mirror of
https://github.com/rancher/types.git
synced 2025-08-02 05:11:59 +00:00
Merge pull request #1087 from leodotcloud/cis
CIS changes: cis-1.5, profiles, schedule, alerts
This commit is contained in:
Murali Paluru
GitHub
commit
3455ef4f91
@ -161,6 +161,7 @@ type ClusterAlertRuleSpec struct {
|
||||
EventRule *EventRule `json:"eventRule,omitempty"`
|
||||
SystemServiceRule *SystemServiceRule `json:"systemServiceRule,omitempty"`
|
||||
MetricRule *MetricRule `json:"metricRule,omitempty"`
|
||||
ClusterScanRule *ClusterScanRule `json:"clusterScanRule,omitempty"`
|
||||
}
|
||||
|
||||
type ProjectAlertRule struct {
|
||||
@ -199,6 +200,11 @@ type CommonRuleField struct {
|
||||
TimingField
|
||||
}
|
||||
|
||||
type ClusterScanRule struct {
|
||||
ScanRunType ClusterScanRunType `json:"scanRunType,omitempty" norman:"required,options=manual|scheduled,default=scheduled"`
|
||||
FailuresOnly bool `json:"failuresOnly,omitempty"`
|
||||
}
|
||||
|
||||
type MetricRule struct {
|
||||
Expression string `json:"expression,omitempty" norman:"required"`
|
||||
Description string `json:"description,omitempty"`
|
||||
|
||||
@ -9,11 +9,15 @@ import (
|
||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
)
|
||||
|
||||
type ClusterScanRunType string
|
||||
type CisScanProfileType string
|
||||
|
||||
const (
|
||||
ClusterScanConditionCreated condition.Cond = typescond.Created
|
||||
ClusterScanConditionRunCompleted condition.Cond = typescond.RunCompleted
|
||||
ClusterScanConditionCompleted condition.Cond = typescond.Completed
|
||||
ClusterScanConditionFailed condition.Cond = typescond.Failed
|
||||
ClusterScanConditionAlerted condition.Cond = typescond.Alerted
|
||||
|
||||
ClusterScanTypeCis = "cis"
|
||||
DefaultNamespaceForCis = "security-scan"
|
||||
@ -23,6 +27,14 @@ const (
|
||||
RunCisScanAnnotation = "field.cattle.io/runCisScan"
|
||||
SonobuoyCompletionAnnotation = "field.cattle.io/sonobuoyDone"
|
||||
CisHelmChartOwner = "field.cattle.io/clusterScanOwner"
|
||||
|
||||
ClusterScanRunTypeManual ClusterScanRunType = "manual"
|
||||
ClusterScanRunTypeScheduled ClusterScanRunType = "scheduled"
|
||||
|
||||
CisScanProfileTypePermissive CisScanProfileType = "permissive"
|
||||
CisScanProfileTypeHardened CisScanProfileType = "hardened"
|
||||
|
||||
DefaultScanOutputFileName string = "output.json"
|
||||
)
|
||||
|
||||
type CisScanConfig struct {
|
||||
@ -30,12 +42,22 @@ type CisScanConfig struct {
|
||||
OverrideSkip []string `json:"overrideSkip"`
|
||||
// Override the CIS benchmark version to use for the scan (instead of latest)
|
||||
OverrideBenchmarkVersion string `json:"overrideBenchmarkVersion,omitempty"`
|
||||
// scan profile to use
|
||||
Profile CisScanProfileType `json:"profile,omitempty" norman:"required,options=permissive|hardened,default=permissive"`
|
||||
// Internal flag for debugging master component of the scan
|
||||
DebugMaster bool `json:"debugMaster"`
|
||||
// Internal flag for debugging worker component of the scan
|
||||
DebugWorker bool `json:"debugWorker"`
|
||||
}
|
||||
|
||||
type CisScanStatus struct {
|
||||
Total int `json:"total"`
|
||||
Pass int `json:"pass"`
|
||||
Fail int `json:"fail"`
|
||||
Skip int `json:"skip"`
|
||||
NotApplicable int `json:"notApplicable"`
|
||||
}
|
||||
|
||||
type ClusterScanConfig struct {
|
||||
CisScanConfig *CisScanConfig `json:"cisScanConfig"`
|
||||
}
|
||||
@ -59,14 +81,15 @@ type ClusterScanSpec struct {
|
||||
ScanType string `json:"scanType"`
|
||||
// cluster ID
|
||||
ClusterID string `json:"clusterId,omitempty" norman:"required,type=reference[cluster]"`
|
||||
// manual flag
|
||||
Manual bool `yaml:"manual" json:"manual,omitempty"`
|
||||
// Run type
|
||||
RunType ClusterScanRunType `json:"runType,omitempty"`
|
||||
// scanConfig
|
||||
ScanConfig ClusterScanConfig `yaml:",omitempty" json:"scanConfig,omitempty"`
|
||||
}
|
||||
|
||||
type ClusterScanStatus struct {
|
||||
Conditions []ClusterScanCondition `json:"conditions"`
|
||||
Conditions []ClusterScanCondition `json:"conditions"`
|
||||
CisScanStatus *CisScanStatus `json:"cisScanStatus"`
|
||||
}
|
||||
|
||||
type ClusterScan struct {
|
||||
@ -80,7 +103,10 @@ type ClusterScan struct {
|
||||
}
|
||||
|
||||
type CisBenchmarkVersionInfo struct {
|
||||
MinKubernetesVersion string `yaml:"min_kubernetes_version" json:"minKubernetesVersion"`
|
||||
Managed bool `yaml:"managed" json:"managed"`
|
||||
MinKubernetesVersion string `yaml:"min_kubernetes_version" json:"minKubernetesVersion"`
|
||||
SkippedChecks map[string]string `yaml:"skipped_checks" json:"skippedChecks"`
|
||||
NotApplicableChecks map[string]string `yaml:"not_applicable_checks" json:"notApplicableChecks"`
|
||||
}
|
||||
|
||||
type CisConfigParams struct {
|
||||
@ -104,3 +130,22 @@ type CisBenchmarkVersion struct {
|
||||
|
||||
Info CisBenchmarkVersionInfo `json:"info" yaml:"info"`
|
||||
}
|
||||
|
||||
type ScheduledClusterScanConfig struct {
|
||||
// Cron Expression for Schedule
|
||||
CronSchedule string `yaml:"cron_schedule" json:"cronSchedule,omitempty"`
|
||||
// Number of past scans to keep
|
||||
Retention int `yaml:"retention" json:"retention,omitempty"`
|
||||
}
|
||||
|
||||
type ScheduledClusterScan struct {
|
||||
// Enable or disable scheduled scans
|
||||
Enabled bool `yaml:"enabled" json:"enabled,omitempty" norman:"default=false"`
|
||||
ScheduleConfig *ScheduledClusterScanConfig `yaml:"schedule_config" json:"scheduleConfig,omitempty"`
|
||||
ScanConfig *ClusterScanConfig `yaml:"scan_config,omitempty" json:"scanConfig,omitempty"`
|
||||
}
|
||||
|
||||
type ScheduledClusterScanStatus struct {
|
||||
Enabled bool `yaml:"enabled" json:"enabled,omitempty"`
|
||||
LastRunTimestamp string `yaml:"last_run_timestamp" json:"lastRunTimestamp"`
|
||||
}
|
||||
|
||||
@ -103,6 +103,7 @@ type ClusterSpecBase struct {
|
||||
EnableClusterMonitoring bool `json:"enableClusterMonitoring" norman:"default=false"`
|
||||
WindowsPreferedCluster bool `json:"windowsPreferedCluster" norman:"noupdate"`
|
||||
LocalClusterAuthEndpoint LocalClusterAuthEndpoint `json:"localClusterAuthEndpoint,omitempty"`
|
||||
ScheduledClusterScan *ScheduledClusterScan `json:"scheduledClusterScan,omitempty"`
|
||||
}
|
||||
|
||||
type ClusterSpec struct {
|
||||
@ -131,27 +132,28 @@ type ClusterStatus struct {
|
||||
Conditions []ClusterCondition `json:"conditions,omitempty"`
|
||||
// Component statuses will represent cluster's components (etcd/controller/scheduler) health
|
||||
// https://kubernetes.io/docs/api-reference/v1.8/#componentstatus-v1-core
|
||||
Driver string `json:"driver"`
|
||||
AgentImage string `json:"agentImage"`
|
||||
AgentFeatures map[string]bool `json:"agentFeatures,omitempty"`
|
||||
AuthImage string `json:"authImage"`
|
||||
ComponentStatuses []ClusterComponentStatus `json:"componentStatuses,omitempty"`
|
||||
APIEndpoint string `json:"apiEndpoint,omitempty"`
|
||||
ServiceAccountToken string `json:"serviceAccountToken,omitempty"`
|
||||
CACert string `json:"caCert,omitempty"`
|
||||
Capacity v1.ResourceList `json:"capacity,omitempty"`
|
||||
Allocatable v1.ResourceList `json:"allocatable,omitempty"`
|
||||
AppliedSpec ClusterSpec `json:"appliedSpec,omitempty"`
|
||||
FailedSpec *ClusterSpec `json:"failedSpec,omitempty"`
|
||||
Requested v1.ResourceList `json:"requested,omitempty"`
|
||||
Limits v1.ResourceList `json:"limits,omitempty"`
|
||||
Version *version.Info `json:"version,omitempty"`
|
||||
AppliedPodSecurityPolicyTemplateName string `json:"appliedPodSecurityPolicyTemplateId"`
|
||||
AppliedEnableNetworkPolicy bool `json:"appliedEnableNetworkPolicy" norman:"nocreate,noupdate,default=false"`
|
||||
Capabilities Capabilities `json:"capabilities,omitempty"`
|
||||
MonitoringStatus *MonitoringStatus `json:"monitoringStatus,omitempty" norman:"nocreate,noupdate"`
|
||||
IstioEnabled bool `json:"istioEnabled,omitempty" norman:"nocreate,noupdate,default=false"`
|
||||
CertificatesExpiration map[string]CertExpiration `json:"certificatesExpiration,omitempty"`
|
||||
Driver string `json:"driver"`
|
||||
AgentImage string `json:"agentImage"`
|
||||
AgentFeatures map[string]bool `json:"agentFeatures,omitempty"`
|
||||
AuthImage string `json:"authImage"`
|
||||
ComponentStatuses []ClusterComponentStatus `json:"componentStatuses,omitempty"`
|
||||
APIEndpoint string `json:"apiEndpoint,omitempty"`
|
||||
ServiceAccountToken string `json:"serviceAccountToken,omitempty"`
|
||||
CACert string `json:"caCert,omitempty"`
|
||||
Capacity v1.ResourceList `json:"capacity,omitempty"`
|
||||
Allocatable v1.ResourceList `json:"allocatable,omitempty"`
|
||||
AppliedSpec ClusterSpec `json:"appliedSpec,omitempty"`
|
||||
FailedSpec *ClusterSpec `json:"failedSpec,omitempty"`
|
||||
Requested v1.ResourceList `json:"requested,omitempty"`
|
||||
Limits v1.ResourceList `json:"limits,omitempty"`
|
||||
Version *version.Info `json:"version,omitempty"`
|
||||
AppliedPodSecurityPolicyTemplateName string `json:"appliedPodSecurityPolicyTemplateId"`
|
||||
AppliedEnableNetworkPolicy bool `json:"appliedEnableNetworkPolicy" norman:"nocreate,noupdate,default=false"`
|
||||
Capabilities Capabilities `json:"capabilities,omitempty"`
|
||||
MonitoringStatus *MonitoringStatus `json:"monitoringStatus,omitempty" norman:"nocreate,noupdate"`
|
||||
IstioEnabled bool `json:"istioEnabled,omitempty" norman:"nocreate,noupdate,default=false"`
|
||||
CertificatesExpiration map[string]CertExpiration `json:"certificatesExpiration,omitempty"`
|
||||
ScheduledClusterScanStatus *ScheduledClusterScanStatus `json:"scheduledClusterScanStatus,omitempty"`
|
||||
}
|
||||
|
||||
type ClusterComponentStatus struct {
|
||||
|
||||
@ -930,7 +930,7 @@ func (in *CisBenchmarkVersion) DeepCopyInto(out *CisBenchmarkVersion) {
|
||||
out.Namespaced = in.Namespaced
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
out.Info = in.Info
|
||||
in.Info.DeepCopyInto(&out.Info)
|
||||
return
|
||||
}
|
||||
|
||||
@ -955,6 +955,20 @@ func (in *CisBenchmarkVersion) DeepCopyObject() runtime.Object {
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *CisBenchmarkVersionInfo) DeepCopyInto(out *CisBenchmarkVersionInfo) {
|
||||
*out = *in
|
||||
if in.SkippedChecks != nil {
|
||||
in, out := &in.SkippedChecks, &out.SkippedChecks
|
||||
*out = make(map[string]string, len(*in))
|
||||
for key, val := range *in {
|
||||
(*out)[key] = val
|
||||
}
|
||||
}
|
||||
if in.NotApplicableChecks != nil {
|
||||
in, out := &in.NotApplicableChecks, &out.NotApplicableChecks
|
||||
*out = make(map[string]string, len(*in))
|
||||
for key, val := range *in {
|
||||
(*out)[key] = val
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -1099,6 +1113,22 @@ func (in *CisScanConfig) DeepCopy() *CisScanConfig {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *CisScanStatus) DeepCopyInto(out *CisScanStatus) {
|
||||
*out = *in
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CisScanStatus.
|
||||
func (in *CisScanStatus) DeepCopy() *CisScanStatus {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(CisScanStatus)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *CloudCredential) DeepCopyInto(out *CloudCredential) {
|
||||
*out = *in
|
||||
@ -1471,6 +1501,11 @@ func (in *ClusterAlertRuleSpec) DeepCopyInto(out *ClusterAlertRuleSpec) {
|
||||
*out = new(MetricRule)
|
||||
**out = **in
|
||||
}
|
||||
if in.ClusterScanRule != nil {
|
||||
in, out := &in.ClusterScanRule, &out.ClusterScanRule
|
||||
*out = new(ClusterScanRule)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -2126,6 +2161,22 @@ func (in *ClusterScanList) DeepCopyObject() runtime.Object {
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ClusterScanRule) DeepCopyInto(out *ClusterScanRule) {
|
||||
*out = *in
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterScanRule.
|
||||
func (in *ClusterScanRule) DeepCopy() *ClusterScanRule {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ClusterScanRule)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ClusterScanSpec) DeepCopyInto(out *ClusterScanSpec) {
|
||||
*out = *in
|
||||
@ -2151,6 +2202,11 @@ func (in *ClusterScanStatus) DeepCopyInto(out *ClusterScanStatus) {
|
||||
*out = make([]ClusterScanCondition, len(*in))
|
||||
copy(*out, *in)
|
||||
}
|
||||
if in.CisScanStatus != nil {
|
||||
in, out := &in.CisScanStatus, &out.CisScanStatus
|
||||
*out = new(CisScanStatus)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -2224,6 +2280,11 @@ func (in *ClusterSpecBase) DeepCopyInto(out *ClusterSpecBase) {
|
||||
**out = **in
|
||||
}
|
||||
out.LocalClusterAuthEndpoint = in.LocalClusterAuthEndpoint
|
||||
if in.ScheduledClusterScan != nil {
|
||||
in, out := &in.ScheduledClusterScan, &out.ScheduledClusterScan
|
||||
*out = new(ScheduledClusterScan)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -2311,6 +2372,11 @@ func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus) {
|
||||
(*out)[key] = val
|
||||
}
|
||||
}
|
||||
if in.ScheduledClusterScanStatus != nil {
|
||||
in, out := &in.ScheduledClusterScanStatus, &out.ScheduledClusterScanStatus
|
||||
*out = new(ScheduledClusterScanStatus)
|
||||
**out = **in
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -8916,6 +8982,64 @@ func (in *SaveAsTemplateOutput) DeepCopy() *SaveAsTemplateOutput {
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ScheduledClusterScan) DeepCopyInto(out *ScheduledClusterScan) {
|
||||
*out = *in
|
||||
if in.ScheduleConfig != nil {
|
||||
in, out := &in.ScheduleConfig, &out.ScheduleConfig
|
||||
*out = new(ScheduledClusterScanConfig)
|
||||
**out = **in
|
||||
}
|
||||
if in.ScanConfig != nil {
|
||||
in, out := &in.ScanConfig, &out.ScanConfig
|
||||
*out = new(ClusterScanConfig)
|
||||
(*in).DeepCopyInto(*out)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScheduledClusterScan.
|
||||
func (in *ScheduledClusterScan) DeepCopy() *ScheduledClusterScan {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ScheduledClusterScan)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ScheduledClusterScanConfig) DeepCopyInto(out *ScheduledClusterScanConfig) {
|
||||
*out = *in
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScheduledClusterScanConfig.
|
||||
func (in *ScheduledClusterScanConfig) DeepCopy() *ScheduledClusterScanConfig {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ScheduledClusterScanConfig)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ScheduledClusterScanStatus) DeepCopyInto(out *ScheduledClusterScanStatus) {
|
||||
*out = *in
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ScheduledClusterScanStatus.
|
||||
func (in *ScheduledClusterScanStatus) DeepCopy() *ScheduledClusterScanStatus {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(ScheduledClusterScanStatus)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *SchedulerService) DeepCopyInto(out *SchedulerService) {
|
||||
*out = *in
|
||||
|
||||
@ -2,9 +2,15 @@ package client
|
||||
|
||||
const (
|
||||
CisBenchmarkVersionInfoType = "cisBenchmarkVersionInfo"
|
||||
CisBenchmarkVersionInfoFieldManaged = "managed"
|
||||
CisBenchmarkVersionInfoFieldMinKubernetesVersion = "minKubernetesVersion"
|
||||
CisBenchmarkVersionInfoFieldNotApplicableChecks = "notApplicableChecks"
|
||||
CisBenchmarkVersionInfoFieldSkippedChecks = "skippedChecks"
|
||||
)
|
||||
|
||||
type CisBenchmarkVersionInfo struct {
|
||||
MinKubernetesVersion string `json:"minKubernetesVersion,omitempty" yaml:"minKubernetesVersion,omitempty"`
|
||||
Managed bool `json:"managed,omitempty" yaml:"managed,omitempty"`
|
||||
MinKubernetesVersion string `json:"minKubernetesVersion,omitempty" yaml:"minKubernetesVersion,omitempty"`
|
||||
NotApplicableChecks map[string]string `json:"notApplicableChecks,omitempty" yaml:"notApplicableChecks,omitempty"`
|
||||
SkippedChecks map[string]string `json:"skippedChecks,omitempty" yaml:"skippedChecks,omitempty"`
|
||||
}
|
||||
|
||||
@ -6,6 +6,7 @@ const (
|
||||
CisScanConfigFieldDebugWorker = "debugWorker"
|
||||
CisScanConfigFieldOverrideBenchmarkVersion = "overrideBenchmarkVersion"
|
||||
CisScanConfigFieldOverrideSkip = "overrideSkip"
|
||||
CisScanConfigFieldProfile = "profile"
|
||||
)
|
||||
|
||||
type CisScanConfig struct {
|
||||
@ -13,4 +14,5 @@ type CisScanConfig struct {
|
||||
DebugWorker bool `json:"debugWorker,omitempty" yaml:"debugWorker,omitempty"`
|
||||
OverrideBenchmarkVersion string `json:"overrideBenchmarkVersion,omitempty" yaml:"overrideBenchmarkVersion,omitempty"`
|
||||
OverrideSkip []string `json:"overrideSkip,omitempty" yaml:"overrideSkip,omitempty"`
|
||||
Profile string `json:"profile,omitempty" yaml:"profile,omitempty"`
|
||||
}
|
||||
|
||||
18
client/management/v3/zz_generated_cis_scan_status.go
Normal file
18
client/management/v3/zz_generated_cis_scan_status.go
Normal file
@ -0,0 +1,18 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
CisScanStatusType = "cisScanStatus"
|
||||
CisScanStatusFieldFail = "fail"
|
||||
CisScanStatusFieldNotApplicable = "notApplicable"
|
||||
CisScanStatusFieldPass = "pass"
|
||||
CisScanStatusFieldSkip = "skip"
|
||||
CisScanStatusFieldTotal = "total"
|
||||
)
|
||||
|
||||
type CisScanStatus struct {
|
||||
Fail int64 `json:"fail,omitempty" yaml:"fail,omitempty"`
|
||||
NotApplicable int64 `json:"notApplicable,omitempty" yaml:"notApplicable,omitempty"`
|
||||
Pass int64 `json:"pass,omitempty" yaml:"pass,omitempty"`
|
||||
Skip int64 `json:"skip,omitempty" yaml:"skip,omitempty"`
|
||||
Total int64 `json:"total,omitempty" yaml:"total,omitempty"`
|
||||
}
|
||||
@ -51,6 +51,8 @@ const (
|
||||
ClusterFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
ClusterFieldRemoved = "removed"
|
||||
ClusterFieldRequested = "requested"
|
||||
ClusterFieldScheduledClusterScan = "scheduledClusterScan"
|
||||
ClusterFieldScheduledClusterScanStatus = "scheduledClusterScanStatus"
|
||||
ClusterFieldState = "state"
|
||||
ClusterFieldTransitioning = "transitioning"
|
||||
ClusterFieldTransitioningMessage = "transitioningMessage"
|
||||
@ -106,6 +108,8 @@ type Cluster struct {
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty" yaml:"rancherKubernetesEngineConfig,omitempty"`
|
||||
Removed string `json:"removed,omitempty" yaml:"removed,omitempty"`
|
||||
Requested map[string]string `json:"requested,omitempty" yaml:"requested,omitempty"`
|
||||
ScheduledClusterScan *ScheduledClusterScan `json:"scheduledClusterScan,omitempty" yaml:"scheduledClusterScan,omitempty"`
|
||||
ScheduledClusterScanStatus *ScheduledClusterScanStatus `json:"scheduledClusterScanStatus,omitempty" yaml:"scheduledClusterScanStatus,omitempty"`
|
||||
State string `json:"state,omitempty" yaml:"state,omitempty"`
|
||||
Transitioning string `json:"transitioning,omitempty" yaml:"transitioning,omitempty"`
|
||||
TransitioningMessage string `json:"transitioningMessage,omitempty" yaml:"transitioningMessage,omitempty"`
|
||||
|
||||
@ -9,6 +9,7 @@ const (
|
||||
ClusterAlertRuleFieldAlertState = "alertState"
|
||||
ClusterAlertRuleFieldAnnotations = "annotations"
|
||||
ClusterAlertRuleFieldClusterID = "clusterId"
|
||||
ClusterAlertRuleFieldClusterScanRule = "clusterScanRule"
|
||||
ClusterAlertRuleFieldCreated = "created"
|
||||
ClusterAlertRuleFieldCreatorID = "creatorId"
|
||||
ClusterAlertRuleFieldEventRule = "eventRule"
|
||||
@ -37,6 +38,7 @@ type ClusterAlertRule struct {
|
||||
AlertState string `json:"alertState,omitempty" yaml:"alertState,omitempty"`
|
||||
Annotations map[string]string `json:"annotations,omitempty" yaml:"annotations,omitempty"`
|
||||
ClusterID string `json:"clusterId,omitempty" yaml:"clusterId,omitempty"`
|
||||
ClusterScanRule *ClusterScanRule `json:"clusterScanRule,omitempty" yaml:"clusterScanRule,omitempty"`
|
||||
Created string `json:"created,omitempty" yaml:"created,omitempty"`
|
||||
CreatorID string `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
|
||||
EventRule *EventRule `json:"eventRule,omitempty" yaml:"eventRule,omitempty"`
|
||||
|
||||
@ -3,6 +3,7 @@ package client
|
||||
const (
|
||||
ClusterAlertRuleSpecType = "clusterAlertRuleSpec"
|
||||
ClusterAlertRuleSpecFieldClusterID = "clusterId"
|
||||
ClusterAlertRuleSpecFieldClusterScanRule = "clusterScanRule"
|
||||
ClusterAlertRuleSpecFieldDisplayName = "displayName"
|
||||
ClusterAlertRuleSpecFieldEventRule = "eventRule"
|
||||
ClusterAlertRuleSpecFieldGroupID = "groupId"
|
||||
@ -18,6 +19,7 @@ const (
|
||||
|
||||
type ClusterAlertRuleSpec struct {
|
||||
ClusterID string `json:"clusterId,omitempty" yaml:"clusterId,omitempty"`
|
||||
ClusterScanRule *ClusterScanRule `json:"clusterScanRule,omitempty" yaml:"clusterScanRule,omitempty"`
|
||||
DisplayName string `json:"displayName,omitempty" yaml:"displayName,omitempty"`
|
||||
EventRule *EventRule `json:"eventRule,omitempty" yaml:"eventRule,omitempty"`
|
||||
GroupID string `json:"groupId,omitempty" yaml:"groupId,omitempty"`
|
||||
|
||||
@ -11,11 +11,11 @@ const (
|
||||
ClusterScanFieldCreated = "created"
|
||||
ClusterScanFieldCreatorID = "creatorId"
|
||||
ClusterScanFieldLabels = "labels"
|
||||
ClusterScanFieldManual = "manual"
|
||||
ClusterScanFieldName = "name"
|
||||
ClusterScanFieldNamespaceId = "namespaceId"
|
||||
ClusterScanFieldOwnerReferences = "ownerReferences"
|
||||
ClusterScanFieldRemoved = "removed"
|
||||
ClusterScanFieldRunType = "runType"
|
||||
ClusterScanFieldScanConfig = "scanConfig"
|
||||
ClusterScanFieldScanType = "scanType"
|
||||
ClusterScanFieldState = "state"
|
||||
@ -32,11 +32,11 @@ type ClusterScan struct {
|
||||
Created string `json:"created,omitempty" yaml:"created,omitempty"`
|
||||
CreatorID string `json:"creatorId,omitempty" yaml:"creatorId,omitempty"`
|
||||
Labels map[string]string `json:"labels,omitempty" yaml:"labels,omitempty"`
|
||||
Manual bool `json:"manual,omitempty" yaml:"manual,omitempty"`
|
||||
Name string `json:"name,omitempty" yaml:"name,omitempty"`
|
||||
NamespaceId string `json:"namespaceId,omitempty" yaml:"namespaceId,omitempty"`
|
||||
OwnerReferences []OwnerReference `json:"ownerReferences,omitempty" yaml:"ownerReferences,omitempty"`
|
||||
Removed string `json:"removed,omitempty" yaml:"removed,omitempty"`
|
||||
RunType string `json:"runType,omitempty" yaml:"runType,omitempty"`
|
||||
ScanConfig *ClusterScanConfig `json:"scanConfig,omitempty" yaml:"scanConfig,omitempty"`
|
||||
ScanType string `json:"scanType,omitempty" yaml:"scanType,omitempty"`
|
||||
State string `json:"state,omitempty" yaml:"state,omitempty"`
|
||||
|
||||
12
client/management/v3/zz_generated_cluster_scan_rule.go
Normal file
12
client/management/v3/zz_generated_cluster_scan_rule.go
Normal file
@ -0,0 +1,12 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ClusterScanRuleType = "clusterScanRule"
|
||||
ClusterScanRuleFieldFailuresOnly = "failuresOnly"
|
||||
ClusterScanRuleFieldScanRunType = "scanRunType"
|
||||
)
|
||||
|
||||
type ClusterScanRule struct {
|
||||
FailuresOnly bool `json:"failuresOnly,omitempty" yaml:"failuresOnly,omitempty"`
|
||||
ScanRunType string `json:"scanRunType,omitempty" yaml:"scanRunType,omitempty"`
|
||||
}
|
||||
@ -3,14 +3,14 @@ package client
|
||||
const (
|
||||
ClusterScanSpecType = "clusterScanSpec"
|
||||
ClusterScanSpecFieldClusterID = "clusterId"
|
||||
ClusterScanSpecFieldManual = "manual"
|
||||
ClusterScanSpecFieldRunType = "runType"
|
||||
ClusterScanSpecFieldScanConfig = "scanConfig"
|
||||
ClusterScanSpecFieldScanType = "scanType"
|
||||
)
|
||||
|
||||
type ClusterScanSpec struct {
|
||||
ClusterID string `json:"clusterId,omitempty" yaml:"clusterId,omitempty"`
|
||||
Manual bool `json:"manual,omitempty" yaml:"manual,omitempty"`
|
||||
RunType string `json:"runType,omitempty" yaml:"runType,omitempty"`
|
||||
ScanConfig *ClusterScanConfig `json:"scanConfig,omitempty" yaml:"scanConfig,omitempty"`
|
||||
ScanType string `json:"scanType,omitempty" yaml:"scanType,omitempty"`
|
||||
}
|
||||
|
||||
@ -1,10 +1,12 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ClusterScanStatusType = "clusterScanStatus"
|
||||
ClusterScanStatusFieldConditions = "conditions"
|
||||
ClusterScanStatusType = "clusterScanStatus"
|
||||
ClusterScanStatusFieldCisScanStatus = "cisScanStatus"
|
||||
ClusterScanStatusFieldConditions = "conditions"
|
||||
)
|
||||
|
||||
type ClusterScanStatus struct {
|
||||
Conditions []ClusterScanCondition `json:"conditions,omitempty" yaml:"conditions,omitempty"`
|
||||
CisScanStatus *CisScanStatus `json:"cisScanStatus,omitempty" yaml:"cisScanStatus,omitempty"`
|
||||
Conditions []ClusterScanCondition `json:"conditions,omitempty" yaml:"conditions,omitempty"`
|
||||
}
|
||||
|
||||
@ -25,6 +25,7 @@ const (
|
||||
ClusterSpecFieldInternal = "internal"
|
||||
ClusterSpecFieldLocalClusterAuthEndpoint = "localClusterAuthEndpoint"
|
||||
ClusterSpecFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
ClusterSpecFieldScheduledClusterScan = "scheduledClusterScan"
|
||||
ClusterSpecFieldWindowsPreferedCluster = "windowsPreferedCluster"
|
||||
)
|
||||
|
||||
@ -52,5 +53,6 @@ type ClusterSpec struct {
|
||||
Internal bool `json:"internal,omitempty" yaml:"internal,omitempty"`
|
||||
LocalClusterAuthEndpoint *LocalClusterAuthEndpoint `json:"localClusterAuthEndpoint,omitempty" yaml:"localClusterAuthEndpoint,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty" yaml:"rancherKubernetesEngineConfig,omitempty"`
|
||||
ScheduledClusterScan *ScheduledClusterScan `json:"scheduledClusterScan,omitempty" yaml:"scheduledClusterScan,omitempty"`
|
||||
WindowsPreferedCluster bool `json:"windowsPreferedCluster,omitempty" yaml:"windowsPreferedCluster,omitempty"`
|
||||
}
|
||||
|
||||
@ -13,6 +13,7 @@ const (
|
||||
ClusterSpecBaseFieldEnableNetworkPolicy = "enableNetworkPolicy"
|
||||
ClusterSpecBaseFieldLocalClusterAuthEndpoint = "localClusterAuthEndpoint"
|
||||
ClusterSpecBaseFieldRancherKubernetesEngineConfig = "rancherKubernetesEngineConfig"
|
||||
ClusterSpecBaseFieldScheduledClusterScan = "scheduledClusterScan"
|
||||
ClusterSpecBaseFieldWindowsPreferedCluster = "windowsPreferedCluster"
|
||||
)
|
||||
|
||||
@ -28,5 +29,6 @@ type ClusterSpecBase struct {
|
||||
EnableNetworkPolicy *bool `json:"enableNetworkPolicy,omitempty" yaml:"enableNetworkPolicy,omitempty"`
|
||||
LocalClusterAuthEndpoint *LocalClusterAuthEndpoint `json:"localClusterAuthEndpoint,omitempty" yaml:"localClusterAuthEndpoint,omitempty"`
|
||||
RancherKubernetesEngineConfig *RancherKubernetesEngineConfig `json:"rancherKubernetesEngineConfig,omitempty" yaml:"rancherKubernetesEngineConfig,omitempty"`
|
||||
ScheduledClusterScan *ScheduledClusterScan `json:"scheduledClusterScan,omitempty" yaml:"scheduledClusterScan,omitempty"`
|
||||
WindowsPreferedCluster bool `json:"windowsPreferedCluster,omitempty" yaml:"windowsPreferedCluster,omitempty"`
|
||||
}
|
||||
|
||||
@ -22,29 +22,31 @@ const (
|
||||
ClusterStatusFieldLimits = "limits"
|
||||
ClusterStatusFieldMonitoringStatus = "monitoringStatus"
|
||||
ClusterStatusFieldRequested = "requested"
|
||||
ClusterStatusFieldScheduledClusterScanStatus = "scheduledClusterScanStatus"
|
||||
ClusterStatusFieldVersion = "version"
|
||||
)
|
||||
|
||||
type ClusterStatus struct {
|
||||
APIEndpoint string `json:"apiEndpoint,omitempty" yaml:"apiEndpoint,omitempty"`
|
||||
AgentFeatures map[string]bool `json:"agentFeatures,omitempty" yaml:"agentFeatures,omitempty"`
|
||||
AgentImage string `json:"agentImage,omitempty" yaml:"agentImage,omitempty"`
|
||||
Allocatable map[string]string `json:"allocatable,omitempty" yaml:"allocatable,omitempty"`
|
||||
AppliedEnableNetworkPolicy bool `json:"appliedEnableNetworkPolicy,omitempty" yaml:"appliedEnableNetworkPolicy,omitempty"`
|
||||
AppliedPodSecurityPolicyTemplateName string `json:"appliedPodSecurityPolicyTemplateId,omitempty" yaml:"appliedPodSecurityPolicyTemplateId,omitempty"`
|
||||
AppliedSpec *ClusterSpec `json:"appliedSpec,omitempty" yaml:"appliedSpec,omitempty"`
|
||||
AuthImage string `json:"authImage,omitempty" yaml:"authImage,omitempty"`
|
||||
CACert string `json:"caCert,omitempty" yaml:"caCert,omitempty"`
|
||||
Capabilities *Capabilities `json:"capabilities,omitempty" yaml:"capabilities,omitempty"`
|
||||
Capacity map[string]string `json:"capacity,omitempty" yaml:"capacity,omitempty"`
|
||||
CertificatesExpiration map[string]CertExpiration `json:"certificatesExpiration,omitempty" yaml:"certificatesExpiration,omitempty"`
|
||||
ComponentStatuses []ClusterComponentStatus `json:"componentStatuses,omitempty" yaml:"componentStatuses,omitempty"`
|
||||
Conditions []ClusterCondition `json:"conditions,omitempty" yaml:"conditions,omitempty"`
|
||||
Driver string `json:"driver,omitempty" yaml:"driver,omitempty"`
|
||||
FailedSpec *ClusterSpec `json:"failedSpec,omitempty" yaml:"failedSpec,omitempty"`
|
||||
IstioEnabled bool `json:"istioEnabled,omitempty" yaml:"istioEnabled,omitempty"`
|
||||
Limits map[string]string `json:"limits,omitempty" yaml:"limits,omitempty"`
|
||||
MonitoringStatus *MonitoringStatus `json:"monitoringStatus,omitempty" yaml:"monitoringStatus,omitempty"`
|
||||
Requested map[string]string `json:"requested,omitempty" yaml:"requested,omitempty"`
|
||||
Version *Info `json:"version,omitempty" yaml:"version,omitempty"`
|
||||
APIEndpoint string `json:"apiEndpoint,omitempty" yaml:"apiEndpoint,omitempty"`
|
||||
AgentFeatures map[string]bool `json:"agentFeatures,omitempty" yaml:"agentFeatures,omitempty"`
|
||||
AgentImage string `json:"agentImage,omitempty" yaml:"agentImage,omitempty"`
|
||||
Allocatable map[string]string `json:"allocatable,omitempty" yaml:"allocatable,omitempty"`
|
||||
AppliedEnableNetworkPolicy bool `json:"appliedEnableNetworkPolicy,omitempty" yaml:"appliedEnableNetworkPolicy,omitempty"`
|
||||
AppliedPodSecurityPolicyTemplateName string `json:"appliedPodSecurityPolicyTemplateId,omitempty" yaml:"appliedPodSecurityPolicyTemplateId,omitempty"`
|
||||
AppliedSpec *ClusterSpec `json:"appliedSpec,omitempty" yaml:"appliedSpec,omitempty"`
|
||||
AuthImage string `json:"authImage,omitempty" yaml:"authImage,omitempty"`
|
||||
CACert string `json:"caCert,omitempty" yaml:"caCert,omitempty"`
|
||||
Capabilities *Capabilities `json:"capabilities,omitempty" yaml:"capabilities,omitempty"`
|
||||
Capacity map[string]string `json:"capacity,omitempty" yaml:"capacity,omitempty"`
|
||||
CertificatesExpiration map[string]CertExpiration `json:"certificatesExpiration,omitempty" yaml:"certificatesExpiration,omitempty"`
|
||||
ComponentStatuses []ClusterComponentStatus `json:"componentStatuses,omitempty" yaml:"componentStatuses,omitempty"`
|
||||
Conditions []ClusterCondition `json:"conditions,omitempty" yaml:"conditions,omitempty"`
|
||||
Driver string `json:"driver,omitempty" yaml:"driver,omitempty"`
|
||||
FailedSpec *ClusterSpec `json:"failedSpec,omitempty" yaml:"failedSpec,omitempty"`
|
||||
IstioEnabled bool `json:"istioEnabled,omitempty" yaml:"istioEnabled,omitempty"`
|
||||
Limits map[string]string `json:"limits,omitempty" yaml:"limits,omitempty"`
|
||||
MonitoringStatus *MonitoringStatus `json:"monitoringStatus,omitempty" yaml:"monitoringStatus,omitempty"`
|
||||
Requested map[string]string `json:"requested,omitempty" yaml:"requested,omitempty"`
|
||||
ScheduledClusterScanStatus *ScheduledClusterScanStatus `json:"scheduledClusterScanStatus,omitempty" yaml:"scheduledClusterScanStatus,omitempty"`
|
||||
Version *Info `json:"version,omitempty" yaml:"version,omitempty"`
|
||||
}
|
||||
|
||||
14
client/management/v3/zz_generated_scheduled_cluster_scan.go
Normal file
14
client/management/v3/zz_generated_scheduled_cluster_scan.go
Normal file
@ -0,0 +1,14 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ScheduledClusterScanType = "scheduledClusterScan"
|
||||
ScheduledClusterScanFieldEnabled = "enabled"
|
||||
ScheduledClusterScanFieldScanConfig = "scanConfig"
|
||||
ScheduledClusterScanFieldScheduleConfig = "scheduleConfig"
|
||||
)
|
||||
|
||||
type ScheduledClusterScan struct {
|
||||
Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
|
||||
ScanConfig *ClusterScanConfig `json:"scanConfig,omitempty" yaml:"scanConfig,omitempty"`
|
||||
ScheduleConfig *ScheduledClusterScanConfig `json:"scheduleConfig,omitempty" yaml:"scheduleConfig,omitempty"`
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ScheduledClusterScanConfigType = "scheduledClusterScanConfig"
|
||||
ScheduledClusterScanConfigFieldCronSchedule = "cronSchedule"
|
||||
ScheduledClusterScanConfigFieldRetention = "retention"
|
||||
)
|
||||
|
||||
type ScheduledClusterScanConfig struct {
|
||||
CronSchedule string `json:"cronSchedule,omitempty" yaml:"cronSchedule,omitempty"`
|
||||
Retention int64 `json:"retention,omitempty" yaml:"retention,omitempty"`
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
package client
|
||||
|
||||
const (
|
||||
ScheduledClusterScanStatusType = "scheduledClusterScanStatus"
|
||||
ScheduledClusterScanStatusFieldEnabled = "enabled"
|
||||
ScheduledClusterScanStatusFieldLastRunTimestamp = "lastRunTimestamp"
|
||||
)
|
||||
|
||||
type ScheduledClusterScanStatus struct {
|
||||
Enabled bool `json:"enabled,omitempty" yaml:"enabled,omitempty"`
|
||||
LastRunTimestamp string `json:"lastRunTimestamp,omitempty" yaml:"lastRunTimestamp,omitempty"`
|
||||
}
|
||||
@ -18,4 +18,9 @@ const (
|
||||
// error type
|
||||
|
||||
Failed cond.Cond = "Failed"
|
||||
|
||||
// generic type
|
||||
// these will not trigger any state change on the object
|
||||
|
||||
Alerted cond.Cond = "Alerted"
|
||||
)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user