Documentation
¶
Index ¶
- Constants
- func GetPluginConfigMapName(pluginName string) string
- func GetVersionFromImageRef(imageRef string) (string, error)
- func LinuxNodeAffinity() *corev1.Affinity
- func NewScheme() *runtime.Scheme
- type BuildInfo
- type ConfigData
- type ConfigManager
- type PluginConfig
- type PluginContext
- type PluginContextBuilder
- func (b *PluginContextBuilder) Get() PluginContext
- func (b *PluginContextBuilder) WithClient(client client.Client) *PluginContextBuilder
- func (b *PluginContextBuilder) WithName(name string) *PluginContextBuilder
- func (b *PluginContextBuilder) WithNamespace(namespace string) *PluginContextBuilder
- func (b *PluginContextBuilder) WithServiceAccountName(name string) *PluginContextBuilder
- type Scanner
Constants ¶
View Source
const ( // NamespaceName the name of the namespace in which imgvuln stores its // configuration and where it runs scan jobs. NamespaceName = "trivy-adapter" // ServiceAccountName the name of the service account used to provide // identity for scan jobs run by imgvuln. ServiceAccountName = "trivy-adapter" // ConfigMapName the name of the ConfigMap where imgvuln stores its // configuration. ConfigMapName = "trivy-adapter" // SecretName the name of the secret where imgvuln stores is sensitive // configuration. SecretName = "trivy-adapter" )
View Source
const ( LabelResourceKind = "trivy-adapter.resource.kind" LabelResourceName = "trivy-adapter.resource.name" LabelResourceNamespace = "trivy-adapter.resource.namespace" LabelContainerName = "trivy-adapter.container.name" LabelPodSpecHash = "pod-spec-hash" LabelPluginConfigHash = "plugin-config-hash" LabelVulnerabilityReportScanner = "vulnerabilityReport.scanner" LabelK8SAppManagedBy = "app.kubernetes.io/managed-by" Appimgvuln = "trivy-adapter" )
View Source
const ( AnnotationContainerImages = "trivyadapter.container-images" AnnotationScanJobAnnotations = "scanJob.annotations" )
Variables ¶
This section is empty.
Functions ¶
func GetPluginConfigMapName ¶
GetPluginConfigMapName returns the name of a ConfigMap used to configure a plugin with the given name. TODO Rename to GetPluginConfigObjectName as this method is used to determine the name of ConfigMaps and Secrets.
func GetVersionFromImageRef ¶
GetVersionFromImageRef returns the image identifier for the specified image reference.
func LinuxNodeAffinity ¶
LinuxNodeAffinity constructs a new Affinity resource with linux supported nodes.
Types ¶
type BuildInfo ¶
BuildInfo holds build info such as Git revision, Git SHA-1, build datetime, and the name of the executable binary.
type ConfigData ¶
ConfigData holds trivy-adapter configuration settings as a set of key-value pairs.
func GetDefaultConfig ¶
func GetDefaultConfig() ConfigData
GetDefaultConfig returns the default configuration settings.
func (ConfigData) GetRequiredData ¶
func (c ConfigData) GetRequiredData(key string) (string, error)
func (ConfigData) GetScanJobAnnotations ¶
func (c ConfigData) GetScanJobAnnotations() (map[string]string, error)
func (ConfigData) GetScanJobTolerations ¶
func (c ConfigData) GetScanJobTolerations() ([]corev1.Toleration, error)
func (ConfigData) GetVulnerabilityReportsScanner ¶
func (c ConfigData) GetVulnerabilityReportsScanner() (Scanner, error)
type ConfigManager ¶
type ConfigManager interface {
EnsureDefault(ctx context.Context) error
Read(ctx context.Context) (ConfigData, error)
Delete(ctx context.Context) error
}
ConfigManager defines methods for managing ConfigData.
func NewConfigManager ¶
func NewConfigManager(client kubernetes.Interface, namespace string) ConfigManager
NewConfigManager constructs a new ConfigManager that is using kubernetes.Interface to manage ConfigData backed by the ConfigMap stored in the specified namespace.
type PluginConfig ¶
PluginConfig holds plugin configuration settings.
func (PluginConfig) GetRequiredData ¶
func (c PluginConfig) GetRequiredData(key string) (string, error)
type PluginContext ¶
type PluginContext interface {
// GetName returns the name of the plugin.
GetName() string
// GetConfig returns the PluginConfig object that holds configuration settings of the plugin.
GetConfig() (PluginConfig, error)
// EnsureConfig ensures the PluginConfig, typically when a plugin is initialized.
EnsureConfig(config PluginConfig) error
// GetNamespace return the name of the K8s Namespace where trivy-adapter creates Jobs
// and other helper objects.aquasecurity
GetNamespace() string
// GetServiceAccountName return the name of the K8s Service Account used to run workloads
// created by trivy-adapter.
GetServiceAccountName() string
}
PluginContext is plugin's execution context within the trivy-adapter toolkit. The context is used to grant access to other methods so that this plugin can interact with the toolkit.
type PluginContextBuilder ¶
type PluginContextBuilder struct {
// contains filtered or unexported fields
}
func NewPluginContext ¶
func NewPluginContext() *PluginContextBuilder
func (*PluginContextBuilder) Get ¶
func (b *PluginContextBuilder) Get() PluginContext
func (*PluginContextBuilder) WithClient ¶
func (b *PluginContextBuilder) WithClient(client client.Client) *PluginContextBuilder
func (*PluginContextBuilder) WithName ¶
func (b *PluginContextBuilder) WithName(name string) *PluginContextBuilder
func (*PluginContextBuilder) WithNamespace ¶
func (b *PluginContextBuilder) WithNamespace(namespace string) *PluginContextBuilder
func (*PluginContextBuilder) WithServiceAccountName ¶
func (b *PluginContextBuilder) WithServiceAccountName(name string) *PluginContextBuilder
Source Files
Click to show internal directories.
Click to hide internal directories.