Documentation ¶
Index ¶
- type AuditData
- type CategorySummary
- type Check
- type CheckResult
- type ClusterSum
- type ClusterSummary
- type ContainerImageScanResult
- type ContainerImageScansSummary
- type ContainerResult
- type ControllerResult
- type CountSummary
- type ImageScanResult
- type ImageScanResultSummary
- type KubeOverview
- type MessageType
- type NamespaceResult
- type NamespacedResults
- type PodResult
- type ResultMessage
- type ResultSum
- type ResultSummary
- type Scanners
- func (s *Scanners) GetClusterOverviewSummary() (scanSummary KubeOverview, err error)
- func (s *Scanners) GetImageScanResult(image string) (scanResult ImageScanResult, err error)
- func (s *Scanners) GetImageScansSummary() (scanSummary ContainerImageScansSummary, err error)
- func (s *Scanners) GetKubeObjectsAudit() (auditData AuditData, err error)
- type ScansMap
- type ScansSummary
- type TrivyScanTarget
- type VulnerabilityCounter
- type VulnerabilityDescription
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuditData ¶
type AuditData struct { PolarisOutputVersion string AuditTime string SourceType string SourceName string DisplayName string ClusterSummary ClusterSummary NamespacedResults NamespacedResults ScanResults ScansSummary }
AuditData contains all the data from a full Polaris audit
type CategorySummary ¶
type CategorySummary map[string]*CountSummary
CategorySummary provides a map from category name to a CountSummary
type CheckResult ¶
type CheckResult string
type ClusterSum ¶
type ClusterSummary ¶
type ClusterSummary struct { Results ResultSummary Version string Nodes int Pods int Namespaces int Deployments int StatefulSets int DaemonSets int Jobs int CronJobs int ReplicationControllers int Score uint }
ClusterSummary contains Polaris results as well as some high-level stats
type ContainerImageScanResult ¶
type ContainerImageScanResult struct { Image string `json:"image"` ScanResult string `json:"scanResult"` Description string `json:"description"` Counters []VulnerabilityCounter `json:"counters"` Attributes []string `json:"attributes"` Pods []string `json:"pods"` }
ImageScanResult is a short description of a single container image vulnerabilities audit
type ContainerImageScansSummary ¶
type ContainerImageScansSummary struct {
Images []ContainerImageScanResult `json:"images"`
}
type ContainerResult ¶
type ContainerResult struct { Name string Image string Messages []*ResultMessage Summary *ResultSummary ScanSummary ImageScanResultSummary }
ContainerResult provides a list of validation messages for each container.
type ControllerResult ¶
ControllerResult provides a wrapper around a PodResult
type CountSummary ¶
CountSummary provides a high level overview of success, warnings, and errors.
func (*CountSummary) GetScore ¶
func (cs *CountSummary) GetScore() uint
GetScore returns an overall score in [0, 100] for the CountSummary
type ImageScanResult ¶
type ImageScanResult struct { Image string `json:"image"` ScanResult string `json:"scanResult"` Description string `json:"description"` Targets []TrivyScanTarget `json:"targets"` }
ImageScanResult contains details about all the found vulnerabilities
type ImageScanResultSummary ¶
type ImageScanResultSummary struct { Image string `json:"image"` ScanResult string `json:"scanResult"` Description string `json:"description"` Counters []VulnerabilityCounter `json:"counters"` }
ImageScanResultSummary contains vulnerabilities summary
type KubeOverview ¶
type KubeOverview struct { Cluster ClusterSum `json:"cluster"` CheckGroupSummary []ResultSum `json:"checkGroupSummary"` NamespaceSummary []ResultSum `json:"namespaceSummary"` CheckResultsSummary ResultSum `json:"checkResultsSummary"` Checks []Check `json:"checks"` }
type MessageType ¶
type MessageType string
MessageType represents the type of Message
const ( // MessageTypeNoData indicates no validation data MessageTypeNoData MessageType = "nodata" // MessageTypeSuccess indicates a validation success MessageTypeSuccess MessageType = "success" // MessageTypeWarning indicates a validation warning MessageTypeWarning MessageType = "warning" // MessageTypeError indicates a validation error MessageTypeError MessageType = "error" )
type NamespaceResult ¶
type NamespaceResult struct { Name string Summary *ResultSummary // TODO: This struct could use some love to reorganize it as just having "results" // and then having methods to return filtered results by type // (deploy, daemonset, etc) // The way this is structured right now makes it difficult to add // additional result types and potentially miss things in the metrics // summary. DeploymentResults []ControllerResult StatefulSetResults []ControllerResult DaemonSetResults []ControllerResult JobResults []ControllerResult CronJobResults []ControllerResult ReplicationControllerResults []ControllerResult }
NamespaceResult groups container results by parent resource.
func (NamespaceResult) GetAllControllerResults ¶
func (n NamespaceResult) GetAllControllerResults() []ControllerResult
GetAllControllerResults grabs all the different types of controller results from the namespaced result as a single list for easier iteration
type NamespacedResults ¶
type NamespacedResults map[string]*NamespaceResult
NamespacedResults is a mapping of namespace name to the validation results.
type PodResult ¶
type PodResult struct { Name string Summary *ResultSummary Messages []*ResultMessage ContainerResults []ContainerResult // contains filtered or unexported fields }
PodResult provides a list of validation messages for each pod.
type ResultMessage ¶
type ResultMessage struct { ID string Message string Type MessageType Category string }
ResultMessage contains a message and a type indicator (success, warning, or error).
type ResultSummary ¶
type ResultSummary struct { Totals CountSummary ByCategory CategorySummary }
ResultSummary provides a high level overview of success, warnings, and errors.
type Scanners ¶
type Scanners struct {
ServiceURL string
}
Scanners base struct
func NewScanners ¶
NewScanners returns a new scanner instance.
func (*Scanners) GetClusterOverviewSummary ¶
func (s *Scanners) GetClusterOverviewSummary() (scanSummary KubeOverview, err error)
func (*Scanners) GetImageScanResult ¶
func (s *Scanners) GetImageScanResult(image string) (scanResult ImageScanResult, err error)
GetImageScanResult returns detailed single image scan result
func (*Scanners) GetImageScansSummary ¶
func (s *Scanners) GetImageScansSummary() (scanSummary ContainerImageScansSummary, err error)
returns container image scan summary
func (*Scanners) GetKubeObjectsAudit ¶
GetKubeObjectsAudit returns Kube Audit result
type ScansMap ¶
type ScansMap map[string]ImageScanResultSummary
ScansMap provides a map from image name to a scan result
type ScansSummary ¶
ScansSummary provides a high level overview of container images scan results.
func (*ScansSummary) GetScore ¶
func (summary *ScansSummary) GetScore() uint
GetScore returns an overall score in [0, 100] for the ScansSummary
type TrivyScanTarget ¶
type TrivyScanTarget struct { Target string `json:"Target"` Vulnerabilities []VulnerabilityDescription `json:"Vulnerabilities"` }
type VulnerabilityCounter ¶
VulnerabilityCounter represents amount of issues with specified severity
type VulnerabilityDescription ¶
type VulnerabilityDescription struct { CVE string `json:"VulnerabilityID"` Package string `json:"PkgName"` InstalledVersion string `json:"InstalledVersion"` FixedVersion string `json:"FixedVersion"` Title string `json:"Title"` Description string `json:"Description"` Severity string `json:"Severity"` References []string `json:"References"` }