audit

package
v3.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 1, 2023 License: Apache-2.0 Imports: 44 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddToManager

func AddToManager(m manager.Manager, deps *Dependencies) error

AddToManager adds audit manager to the Manager.

Types

type CacheLister

type CacheLister struct {
	// contains filtered or unexported fields
}

CacheLister lists objects from the audit controller's cache.

func NewAuditCacheLister

func NewAuditCacheLister(auditCache client.Reader, lister WatchIterator) *CacheLister

NewAuditCacheLister instantiates a new AuditCache which will read objects in watched from auditCache.

func (*CacheLister) ListObjects

func (l *CacheLister) ListObjects(ctx context.Context) ([]unstructured.Unstructured, error)

ListObjects lists all objects from the audit cache.

type Dependencies

type Dependencies struct {
	Client          *constraintclient.Client
	ProcessExcluder *process.Excluder
	CacheLister     *CacheLister
	ExpansionSystem *expansion.System
	PubSubSystem    *pubsub.System
}

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

Manager allows us to audit resources periodically.

func New

func New(mgr manager.Manager, deps *Dependencies) (*Manager, error)

New creates a new manager for audit.

func (*Manager) Start

func (am *Manager) Start(ctx context.Context) error

Start implements controller.Controller.

type PubsubMsg

type PubsubMsg struct {
	ID                    string            `json:"id,omitempty"`
	Details               interface{}       `json:"details,omitempty"`
	EventType             string            `json:"eventType,omitempty"`
	Group                 string            `json:"group,omitempty"`
	Version               string            `json:"version,omitempty"`
	Kind                  string            `json:"kind,omitempty"`
	Name                  string            `json:"name,omitempty"`
	Namespace             string            `json:"namespace,omitempty"`
	Message               string            `json:"message,omitempty"`
	EnforcementAction     string            `json:"enforcementAction,omitempty"`
	ConstraintAnnotations map[string]string `json:"constraintAnnotations,omitempty"`
	ResourceGroup         string            `json:"resourceGroup,omitempty"`
	ResourceAPIVersion    string            `json:"resourceAPIVersion,omitempty"`
	ResourceKind          string            `json:"resourceKind,omitempty"`
	ResourceNamespace     string            `json:"resourceNamespace,omitempty"`
	ResourceName          string            `json:"resourceName,omitempty"`
	ResourceLabels        map[string]string `json:"resourceLabels,omitempty"`
}

ConstraintMsg represents publish message for each constraint.

type Result

type Result struct {
	*types.Result
	// contains filtered or unexported fields
}

func ToResults

func ToResults(obj *unstructured.Unstructured, resp *types.Responses) []Result

type StatusViolation

type StatusViolation struct {
	Group             string `json:"group"`
	Version           string `json:"version"`
	Kind              string `json:"kind"`
	Name              string `json:"name"`
	Namespace         string `json:"namespace,omitempty"`
	Message           string `json:"message"`
	EnforcementAction string `json:"enforcementAction"`
}

StatusViolation represents each violation under status.

type WatchIterator added in v3.14.0

type WatchIterator interface {
	DoForEach(listFunc func(gvk schema.GroupVersionKind) error) error
}

wraps DoForEach from a watch.Set.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL