Documentation
¶
Index ¶
- Constants
- type AnchoreConfig
- type AnchoreValues
- type ClusterAnchoreConfigProvider
- type Config
- type CustomAnchoreConfigProvider
- type ImageValidatorChartValues
- type IntegratedServiceAnchoreService
- type IntegratedServiceManager
- func (f IntegratedServiceManager) GetOutput(ctx context.Context, clusterID uint, ...) (integratedservices.IntegratedServiceOutput, error)
- func (f IntegratedServiceManager) Name() string
- func (f IntegratedServiceManager) ValidateSpec(ctx context.Context, spec integratedservices.IntegratedServiceSpec) error
- type IntegratedServiceOperator
- type IntegratedServiceWhiteListService
- type MatchExpression
- type NamespaceService
- type SetBasedSelector
- type UserNameGenerator
- type UserSecretStore
- type WebhookConfig
Constants ¶
View Source
const IntegratedServiceName = "securityscan"
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AnchoreConfig ¶
func (AnchoreConfig) Validate ¶
func (c AnchoreConfig) Validate() error
type AnchoreValues ¶
type AnchoreValues struct {
Host string `json:"anchoreHost" mapstructure:"host"`
User string `json:"anchoreUser" mapstructure:"username"`
Password string `json:"anchorePass" mapstructure:"password"`
Insecure bool `json:"insecureSkipVerify" mapstructure:"insecure"`
}
AnchoreValues struct used to build chart values and to extract anchore data from secret values
type ClusterAnchoreConfigProvider ¶
type ClusterAnchoreConfigProvider struct {
// contains filtered or unexported fields
}
ClusterAnchoreConfigProvider returns static configuration.
func NewClusterAnchoreConfigProvider ¶
func NewClusterAnchoreConfigProvider( endpoint string, userNameGenerator UserNameGenerator, userSecretStore UserSecretStore, insecure bool, ) ClusterAnchoreConfigProvider
NewClusterAnchoreConfigProvider returns a new ClusterAnchoreConfigProvider.
func (ClusterAnchoreConfigProvider) GetConfiguration ¶
type Config ¶
type Config struct {
Anchore AnchoreConfig
PipelineNamespace string
Webhook WebhookConfig
}
type CustomAnchoreConfigProvider ¶
type CustomAnchoreConfigProvider struct {
// contains filtered or unexported fields
}
CustomAnchoreConfigProvider returns custom Anchore configuration for a cluster.
func NewCustomAnchoreConfigProvider ¶
func NewCustomAnchoreConfigProvider( integratedServiceRepository integratedservices.IntegratedServiceRepository, secretStore services.SecretStore, logger services.Logger, ) CustomAnchoreConfigProvider
NewCustomAnchoreConfigProvider returns a new ConfigProvider.
func (CustomAnchoreConfigProvider) GetConfiguration ¶
func (p CustomAnchoreConfigProvider) GetConfiguration(ctx context.Context, clusterID uint) (anchore.Config, error)
GetConfiguration returns Anchore configuration for a cluster.
type ImageValidatorChartValues ¶
type ImageValidatorChartValues struct {
ExternalAnchore *AnchoreValues `json:"externalAnchore,omitempty" mapstructure:"externalAnchore"`
NamespaceSelector *SetBasedSelector `json:"namespaceSelector,omitempty" mapstructure:"namespaceSelector"`
ObjectSelector *SetBasedSelector `json:"objectSelector,omitempty" mapstructure:"objectSelector"`
}
represents a values yaml to be passed to the anchore image validator webhook chart
type IntegratedServiceAnchoreService ¶
type IntegratedServiceAnchoreService interface {
GenerateUser(ctx context.Context, orgID uint, clusterID uint) (string, error)
// Deletes a previously generated user from the anchore
DeleteUser(ctx context.Context, orgID uint, clusterID uint) error
}
IntegratedServiceAnchoreService decouples anchore related operations
func NewIntegratedServiceAnchoreService ¶
func NewIntegratedServiceAnchoreService(anchoreUserService anchore.AnchoreUserService, logger common.Logger) IntegratedServiceAnchoreService
type IntegratedServiceManager ¶
type IntegratedServiceManager struct {
integratedservices.PassthroughIntegratedServiceSpecPreparer
// contains filtered or unexported fields
}
func MakeIntegratedServiceManager ¶
func MakeIntegratedServiceManager(logger common.Logger, config Config) IntegratedServiceManager
MakeIntegratedServiceManager creates asecurity scan integrated service manager instance
func (IntegratedServiceManager) GetOutput ¶
func (f IntegratedServiceManager) GetOutput(ctx context.Context, clusterID uint, spec integratedservices.IntegratedServiceSpec) (integratedservices.IntegratedServiceOutput, error)
func (IntegratedServiceManager) Name ¶
func (f IntegratedServiceManager) Name() string
Name returns the name of the integrated service
func (IntegratedServiceManager) ValidateSpec ¶
func (f IntegratedServiceManager) ValidateSpec(ctx context.Context, spec integratedservices.IntegratedServiceSpec) error
type IntegratedServiceOperator ¶
type IntegratedServiceOperator struct {
// contains filtered or unexported fields
}
func MakeIntegratedServiceOperator ¶
func MakeIntegratedServiceOperator( config Config, clusterGetter integratedserviceadapter.ClusterGetter, clusterService integratedservices.ClusterService, helmService services.HelmService, secretStore services.SecretStore, anchoreService IntegratedServiceAnchoreService, integratedServiceWhitelistService IntegratedServiceWhiteListService, errorHandler common.ErrorHandler, logger common.Logger, ) IntegratedServiceOperator
func (IntegratedServiceOperator) Apply ¶
func (op IntegratedServiceOperator) Apply(ctx context.Context, clusterID uint, spec integratedservices.IntegratedServiceSpec) error
func (IntegratedServiceOperator) Deactivate ¶
func (op IntegratedServiceOperator) Deactivate(ctx context.Context, clusterID uint, spec integratedservices.IntegratedServiceSpec) error
func (IntegratedServiceOperator) Name ¶
func (op IntegratedServiceOperator) Name() string
Name returns the name of the integrated service
type IntegratedServiceWhiteListService ¶
type IntegratedServiceWhiteListService interface {
// EnsureReleaseWhiteList makes sure that the passed whitelist is applied to the cluster
EnsureReleaseWhiteList(ctx context.Context, clusterID uint, items []releaseSpec) error
}
IntegratedServiceWhiteListService handles whitelist creation and removal
func NewIntegratedServiceWhitelistService ¶
func NewIntegratedServiceWhitelistService(clusterGetter integratedserviceadapter.ClusterGetter, whiteListService anchore.WhitelistService, logger common.Logger) IntegratedServiceWhiteListService
type MatchExpression ¶
type NamespaceService ¶
type NamespaceService interface {
// LabelNamespaces add the passed map of labels to the slice of namespaces
LabelNamespaces(ctx context.Context, clusterID uint, namespaces []string, labels map[string]string) error
// RemoveLabels removes the labels from the slice of namespaces
RemoveLabels(ctx context.Context, clusterID uint, namespaces []string, labels []string) error
// removes all the passed in labels from all the namespaces in the cluster
CleanupLabels(ctx context.Context, clusterID uint, labels []string) error
}
func NewNamespacesService ¶
func NewNamespacesService(getter integratedserviceadapter.ClusterGetter, log common.Logger) NamespaceService
type SetBasedSelector ¶
type SetBasedSelector struct {
MatchLabels map[string]string `json:"matchLabels,omitempty" mapstructure:"matchLabels"`
MatchExpressions []MatchExpression `json:"matchExpressions,omitempty" mapstructure:"matchExpressions"`
}
type UserNameGenerator ¶
type UserNameGenerator interface {
// GenerateUsername generates an Anchore username for a cluster.
GenerateUsername(ctx context.Context, clusterID uint) (string, error)
}
UserNameGenerator generates an Anchore username for a cluster.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.