Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CloudScan ¶
type CloudScan struct {
Enabled bool `envconfig:"ENABLED" yaml:"enabled"`
ScanInterval time.Duration `envconfig:"SCAN_INTERVAL" yaml:"scanInterval"`
GKE *CloudScanGKE `envconfig:"GKE" yaml:"gke"`
EKS *CloudScanEKS `envconfig:"EKS" yaml:"eks"`
}
type CloudScanEKS ¶
type CloudScanEKS struct {
ClusterName string `envconfig:"CLUSTER_NAME" yaml:"clusterName"`
}
type CloudScanGKE ¶
type Config ¶
type Config struct {
PodIP string `envconfig:"POD_IP" yaml:"podIP"`
PodNamespace string `envconfig:"POD_NAMESPACE" yaml:"podNamespace"`
ServiceName string `envconfig:"SERVICE_NAME" yaml:"serviceName"`
ServicePort int `envconfig:"SERVICE_PORT" yaml:"servicePort"`
CertsDir string `envconfig:"CERTS_DIR" yaml:"certsDir"`
CertsSecret string `envconfig:"CERTS_SECRET" yaml:"certsSecret"`
LeaderElection bool `envconfig:"LEADER_ELECTION" yaml:"leaderElection"`
PolicyEnforcement PolicyEnforcement `envconfig:"POLICY_ENFORCEMENT" yaml:"policyEnforcement"`
KubeClient KubeClient `envconfig:"KUBE_CLIENT" yaml:"kubeClient"`
Log Log `envconfig:"LOG" yaml:"log"`
API API `envconfig:"API" yaml:"api"`
PprofPort int `envconfig:"PPROF_PORT" yaml:"pprofPort"`
StatusPort int `envconfig:"STATUS_PORT" yaml:"statusPort"`
Provider string `envconfig:"PROVIDER" yaml:"provider"`
DeltaSyncInterval time.Duration `envconfig:"DELTA_SYNC_INTERVAL" yaml:"deltaSyncInterval"`
ImageScan ImageScan `envconfig:"IMAGE_SCAN" yaml:"imageScan"`
Linter Linter `envconfig:"LINTER" yaml:"linter"`
KubeBench KubeBench `envconfig:"KUBE_BENCH" yaml:"kubeBench"`
CloudScan CloudScan `envconfig:"CLOUD_SCAN" yaml:"cloudScan"`
}
type ImageScan ¶
type ImageScan struct {
Enabled bool `envconfig:"ENABLED" yaml:"enabled"`
ScanInterval time.Duration `envconfig:"SCAN_INTERVAL" yaml:"scanInterval"`
ScanTimeout time.Duration `envconfig:"SCAN_TIMEOUT" yaml:"scanTimeout"`
MaxConcurrentScans int64 `envconfig:"MAX_CONCURRENT_SCANS" yaml:"maxConcurrentScans"`
Image ImageScanImage `envconfig:"IMAGE" yaml:"image"`
Mode string `envconfig:"MODE" yaml:"mode"`
HostfsSocketFallbackEnabled bool `envconfig:"HOSTFS_SOCKET_FALLBACK_ENABLED" yaml:"hostfsSocketFallbackEnabled"`
DockerOptionsPath string `envconfig:"DOCKER_OPTIONS_PATH" yaml:"dockerOptionsPath"`
BlobsCachePort int `envconfig:"BLOBS_CACHE_PORT" yaml:"blobsCachePort"`
CPURequest string `envconfig:"CPU_REQUEST" yaml:"cpuRequest"`
CPULimit string `envconfig:"CPU_LIMIT" yaml:"cpuLimit"`
MemoryRequest string `envconfig:"MEMORY_REQUEST" yaml:"memoryRequest"`
MemoryLimit string `envconfig:"MEMORY_LIMIT" yaml:"memoryLimit"`
Force bool `envconfig:"FORCE" yaml:"force"`
ProfileEnabled bool `envconfig:"PROFILE_ENABLED" yaml:"profileEnabled"`
PhlareEnabled bool `envconfig:"PHLARE_ENABLED" yaml:"phlareEnabled"`
}
type ImageScanImage ¶
type KubeClient ¶
type KubeClient struct {
// K8S client rate limiter allows bursts of up to 'burst' to exceed the QPS, while still maintaining a
// smoothed qps rate of 'qps'.
// The bucket is initially filled with 'burst' tokens, and refills at a rate of 'qps'.
// The maximum number of tokens in the bucket is capped at 'burst'.
QPS int `envconfig:"QPS" yaml:"qps"`
Burst int `envconfig:"BURST" yaml:"burst"`
// Custom kubeconfig path.
KubeConfigPath string `envconfig:"KUBECONFIG" yaml:"kubeconfig"`
}
type PolicyEnforcement ¶ added in v0.34.0
type SecurityAgentVersion ¶
type SecurityAgentVersion struct {
GitCommit, GitRef, Version string
}
func (*SecurityAgentVersion) String ¶
func (a *SecurityAgentVersion) String() string
Source Files
Click to show internal directories.
Click to hide internal directories.