Documentation
¶
Index ¶
- Constants
- Variables
- func AddSafeguardCRIP()
- func GetScheme() *runtime.Scheme
- func IsDirectory(path string) (bool, error)
- func IsYAML(path string) bool
- type FileCrawler
- func (fc FileCrawler) ReadConstraint(name string) (*unstructured.Unstructured, error)
- func (fc FileCrawler) ReadConstraintTemplate(name string) (*templates.ConstraintTemplate, error)
- func (fc FileCrawler) ReadConstraintTemplates() ([]*templates.ConstraintTemplate, error)
- func (fc FileCrawler) ReadConstraints() ([]*unstructured.Unstructured, error)
- func (fc FileCrawler) ReadManifests(path string) ([]*unstructured.Unstructured, error)
- type ManifestFile
- type ManifestResult
- type Safeguard
Constants ¶
View Source
const (
Constraint_CAI = "container-allowed-images"
Constraint_CEP = "container-enforce-probes"
Constraint_CRL = "container-resource-limits"
Constraint_CRIP = "container-restricted-image-pulls"
Constraint_DBPDB = "disallowed-bad-pod-disruption-budgets"
Constraint_PEA = "pod-enforce-antiaffinity"
Constraint_RT = "restricted-taints"
Constraint_USS = "unique-service-selectors"
Constraint_all = "all"
)
Variables ¶
View Source
var Safeguard_CRIP = Safeguard{
// contains filtered or unexported fields
}
Functions ¶
func IsDirectory ¶
func IsDirectory(path string) (bool, error)
IsDirectory determines if a file represented by path is a directory or not
Types ¶
type FileCrawler ¶
type FileCrawler struct {
Safeguards []Safeguard
// contains filtered or unexported fields
}
func (FileCrawler) ReadConstraint ¶
func (fc FileCrawler) ReadConstraint(name string) (*unstructured.Unstructured, error)
func (FileCrawler) ReadConstraintTemplate ¶
func (fc FileCrawler) ReadConstraintTemplate(name string) (*templates.ConstraintTemplate, error)
func (FileCrawler) ReadConstraintTemplates ¶
func (fc FileCrawler) ReadConstraintTemplates() ([]*templates.ConstraintTemplate, error)
func (FileCrawler) ReadConstraints ¶
func (fc FileCrawler) ReadConstraints() ([]*unstructured.Unstructured, error)
func (FileCrawler) ReadManifests ¶
func (fc FileCrawler) ReadManifests(path string) ([]*unstructured.Unstructured, error)
methods for retrieval of manifest, constraint templates, and constraints
type ManifestFile ¶
type ManifestFile struct {
Name string
Path string
}
func GetManifestFiles ¶
func GetManifestFiles(p string) ([]ManifestFile, error)
GetManifestFiles uses filepath.Walk to retrieve a list of the manifest files within the given manifest path
type ManifestResult ¶
type ManifestResult struct {
Name string // the name of the manifest
ObjectViolations map[string][]string // a map of string object names to slice of string objectViolations
ViolationsCount int // a count of how many violations are associated with this manifest
}
func GetManifestResults ¶
func GetManifestResults(ctx context.Context, manifestFiles []ManifestFile) ([]ManifestResult, error)
GetManifestResults takes in a list of manifest files and returns a slice of ManifestViolation structs
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.