Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CloudScan ¶
type CloudScan struct { Enabled bool `envconfig:"CLOUD_SCAN_ENABLED" yaml:"enabled"` ScanInterval time.Duration `envconfig:"CLOUD_SCAN_SCAN_INTERVAL" yaml:"scanInterval"` GKE *CloudScanGKE `envconfig:"CLOUD_SCAN_GKE" yaml:"gke"` EKS *CloudScanEKS `envconfig:"CLOUD_SCAN_EKS" yaml:"eks"` }
type CloudScanEKS ¶
type CloudScanEKS struct {
ClusterName string `envconfig:"CLOUD_SCAN_EKS_CLUSTER_NAME" yaml:"clusterName"`
}
type CloudScanGKE ¶
type CloudScanGKE struct { ClusterName string `envconfig:"CLOUD_SCAN_GKE_CLUSTER_NAME" yaml:"clusterName"` CredentialsFile string `envconfig:"CLOUD_SCAN_GKE_CREDENTIALS_FILE" yaml:"credentialsFile"` ServiceAccountName string `envconfig:"CLOUD_SCAN_GKE_SERVICE_ACCOUNT_NAME" yaml:"serviceAccountName"` }
type Config ¶
type Config struct { PodIP string `envconfig:"POD_IP" yaml:"podIP"` PodNamespace string `envconfig:"POD_NAMESPACE" yaml:"podNamespace"` ServiceName string `envconfig:"SERVICE_NAME" yaml:"serviceName"` ServicePort int `envconfig:"SERVICE_PORT" yaml:"servicePort"` CertsDir string `envconfig:"CERTS_DIR" yaml:"certsDir"` CertsSecret string `envconfig:"CERTS_SECRET" yaml:"certsSecret"` LeaderElection bool `envconfig:"LEADER_ELECTION" yaml:"leaderElection"` PolicyEnforcement PolicyEnforcement `envconfig:"POLICY_ENFORCEMENT" yaml:"policyEnforcement"` KubeClient KubeClient `envconfig:"KUBE_CLIENT" yaml:"kubeClient"` Log Log `envconfig:"LOG" yaml:"log"` API API `envconfig:"API" yaml:"api"` HTTPPort int `envconfig:"HTTP_PORT" yaml:"httpPort"` StatusPort int `envconfig:"STATUS_PORT" yaml:"statusPort"` Provider string `envconfig:"PROVIDER" yaml:"provider"` DeltaSyncInterval time.Duration `envconfig:"DELTA_SYNC_INTERVAL" yaml:"deltaSyncInterval"` ImageScan ImageScan `envconfig:"IMAGE_SCAN" yaml:"imageScan"` Linter Linter `envconfig:"LINTER" yaml:"linter"` KubeBench KubeBench `envconfig:"KUBE_BENCH" yaml:"kubeBench"` CloudScan CloudScan `envconfig:"CLOUD_SCAN" yaml:"cloudScan"` Telemetry Telemetry `envconfig:"TELEMETRY" yaml:"telemetry"` }
type ImageScan ¶
type ImageScan struct { Enabled bool `envconfig:"IMAGE_SCAN_ENABLED" yaml:"enabled"` ScanInterval time.Duration `envconfig:"IMAGE_SCAN_SCAN_INTERVAL" yaml:"scanInterval"` ScanTimeout time.Duration `envconfig:"IMAGE_SCAN_SCAN_TIMEOUT" yaml:"scanTimeout"` MaxConcurrentScans int64 `envconfig:"IMAGE_SCAN_MAX_CONCURRENT_SCANS" yaml:"maxConcurrentScans"` Image ImageScanImage `envconfig:"IMAGE_SCAN_IMAGE" yaml:"image"` Mode string `envconfig:"IMAGE_SCAN_MODE" yaml:"mode"` APIUrl string `envconfig:"IMAGE_SCAN_API_URL" yaml:"apiUrl"` DockerOptionsPath string `envconfig:"IMAGE_SCAN_DOCKER_OPTIONS_PATH" yaml:"dockerOptionsPath"` CPURequest string `envconfig:"IMAGE_SCAN_CPU_REQUEST" yaml:"cpuRequest"` CPULimit string `envconfig:"IMAGE_SCAN_CPU_LIMIT" yaml:"cpuLimit"` MemoryRequest string `envconfig:"IMAGE_SCAN_MEMORY_REQUEST" yaml:"memoryRequest"` MemoryLimit string `envconfig:"IMAGE_SCAN_MEMORY_LIMIT" yaml:"memoryLimit"` ProfileEnabled bool `envconfig:"IMAGE_SCAN_PROFILE_ENABLED" yaml:"profileEnabled"` PhlareEnabled bool `envconfig:"IMAGE_SCAN_PHLARE_ENABLED" yaml:"phlareEnabled"` PullSecret string `envconfig:"IMAGE_SCAN_PULL_SECRET" yaml:"pullSecret"` InitDelay time.Duration `envconfig:"IMAGE_SCAN_INIT_DELAY" yaml:"initDelay"` ServiceAccountName string `envconfig:"IMAGE_SCAN_SERVICE_ACCOUNT_NAME" yaml:"serviceAccountName"` }
type ImageScanImage ¶
type ImageScanImage struct {
PullPolicy string `envconfig:"IMAGE_SCAN_IMAGE_PULL_POLICY" yaml:"pullPolicy"`
}
type KubeBench ¶
type KubeBench struct { Enabled bool `envconfig:"KUBE_BENCH_ENABLED" yaml:"enabled"` Force bool `envconfig:"KUBE_BENCH_FORCE" yaml:"force"` ScanInterval time.Duration `envconfig:"KUBE_BENCH_SCAN_INTERVAL" yaml:"scanInterval"` Image KubeBenchImage `envconfig:"KUBE_BENCH_IMAGE" yaml:"image"` }
type KubeBenchImage ¶ added in v0.51.0
type KubeBenchImage struct {
PullPolicy string `envconfig:"KUBE_BENCH_IMAGE_PULL_POLICY" yaml:"pullPolicy"`
}
type KubeClient ¶
type KubeClient struct { // K8S client rate limiter allows bursts of up to 'burst' to exceed the QPS, while still maintaining a // smoothed qps rate of 'qps'. // The bucket is initially filled with 'burst' tokens, and refills at a rate of 'qps'. // The maximum number of tokens in the bucket is capped at 'burst'. QPS int `envconfig:"KUBE_CLIENT_QPS" yaml:"qps"` Burst int `envconfig:"KUBE_CLIENT_BURST" yaml:"burst"` // Custom kubeconfig path. KubeConfigPath string `envconfig:"KUBE_CLIENT_KUBECONFIG" yaml:"kubeconfig"` UseProtobuf bool `envconfig:"KUBE_CLIENT_USE_PROTOBUF" yaml:"useProtobuf"` }
type PolicyEnforcement ¶ added in v0.34.0
type SecurityAgentVersion ¶
type SecurityAgentVersion struct {
GitCommit, GitRef, Version string
}
func (*SecurityAgentVersion) String ¶
func (a *SecurityAgentVersion) String() string
Click to show internal directories.
Click to hide internal directories.