Documentation
¶
Index ¶
- type Annotations
- type AppSecrets
- type BanAPICall
- type CVMetadata
- type CVStatus
- type ClusterVersion
- type Conditions
- type Container
- type Desired
- type FAvailableUpdates
- type FChannel
- type FChannels
- type FClusterID
- type FConditions
- type FDesired
- type FHistory
- type FImage
- type FObservedGeneration
- type FSpec
- type FStatus
- type FURL
- type FVersion
- type FVersionHash
- type FieldsV1
- type History
- type Image
- type Items
- type Labels
- type Log
- type ManagedFields
- type Metadata
- type Mounts
- type NAMING_FAILED
- type Results
- type ScanResult
- type Spec
- type Status
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Annotations ¶
type Annotations struct { IoKubernetesContainerHash string `json:"io.kubernetes.container.hash"` IoKubernetesContainerPorts string `json:"io.kubernetes.container.ports"` IoKubernetesContainerRestartCount string `json:"io.kubernetes.container.restartCount"` IoKubernetesContainerTerminationMessagePath string `json:"io.kubernetes.container.terminationMessagePath"` IoKubernetesContainerTerminationMessagePolicy string `json:"io.kubernetes.container.terminationMessagePolicy"` IoKubernetesPodTerminationGracePeriod string `json:"io.kubernetes.pod.terminationGracePeriod"` }
type AppSecrets ¶
type AppSecrets struct { // OAPIToken is the token used with the OpenShift API to gather metadata on a pod. // Usually obtained from /var/run/secrets/kubernetes.io/serviceaccount/token OAPIToken string `json:"oapi_token"` // OAPIURL is the OpenShift API URL used for the cluster. OAPIURL string `json:"oapi_url"` // TDAPIToken is the token to be used with the optional TakeDown API. TDAPIToken string `json:"td_api_token"` // TDAPIURL is the API URL endpoint of the optional TakeDown API. TDAPIURL string `json:"td_api_url"` // TDAPIUser is the username to be used with the optional TakeDown API. TDAPIUser string `json:"td_api_user"` // TDSigList is a curated list of signatures that warrant immediate takedown. // Usually used with custom signatures in which we have a high degree of confidence to only match malicious code. TDSigList map[string]string `json:"td_sig_list"` // LogBucketKeyID is the cloud provider key ID for the signature storage medium. LogBucketKeyID string `json:"log_bucket_key_id"` // LogBucketKey is the cloud provider secret key for the signature storage medium. LogBucketKey string `json:"log_bucket_key"` // LogBucketName is the name of the cloud provider signature storage medium. LogBucketName string `json:"log_bucket_name"` // LogBucketRegion is the region of the cloud provider signature storage medium. LogBucketRegion string `json:"log_bucket_region"` // UserWhitelist is a list of users whose pods are exempted from scans. UserWhitelist []string `json:"user_whitelist"` // ClusterID matches the clusterID field of our clusterversion object. Useful for identification in multi-cluster setups. // oc get clusterversion -o jsonpath='{.items[].spec.clusterID}{"\n"}' ClusterUUID string `json:"cluster_uuid"` // DynamoDBKeyID is the IAM API key ID with write access to our log storage table. DynamoDBKeyID string `json:"dynamodb_user"` // DynamoDBUser is the IAM API secret key with write access to our log storage table. DynamoDBKey string `json:"dynamodb_key"` // DynamoDBTable is the storage table for pod creation logs and scan logs. DynamoDBTable string `json:"dynamodb_table"` }
AppSecrets represents the secret data from the json secrets file. It's needed for various OpenShift and Cloud Provider API calls
type BanAPICall ¶
type CVMetadata ¶
type CVMetadata struct { CreationTimestamp time.Time `json:"creationTimestamp"` Generation int `json:"generation"` ManagedFields []ManagedFields `json:"managedFields"` Name string `json:"name"` ResourceVersion string `json:"resourceVersion"` UID string `json:"uid"` Continue string `json:"continue"` }
type CVStatus ¶
type CVStatus struct { AvailableUpdates interface{} `json:"availableUpdates"` Conditions []Conditions `json:"conditions"` Desired Desired `json:"desired"` History []History `json:"history"` ObservedGeneration int `json:"observedGeneration"` VersionHash string `json:"versionHash"` }
type ClusterVersion ¶
type Conditions ¶
type FAvailableUpdates ¶
type FAvailableUpdates struct { }
type FClusterID ¶
type FClusterID struct { }
type FConditions ¶
type FConditions struct { }
type FDesired ¶
type FDesired struct { NAMING_FAILED NAMING_FAILED `json:"."` FChannels FChannels `json:"f:channels"` FImage FImage `json:"f:image"` FURL FURL `json:"f:url"` FVersion FVersion `json:"f:version"` }
type FObservedGeneration ¶
type FObservedGeneration struct { }
type FSpec ¶
type FSpec struct { NAMING_FAILED NAMING_FAILED `json:"."` FChannel FChannel `json:"f:channel"` FClusterID FClusterID `json:"f:clusterID"` }
type FStatus ¶
type FStatus struct { NAMING_FAILED NAMING_FAILED `json:"."` FAvailableUpdates FAvailableUpdates `json:"f:availableUpdates"` FConditions FConditions `json:"f:conditions"` FDesired FDesired `json:"f:desired"` FHistory FHistory `json:"f:history"` FObservedGeneration FObservedGeneration `json:"f:observedGeneration"` FVersionHash FVersionHash `json:"f:versionHash"` }
type FVersionHash ¶
type FVersionHash struct { }
type Items ¶
type Items struct { APIVersion string `json:"apiVersion"` Kind string `json:"kind"` Metadata CVMetadata `json:"metadata"` Spec Spec `json:"spec"` Status CVStatus `json:"status"` }
type ManagedFields ¶
type NAMING_FAILED ¶
type NAMING_FAILED struct { }
type ScanResult ¶
type ScanResult struct { APIVersion string `json:"apiVersion"` ContainerID string `json:"containerID"` ImageID string `json:"imageID"` ImageName string `json:"imageName"` NameSpace string `json:"nameSpace"` PodName string `json:"podName"` Results []Results `json:"results"` UserName string `json:"userName"` }
type Status ¶
type Status struct { ID string `json:"id"` Metadata Metadata `json:"metadata"` State string `json:"state"` CreatedAt time.Time `json:"createdAt"` StartedAt time.Time `json:"startedAt"` FinishedAt time.Time `json:"finishedAt"` ExitCode int `json:"exitCode"` Image Image `json:"image"` ImageRef string `json:"imageRef"` Reason string `json:"reason"` Message string `json:"message"` Labels Labels `json:"labels"` Annotations Annotations `json:"annotations"` Mounts []Mounts `json:"mounts"` LogPath string `json:"logPath"` }
Click to show internal directories.
Click to hide internal directories.