controller

package

v0.0.1 Latest Latest Go to latest Published: Oct 31, 2023 License: Apache-2.0 Imports: 35 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/khulnasoft/vul-operator

Links

Open Source Insights

Documentation ¶

Index ¶

func Policies(ctx context.Context, config etc.Config, c client.Client, ...) (*policy.Policies, error)
type Misconfiguration
type NodeCollectorJobController
- func (r *NodeCollectorJobController) SetupWithManager(mgr ctrl.Manager) error
type NodeReconciler
- func (r *NodeReconciler) SetupWithManager(mgr ctrl.Manager) error
type PolicyConfigController
- func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error
type ResourceController
- func (r *ResourceController) SetupWithManager(mgr ctrl.Manager) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Policies ¶

func Policies(ctx context.Context, config etc.Config, c client.Client, cac configauditreport.ConfigAuditConfig, log logr.Logger, clusterVersion ...string) (*policy.Policies, error)

Types ¶

type Misconfiguration ¶

type Misconfiguration struct {
	// contains filtered or unexported fields
}

type NodeCollectorJobController ¶

type NodeCollectorJobController struct {
	logr.Logger
	etc.Config
	kube.ObjectResolver
	kube.LogsReader
	vuloperator.ConfigData
	vuloperator.PluginContext
	configauditreport.PluginInMemory
	InfraReadWriter infraassessment.ReadWriter
	vuloperator.BuildInfo
}

NodeCollectorJobController watches Kubernetes jobs generates v1alpha1.ClusterInfraAssessmentReport instances using infra assessment scanner

func (*NodeCollectorJobController) SetupWithManager ¶

func (r *NodeCollectorJobController) SetupWithManager(mgr ctrl.Manager) error

type NodeReconciler ¶

type NodeReconciler struct {
	logr.Logger
	etc.Config
	vuloperator.ConfigData
	kube.ObjectResolver
	vuloperator.PluginContext
	configauditreport.PluginInMemory
	jobs.LimitChecker
	InfraReadWriter  infraassessment.ReadWriter
	CacheSyncTimeout time.Duration
	vuloperator.BuildInfo
}

NodeReconciler reconciles corev1.Node and corev1.Job objects

to collect cluster nodes information (fileSystem permission and process arguments) the node information will be evaluated by the complaince control checks per relevant reports, examples: cis-benchmark and nsa

func (*NodeReconciler) SetupWithManager ¶

func (r *NodeReconciler) SetupWithManager(mgr ctrl.Manager) error

type PolicyConfigController ¶

type PolicyConfigController struct {
	logr.Logger
	etc.Config
	kube.ObjectResolver
	vuloperator.PluginContext
	configauditreport.PluginInMemory
	ClusterVersion string
}

PolicyConfigController watches changes on policies config map and generates v1alpha1.ConfigAuditReport instances based on OPA Rego policies as fast as possible.

func (*PolicyConfigController) SetupWithManager ¶

func (r *PolicyConfigController) SetupWithManager(mgr ctrl.Manager) error

type ResourceController ¶

type ResourceController struct {
	logr.Logger
	etc.Config
	vuloperator.ConfigData
	kube.ObjectResolver
	vuloperator.PluginContext
	configauditreport.PluginInMemory
	configauditreport.ReadWriter
	RbacReadWriter  rbacassessment.ReadWriter
	InfraReadWriter infraassessment.ReadWriter
	vuloperator.BuildInfo
	ClusterVersion   string
	CacheSyncTimeout time.Duration
}

ResourceController watches all Kubernetes kinds and generates v1alpha1.ConfigAuditReport instances based on OPA Rego policies as fast as possible.

func (*ResourceController) SetupWithManager ¶

func (r *ResourceController) SetupWithManager(mgr ctrl.Manager) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL