changes to cis scan struct(s)

2025-07-31 20:55:00 +00:00 · 2019-12-02 13:02:17 -08:00 · 2019-12-02 13:02:17 -08:00 · 44d21ba15f
commit 44d21ba15f
parent 31d195f931
3 changed files with 23 additions and 2 deletions
--- a/apis/management.cattle.io/v3/cluster_scan_types.go
+++ b/apis/management.cattle.io/v3/cluster_scan_types.go
@ -11,9 +11,28 @@ import (
 const (
 	ClusterScanConditionCreated   condition.Cond = "Created"
 	ClusterScanConditionCompleted condition.Cond = "Completed"
+
+	ClusterScanTypeCis         = "cis"
+	DefaultNamespaceForCis     = "security-scan"
+	DefaultSonobuoyPodName     = "security-scan-runner"
+	ConfigMapNameForUserConfig = "security-scan-cfg"
+
+	RunCisScanAnnotation         = "field.cattle.io/runCisScan"
+	SonobuoyCompletionAnnotation = "field.cattle.io/sonobuoyDone"
+	CisHelmChartOwner            = "field.cattle.io/clusterScanOwner"
 )

+type CisScanConfig struct {
+	// IDs of the checks that need to be skipped in the final report
+	Skip []string `json:"skip"`
+	// Internal flag for debugging master component of the scan
+	DebugMaster bool `json:"debugMaster"`
+	// Internal flag for debugging worker component of the scan
+	DebugWorker bool `json:"debugWorker"`
+}
+
 type ClusterScanConfig struct {
+	CisScanConfig *CisScanConfig `json:"cisScanConfig"`
 }

 type ClusterScanCondition struct {
--- a/apis/management.cattle.io/v3/cluster_types.go
+++ b/apis/management.cattle.io/v3/cluster_types.go
@ -30,7 +30,7 @@ const (
 	ClusterActionBackupEtcd            = "backupEtcd"
 	ClusterActionRestoreFromEtcdBackup = "restoreFromEtcdBackup"
 	ClusterActionRotateCertificates    = "rotateCertificates"
-	ClusterActionRunCISScan            = "runSecurityScan"
+	ClusterActionRunSecurityScan       = "runSecurityScan"
 	ClusterActionSaveAsTemplate        = "saveAsTemplate"

 	// ClusterConditionReady Cluster ready to serve API (healthy when true, unhealthy when false)
--- a/apis/management.cattle.io/v3/schema/schema.go
+++ b/apis/management.cattle.io/v3/schema/schema.go
@ -263,7 +263,9 @@ func clusterTypes(schemas *types.Schemas) *types.Schemas {
 				Input:  "rotateCertificateInput",
 				Output: "rotateCertificateOutput",
 			}
-			schema.ResourceActions[v3.ClusterActionRunCISScan] = types.Action{}
+			schema.ResourceActions[v3.ClusterActionRunSecurityScan] = types.Action{
+				Input: "cisScanConfig",
+			}
 			schema.ResourceActions[v3.ClusterActionSaveAsTemplate] = types.Action{
 				Input: "saveAsTemplateInput",
 			}