cautils

package
v1.0.76 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 12, 2021 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ArmoPrefix          string = "armo"
	ArmoAttach          string = ArmoPrefix + ".attach"
	ArmoInitialSecret   string = ArmoPrefix + ".initial"
	ArmoSecretStatus    string = ArmoPrefix + ".secret"
	ArmoCompatibleLabel string = ArmoPrefix + ".compatible"

	ArmoSecretProtectStatus string = "protect"
	ArmoSecretClearStatus   string = "clear"
)

labels added to the workload

View Source 
const (
	ArmoUpdate               string = ArmoPrefix + ".last-update"
	ArmoWlid                 string = ArmoPrefix + ".wlid"
	ArmoSid                  string = ArmoPrefix + ".sid"
	ArmoJobID                string = ArmoPrefix + ".job"
	ArmoJobIDPath            string = ArmoJobID + "/id"
	ArmoJobParentPath        string = ArmoJobID + "/parent"
	ArmoJobActionPath        string = ArmoJobID + "/action"
	ArmoCompatibleAnnotation string = ArmoAttach + "/compatible"
	ArmoReplaceheaders       string = ArmoAttach + "/replaceheaders"
)

annotations added to the workload

View Source 
const (
	CAAttachLabel string = "cyberarmor"
	Patched       string = "Patched"
	Done          string = "Done"
	Encrypted     string = "Protected"

	CAInjectOld = "injectCyberArmor"

	CAPrefix          string = "cyberarmor"
	CAProtectedSecret string = CAPrefix + ".secret"
	CAInitialSecret   string = CAPrefix + ".initial"
	CAInject          string = CAPrefix + ".inject"
	CAIgnore          string = CAPrefix + ".ignore"
	CAReplaceHeaders  string = CAPrefix + ".removeSecurityHeaders"
)
View Source 
const (
	CAUpdate string = CAPrefix + ".last-update"
	CAStatus string = CAPrefix + ".status"
	CAWlid   string = CAPrefix + ".wlid"
)
View Source 
const (
	PackagePath = "vendor/github.com/armosec/capacketsgo"
)

wlid/ sid utils

View Source 
const (
	SpiffePrefix = "://"
)

wlid/ sid utils

Variables

View Source 
var (
	WlidPrefix           = "wlid://"
	SidPrefix            = "sid://"
	ClusterWlidPrefix    = "cluster-"
	NamespaceWlidPrefix  = "namespace-"
	DataCenterWlidPrefix = "datacenter-"
	ProjectWlidPrefix    = "project-"
	SecretSIDPrefix      = "secret-"
	SubSecretSIDPrefix   = "subsecret-"
	K8SKindsList         = []string{"ComponentStatus", "ConfigMap", "ControllerRevision", "CronJob",
		"CustomResourceDefinition", "DaemonSet", "Deployment", "Endpoints", "Event", "HorizontalPodAutoscaler",
		"Ingress", "Job", "Lease", "LimitRange", "LocalSubjectAccessReview", "MutatingWebhookConfiguration",
		"Namespace", "NetworkPolicy", "Node", "PersistentVolume", "PersistentVolumeClaim", "Pod",
		"PodDisruptionBudget", "PodSecurityPolicy", "PodTemplate", "PriorityClass", "ReplicaSet",
		"ReplicationController", "ResourceQuota", "Role", "RoleBinding", "Secret", "SelfSubjectAccessReview",
		"SelfSubjectRulesReview", "Service", "ServiceAccount", "StatefulSet", "StorageClass",
		"SubjectAccessReview", "TokenReview", "ValidatingWebhookConfiguration", "VolumeAttachment"}
	NativeKindsList = []string{"Dockerized", "Native"}
	KindReverseMap  = map[string]string{}
)

API fields

View Source 
var KubeNamespaces = []string{metav1.NamespaceSystem, metav1.NamespacePublic}
View Source 
var NamespacesListToIgnore = make([]string, 0)

Functions

func AsSHA256 

func AsSHA256(v interface{}) string

AsSHA256 takes anything turns it into string :) https://blog.8bitzen.com/posts/22-08-2019-how-to-hash-a-struct-in-go

func BoolPointer 

func BoolPointer(b bool) *bool

func BoolPointerToString 

func BoolPointerToString(b *bool) string

func BoolToString 

func BoolToString(b bool) string

func GenarateConfigMapName 

func GenarateConfigMapName(wlid string) string

func GetClusterFromWlid 

func GetClusterFromWlid(wlid string) string

GetClusterFromWlid parse wlid and get cluster

func GetK8SKindFronList 

func GetK8SKindFronList(kind string) string

GetK8SKindFronList get the calculated wlid

func GetK8sWLID 

func GetK8sWLID(level0, level1, k, name string) string

GetK8sWLID get the k8s calculated wlid

func GetKindFromWlid 

func GetKindFromWlid(wlid string) string

GetKindFromWlid parse wlid and get kind

func GetNameFromWlid 

func GetNameFromWlid(wlid string) string

GetNameFromWlid parse wlid and get name

func GetNamespaceFromWlid 

func GetNamespaceFromWlid(wlid string) string

GetNamespaceFromWlid parse wlid and get Namespace

func GetNativeWLID 

func GetNativeWLID(level0, level1, k, name string) string

GetNativeWLID get the native calculated wlid

func GetWLID 

func GetWLID(level0, level1, k, name string) string

GetWLID get the calculated wlid

func IfIgnoreNamespace 

func IfIgnoreNamespace(ns string) bool

func IfKubeNamespace 

func IfKubeNamespace(ns string) bool

func InitNamespacesListToIgnore 

func InitNamespacesListToIgnore(caNamespace string)

NamespacesListToIgnore namespaces to ignore if a pod

func IsAttached 

func IsAttached(labels map[string]string) *bool

func IsK8SKindInList 

func IsK8SKindInList(kind string) bool

IsK8SKindInList Check if the kind is a known kind

func IsSecretProtected 

func IsSecretProtected(labels map[string]string) *bool

func IsSid 

func IsSid(id string) bool

func IsWlid 

func IsWlid(id string) bool

func IsWlidValid 

func IsWlidValid(wlid string) error

IsWlidValid test if wlid is a valid wlid

func RestoreMicroserviceIDs 

func RestoreMicroserviceIDs(spiffe string) []string

RestoreMicroserviceIDsFromSpiffe -

func RestoreMicroserviceIDsFromSpiffe 

func RestoreMicroserviceIDsFromSpiffe(spiffe string) ([]string, error)

RestoreMicroserviceIDsFromSpiffe -

func SetEnv 

func SetEnv(key, value string)

func StringHasWhitespace 

func StringHasWhitespace(str string) bool

StringHasWhitespace check if a string has whitespace

func StringToBool 

func StringToBool(s string) bool

func StringToBoolPointer 

func StringToBoolPointer(s string) *bool

func WildWlidContainsWlid 

func WildWlidContainsWlid(wildWlid, wlid string) bool

WildWlidContainsWlid does WildWlid contains Wlid

Types

type ClusterConfig 

type ClusterConfig struct {
	EventReceiverREST       string `json:"eventReceiverREST"`
	EventReceiverWS         string `json:"eventReceiverWS"`
	MaserNotificationServer string `json:"maserNotificationServer"`
	Postman                 string `json:"postman"`
	Dashboard               string `json:"dashboard"`
	Portal                  string `json:"portal"`
	CustomerGUID            string `json:"customerGUID"`
	ClusterGUID             string `json:"clusterGUID"`
	ClusterName             string `json:"clusterName"`
	OciImageURL             string `json:"ociImageURL"`
	NotificationWSURL       string `json:"notificationWSURL"`
	NotificationRestURL     string `json:"notificationRestURL"`
	VulnScanURL             string `json:"vulnScanURL"`
	OracleURL               string `json:"oracleURL"`
	ClairURL                string `json:"clairURL"`
}

func LoadConfig 

func LoadConfig(configPath string, loadToEnv bool) (*ClusterConfig, error)

func (*ClusterConfig) LoadConfigToEnv 

func (clusterConfig *ClusterConfig) LoadConfigToEnv()

type ImageInfo 

type ImageInfo struct {
	Registry     string `json:"registry"`
	VersionImage string `json:"versionImage"`
}

func ImageTagToImageInfo 

func ImageTagToImageInfo(imageTag string) (*ImageInfo, error)

type SpiffeBasicInfo 

type SpiffeBasicInfo struct {
	//cluster/datacenter
	Level0     string `json:"level0"`
	Level0Type string `json:"level0Type"`

	//namespace/project
	Level1     string `json:"level0"`
	Level1Type string `json:"level0Type"`

	Kind string `json:"kind"`
	Name string `json:"name"`
}

represents workload basic info

func SpiffeToSpiffeInfo 

func SpiffeToSpiffeInfo(spiffe string) (*SpiffeBasicInfo, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.