report

package
v1.13.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 12, 2024 License: Apache-2.0 Imports: 33 Imported by: 1

Documentation

Index

Constants

View Source 
const (
	LabelDomain = "kyverno.io"
	//	resource labels
	LabelResourceHash           = "audit.kyverno.io/resource.hash"
	LabelResourceUid            = "audit.kyverno.io/resource.uid"
	LabelResourceGVR            = "audit.kyverno.io/resource.gvr"
	LabelResourceGroup          = "audit.kyverno.io/resource.group"
	LabelResourceVersion        = "audit.kyverno.io/resource.version"
	LabelResourceKind           = "audit.kyverno.io/resource.kind"
	LabelSource                 = "audit.kyverno.io/source"
	AnnotationResourceNamespace = "audit.kyverno.io/resource.namespace"
	AnnotationResourceName      = "audit.kyverno.io/resource.name"
	//	policy labels
	LabelDomainClusterPolicy                    = "cpol.kyverno.io"
	LabelDomainPolicy                           = "pol.kyverno.io"
	LabelPrefixClusterPolicy                    = LabelDomainClusterPolicy + "/"
	LabelPrefixPolicy                           = LabelDomainPolicy + "/"
	LabelPrefixPolicyException                  = "polex.kyverno.io/"
	LabelPrefixValidatingAdmissionPolicy        = "validatingadmissionpolicy.apiserver.io/"
	LabelPrefixValidatingAdmissionPolicyBinding = "validatingadmissionpolicybinding.apiserver.io/"
	//	aggregated admission report label
	LabelAggregatedReport = "audit.kyverno.io/report.aggregate"
)

Variables

This section is empty.

Functions

func BuildAdmissionReport added in v1.8.3 

func BuildAdmissionReport(resource unstructured.Unstructured, request admissionv1.AdmissionRequest, responses ...engineapi.EngineResponse) reportsv1.ReportInterface

func BuildGenerateReport added in v1.13.0 

func BuildGenerateReport(namespace, name string, gvk schema.GroupVersionKind, owner string, uid types.UID, responses ...engineapi.EngineResponse) reportsv1.ReportInterface

func BuildMutateExistingReport added in v1.13.0 

func BuildMutateExistingReport(namespace, name string, gvk schema.GroupVersionKind, owner string, uid types.UID, responses ...engineapi.EngineResponse) reportsv1.ReportInterface

func BuildMutationReport added in v1.13.0 

func BuildMutationReport(resource unstructured.Unstructured, request admissionv1.AdmissionRequest, responses ...engineapi.EngineResponse) reportsv1.ReportInterface

func CalculateResourceHash 

func CalculateResourceHash(resource unstructured.Unstructured) string

func CalculateSummary 

func CalculateSummary(results []policyreportv1alpha2.PolicyReportResult) (summary policyreportv1alpha2.PolicyReportSummary)

func CleanupKyvernoLabels added in v1.10.1 

func CleanupKyvernoLabels(obj metav1.Object)

func CompareHash 

func CompareHash(report metav1.Object, hash string) bool

func CreateReport 

func CreateReport(ctx context.Context, report reportsv1.ReportInterface, client versioned.Interface) (reportsv1.ReportInterface, error)

func DeepCopy 

func DeepCopy(report reportsv1.ReportInterface) reportsv1.ReportInterface

func DeleteReport 

func DeleteReport(ctx context.Context, report reportsv1.ReportInterface, client versioned.Interface) error

func EngineResponseToReportResults 

func EngineResponseToReportResults(response engineapi.EngineResponse) []policyreportv1alpha2.PolicyReportResult

func GenerationEngineResponseToReportResults added in v1.13.0 

func GenerationEngineResponseToReportResults(response engineapi.EngineResponse) []policyreportv1alpha2.PolicyReportResult

func GetResourceGVR added in v1.10.0 

func GetResourceGVR(report metav1.Object) schema.GroupVersionResource

func GetResourceHash 

func GetResourceHash(report metav1.Object) string

func GetResourceNamespaceAndName added in v1.10.0 

func GetResourceNamespaceAndName(report metav1.Object) (string, string)

func GetResourceUid 

func GetResourceUid(report metav1.Object) types.UID

func GetSource added in v1.12.0 

func GetSource(report metav1.Object) string

func IsGvkSupported added in v1.8.1 

func IsGvkSupported(gvk schema.GroupVersionKind) bool

func IsPolicyLabel 

func IsPolicyLabel(label string) bool

func MutationEngineResponseToReportResults added in v1.13.0 

func MutationEngineResponseToReportResults(response engineapi.EngineResponse) []policyreportv1alpha2.PolicyReportResult

func NewAdmissionReport 

func NewAdmissionReport(namespace, name string, gvr schema.GroupVersionResource, gvk schema.GroupVersionKind, resource unstructured.Unstructured) reportsv1.ReportInterface

func NewBackgroundScanReport 

func NewBackgroundScanReport(namespace, name string, gvk schema.GroupVersionKind, owner string, uid types.UID) reportsv1.ReportInterface

func NewPolicyReport 

func NewPolicyReport(namespace, name string, scope *corev1.ObjectReference, results ...policyreportv1alpha2.PolicyReportResult) reportsv1.ReportInterface

func PolicyExceptionLabel added in v1.12.0 

func PolicyExceptionLabel(exception kyvernov2.PolicyException) string

func PolicyLabel 

func PolicyLabel(policy engineapi.GenericPolicy) string

func PolicyLabelDomain 

func PolicyLabelDomain(policy kyvernov1.PolicyInterface) string

func PolicyLabelPrefix 

func PolicyLabelPrefix(policy engineapi.GenericPolicy) string

func PolicyNameFromLabel 

func PolicyNameFromLabel(namespace, label string) (string, error)

func SelectorPolicyDoesNotExist 

func SelectorPolicyDoesNotExist(policy engineapi.GenericPolicy) (labels.Selector, error)

func SelectorPolicyExists 

func SelectorPolicyExists(policy engineapi.GenericPolicy) (labels.Selector, error)

func SelectorPolicyNotEquals 

func SelectorPolicyNotEquals(policy engineapi.GenericPolicy) (labels.Selector, error)

func SelectorResourceUidEquals 

func SelectorResourceUidEquals(uid types.UID) (labels.Selector, error)

func SetGenerationResponses added in v1.13.0 

func SetGenerationResponses(report reportsv1.ReportInterface, engineResponses ...engineapi.EngineResponse)

func SetManagedByKyvernoLabel 

func SetManagedByKyvernoLabel(obj metav1.Object)

func SetMutationResponses added in v1.13.0 

func SetMutationResponses(report reportsv1.ReportInterface, engineResponses ...engineapi.EngineResponse)

func SetPolicyExceptionLabel added in v1.12.0 

func SetPolicyExceptionLabel(report reportsv1.ReportInterface, exception kyvernov2.PolicyException)

func SetPolicyLabel 

func SetPolicyLabel(report reportsv1.ReportInterface, policy engineapi.GenericPolicy)

func SetResourceGVK added in v1.12.0 

func SetResourceGVK(report reportsv1.ReportInterface, gvk schema.GroupVersionKind)

func SetResourceGVR added in v1.10.0 

func SetResourceGVR(report reportsv1.ReportInterface, gvr schema.GroupVersionResource)

func SetResourceNamespaceAndName added in v1.10.0 

func SetResourceNamespaceAndName(report reportsv1.ReportInterface, namespace, name string)

func SetResourceUid added in v1.10.0 

func SetResourceUid(report reportsv1.ReportInterface, uid types.UID)

func SetResourceVersionLabels 

func SetResourceVersionLabels(report reportsv1.ReportInterface, resource *unstructured.Unstructured)

func SetResponses 

func SetResponses(report reportsv1.ReportInterface, engineResponses ...engineapi.EngineResponse)

func SetResults 

func SetResults(report reportsv1.ReportInterface, results ...policyreportv1alpha2.PolicyReportResult)

func SetSource added in v1.12.0 

func SetSource(obj metav1.Object, source string)

func SetValidatingAdmissionPolicyBindingLabel added in v1.12.0 

func SetValidatingAdmissionPolicyBindingLabel(report reportsv1.ReportInterface, binding admissionregistrationv1beta1.ValidatingAdmissionPolicyBinding)

func SeverityFromString added in v1.10.2 

func SeverityFromString(severity string) policyreportv1alpha2.PolicySeverity

func SortReportResults 

func SortReportResults(results []policyreportv1alpha2.PolicyReportResult)

func SplitResultsByPolicy 

func SplitResultsByPolicy(logger logr.Logger, results []policyreportv1alpha2.PolicyReportResult) map[string][]policyreportv1alpha2.PolicyReportResult

func ToPolicyReportResult added in v1.13.0 

func ToPolicyReportResult(policyType engineapi.PolicyType, policyName string, ruleResult engineapi.RuleResponse, annotations map[string]string, resource *corev1.ObjectReference) policyreportv1alpha2.PolicyReportResult

func UpdateReport 

func UpdateReport(ctx context.Context, report reportsv1.ReportInterface, client versioned.Interface) (reportsv1.ReportInterface, error)

func ValidatingAdmissionPolicyBindingLabel added in v1.12.0 

func ValidatingAdmissionPolicyBindingLabel(binding admissionregistrationv1beta1.ValidatingAdmissionPolicyBinding) string

Types

type Control added in v1.13.0 

type Control struct {
	ID     string
	Name   string
	Images []string
}

type ReportingConfiguration added in v1.13.0 

type ReportingConfiguration interface {
	ValidateReportsEnabled() bool
	MutateReportsEnabled() bool
	MutateExistingReportsEnabled() bool
	ImageVerificationReportsEnabled() bool
	GenerateReportsEnabled() bool
}

func NewReportingConfig added in v1.13.0 

func NewReportingConfig(items ...string) ReportingConfiguration

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.