audit

package
v3.18.0-rc.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 22, 2024 License: Apache-2.0 Imports: 47 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AddToManager

func AddToManager(m manager.Manager, deps *Dependencies) error

AddToManager adds audit manager to the Manager.

Types

type CacheLister

type CacheLister struct {
	// contains filtered or unexported fields
}

CacheLister lists objects from the audit controller's cache.

func NewAuditCacheLister

func NewAuditCacheLister(auditCache client.Reader, lister WatchIterator) *CacheLister

NewAuditCacheLister instantiates a new AuditCache which will read objects in watched from auditCache.

func (*CacheLister) ListObjects

func (l *CacheLister) ListObjects(ctx context.Context) ([]unstructured.Unstructured, error)

ListObjects lists all objects from the audit cache.

type Dependencies

type Dependencies struct {
	Client          *constraintclient.Client
	ProcessExcluder *process.Excluder
	CacheLister     *CacheLister
	ExpansionSystem *expansion.System
	PubSubSystem    *pubsub.System
}

type LimitQueue added in v3.16.0

type LimitQueue struct {
	// contains filtered or unexported fields
}

LimitQueue implements logic to ensure priority queue len <= limit in order to provide performance guarantees on heap methods.

func (*LimitQueue) Len added in v3.16.0

func (lq *LimitQueue) Len() int

func (*LimitQueue) Peek added in v3.16.0

func (lq *LimitQueue) Peek() *StatusViolation

func (*LimitQueue) Pop added in v3.16.0

func (lq *LimitQueue) Pop() *StatusViolation

func (*LimitQueue) Push added in v3.16.0

func (lq *LimitQueue) Push(x *StatusViolation)

type Manager

type Manager struct {
	// contains filtered or unexported fields
}

Manager allows us to audit resources periodically.

func New

func New(mgr manager.Manager, deps *Dependencies) (*Manager, error)

New creates a new manager for audit.

func (*Manager) Start

func (am *Manager) Start(ctx context.Context) error

Start implements controller.Controller.

type PubsubMsg

type PubsubMsg struct {
	ID                    string            `json:"id,omitempty"`
	Details               interface{}       `json:"details,omitempty"`
	EventType             string            `json:"eventType,omitempty"`
	Group                 string            `json:"group,omitempty"`
	Version               string            `json:"version,omitempty"`
	Kind                  string            `json:"kind,omitempty"`
	Name                  string            `json:"name,omitempty"`
	Namespace             string            `json:"namespace,omitempty"`
	Message               string            `json:"message,omitempty"`
	EnforcementAction     string            `json:"enforcementAction,omitempty"`
	EnforcementActions    []string          `json:"enforcementActions,omitempty"`
	ConstraintAnnotations map[string]string `json:"constraintAnnotations,omitempty"`
	ResourceGroup         string            `json:"resourceGroup,omitempty"`
	ResourceAPIVersion    string            `json:"resourceAPIVersion,omitempty"`
	ResourceKind          string            `json:"resourceKind,omitempty"`
	ResourceNamespace     string            `json:"resourceNamespace,omitempty"`
	ResourceName          string            `json:"resourceName,omitempty"`
	ResourceLabels        map[string]string `json:"resourceLabels,omitempty"`
}

ConstraintMsg represents publish message for each constraint.

type Result

type Result struct {
	*types.Result
	// contains filtered or unexported fields
}

func ToResults

func ToResults(obj *unstructured.Unstructured, resp *types.Responses) []Result

type SVQueue added in v3.16.0

type SVQueue []*StatusViolation

A max PriorityQueue implements heap.Interface and holds StatusViolation.

func (SVQueue) Len added in v3.16.0

func (svq SVQueue) Len() int

func (SVQueue) Less added in v3.16.0

func (svq SVQueue) Less(i, j int) bool

Implements sort.Interface based on the group, version, kind, namespace, name, message and enforcement action fields. For Pop to give us the highest priority, use greater than here.

func (*SVQueue) Pop added in v3.16.0

func (svq *SVQueue) Pop() any

func (*SVQueue) Push added in v3.16.0

func (svq *SVQueue) Push(x any)

func (SVQueue) Swap added in v3.16.0

func (svq SVQueue) Swap(i, j int)

type StatusViolation

type StatusViolation struct {
	Group              string   `json:"group"`
	Version            string   `json:"version"`
	Kind               string   `json:"kind"`
	Name               string   `json:"name"`
	Namespace          string   `json:"namespace,omitempty"`
	Message            string   `json:"message"`
	EnforcementAction  string   `json:"enforcementAction"`
	EnforcementActions []string `json:"enforcementActions,omitempty"`
}

StatusViolation represents each violation under status.

type WatchIterator added in v3.14.0

type WatchIterator interface {
	DoForEach(listFunc func(gvk schema.GroupVersionKind) error) error
}

wraps DoForEach from a watch.Set.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL