Documentation ¶
Overview ¶
Package recommend package
Index ¶
- Variables
- func CurrentRelease() string
- func DownloadAndUnzipRelease() (string, error)
- func Recommend(c *k8s.Client, o Options) error
- func ReportAdmissionControllerRecord(policyFilePath, action string, annotations map[string]string) error
- func ReportInit(fname string)
- func ReportRecord(ms MatchSpec, policyName string) error
- func ReportRender(out string) error
- func ReportSectEnd() error
- func ReportStart(img *ImageInfo) error
- func ReportStartGenericAdmissionControllerPolicies() error
- func UserHome() string
- type AuthConfigurations
- type Col
- type Deployment
- type Description
- type HTMLReport
- func (r HTMLReport) Record(ms MatchSpec, policyName string) error
- func (r HTMLReport) RecordAdmissionController(policyFilePath, action string, annotations map[string]string) error
- func (r HTMLReport) Render(out string) error
- func (r HTMLReport) SectionEnd() error
- func (r HTMLReport) Start(img *ImageInfo) error
- func (r HTMLReport) StartGenericAdmissionControllerPolicies() error
- type HeaderInfo
- type ImageInfo
- type Info
- type LabelMap
- type MatchSpec
- type Options
- type RecordInfo
- type Ref
- type SectionInfo
- type TextReport
- func (r TextReport) Record(ms MatchSpec, policyName string) error
- func (r TextReport) RecordAdmissionController(policyFilePath, action string, annotations map[string]string) error
- func (r TextReport) Render(out string) error
- func (r TextReport) SectionEnd() error
- func (r TextReport) Start(img *ImageInfo) error
- func (r TextReport) StartGenericAdmissionControllerPolicies() error
Constants ¶
This section is empty.
Variables ¶
var CurrentVersion string
CurrentVersion stores the current version of policy-template
var DefaultPoliciesToBeRecommended = []string{KubeArmorPolicy}
DefaultPoliciesToBeRecommended are the default policies to be recommended
var Handler interface{}
Handler interface
var KubeArmorPolicy = "KubeArmorPolicy"
KubeArmorPolicy is alias for kubearmor policy
var KyvernoPolicy = "KyvernoPolicy"
KyvernoPolicy is alias for kyverno policy. The actual kind of Kyverno policy is 'Policy' but we use 'KyvernoPolicy' to explicitly differentiate it from other policy types.
var LatestVersion string
LatestVersion stores the latest version of policy-template
Functions ¶
func CurrentRelease ¶ added in v0.9.7
func CurrentRelease() string
CurrentRelease gets the current release of policy-templates
func DownloadAndUnzipRelease ¶ added in v0.9.7
DownloadAndUnzipRelease downloads the latest version of policy-templates
func ReportAdmissionControllerRecord ¶ added in v0.13.1
func ReportAdmissionControllerRecord(policyFilePath, action string, annotations map[string]string) error
ReportAdmissionControllerRecord called once per admission controller policy
func ReportRecord ¶
ReportRecord called once per policy
func ReportRender ¶
ReportRender called finaly to render the report
func ReportSectEnd ¶
func ReportSectEnd() error
ReportSectEnd called once per container image at the end
func ReportStart ¶
ReportStart called once per container image at the start
func ReportStartGenericAdmissionControllerPolicies ¶ added in v0.13.3
func ReportStartGenericAdmissionControllerPolicies() error
ReportStartGenericAdmissionControllerPolicies called once per generic admission controller policy at the start
Types ¶
type AuthConfigurations ¶ added in v0.10.2
type AuthConfigurations struct {
Configs map[string]types.AuthConfig `json:"configs"`
}
AuthConfigurations contains the configuration information's
type Deployment ¶ added in v0.9.5
Deployment contains brief information about a k8s deployment
type Description ¶
type Description struct { Refs []Ref `json:"refs" yaml:"refs"` Tldr string `json:"tldr" yaml:"tldr"` Detailed string `json:"detailed" yaml:"detailed"` }
Description detailed description for the policy rule
type HTMLReport ¶
type HTMLReport struct { RecordCnt *int // contains filtered or unexported fields }
HTMLReport Report in HTML format
func (HTMLReport) Record ¶
func (r HTMLReport) Record(ms MatchSpec, policyName string) error
Record addition of new HTML table row
func (HTMLReport) RecordAdmissionController ¶ added in v0.13.1
func (r HTMLReport) RecordAdmissionController(policyFilePath, action string, annotations map[string]string) error
RecordAdmissionController addition of new HTML table row for admission controller policies
func (HTMLReport) SectionEnd ¶
func (r HTMLReport) SectionEnd() error
SectionEnd end of section of the HTML table
func (HTMLReport) Start ¶
func (r HTMLReport) Start(img *ImageInfo) error
Start of HTML report section
func (HTMLReport) StartGenericAdmissionControllerPolicies ¶ added in v0.13.3
func (r HTMLReport) StartGenericAdmissionControllerPolicies() error
type HeaderInfo ¶
HeaderInfo HTML Header Info
type ImageInfo ¶
type ImageInfo struct { Name string RepoTags []string Arch string Distro string OS string FileList []string DirList []string Namespace string Deployment string Labels LabelMap }
ImageInfo contains image information
type MatchSpec ¶
type MatchSpec struct { Name string `json:"name" yaml:"name"` Precondition []string `json:"precondition" yaml:"precondition"` Description Description `json:"description" yaml:"description"` Yaml string `json:"yaml" yaml:"yaml"` Spec pol.KubeArmorPolicySpec `json:"spec,omitempty" yaml:"spec,omitempty"` KyvernoPolicySpec *kyvernov1.Spec `json:"kyvernoPolicySpec,omitempty" yaml:"kyvernoPolicySpec,omitempty"` KyvernoPolicyTags []string `json:"kyvernoPolicyTags,omitempty" yaml:"kyvernoPolicyTags,omitempty"` }
MatchSpec spec to match for defining policy
type Options ¶
type Options struct { Images []string Labels []string Tags []string Policy []string Namespace string OutDir string ReportFile string Config string }
Options for karmor recommend
type RecordInfo ¶
type RecordInfo struct { RowID string Rec []Col Policy string Description string PolicyType string Refs []Ref }
RecordInfo new row information in table
type SectionInfo ¶
SectionInfo Section information
type TextReport ¶
type TextReport struct {
// contains filtered or unexported fields
}
TextReport Report in Text format
func (TextReport) Record ¶
func (r TextReport) Record(ms MatchSpec, policyName string) error
Record addition of new text table row
func (TextReport) RecordAdmissionController ¶ added in v0.13.1
func (r TextReport) RecordAdmissionController(policyFilePath, action string, annotations map[string]string) error
RecordAdmissionController adds new row to table for admission controller policies
func (TextReport) SectionEnd ¶
func (r TextReport) SectionEnd() error
SectionEnd end of section of the text table
func (TextReport) Start ¶
func (r TextReport) Start(img *ImageInfo) error
Start Start of the section of the text report
func (TextReport) StartGenericAdmissionControllerPolicies ¶ added in v0.13.3
func (r TextReport) StartGenericAdmissionControllerPolicies() error