config

package
v0.55.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 12, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type API 

type API struct {
	Key       string `envconfig:"API_KEY" yaml:"key"`
	URL       string `envconfig:"API_URL" yaml:"url"`
	ClusterID string `envconfig:"API_CLUSTER_ID" yaml:"clusterID"`
}

type Bundles added in v0.34.4 

type Bundles []string

func (*Bundles) Decode added in v0.34.4 

func (b *Bundles) Decode(input string) error

type CloudScan 

type CloudScan struct {
	Enabled      bool          `envconfig:"CLOUD_SCAN_ENABLED" yaml:"enabled"`
	ScanInterval time.Duration `envconfig:"CLOUD_SCAN_SCAN_INTERVAL" yaml:"scanInterval"`
	GKE          *CloudScanGKE `envconfig:"CLOUD_SCAN_GKE" yaml:"gke"`
	EKS          *CloudScanEKS `envconfig:"CLOUD_SCAN_EKS" yaml:"eks"`
}

type CloudScanEKS 

type CloudScanEKS struct {
	ClusterName string `envconfig:"CLOUD_SCAN_EKS_CLUSTER_NAME" yaml:"clusterName"`
}

type CloudScanGKE 

type CloudScanGKE struct {
	ClusterName        string `envconfig:"CLOUD_SCAN_GKE_CLUSTER_NAME" yaml:"clusterName"`
	CredentialsFile    string `envconfig:"CLOUD_SCAN_GKE_CREDENTIALS_FILE" yaml:"credentialsFile"`
	ServiceAccountName string `envconfig:"CLOUD_SCAN_GKE_SERVICE_ACCOUNT_NAME" yaml:"serviceAccountName"`
}

type Config 

type Config struct {
	PodIP             string            `envconfig:"POD_IP" yaml:"podIP"`
	PodNamespace      string            `envconfig:"POD_NAMESPACE" yaml:"podNamespace"`
	ServiceName       string            `envconfig:"SERVICE_NAME" yaml:"serviceName"`
	ServicePort       int               `envconfig:"SERVICE_PORT" yaml:"servicePort"`
	CertsDir          string            `envconfig:"CERTS_DIR" yaml:"certsDir"`
	CertsSecret       string            `envconfig:"CERTS_SECRET" yaml:"certsSecret"`
	LeaderElection    bool              `envconfig:"LEADER_ELECTION" yaml:"leaderElection"`
	PolicyEnforcement PolicyEnforcement `envconfig:"POLICY_ENFORCEMENT" yaml:"policyEnforcement"`
	KubeClient        KubeClient        `envconfig:"KUBE_CLIENT" yaml:"kubeClient"`
	Log               Log               `envconfig:"LOG" yaml:"log"`
	API               API               `envconfig:"API" yaml:"api"`
	HTTPPort          int               `envconfig:"HTTP_PORT" yaml:"httpPort"`
	StatusPort        int               `envconfig:"STATUS_PORT" yaml:"statusPort"`
	Provider          string            `envconfig:"PROVIDER" yaml:"provider"`
	DeltaSyncInterval time.Duration     `envconfig:"DELTA_SYNC_INTERVAL" yaml:"deltaSyncInterval"`
	ImageScan         ImageScan         `envconfig:"IMAGE_SCAN" yaml:"imageScan"`
	Linter            Linter            `envconfig:"LINTER" yaml:"linter"`
	KubeBench         KubeBench         `envconfig:"KUBE_BENCH" yaml:"kubeBench"`
	CloudScan         CloudScan         `envconfig:"CLOUD_SCAN" yaml:"cloudScan"`
	Telemetry         Telemetry         `envconfig:"TELEMETRY" yaml:"telemetry"`
}

func Load 

func Load(configPath string) (Config, error)

type ImageScan 

type ImageScan struct {
	Enabled            bool           `envconfig:"IMAGE_SCAN_ENABLED" yaml:"enabled"`
	ScanInterval       time.Duration  `envconfig:"IMAGE_SCAN_SCAN_INTERVAL" yaml:"scanInterval"`
	ScanTimeout        time.Duration  `envconfig:"IMAGE_SCAN_SCAN_TIMEOUT" yaml:"scanTimeout"`
	MaxConcurrentScans int64          `envconfig:"IMAGE_SCAN_MAX_CONCURRENT_SCANS" yaml:"maxConcurrentScans"`
	Image              ImageScanImage `envconfig:"IMAGE_SCAN_IMAGE" yaml:"image"`
	Mode               string         `envconfig:"IMAGE_SCAN_MODE" yaml:"mode"`
	APIUrl             string         `envconfig:"IMAGE_SCAN_API_URL" yaml:"apiUrl"`
	DockerOptionsPath  string         `envconfig:"IMAGE_SCAN_DOCKER_OPTIONS_PATH" yaml:"dockerOptionsPath"`
	CPURequest         string         `envconfig:"IMAGE_SCAN_CPU_REQUEST" yaml:"cpuRequest"`
	CPULimit           string         `envconfig:"IMAGE_SCAN_CPU_LIMIT" yaml:"cpuLimit"`
	MemoryRequest      string         `envconfig:"IMAGE_SCAN_MEMORY_REQUEST" yaml:"memoryRequest"`
	MemoryLimit        string         `envconfig:"IMAGE_SCAN_MEMORY_LIMIT" yaml:"memoryLimit"`
	ProfileEnabled     bool           `envconfig:"IMAGE_SCAN_PROFILE_ENABLED" yaml:"profileEnabled"`
	PhlareEnabled      bool           `envconfig:"IMAGE_SCAN_PHLARE_ENABLED" yaml:"phlareEnabled"`
	PullSecret         string         `envconfig:"IMAGE_SCAN_PULL_SECRET" yaml:"pullSecret"`
	InitDelay          time.Duration  `envconfig:"IMAGE_SCAN_INIT_DELAY" yaml:"initDelay"`
	ServiceAccountName string         `envconfig:"IMAGE_SCAN_SERVICE_ACCOUNT_NAME" yaml:"serviceAccountName"`
}

type ImageScanImage 

type ImageScanImage struct {
	PullPolicy string `envconfig:"IMAGE_SCAN_IMAGE_PULL_POLICY" yaml:"pullPolicy"`
}

type KubeBench 

type KubeBench struct {
	Enabled      bool           `envconfig:"KUBE_BENCH_ENABLED" yaml:"enabled"`
	Force        bool           `envconfig:"KUBE_BENCH_FORCE" yaml:"force"`
	ScanInterval time.Duration  `envconfig:"KUBE_BENCH_SCAN_INTERVAL" yaml:"scanInterval"`
	Image        KubeBenchImage `envconfig:"KUBE_BENCH_IMAGE" yaml:"image"`
}

type KubeBenchImage added in v0.51.0 

type KubeBenchImage struct {
	PullPolicy string `envconfig:"KUBE_BENCH_IMAGE_PULL_POLICY" yaml:"pullPolicy"`
}

type KubeClient 

type KubeClient struct {
	// K8S client rate limiter allows bursts of up to 'burst' to exceed the QPS, while still maintaining a
	// smoothed qps rate of 'qps'.
	// The bucket is initially filled with 'burst' tokens, and refills at a rate of 'qps'.
	// The maximum number of tokens in the bucket is capped at 'burst'.
	QPS   int `envconfig:"KUBE_CLIENT_QPS" yaml:"qps"`
	Burst int `envconfig:"KUBE_CLIENT_BURST" yaml:"burst"`
	// Custom kubeconfig path.
	KubeConfigPath string `envconfig:"KUBE_CLIENT_KUBECONFIG" yaml:"kubeconfig"`
	UseProtobuf    bool   `envconfig:"KUBE_CLIENT_USE_PROTOBUF" yaml:"useProtobuf"`
}

type Linter 

type Linter struct {
	Enabled      bool          `envconfig:"LINTER_ENABLED" yaml:"enabled"`
	ScanInterval time.Duration `envconfig:"LINTER_SCAN_INTERVAL" yaml:"scanInterval"`
}

type Log 

type Log struct {
	Level string `envconfig:"LOG_LEVEL" yaml:"level"`
}

type PolicyEnforcement added in v0.34.0 

type PolicyEnforcement struct {
	Enabled     bool    `envconfig:"POLICY_ENFORCEMENT_ENABLED" yaml:"enabled"`
	WebhookName string  `envconfig:"POLICY_ENFORCEMENT_WEBHOOK_NAME" yaml:"webhookName"`
	Bundles     Bundles `envconfig:"POLICY_ENFORCEMENT_BUNDLES" yaml:"bundles"`
}

type SecurityAgentVersion 

type SecurityAgentVersion struct {
	GitCommit, GitRef, Version string
}

func (*SecurityAgentVersion) String 

func (a *SecurityAgentVersion) String() string

type Telemetry added in v0.47.0 

type Telemetry struct {
	Interval time.Duration `envconfig:"TELEMETRY_INTERVAL" yaml:"interval"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.