kubernetes-scanner

command module

v0.11.0 Latest Latest Go to latest Published: Apr 5, 2023 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/snyk/kubernetes-scanner

Links

Open Source Insights

README ¶

Kubernetes-Scanner

The kubernetes-scanner watches the configured types on a Kubernetes API server and will send resource configurations to Snyk.

This is just a data collection component that is part of a larger system. You only need to install this if you have been directed here from other documentation.

Usage

Installation

There is a Helm chart within this repo in helm/kubernetes-scanner, that is hosted through Github pages in https://snyk.github.io/kubernetes-scanner.

To install the Helm chart with all default values:

helm repo add kubernetes-scanner https://snyk.github.io/kubernetes-scanner
helm install <release-name> \
    -f organizationID=<your Snyk organization ID> \
    -f secretName=<secret containing your auth credentials> \
    kubernetes-scanner/kubernetes-scanner

Or using chart dependencies:

# Chart.yaml
dependencies:
  - name: kubernetes-scanner
    version: v0.10.0
    repository: https://snyk.github.io/kubernetes-scanner
    alias: kubernetes-scanner

Release versions can be found in GitHub.

For further information on how to install and configure kubernetes-scanner, please familiarize yourself with the commented configuration in values.yaml.

There are some mandatory fields, each marked with "MANDATORY" in a comment.

Monitoring

See monitoring.md.

Development

You only need to read this section if you are interested in contributing to this project.

Running tests

kubernetes-scanner is built on top of controller-runtime and uses controller-runtime's envtest to run tests against a real API Server. To run the tests, you will need to have the kube-apiserver and etcd binaries installed in /usr/local/kubebuilder/bin or set the KUBEBUILDER_ASSETS environment variable to where your binaries are located in.

To help with this, you can install setup-envtest, which can be installed through the go install command:

go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest

After the installation is completed, the following command will download the kube-apiserver and etcd binaries and populate the KUBEBUILDER_ASSETS environment variable:

eval "$(setup-envtest use -p env)"

For more information on setup-envtest, we refer to their documentation.

Architecture

For an overview of the architecture of kubernetes-scanner, please see the architecture document

Documentation ¶

Overview ¶

* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
build * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
helmreleaser * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
helmreleaser/git * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
helmreleaser/github * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
helmreleaser/helm * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
internal
backend * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
config * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
test * © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.	* © 2023 Snyk Limited * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.
licenses

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL