Documentation
¶
Index ¶
Constants ¶
View Source
const ( AwsAccessKeyID = "AWS_ACCESS_KEY_ID" AwsSecretAccessKey = "AWS_SECRET_ACCESS_KEY" AwsDefaultRegion = "AWS_DEFAULT_REGION" EcrSaSecretName = "ecr-sa" )
nolint: gosec
View Source
const (
BasicRegCredSecretName = "basic-regcred" // nolint: gosec
)
View Source
const (
GcrSaSecretName = "gcr-sa"
)
nolint:gosec
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type BasicRegCred ¶
type BasicRegCred struct {
// contains filtered or unexported fields
}
func CreateBasicRegCred ¶
func CreateBasicRegCred(clientset kubernetes.Interface, secretNamespace string) *BasicRegCred
func (*BasicRegCred) Add ¶
func (u *BasicRegCred) Add(job *batchv1.Job)
Add the BasicRegCred image pull secret to the job by mounting it as a volume and configuring the IMAGE_PULL_SECRET_PATH environment variable.
func (*BasicRegCred) ShouldAdd ¶
func (u *BasicRegCred) ShouldAdd() bool
type CredentialAdder ¶
type ECR ¶
type ECR struct {
// contains filtered or unexported fields
}
type FakeCredAdder ¶
type FakeCredAdder struct {
// contains filtered or unexported fields
}
func CreateFakeCredAdder ¶
func CreateFakeCredAdder(fakeEnvToAdd *corev1.EnvVar, shouldAdd bool) *FakeCredAdder
func (*FakeCredAdder) Add ¶
func (f *FakeCredAdder) Add(job *batchv1.Job)
func (*FakeCredAdder) ShouldAdd ¶
func (f *FakeCredAdder) ShouldAdd() bool
type GCR ¶
type GCR struct {
// contains filtered or unexported fields
}
func (*GCR) Add ¶
Add The scanner is using google SDK to pull the username and the password required to pull the image. We need to do the following: 1. Create a volume that holds the `gcrSaSecretFileName` data 2. Mount the volume into each container to a specific path (`gcrVolumeMountPath`/`gcrSaSecretFileName`) 3. Set `GOOGLE_APPLICATION_CREDENTIALS` to point to the mounted file.
Source Files
Click to show internal directories.
Click to hide internal directories.