string = "yaml"
)
View Source
const SKIP_VERSION_CHECK = "KUBESCAPE_SKIP_UPDATE_CHECK"
View Source
const UnknownBuildNumber = "unknown"
View Source
const ValueNotFound = -1

Variables

View Source
var (
	CustomerGUID          = ""
	ClusterName           = ""
	EventReceiverURL      = ""
	NotificationServerURL = ""
	DashboardBackendURL   = ""
	RestAPIPort           = "4001"
)

CA environment vars

View Source
var BuildNumber string
View Source
var DescriptionDisplay = color.New(color.Faint, color.FgWhite).FprintfFunc()
View Source
var FailureDisplay = color.New(color.Bold, color.FgHiRed).FprintfFunc()
View Source
var FailureTextDisplay = color.New(color.Faint, color.FgHiRed).FprintfFunc()
View Source
var InfoDisplay = color.New(color.Bold, color.FgHiYellow).FprintfFunc()
View Source
var InfoTextDisplay = color.New(color.Bold, color.FgHiYellow).FprintfFunc()
View Source
var SimpleDisplay = color.New().FprintfFunc()
View Source
var Spinner *spinner.Spinner
View Source
var SuccessDisplay = color.New(color.Bold, color.FgHiGreen).FprintfFunc()
View Source
var WarningDisplay = color.New(color.Bold, color.FgCyan).FprintfFunc()

Functions

func AdoptClusterName added in v1.0.136

func AdoptClusterName(clusterName string) string

func ConfigFileFullPath added in v1.0.65

func ConfigFileFullPath() string

func ConvertLabelsToString

func ConvertLabelsToString(labels map[string]string) string

func ConvertStringToLabels

func ConvertStringToLabels(labelsStr string) map[string]string

ConvertStringToLabels convert a string "a=b;c=d" to map: {"a":"b", "c":"d"}

func DeleteConfigFile added in v1.0.65

func DeleteConfigFile() error

func ErrorDisplay

func ErrorDisplay(str string)

func GetValueFromConfigJson added in v1.0.47

func GetValueFromConfigJson(key string) (string, error)

func IsSilent

func IsSilent() bool

func PrettyJson added in v1.0.37

func PrettyJson(data interface{}) ([]byte, error)

func ProgressTextDisplay

func ProgressTextDisplay(str string)

func ReportV2ToV1 added in v1.0.155

func ReportV2ToV1(opaSessionObj *OPASessionObj)

func ScanStartDisplay

func ScanStartDisplay()

func SetKeyValueInConfigJson added in v1.0.47

func SetKeyValueInConfigJson(key string, value string) error

func SetSilentMode

func SetSilentMode(s bool)

func StartSpinner

func StartSpinner()

func StopSpinner

func StopSpinner()

func StringInSlice

func StringInSlice(strSlice []string, str string) int

func SuccessTextDisplay

func SuccessTextDisplay(str string)

Types

type BoolPtrFlag added in v1.0.133

type BoolPtrFlag struct {
	// contains filtered or unexported fields
}

func (*BoolPtrFlag) Get added in v1.0.133

func (bpf *BoolPtrFlag) Get() *bool

func (*BoolPtrFlag) Set added in v1.0.133

func (bpf *BoolPtrFlag) Set(val string) error

func (*BoolPtrFlag) SetBool added in v1.0.133

func (bpf *BoolPtrFlag) SetBool(val bool)

func (*BoolPtrFlag) String added in v1.0.133

func (bpf *BoolPtrFlag) String() string

func (*BoolPtrFlag) Type added in v1.0.133

func (bpf *BoolPtrFlag) Type() string

type ClusterConfig added in v1.0.42

type ClusterConfig struct {
	// contains filtered or unexported fields
}

ClusterConfig configuration of specific cluster

Supported environments variables: KS_DEFAULT_CONFIGMAP_NAME // name of configmap, if not set default is 'kubescape' KS_DEFAULT_CONFIGMAP_NAMESPACE // configmap namespace, if not set default is 'default'

TODO - supprot: KS_ACCOUNT // Account ID KS_CACHE // path to cached files

func NewClusterConfig added in v1.0.42

func NewClusterConfig(k8s *k8sinterface.KubernetesApi, backendAPI getter.IBackend, customerGUID, clusterName string) *ClusterConfig

func (*ClusterConfig) DeleteConfig added in v1.0.133

func (clusterConfig *ClusterConfig) DeleteConfig() error

func (*ClusterConfig) DeleteConfigMap added in v1.0.137

func (clusterConfig *ClusterConfig) DeleteConfigMap() error

func (*ClusterConfig) GetClusterName added in v1.0.84

func (c *ClusterConfig) GetClusterName() string

func (*ClusterConfig) GetConfigObj added in v1.0.65

func (c *ClusterConfig) GetConfigObj() *ConfigObj

func (*ClusterConfig) GetCustomerGUID added in v1.0.42

func (c *ClusterConfig) GetCustomerGUID() string

func (*ClusterConfig) GetDefaultNS added in v1.0.65

func (c *ClusterConfig) GetDefaultNS() string

func (*ClusterConfig) GetValueByKeyFromConfigMap added in v1.0.47

func (c *ClusterConfig) GetValueByKeyFromConfigMap(key string) (string, error)

func (*ClusterConfig) IsConfigFound added in v1.0.133

func (c *ClusterConfig) IsConfigFound() bool

func (*ClusterConfig) IsRegistered added in v1.0.133

func (clusterConfig *ClusterConfig) IsRegistered() bool

Check if the customer is registered

func (*ClusterConfig) IsSubmitted added in v1.0.133

func (clusterConfig *ClusterConfig) IsSubmitted() bool

Check if the customer is submitted

func (*ClusterConfig) SetCustomerGUID added in v1.0.42

func (c *ClusterConfig) SetCustomerGUID(customerGUID string)

func (*ClusterConfig) SetKeyValueInConfigmap added in v1.0.47

func (c *ClusterConfig) SetKeyValueInConfigmap(key string, value string) error

func (*ClusterConfig) SetTenant added in v1.0.133

func (c *ClusterConfig) SetTenant() error

func (*ClusterConfig) ToMapString added in v1.0.42

func (c *ClusterConfig) ToMapString() map[string]interface{}

type ComponentConfig

type ComponentConfig struct {
	Exceptions Exception `json:"exceptions"`
}

type ConfigObj added in v1.0.42

type ConfigObj struct {
	CustomerGUID       string `json:"customerGUID"`
	Token              string `json:"invitationParam"`
	CustomerAdminEMail string `json:"adminMail"`
	ClusterName        string `json:"clusterName"`
}

func (*ConfigObj) Config added in v1.0.84

func (co *ConfigObj) Config() []byte

Config - convert ConfigObj to config file

func (*ConfigObj) Json added in v1.0.42

func (co *ConfigObj) Json() []byte

type DownloadInfo added in v1.0.35

type DownloadInfo struct {
	Path     string // directory to save artifact. Default is "~/.kubescape/"
	FileName string // can be empty
	Target   string // type of artifact to download
	Name     string // name of artifact to download
	Account  string // customerGUID
}

type Exception

type Exception struct {
	Ignore        *bool                      `json:"ignore"`        // ignore test results
	MultipleScore *reporthandling.AlertScore `json:"multipleScore"` // MultipleScore number - float32
	Namespaces    []string                   `json:"namespaces"`
	Regex         string                     `json:"regex"` // not supported
}

type Getters added in v1.0.36

type Getters struct {
	ExceptionsGetter     getter.IExceptionsGetter
	ControlsInputsGetter getter.IControlsInputsGetter
	PolicyGetter         getter.IPolicyGetter
}

type ITenantConfig added in v1.0.133

type ITenantConfig interface {
	// set
	SetTenant() error

	// getters
	GetClusterName() string
	GetCustomerGUID() string
	GetConfigObj() *ConfigObj

	IsConfigFound() bool
}

====================================================================================== =============================== interface ============================================ ======================================================================================

type IVersionCheckHandler added in v1.0.131

type IVersionCheckHandler interface {
	CheckLatestVersion(*VersionCheckRequest) error
}

func NewIVersionCheckHandler added in v1.0.131

func NewIVersionCheckHandler() IVersionCheckHandler

type K8SResources

type K8SResources map[string][]string

K8SResources map[<api group>/<api version>/<resource>][]<resourceID>

type ListPolicies added in v1.0.153

type ListPolicies struct {
	Target  string
	ListIDs bool
	Account string
}

type LocalConfig added in v1.0.133

type LocalConfig struct {
	// contains filtered or unexported fields
}

====================================================================================== ============================ Local Config ============================================ ====================================================================================== Config when scanning YAML files or URL but not a Kubernetes cluster

func NewLocalConfig added in v1.0.133

func NewLocalConfig(backendAPI getter.IBackend, customerGUID, clusterName string) *LocalConfig

func (*LocalConfig) GetClusterName added in v1.0.133

func (lc *LocalConfig) GetClusterName() string

func (*LocalConfig) GetConfigObj added in v1.0.133

func (lc *LocalConfig) GetConfigObj() *ConfigObj

func (*LocalConfig) GetCustomerGUID added in v1.0.133

func (lc *LocalConfig) GetCustomerGUID() string

func (*LocalConfig) IsConfigFound added in v1.0.133

func (lc *LocalConfig) IsConfigFound() bool

func (*LocalConfig) SetCustomerGUID added in v1.0.150

func (lc *LocalConfig) SetCustomerGUID(customerGUID string)

func (*LocalConfig) SetTenant added in v1.0.133

func (lc *LocalConfig) SetTenant() error

type OPASessionObj

type OPASessionObj struct {
	K8SResources    *K8SResources                          // input k8s objects
	Frameworks      []reporthandling.Framework             // list of frameworks to scan
	AllResources    map[string]workloadinterface.IMetadata // all scanned resources, map[<rtesource ID>]<resource>
	ResourcesResult map[string]resourcesresults.Result     // resources scan results, map[<rtesource ID>]<resource result>
	PostureReport   *reporthandling.PostureReport          // scan results v1
	Report          *reporthandlingv2.PostureReport        // scan results v2
	Exceptions      []armotypes.PostureExceptionPolicy     // list of exceptions to apply on scan results
	RegoInputData   RegoInputData                          // input passed to rgo for scanning. map[<control name>][<input arguments>]
}

func NewOPASessionObj

func NewOPASessionObj(frameworks []reporthandling.Framework, k8sResources *K8SResources) *OPASessionObj

func NewOPASessionObjMock

func NewOPASessionObjMock() *OPASessionObj

type Policies added in v1.0.148

type Policies struct {
	Frameworks []string
	Controls   map[string]reporthandling.Control // map[<control ID>]<control>
}

func NewPolicies added in v1.0.148

func NewPolicies() *Policies

func (*Policies) Set added in v1.0.148

func (policies *Policies) Set(frameworks []reporthandling.Framework, version string)

type RBACObjects added in v1.0.133

type RBACObjects struct {
	// contains filtered or unexported fields
}

func NewRBACObjects added in v1.0.133

func NewRBACObjects(scanner *rbacscanner.RbacScannerFromK8sAPI) *RBACObjects

func (*RBACObjects) ListAllResources added in v1.0.133

func (rbacObjects *RBACObjects) ListAllResources() (map[string]workloadinterface.IMetadata, error)

func (*RBACObjects) SetResourcesReport added in v1.0.133

func (rbacObjects *RBACObjects) SetResourcesReport() (*reporthandling.PostureReport, error)

type RegoInputData added in v1.0.101

type RegoInputData struct {
	PostureControlInputs map[string][]string `json:"postureControlInputs"`
}

type ScanInfo added in v1.0.35

type ScanInfo struct {
	Getters
	PolicyIdentifier   []reporthandling.PolicyIdentifier
	UseExceptions      string      // Load file with exceptions configuration
	ControlsInputs     string      // Load file with inputs for controls
	UseFrom            []string    // Load framework from local file (instead of download). Use when running offline
	UseDefault         bool        // Load framework from cached file (instead of download). Use when running offline
	VerboseMode        bool        // Display all of the input resources and not only failed resources
	Format             string      // Format results (table, json, junit ...)
	Output             string      // Store results in an output file, Output file name
	ExcludedNamespaces string      // used for host sensor namespace
	IncludeNamespaces  string      // DEPRECATED?
	InputPatterns      []string    // Yaml files input patterns
	Silent             bool        // Silent mode - Do not print progress logs
	FailThreshold      uint16      // Failure score threshold
	Submit             bool        // Submit results to Armo BE
	HostSensor         BoolPtrFlag // Deploy ARMO K8s host sensor to collect data from certain controls
	Local              bool        // Do not submit results
	Account            string      // account ID
	KubeContext        string      // context name
	FrameworkScan      bool        // false if scanning control
	ScanAll            bool        // true if scan all frameworks
}

func (*ScanInfo) GetScanningEnvironment added in v1.0.133

func (scanInfo *ScanInfo) GetScanningEnvironment() string

func (*ScanInfo) Init added in v1.0.35

func (scanInfo *ScanInfo) Init()

func (*ScanInfo) SetPolicyIdentifiers added in v1.0.132

func (scanInfo *ScanInfo) SetPolicyIdentifiers(policies []string, kind reporthandling.NotificationPolicyKind)

type VersionCheckHandler added in v1.0.131

type VersionCheckHandler struct {
	// contains filtered or unexported fields
}

func NewVersionCheckHandler added in v1.0.131

func NewVersionCheckHandler() *VersionCheckHandler

func (*VersionCheckHandler) CheckLatestVersion added in v1.0.131

func (v *VersionCheckHandler) CheckLatestVersion(versionData *VersionCheckRequest) error

type VersionCheckHandlerMock added in v1.0.131

type VersionCheckHandlerMock struct {
}

func NewVersionCheckHandlerMock added in v1.0.131

func NewVersionCheckHandlerMock() *VersionCheckHandlerMock

func (*VersionCheckHandlerMock) CheckLatestVersion added in v1.0.131

func (v *VersionCheckHandlerMock) CheckLatestVersion(versionData *VersionCheckRequest) error

type VersionCheckRequest added in v1.0.131

type VersionCheckRequest struct {
	Client           string `json:"client"`           // kubescape
	ClientVersion    string `json:"clientVersion"`    // kubescape version
	Framework        string `json:"framework"`        // framework name
	FrameworkVersion string `json:"frameworkVersion"` // framework version
	ScanningTarget   string `json:"target"`           // scanning target- cluster/yaml
}

func NewVersionCheckRequest added in v1.0.131

func NewVersionCheckRequest(buildNumber, frameworkName, frameworkVersion, scanningTarget string) *VersionCheckRequest

type VersionCheckResponse added in v1.0.131

type VersionCheckResponse struct {
	Client          string `json:"client"`          // kubescape
	ClientUpdate    string `json:"clientUpdate"`    // kubescape latest version
	Framework       string `json:"framework"`       // framework name
	FrameworkUpdate string `json:"frameworkUpdate"` // framework latest version
	Message         string `json:"message"`         // alert message
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL