v1alpha2

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 3, 2023 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source
const (
	StatusPass  = "pass"
	StatusFail  = "fail"
	StatusWarn  = "warn"
	StatusError = "error"
	StatusSkip  = "skip"
)

Status specifies state of a policy result

View Source
const (
	SeverityCritical = "critical"
	SeverityHigh     = "high"
	SeverityMedium   = "medium"
	SeverityLow      = "low"
	SeverityInfo     = "info"
)

Severity specifies priority of a policy result

View Source
const ResultIDKey = "resultID"

Variables

View Source
var (
	// SchemeBuilder builds the scheme
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)

	// AddToScheme adds all types of this clientset into the given scheme
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: policyreport.GroupName, Version: "v1alpha2"}

SchemeGroupVersion is group version used to register these objects

Functions

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type ClusterPolicyReport

type ClusterPolicyReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
	// +optional
	Scope *corev1.ObjectReference `json:"scope,omitempty"`

	// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
	// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
	// +optional
	ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`

	// PolicyReportSummary provides a summary of results
	// +optional
	Summary PolicyReportSummary `json:"summary,omitempty"`

	// PolicyReportResult provides result details
	// +optional
	Results []PolicyReportResult `json:"results,omitempty"`
}

ClusterPolicyReport is the Schema for the clusterpolicyreports API

func (*ClusterPolicyReport) DeepCopy

func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReport.

func (*ClusterPolicyReport) DeepCopyInto

func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyReport) DeepCopyObject

func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterPolicyReportList

type ClusterPolicyReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClusterPolicyReport `json:"items"`
}

ClusterPolicyReportList contains a list of ClusterPolicyReport

func (*ClusterPolicyReportList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReportList.

func (*ClusterPolicyReportList) DeepCopyInto

func (in *ClusterPolicyReportList) DeepCopyInto(out *ClusterPolicyReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyReportList) DeepCopyObject

func (in *ClusterPolicyReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyReport

type PolicyReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
	// +optional
	Scope *corev1.ObjectReference `json:"scope,omitempty"`

	// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
	// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
	// +optional
	ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`

	// PolicyReportSummary provides a summary of results
	// +optional
	Summary PolicyReportSummary `json:"summary,omitempty"`

	// PolicyReportResult provides result details
	// +optional
	Results []PolicyReportResult `json:"results,omitempty"`
}

PolicyReport is the Schema for the policyreports API

func (*PolicyReport) DeepCopy

func (in *PolicyReport) DeepCopy() *PolicyReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReport.

func (*PolicyReport) DeepCopyInto

func (in *PolicyReport) DeepCopyInto(out *PolicyReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyReport) DeepCopyObject

func (in *PolicyReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyReportList

type PolicyReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []PolicyReport `json:"items"`
}

PolicyReportList contains a list of PolicyReport

func (*PolicyReportList) DeepCopy

func (in *PolicyReportList) DeepCopy() *PolicyReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportList.

func (*PolicyReportList) DeepCopyInto

func (in *PolicyReportList) DeepCopyInto(out *PolicyReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyReportList) DeepCopyObject

func (in *PolicyReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyReportResult

type PolicyReportResult struct {
	ID string `json:"-"`
	// Source is an identifier for the policy engine that manages this report
	// +optional
	Source string `json:"source"`

	// Policy is the name or identifier of the policy
	Policy string `json:"policy"`

	// Rule is the name or identifier of the rule within the policy
	// +optional
	Rule string `json:"rule,omitempty"`

	// Subjects is an optional reference to the checked Kubernetes resources
	// +optional
	Resources []corev1.ObjectReference `json:"resources,omitempty"`

	// SubjectSelector is an optional label selector for checked Kubernetes resources.
	// For example, a policy result may apply to all pods that match a label.
	// Either a Subject or a SubjectSelector can be specified.
	// If neither are provided, the result is assumed to be for the policy report scope.
	// +optional
	ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`

	// Description is a short user friendly message for the policy rule
	Message string `json:"message,omitempty"`

	// Result indicates the outcome of the policy rule execution
	Result PolicyResult `json:"result,omitempty"`

	// Scored indicates if this result is scored
	Scored bool `json:"scored,omitempty"`

	// Properties provides additional information for the policy rule
	Properties map[string]string `json:"properties,omitempty"`

	// Timestamp indicates the time the result was found
	Timestamp metav1.Timestamp `json:"timestamp,omitempty"`

	// Category indicates policy category
	// +optional
	Category string `json:"category,omitempty"`

	// Severity indicates policy check result criticality
	// +optional
	Severity PolicySeverity `json:"severity,omitempty"`

	Priority Priority `json:"-"`
}

PolicyReportResult provides the result for an individual policy

func (*PolicyReportResult) DeepCopy

func (in *PolicyReportResult) DeepCopy() *PolicyReportResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportResult.

func (*PolicyReportResult) DeepCopyInto

func (in *PolicyReportResult) DeepCopyInto(out *PolicyReportResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyReportSummary

type PolicyReportSummary struct {
	// Pass provides the count of policies whose requirements were met
	// +optional
	Pass int `json:"pass"`

	// Fail provides the count of policies whose requirements were not met
	// +optional
	Fail int `json:"fail"`

	// Warn provides the count of non-scored policies whose requirements were not met
	// +optional
	Warn int `json:"warn"`

	// Error provides the count of policies that could not be evaluated
	// +optional
	Error int `json:"error"`

	// Skip indicates the count of policies that were not selected for evaluation
	// +optional
	Skip int `json:"skip"`
}

PolicyReportSummary provides a status count summary

func (*PolicyReportSummary) DeepCopy

func (in *PolicyReportSummary) DeepCopy() *PolicyReportSummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportSummary.

func (*PolicyReportSummary) DeepCopyInto

func (in *PolicyReportSummary) DeepCopyInto(out *PolicyReportSummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (PolicyReportSummary) ToMap

func (prs PolicyReportSummary) ToMap() map[string]interface{}

type PolicyResult

type PolicyResult string

PolicyResult has one of the following values:

  • pass: indicates that the policy requirements are met
  • fail: indicates that the policy requirements are not met
  • warn: indicates that the policy requirements and not met, and the policy is not scored
  • error: indicates that the policy could not be evaluated
  • skip: indicates that the policy was not selected based on user inputs or applicability

type PolicySeverity

type PolicySeverity string

PolicySeverity has one of the following values: - critical - high - low - medium - info

type Priority

type Priority int

Priority Enum for internal Result weighting

const (
	DefaultPriority Priority = iota
	DebugPriority
	InfoPriority
	WarningPriority
	CriticalPriority
	ErrorPriority
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL