v1alpha1

package
v0.1.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 25, 2020 License: Apache-2.0 Imports: 6 Imported by: 1

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the complianceoperator v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=compliance.openshift.io

Package v1alpha1 contains API Schema definitions for the complianceoperator v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=compliance.openshift.io

Index

Constants

View Source 
const (
	// SuiteLabel defines the label that associates the Remediation with the suite
	SuiteLabel = "complianceoperator.openshift.io/suite"
	// ScanLabel defines the label that associates the Remediation with the scan
	ScanLabel = "complianceoperator.openshift.io/scan"
)

Variables

View Source 
var (
	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: "compliance.openshift.io", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
)

Functions

This section is empty.

Types

type ComplianceRemediation 

type ComplianceRemediation struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Contains the definition of what the remediation should be
	Spec ComplianceRemediationSpec `json:"spec,omitempty"`
	// Contains information on the remediation (whether it's applied or not)
	Status ComplianceRemediationStatus `json:"status,omitempty"`
}

ComplianceRemediation represents a remediation that can be applied to the cluster to fix the found issues. +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:resource:path=complianceremediations,scope=Namespaced

func (*ComplianceRemediation) DeepCopy 

func (in *ComplianceRemediation) DeepCopy() *ComplianceRemediation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceRemediation.

func (*ComplianceRemediation) DeepCopyInto 

func (in *ComplianceRemediation) DeepCopyInto(out *ComplianceRemediation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceRemediation) DeepCopyObject 

func (in *ComplianceRemediation) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ComplianceRemediation) GetMcName 

func (r *ComplianceRemediation) GetMcName() string

func (*ComplianceRemediation) GetScan 

func (r *ComplianceRemediation) GetScan() string

func (*ComplianceRemediation) GetSuite 

func (r *ComplianceRemediation) GetSuite() string

type ComplianceRemediationList 

type ComplianceRemediationList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ComplianceRemediation `json:"items"`
}

ComplianceRemediationList contains a list of ComplianceRemediation

func (*ComplianceRemediationList) DeepCopy 

func (in *ComplianceRemediationList) DeepCopy() *ComplianceRemediationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceRemediationList.

func (*ComplianceRemediationList) DeepCopyInto 

func (in *ComplianceRemediationList) DeepCopyInto(out *ComplianceRemediationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceRemediationList) DeepCopyObject 

func (in *ComplianceRemediationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceRemediationNameStatus 

type ComplianceRemediationNameStatus struct {
	ComplianceRemediationSpecMeta `json:",inline"`
	// Contains a human readable name for the remediation.
	RemediationName string `json:"remediationName"`
	// Contains the name of the scan that generated the remediation
	ScanName string `json:"scanName"`
}

+k8s:openapi-gen=true

func RemediationNameStatusFromRemediation added in v0.1.6 

func RemediationNameStatusFromRemediation(r *ComplianceRemediation) ComplianceRemediationNameStatus

RemediationNameStatusFromRemediation returns a ComplianceRemediationNameStatus object (used by the ComplianceSuite object) in order to display a remediation

func (*ComplianceRemediationNameStatus) DeepCopy 

func (in *ComplianceRemediationNameStatus) DeepCopy() *ComplianceRemediationNameStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceRemediationNameStatus.

func (*ComplianceRemediationNameStatus) DeepCopyInto 

func (in *ComplianceRemediationNameStatus) DeepCopyInto(out *ComplianceRemediationNameStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceRemediationSpec 

type ComplianceRemediationSpec struct {
	ComplianceRemediationSpecMeta `json:",inline"`
	// The actual remediation payload
	MachineConfigContents mcfgv1.MachineConfig `json:"machineConfigContents,omitempty"`
}

ComplianceRemediationSpec defines the desired state of ComplianceRemediation +k8s:openapi-gen=true

func (*ComplianceRemediationSpec) DeepCopy 

func (in *ComplianceRemediationSpec) DeepCopy() *ComplianceRemediationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceRemediationSpec.

func (*ComplianceRemediationSpec) DeepCopyInto 

func (in *ComplianceRemediationSpec) DeepCopyInto(out *ComplianceRemediationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceRemediationSpecMeta 

type ComplianceRemediationSpecMeta struct {
	// Remediation type specifies the artifact the remediation is based on. For now, only MachineConfig is supported
	Type RemediationType `json:"type,omitempty"`
	// Whether the remediation should be picked up and applied by the operator
	Apply bool `json:"apply"`
}

func (*ComplianceRemediationSpecMeta) DeepCopy 

func (in *ComplianceRemediationSpecMeta) DeepCopy() *ComplianceRemediationSpecMeta

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceRemediationSpecMeta.

func (*ComplianceRemediationSpecMeta) DeepCopyInto 

func (in *ComplianceRemediationSpecMeta) DeepCopyInto(out *ComplianceRemediationSpecMeta)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceRemediationStatus 

type ComplianceRemediationStatus struct {
	// Whether the remediation is already applied or not
	ApplicationState RemediationApplicationState `json:"applicationState,omitempty"`
}

ComplianceRemediationStatus defines the observed state of ComplianceRemediation +k8s:openapi-gen=true

func (*ComplianceRemediationStatus) DeepCopy 

func (in *ComplianceRemediationStatus) DeepCopy() *ComplianceRemediationStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceRemediationStatus.

func (*ComplianceRemediationStatus) DeepCopyInto 

func (in *ComplianceRemediationStatus) DeepCopyInto(out *ComplianceRemediationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceScan 

type ComplianceScan struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// The spec is the configuration for the compliance scan.
	Spec ComplianceScanSpec `json:"spec,omitempty"`
	// The status will give valuable information on what's going on with the
	// scan; and, more importantly, if the scan is successful (compliant) or
	// not (non-compliant)
	Status ComplianceScanStatus `json:"status,omitempty"`
}

ComplianceScan represents a scan with a certain configuration that will be applied to objects of a certain entity in the host. These could be nodes that apply to a certain nodeSelector, or the cluster itself. +k8s:openapi-gen=true +kubebuilder:subresource:status

func ComplianceScanFromWrapper added in v0.1.6 

func ComplianceScanFromWrapper(sw *ComplianceScanSpecWrapper) *ComplianceScan

ComplianceScanFromWrapper returns a ComplianceScan from the wrapper that's given to a ComplianceSuite. This will return all the values that are derivable from the wrapper in order to build a scan. Anything missing must be added separately.

func (*ComplianceScan) DeepCopy 

func (in *ComplianceScan) DeepCopy() *ComplianceScan

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceScan.

func (*ComplianceScan) DeepCopyInto 

func (in *ComplianceScan) DeepCopyInto(out *ComplianceScan)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceScan) DeepCopyObject 

func (in *ComplianceScan) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceScanList 

type ComplianceScanList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ComplianceScan `json:"items"`
}

ComplianceScanList contains a list of ComplianceScan

func (*ComplianceScanList) DeepCopy 

func (in *ComplianceScanList) DeepCopy() *ComplianceScanList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceScanList.

func (*ComplianceScanList) DeepCopyInto 

func (in *ComplianceScanList) DeepCopyInto(out *ComplianceScanList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceScanList) DeepCopyObject 

func (in *ComplianceScanList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceScanSpec 

type ComplianceScanSpec struct {
	// Is the image with the content (Data Stream), that will be used to run
	// OpenSCAP.
	ContentImage string `json:"contentImage,omitempty"`
	// Is the profile in the data stream to be used. This is the collection of
	// rules that will be checked for.
	Profile string `json:"profile,omitempty"`
	// A Rule can be specified if the scan should check only for a specific
	// rule. Note that when leaving this empty, the scan will check for all the
	// rules for a specific profile.
	Rule string `json:"rule,omitempty"`
	// Is the path to the file that contains the content (the data stream).
	// Note that the path needs to be relative to the `/` (root) directory, as
	// it is in the ContentImage
	Content string `json:"content,omitempty"`
	// By setting this, it's possible to only run the scan on certain nodes in
	// the cluster. Note that when applying remediations generated from the
	// scan, this should match the selector of the MachineConfigPool you want
	// to apply the remediations to.
	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
	// Disables cleaning up resources in the DONE phase, this might be useful for debugging.
	Debug bool `json:"debug,omitempty"`
}

ComplianceScanSpec defines the desired state of ComplianceScan +k8s:openapi-gen=true

func (*ComplianceScanSpec) DeepCopy 

func (in *ComplianceScanSpec) DeepCopy() *ComplianceScanSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceScanSpec.

func (*ComplianceScanSpec) DeepCopyInto 

func (in *ComplianceScanSpec) DeepCopyInto(out *ComplianceScanSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceScanSpecWrapper 

type ComplianceScanSpecWrapper struct {
	ComplianceScanSpec `json:",inline"`

	// Contains a human readable name for the scan. This is to identify the
	// objects that it creates.
	Name string `json:"name,omitempty"`
}

ComplianceScanSpecWrapper provides a ComplianceScanSpec and a Name +k8s:openapi-gen=true

func (*ComplianceScanSpecWrapper) DeepCopy 

func (in *ComplianceScanSpecWrapper) DeepCopy() *ComplianceScanSpecWrapper

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceScanSpecWrapper.

func (*ComplianceScanSpecWrapper) DeepCopyInto 

func (in *ComplianceScanSpecWrapper) DeepCopyInto(out *ComplianceScanSpecWrapper)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceScanStatus 

type ComplianceScanStatus struct {
	// Is the phase where the scan is at. Normally, one must wait for the scan
	// to reach the phase DONE.
	Phase ComplianceScanStatusPhase `json:"phase,omitempty"`
	// Once the scan reaches the phase DONE, this will contain the result of
	// the scan. Where COMPLIANT means that the scan succeeded; NON-COMPLIANT
	// means that there were rule violations; and ERROR means that the scan
	// couldn't complete due to an issue.
	Result ComplianceScanStatusResult `json:"result,omitempty"`
	// If there are issues on the scan, this will be filled up with an error
	// message.
	ErrorMessage string `json:"errormsg,omitempty"`
}

ComplianceScanStatus defines the observed state of ComplianceScan +k8s:openapi-gen=true

func (*ComplianceScanStatus) DeepCopy 

func (in *ComplianceScanStatus) DeepCopy() *ComplianceScanStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceScanStatus.

func (*ComplianceScanStatus) DeepCopyInto 

func (in *ComplianceScanStatus) DeepCopyInto(out *ComplianceScanStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceScanStatusPhase 

type ComplianceScanStatusPhase string

Represents the status of the compliance scan run. 

const (
	// PhasePending represents the scan pending to be scheduled
	PhasePending ComplianceScanStatusPhase = "PENDING"
	// PhaseLaunching represents being scheduled and launching pods to run the scans
	PhaseLaunching ComplianceScanStatusPhase = "LAUNCHING"
	// PhaseRunning represents the scan being ran by the pods and waiting for the results
	PhaseRunning ComplianceScanStatusPhase = "RUNNING"
	// PhaseAggregating represents the scan aggregating the results
	PhaseAggregating ComplianceScanStatusPhase = "AGGREGATING"
	// PhaseDone represents the scan pods being done and the results being available
	PhaseDone ComplianceScanStatusPhase = "DONE"
)

type ComplianceScanStatusResult 

type ComplianceScanStatusResult string

Represents the result of the compliance scan 

const (
	// ResultCompliant represents the compliance scan having succeeded
	ResultCompliant ComplianceScanStatusResult = "COMPLIANT"
	// ResultError represents a compliance scan pod having failed to run the scan or encountered an error
	ResultError ComplianceScanStatusResult = "ERROR"
	// ResultNonCompliant represents the compliance scan having found a gap
	ResultNonCompliant ComplianceScanStatusResult = "NON-COMPLIANT"
)

type ComplianceScanStatusWrapper 

type ComplianceScanStatusWrapper struct {
	ComplianceScanStatus `json:",inline"`

	// Contains a human readable name for the scan. This is to identify the
	// objects that it creates.
	Name string `json:"name,omitempty"`
}

ComplianceScanStatusWrapper provides a ComplianceScanStatus and a Name +k8s:openapi-gen=true

func ScanStatusWrapperFromScan added in v0.1.6 

func ScanStatusWrapperFromScan(s *ComplianceScan) ComplianceScanStatusWrapper

ScanStatusWrapperFromScan returns a ComplianceScanStatusWrapper object (used by the ComplianceSuite object) in order to display the status of a scan

func (*ComplianceScanStatusWrapper) DeepCopy 

func (in *ComplianceScanStatusWrapper) DeepCopy() *ComplianceScanStatusWrapper

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceScanStatusWrapper.

func (*ComplianceScanStatusWrapper) DeepCopyInto 

func (in *ComplianceScanStatusWrapper) DeepCopyInto(out *ComplianceScanStatusWrapper)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceSuite 

type ComplianceSuite struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Contains the definition of the suite
	Spec ComplianceSuiteSpec `json:"spec,omitempty"`
	// Contains the current state of the suite
	Status ComplianceSuiteStatus `json:"status,omitempty"`
}

ComplianceSuite represents a set of scans that will be applied to the cluster. These should help deployers achieve a certain compliance target. +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:resource:path=compliancesuites,scope=Namespaced

func (*ComplianceSuite) DeepCopy 

func (in *ComplianceSuite) DeepCopy() *ComplianceSuite

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceSuite.

func (*ComplianceSuite) DeepCopyInto 

func (in *ComplianceSuite) DeepCopyInto(out *ComplianceSuite)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceSuite) DeepCopyObject 

func (in *ComplianceSuite) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceSuiteList 

type ComplianceSuiteList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ComplianceSuite `json:"items"`
}

ComplianceSuiteList contains a list of ComplianceSuite

func (*ComplianceSuiteList) DeepCopy 

func (in *ComplianceSuiteList) DeepCopy() *ComplianceSuiteList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceSuiteList.

func (*ComplianceSuiteList) DeepCopyInto 

func (in *ComplianceSuiteList) DeepCopyInto(out *ComplianceSuiteList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ComplianceSuiteList) DeepCopyObject 

func (in *ComplianceSuiteList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ComplianceSuiteSpec 

type ComplianceSuiteSpec struct {
	// Defines whether or not the remediations should be applied automatically
	AutoApplyRemediations bool `json:"autoApplyRemediations,omitempty"`
	// Contains a list of the scans to execute on the cluster
	// +listType=atomic
	Scans []ComplianceScanSpecWrapper `json:"scans"`
}

ComplianceSuiteSpec defines the desired state of ComplianceSuite +k8s:openapi-gen=true

func (*ComplianceSuiteSpec) DeepCopy 

func (in *ComplianceSuiteSpec) DeepCopy() *ComplianceSuiteSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceSuiteSpec.

func (*ComplianceSuiteSpec) DeepCopyInto 

func (in *ComplianceSuiteSpec) DeepCopyInto(out *ComplianceSuiteSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ComplianceSuiteStatus 

type ComplianceSuiteStatus struct {
	// +listType=atomic
	ScanStatuses []ComplianceScanStatusWrapper `json:"scanStatuses"`
	// +listType=atomic
	// +optional
	RemediationOverview []ComplianceRemediationNameStatus `json:"remediationOverview,omitempty"`
}

ComplianceSuiteStatus defines the observed state of ComplianceSuite +k8s:openapi-gen=true

func (*ComplianceSuiteStatus) DeepCopy 

func (in *ComplianceSuiteStatus) DeepCopy() *ComplianceSuiteStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComplianceSuiteStatus.

func (*ComplianceSuiteStatus) DeepCopyInto 

func (in *ComplianceSuiteStatus) DeepCopyInto(out *ComplianceSuiteStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RemediationApplicationState 

type RemediationApplicationState string
const (
	RemediationNotSelected RemediationApplicationState = "NotSelected"
	RemediationApplied     RemediationApplicationState = "Applied"
)

type RemediationType 

type RemediationType string
const (
	// The remediation wraps a MachineConfig payload
	McRemediation RemediationType = "MachineConfig"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.