rulemanager

package
v0.3.10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2025 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type RuleManager added in v0.3.3 

type RuleManager struct {
	// contains filtered or unexported fields
}

func CreateRuleManager added in v0.3.3 

func CreateRuleManager(
	ctx context.Context,
	cfg config.Config,
	k8sClient k8sclient.K8sClientInterface,
	ruleBindingCache bindingcache.RuleBindingCache,
	objectCache objectcache.ObjectCache,
	exporter exporters.Exporter,
	metrics metricsmanager.MetricsManager,
	processManager processtree.ProcessTreeManager,
	dnsManager dnsmanager.DNSResolver,
	enricher types.Enricher,
	ruleCooldown *rulecooldown.RuleCooldown,
	adapterFactory *ruleadapters.EventRuleAdapterFactory,
	celEvaluator cel.CELRuleEvaluator,
) (*RuleManager, error)

func (*RuleManager) ContainerCallback added in v0.3.3 

func (rm *RuleManager) ContainerCallback(notif containercollection.PubSubEvent)

func (*RuleManager) EvaluatePolicyRulesForEvent added in v0.3.3 

func (rm *RuleManager) EvaluatePolicyRulesForEvent(eventType utils.EventType, event utils.K8sEvent) []string

func (*RuleManager) HasApplicableRuleBindings added in v0.3.3 

func (rm *RuleManager) HasApplicableRuleBindings(namespace, name string) bool

func (*RuleManager) HasFinalApplicationProfile added in v0.3.3 

func (rm *RuleManager) HasFinalApplicationProfile(pod *corev1.Pod) bool

func (*RuleManager) IsContainerMonitored added in v0.3.3 

func (rm *RuleManager) IsContainerMonitored(k8sContainerID string) bool

func (*RuleManager) IsPodMonitored added in v0.3.3 

func (rm *RuleManager) IsPodMonitored(namespace, pod string) bool

func (*RuleManager) ReportEnrichedEvent added in v0.3.3 

func (rm *RuleManager) ReportEnrichedEvent(enrichedEvent *events.EnrichedEvent)

type RuleManagerClient 

type RuleManagerClient interface {
	ContainerCallback(notif containercollection.PubSubEvent)
	HasApplicableRuleBindings(namespace, name string) bool
	HasFinalApplicationProfile(pod *v1.Pod) bool
	IsContainerMonitored(k8sContainerID string) bool
	IsPodMonitored(namespace, pod string) bool
	EvaluatePolicyRulesForEvent(eventType utils.EventType, event utils.K8sEvent) []string
}

func CreateRuleManagerMock 

func CreateRuleManagerMock() RuleManagerClient

type RuleManagerMock 

type RuleManagerMock struct {
}

func (RuleManagerMock) ContainerCallback 

func (r RuleManagerMock) ContainerCallback(notif containercollection.PubSubEvent)

func (RuleManagerMock) EvaluatePolicyRulesForEvent added in v0.2.340 

func (r RuleManagerMock) EvaluatePolicyRulesForEvent(eventType utils.EventType, event utils.K8sEvent) []string

func (RuleManagerMock) HasApplicableRuleBindings 

func (r RuleManagerMock) HasApplicableRuleBindings(namespace, name string) bool

func (RuleManagerMock) HasFinalApplicationProfile 

func (r RuleManagerMock) HasFinalApplicationProfile(pod *corev1.Pod) bool

func (RuleManagerMock) IsContainerMonitored 

func (r RuleManagerMock) IsContainerMonitored(k8sContainerID string) bool

func (RuleManagerMock) IsPodMonitored 

func (r RuleManagerMock) IsPodMonitored(namespace, pod string) bool

func (RuleManagerMock) ReportEnrichedEvent added in v0.3.3 

func (r RuleManagerMock) ReportEnrichedEvent(enrichedEvent *events.EnrichedEvent)

type RulePolicyValidator added in v0.3.3 

type RulePolicyValidator struct {
	// contains filtered or unexported fields
}

func NewRulePolicyValidator added in v0.3.3 

func NewRulePolicyValidator(objectCache objectcache.ObjectCache) *RulePolicyValidator

func (*RulePolicyValidator) Validate added in v0.3.3 

func (v *RulePolicyValidator) Validate(ruleId string, process string, ap *v1beta1.ApplicationProfileContainer) (bool, error)

Source Files

View all Source files

Directories

Path Synopsis
cel
libraries
libraries/applicationprofile
libraries/cache
libraries/celparse
libraries/k8s
libraries/net
libraries/networkneighborhood
libraries/parse
libraries/process
adapters
v1

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.