Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type PostScanRequest ¶
type PostScanRequest struct {
// Logger level (debug / info / error, default is "debug")
Logger string `json:"-"`
// Format of the results.
//
// Same as `kubescape scan --format`.
//
// Example: json
Format string `json:"format,omitempty"`
// A Kubescape account ID to use for scanning.
//
// Same as `kubescape scan --account`.
//
// Example: d13791eb-19b1-4222-867b-9a7c1799cfac
// swagger:strfmt uuid4
//
Account string `json:"account,omitempty"`
// A Kubescape access key to use for scanning.
//
// Same as `kubescape scan --access-key`.
//
// Example: d13791eb-19b1-4222-867b-9a7c1799cfac
// swagger:strfmt uuid4
//
AccessKey string `json:"accessKey,omitempty"`
// Threshold for a failing score.
//
// Scores higher than the provided value will be considered failing.
//
// Example: 42
FailThreshold float32 `json:"failThreshold,omitempty"`
// Namespaces to exclude.
//
// Same as `kubescape scan --excluded-namespaces`.
//
// Example: ["armo-system", "kube-system"]
ExcludedNamespaces []string `json:"excludedNamespaces,omitempty"`
// Namespaces to include.
//
// Same as `kubescape scan --include-namespaces`.
//
// Example: ["litmus-tests", "known-bad"]
IncludeNamespaces []string `json:"includeNamespaces,omitempty"`
// Name of the scan targets.
//
// For example, if you select `targetType: "framework"`, you can trigger a scan using the NSA and MITRE ATT&CK Framework by passing `targetNames: ["nsa", "mitre"].
//
// Example: ["nsa", "mitre"]
// Default: ["all"]
TargetNames []string `json:"targetNames,omitempty"`
// Type of the target. "framework" or "control".
//
// Example: "control"
// Default: "framework"
TargetType v1.NotificationPolicyKind `json:"targetType,omitempty"`
// Submit results to Kubescape Cloud.
//
// Same as `kubescape scan --submit`.
Submit *bool `json:"submit,omitempty"`
// Deploy the Kubescape Kubernetes Host Scanner
//
// Deploys the Armo K8s Host Scanner DeamonSet in the scanned cluster to collect data from certain controls.
//
// Example: true
HostScanner *bool `json:"hostScanner,omitempty"`
// Do not submit results to Kubescape Cloud.
//
// Same as `kubescape scan --keep-local`
//
// Example: true
KeepLocal *bool `json:"keepLocal,omitempty"`
// Use the cached artifacts instead of downloading (offline support)
//
// Example: false
UseCachedArtifacts *bool `json:"useCachedArtifacts,omitempty"`
// Scan a specific K8S object
//
// Example: {"apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "name": "nginx", "namespace": "my-namespace"} }
ScanObject *objectsenvelopes.ScanObject `json:"scanObject,omitempty"`
// Specifies whether the ScanObject is a deleted K8S resource so that the scan will be performed without fetching the resource
//
// Example: true
IsDeletedScanObject *bool `json:"isDeletedScanObject,omitempty"`
// List of exceptions to the controls
//
// Same as kubescape scan --exceptions
//
// Example: [{"controlID": "K8S_111", "exceptions": ["exception1", "exception2"]}]
Exceptions []armotypes.PostureExceptionPolicy `json:"exceptions,omitempty"`
}
A request to trigger a Kubescape scan
type Response ¶
type Response struct {
// ID of the scan
//
// Example: d13791eb-19b1-4222-867b-9a7c1799cfac
//
// swagger:strfmt uuid4
ID string `json:"id"`
// Type of this response
//
// Example: busy
Type v1.ScanResponseType `json:"type"`
// The actual Response payload
//
// Example: d13791eb-19b1-4222-867b-9a7c1799cfac
Response interface{} `json:"response,omitempty"`
}
A Scan Response object
Source Files
Click to show internal directories.
Click to hide internal directories.