Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶ added in v1.22.0
type Config struct {
PoliciesClient *policies.Client
K8sClient *k8s.Client
PolicyReportStore *report.PolicyReportStore
TLS TLSConfig
Parallelization ParallelizationConfig
OutputScan bool
DisableStore bool
}
type ParallelizationConfig ¶ added in v1.22.0
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner verifies that existing resources don't violate any of the policies.
func NewScanner ¶
NewScanner creates a new scanner If insecureClient is false, it will read the caCertFile and add it to the in-app cert trust store. This gets used by the httpClient when connection to PolicyServers endpoints.
func (*Scanner) ScanAllNamespaces ¶
ScanAllNamespaces scans resources for all namespaces, except the ones in the skipped list. Returns errors if there's any when fetching policies or resources, but only logs them if there's a problem auditing the resource of saving the Report or Result, so it can continue with the next audit, or next Result.
func (*Scanner) ScanClusterWideResources ¶
ScanClusterWideResources scans all cluster wide resources. Returns errors if there's any when fetching policies or resources, but only logs them if there's a problem auditing the resource of saving the Report or Result, so it can continue with the next audit, or next Result.
func (*Scanner) ScanNamespace ¶
ScanNamespace scans resources for a given namespace. Returns errors if there's any when fetching policies or resources, but only logs them if there's a problem auditing the resource of saving the Report or Result, so it can continue with the next audit, or next Result.
Source Files