conftest

package
v0.15.19 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 11, 2024 License: Apache-2.0 Imports: 16 Imported by: 0

Documentation

Overview

Package conftest provides primitives for working with Conftest.

Index

Constants

View Source 
const (
	// Plugin the name of this plugin.
	Plugin = "Conftest"
)

Variables

This section is empty.

Functions

func NewPlugin 

func NewPlugin(idGenerator ext.IDGenerator, clock ext.Clock) configauditreport.Plugin

NewPlugin constructs a new configauditreport.Plugin, which is using the upstream Conftest container image to audit K8s workloads.

Types

type CheckResult 

type CheckResult struct {
	FileName   string        `json:"filename"`
	Namespace  string        `json:"namespace"`
	Successes  int           `json:"successes"`
	Warnings   []Result      `json:"warnings,omitempty"`
	Failures   []Result      `json:"failures,omitempty"`
	Exceptions []Result      `json:"exceptions,omitempty"`
	Queries    []QueryResult `json:"queries,omitempty"`
}

CheckResult describes the result of a conftest policy evaluation. Errors produced by rego should be considered separate from other classes of exceptions.

type Config 

type Config struct {
	starboard.PluginConfig
}

Config defines configuration params for this plugin.

func (Config) GetImageRef 

func (c Config) GetImageRef() (string, error)

GetImageRef returns upstream Conftest container image reference.

func (Config) GetLibraries 

func (c Config) GetLibraries() map[string]string

func (Config) GetPoliciesByKind 

func (c Config) GetPoliciesByKind(kind string) (map[string]string, error)

func (Config) GetResourceRequirements 

func (c Config) GetResourceRequirements() (corev1.ResourceRequirements, error)

GetResourceRequirements constructs ResourceRequirements from the Config.

type QueryResult 

type QueryResult struct {

	// Query is the fully qualified query that was used
	// to determine the result. Ex: (data.main.deny)
	Query string `json:"query"`

	// Results are the individual results of the query.
	// When querying data.main.deny, multiple deny rules can
	// exist, producing multiple results.
	Results []Result `json:"results"`

	// Traces represents a single trace of how the query was
	// evaluated. Each trace value is a trace line.
	Traces []string `json:"traces"`
}

QueryResult describes the result of evaluting a query.

type Result 

type Result struct {
	Message  string                 `json:"msg"`
	Metadata map[string]interface{} `json:"metadata,omitempty"`
}

Result describes the result of a single rule evaluation.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.