policyreport

package
v1.7.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 2, 2022 License: Apache-2.0 Imports: 43 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	LabelSelectorKey   = "managed-by"
	LabelSelectorValue = "kyverno"
)
View Source 
const ScoredLabel string = "policies.kyverno.io/scored"
View Source 
const (

	// SourceValue is the static value for PolicyReportResult.Source
	SourceValue = "Kyverno"
)

Variables

View Source 
var LabelSelector = &metav1.LabelSelector{
	MatchLabels: map[string]string{
		LabelSelectorKey: LabelSelectorValue,
	},
}

Functions

func GeneratePolicyReportName added in v1.6.0 

func GeneratePolicyReportName(ns string) string

Types

type Builder 

type Builder interface {
	// contains filtered or unexported methods
}

Builder builds report change request struct this is base type of namespaced and cluster policy report

func NewBuilder 

func NewBuilder(cpolLister kyvernolister.ClusterPolicyLister, polLister kyvernolister.PolicyLister) Builder

NewBuilder ...

type CleanupReportChangeRequests added in v1.4.2 

type CleanupReportChangeRequests = func(pclient kyvernoclient.Interface, rcrLister changerequestlister.ReportChangeRequestLister, crcrLister changerequestlister.ClusterReportChangeRequestLister) error

type EngineResponseResult 

type EngineResponseResult struct {
	Resource response.ResourceSpec
	Rules    []kyverno.ViolatedRule
}

type EraseResultsEntries added in v1.3.5 

type EraseResultsEntries = func(pclient kyvernoclient.Interface, reportLister policyreportlister.PolicyReportLister, clusterReportLister policyreportlister.ClusterPolicyReportLister) error

type Generator 

type Generator struct {
	// contains filtered or unexported fields
}

Generator creates report request

func NewReportChangeRequestGenerator 

func NewReportChangeRequestGenerator(client policyreportclient.Interface,
	dclient dclient.Interface,
	reportReqInformer requestinformer.ReportChangeRequestInformer,
	clusterReportReqInformer requestinformer.ClusterReportChangeRequestInformer,
	cpolInformer kyvernoinformer.ClusterPolicyInformer,
	polInformer kyvernoinformer.PolicyInformer,
	log logr.Logger) *Generator

NewReportChangeRequestGenerator returns a new instance of report request generator

func (*Generator) Add 

func (gen *Generator) Add(infos ...Info)

Add queues a policy violation create request

func (*Generator) Run 

func (gen *Generator) Run(workers int, stopCh <-chan struct{})

Run starts the workers

type GeneratorInterface 

type GeneratorInterface interface {
	Add(infos ...Info)
}

GeneratorInterface provides API to create PVs

type Info 

type Info struct {
	PolicyName string
	Namespace  string
	Results    []EngineResponseResult
}

Info stores the policy application results for all matched resources Namespace is set to empty "" if resource is cluster wide resource

func GeneratePRsFromEngineResponse 

func GeneratePRsFromEngineResponse(ers []*response.EngineResponse, log logr.Logger) (pvInfos []Info)

GeneratePRsFromEngineResponse generate Violations from engine responses

func (Info) GetRuleLength 

func (i Info) GetRuleLength() int

func (Info) ToKey 

func (i Info) ToKey() string

type PolicyReportEraser added in v1.3.5 

type PolicyReportEraser interface {
	CleanupReportChangeRequests(cleanup CleanupReportChangeRequests) error
	EraseResultsEntries(erase EraseResultsEntries) error
}

type ReportGenerator 

type ReportGenerator struct {

	// ReconcileCh sends a signal to policy controller to force the reconciliation of policy report
	// if send true, the reports' results will be erased, this is used to recover from the invalid records
	ReconcileCh chan bool
	// contains filtered or unexported fields
}

ReportGenerator creates policy report

func NewReportGenerator 

func NewReportGenerator(
	pclient kyvernoclient.Interface,
	dclient dclient.Interface,
	clusterReportInformer policyreportinformer.ClusterPolicyReportInformer,
	reportInformer policyreportinformer.PolicyReportInformer,
	reportReqInformer requestinformer.ReportChangeRequestInformer,
	clusterReportReqInformer requestinformer.ClusterReportChangeRequestInformer,
	namespace informers.NamespaceInformer,
	log logr.Logger) (*ReportGenerator, error)

NewReportGenerator returns a new instance of policy report generator

func (*ReportGenerator) CleanupReportChangeRequests added in v1.4.2 

func (g *ReportGenerator) CleanupReportChangeRequests(cleanup CleanupReportChangeRequests) error

func (*ReportGenerator) EraseResultsEntries added in v1.3.5 

func (g *ReportGenerator) EraseResultsEntries(erase EraseResultsEntries) error

func (*ReportGenerator) Run 

func (g *ReportGenerator) Run(workers int, stopCh <-chan struct{})

Run starts the workers

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.