rules

package

v0.2.41 Latest Latest Go to latest Published: Nov 13, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubescape/operator

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func ExtractPodOwner(pod *v1.Pod, clientset kubernetes.Interface) (string, string, string)
func GetContainerNameFromExecToPodEvent(event admission.Attributes) (string, error)
func GetControllerDetails(event admission.Attributes, clientset kubernetes.Interface) (string, string, string, string, error)
func GetPodDetails(clientset kubernetes.Interface, podName, namespace string) (*v1.Pod, error)
type BaseRule
- func (br *BaseRule) GetParameters() map[string]interface{}
- func (br *BaseRule) SetParameters(parameters map[string]interface{})
type GenericRuleFailure
- func (rule *GenericRuleFailure) GetAdmissionsAlert() apitypes.AdmissionAlert
- func (rule *GenericRuleFailure) GetBaseRuntimeAlert() apitypes.BaseRuntimeAlert
- func (rule *GenericRuleFailure) GetRuleAlert() apitypes.RuleAlert
- func (rule *GenericRuleFailure) GetRuleId() string
- func (rule *GenericRuleFailure) GetRuntimeAlertK8sDetails() apitypes.RuntimeAlertK8sDetails
- func (rule *GenericRuleFailure) GetRuntimeProcessDetails() apitypes.ProcessTree
- func (rule *GenericRuleFailure) SetAdmissionsAlert(admissionsAlert apitypes.AdmissionAlert)
- func (rule *GenericRuleFailure) SetBaseRuntimeAlert(baseRuntimeAlert apitypes.BaseRuntimeAlert)
- func (rule *GenericRuleFailure) SetRuleAlert(ruleAlert apitypes.RuleAlert)
- func (rule *GenericRuleFailure) SetRuntimeAlertK8sDetails(runtimeAlertK8sDetails apitypes.RuntimeAlertK8sDetails)
- func (rule *GenericRuleFailure) SetRuntimeProcessDetails(runtimeProcessDetails apitypes.ProcessTree)
- func (rule *GenericRuleFailure) SetWorkloadDetails(workloadDetails string)
type R2000ExecToPod
- func CreateRuleR2000ExecToPod() *R2000ExecToPod
- func (rule *R2000ExecToPod) DeleteRule()
- func (rule *R2000ExecToPod) ID() string
- func (rule *R2000ExecToPod) Name() string
- func (rule *R2000ExecToPod) ProcessEvent(event admission.Attributes, access objectcache.KubernetesCache) rules.RuleFailure
type R2001PortForward
- func CreateRuleR2001PortForward() *R2001PortForward
- func (rule *R2001PortForward) DeleteRule()
- func (rule *R2001PortForward) ID() string
- func (rule *R2001PortForward) Name() string
- func (rule *R2001PortForward) ProcessEvent(event admission.Attributes, access objectcache.KubernetesCache) rules.RuleFailure
type RuleCreatorImpl
- func NewRuleCreator() *RuleCreatorImpl
- func (r *RuleCreatorImpl) CreateRuleByID(id string) rules.RuleEvaluator
- func (r *RuleCreatorImpl) CreateRuleByName(name string) rules.RuleEvaluator
- func (r *RuleCreatorImpl) CreateRulesByTags(tags []string) []rules.RuleEvaluator
- func (r *RuleCreatorImpl) GetAllRuleDescriptors() []RuleDescriptor
type RuleDescriptor
- func (r *RuleDescriptor) HasTags(tags []string) bool

Constants ¶

View Source

const (
	R2000ID   = "R2000"
	R2000Name = "Exec to pod"
)

View Source

const (
	R2001ID   = "R2001"
	R2001Name = "Port forward"
)

View Source

const (
	RulePriorityNone        = 0
	RulePriorityLow         = 1
	RulePriorityMed         = 5
	RulePriorityHigh        = 8
	RulePriorityCritical    = 10
	RulePrioritySystemIssue = 1000
)

Variables ¶

View Source

var R2000ExecToPodRuleDescriptor = RuleDescriptor{
	ID:          R2000ID,
	Name:        R2000Name,
	Description: "Detecting exec to pod",
	Tags:        []string{"exec"},
	Priority:    RulePriorityLow,
	RuleCreationFunc: func() rules.RuleEvaluator {
		return CreateRuleR2000ExecToPod()
	},
}

View Source

var R2001PortForwardRuleDescriptor = RuleDescriptor{
	ID:          R2001ID,
	Name:        R2001Name,
	Description: "Detecting port forward",
	Tags:        []string{"portforward"},
	Priority:    RulePriorityLow,
	RuleCreationFunc: func() rules.RuleEvaluator {
		return CreateRuleR2001PortForward()
	},
}

Functions ¶

func ExtractPodOwner ¶

func ExtractPodOwner(pod *v1.Pod, clientset kubernetes.Interface) (string, string, string)

ExtractPodOwner returns the kind, name, and namespace of the controller that owns the pod.

func GetContainerNameFromExecToPodEvent ¶

func GetContainerNameFromExecToPodEvent(event admission.Attributes) (string, error)

GetContainerNameFromExecToPodEvent returns the container name from the admission event for exec operations.

func GetControllerDetails ¶

func GetControllerDetails(event admission.Attributes, clientset kubernetes.Interface) (string, string, string, string, error)

GetControllerDetails returns the kind, name, namespace, and node name of the controller that owns the pod.

func GetPodDetails ¶

func GetPodDetails(clientset kubernetes.Interface, podName, namespace string) (*v1.Pod, error)

GetPodDetails returns the pod details from the Kubernetes API server.

Types ¶

type BaseRule ¶

type BaseRule struct {
	// contains filtered or unexported fields
}

func (*BaseRule) GetParameters ¶

func (br *BaseRule) GetParameters() map[string]interface{}

func (*BaseRule) SetParameters ¶

func (br *BaseRule) SetParameters(parameters map[string]interface{})

type GenericRuleFailure ¶

type GenericRuleFailure struct {
	BaseRuntimeAlert       apitypes.BaseRuntimeAlert
	RuntimeProcessDetails  apitypes.ProcessTree
	RuleAlert              apitypes.RuleAlert
	AdmissionAlert         apitypes.AdmissionAlert
	RuntimeAlertK8sDetails apitypes.RuntimeAlertK8sDetails
	RuleID                 string
}

func (*GenericRuleFailure) GetAdmissionsAlert ¶

func (rule *GenericRuleFailure) GetAdmissionsAlert() apitypes.AdmissionAlert

func (*GenericRuleFailure) GetBaseRuntimeAlert ¶

func (rule *GenericRuleFailure) GetBaseRuntimeAlert() apitypes.BaseRuntimeAlert

func (*GenericRuleFailure) GetRuleAlert ¶

func (rule *GenericRuleFailure) GetRuleAlert() apitypes.RuleAlert

func (*GenericRuleFailure) GetRuleId ¶

func (rule *GenericRuleFailure) GetRuleId() string

func (*GenericRuleFailure) GetRuntimeAlertK8sDetails ¶

func (rule *GenericRuleFailure) GetRuntimeAlertK8sDetails() apitypes.RuntimeAlertK8sDetails

func (*GenericRuleFailure) GetRuntimeProcessDetails ¶

func (rule *GenericRuleFailure) GetRuntimeProcessDetails() apitypes.ProcessTree

func (*GenericRuleFailure) SetAdmissionsAlert ¶

func (rule *GenericRuleFailure) SetAdmissionsAlert(admissionsAlert apitypes.AdmissionAlert)

func (*GenericRuleFailure) SetBaseRuntimeAlert ¶

func (rule *GenericRuleFailure) SetBaseRuntimeAlert(baseRuntimeAlert apitypes.BaseRuntimeAlert)

func (*GenericRuleFailure) SetRuleAlert ¶

func (rule *GenericRuleFailure) SetRuleAlert(ruleAlert apitypes.RuleAlert)

func (*GenericRuleFailure) SetRuntimeAlertK8sDetails ¶

func (rule *GenericRuleFailure) SetRuntimeAlertK8sDetails(runtimeAlertK8sDetails apitypes.RuntimeAlertK8sDetails)

func (*GenericRuleFailure) SetRuntimeProcessDetails ¶

func (rule *GenericRuleFailure) SetRuntimeProcessDetails(runtimeProcessDetails apitypes.ProcessTree)

func (*GenericRuleFailure) SetWorkloadDetails ¶

func (rule *GenericRuleFailure) SetWorkloadDetails(workloadDetails string)

type R2000ExecToPod ¶

type R2000ExecToPod struct {
	BaseRule
}

func CreateRuleR2000ExecToPod ¶

func CreateRuleR2000ExecToPod() *R2000ExecToPod

func (*R2000ExecToPod) DeleteRule ¶

func (rule *R2000ExecToPod) DeleteRule()

func (*R2000ExecToPod) ID ¶

func (rule *R2000ExecToPod) ID() string

func (*R2000ExecToPod) Name ¶

func (rule *R2000ExecToPod) Name() string

func (*R2000ExecToPod) ProcessEvent ¶

func (rule *R2000ExecToPod) ProcessEvent(event admission.Attributes, access objectcache.KubernetesCache) rules.RuleFailure

type R2001PortForward ¶

type R2001PortForward struct {
	BaseRule
}

func CreateRuleR2001PortForward ¶

func CreateRuleR2001PortForward() *R2001PortForward

func (*R2001PortForward) DeleteRule ¶

func (rule *R2001PortForward) DeleteRule()

func (*R2001PortForward) ID ¶

func (rule *R2001PortForward) ID() string

func (*R2001PortForward) Name ¶

func (rule *R2001PortForward) Name() string

func (*R2001PortForward) ProcessEvent ¶

func (rule *R2001PortForward) ProcessEvent(event admission.Attributes, access objectcache.KubernetesCache) rules.RuleFailure

type RuleCreatorImpl ¶

type RuleCreatorImpl struct {
	// contains filtered or unexported fields
}

func NewRuleCreator ¶

func NewRuleCreator() *RuleCreatorImpl

func (*RuleCreatorImpl) CreateRuleByID ¶

func (r *RuleCreatorImpl) CreateRuleByID(id string) rules.RuleEvaluator

func (*RuleCreatorImpl) CreateRuleByName ¶

func (r *RuleCreatorImpl) CreateRuleByName(name string) rules.RuleEvaluator

func (*RuleCreatorImpl) CreateRulesByTags ¶

func (r *RuleCreatorImpl) CreateRulesByTags(tags []string) []rules.RuleEvaluator

func (*RuleCreatorImpl) GetAllRuleDescriptors ¶

func (r *RuleCreatorImpl) GetAllRuleDescriptors() []RuleDescriptor

type RuleDescriptor ¶

type RuleDescriptor struct {
	// Rule ID
	ID string
	// Rule Name
	Name string
	// Rule Description
	Description string
	// Priority
	Priority int
	// Tags
	Tags []string
	// Create a rule function
	RuleCreationFunc func() rules.RuleEvaluator
}

func (*RuleDescriptor) HasTags ¶

func (r *RuleDescriptor) HasTags(tags []string) bool

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL