├── .gitignore
├── Makefile
├── README.md
├── apis
└── openreports.io
│ └── v1alpha1
│ ├── clusterreport_types.go
│ ├── doc.go
│ ├── groupversion_info.go
│ ├── report_types.go
│ └── zz_generated.deepcopy.go
├── crd
└── openreports.io
│ └── v1alpha1
│ ├── openreports.io_clusterreports.yaml
│ └── openreports.io_reports.yaml
├── docs
├── api-docs.md
└── config.yaml
├── go.mod
├── go.sum
├── hack
├── boilerplate.go.txt
├── codegen.go
└── update-codegen.sh
├── pkg
└── client
│ ├── clientset
│ └── versioned
│ │ ├── clientset.go
│ │ ├── fake
│ │ ├── clientset_generated.go
│ │ ├── doc.go
│ │ └── register.go
│ │ ├── scheme
│ │ ├── doc.go
│ │ └── register.go
│ │ └── typed
│ │ └── openreports.io
│ │ └── v1alpha1
│ │ ├── clusterreport.go
│ │ ├── doc.go
│ │ ├── fake
│ │ ├── doc.go
│ │ ├── fake_clusterreport.go
│ │ ├── fake_openreports.io_client.go
│ │ └── fake_report.go
│ │ ├── generated_expansion.go
│ │ ├── openreports.io_client.go
│ │ └── report.go
│ ├── informers
│ └── externalversions
│ │ ├── factory.go
│ │ ├── generic.go
│ │ ├── internalinterfaces
│ │ └── factory_interfaces.go
│ │ └── openreports.io
│ │ ├── interface.go
│ │ └── v1alpha1
│ │ ├── clusterreport.go
│ │ ├── interface.go
│ │ └── report.go
│ └── listers
│ └── openreports.io
│ └── v1alpha1
│ ├── clusterreport.go
│ ├── expansion_generated.go
│ └── report.go
└── samples
├── sample-cis-k8s.yaml
├── sample-co.yaml
├── sample-falco-policy.yaml
├── sample-rhacm-policy.yaml
├── sample-v1beta1-kyverno.yaml
└── sample-v1beta2-kyverno.yaml
/.gitignore:
--------------------------------------------------------------------------------
1 |
2 | # Binaries for programs and plugins
3 | *.exe
4 | *.exe~
5 | *.dll
6 | *.so
7 | *.dylib
8 | bin
9 |
10 | # Test binary, build with `go test -c`
11 | *.test
12 |
13 | # Output of the go coverage tool, specifically when used with LiteIDE
14 | *.out
15 |
16 | # Kubernetes Generated files - skip generated files, except for vendored files
17 |
18 | !vendor/**/zz_generated.*
19 |
20 | # editor and IDE paraphernalia
21 | .idea
22 | *.swp
23 | *.swo
24 | *~
25 |
--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
1 | GO_CMD ?= go
2 |
3 | PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
4 |
5 | # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
6 | ifeq (,$(shell go env GOBIN))
7 | GOBIN=$(shell go env GOPATH)/bin
8 | else
9 | GOBIN=$(shell go env GOBIN)
10 | endif
11 |
12 | ## Location to install dependencies to
13 | LOCALBIN ?= $(shell pwd)/bin
14 | $(LOCALBIN):
15 | mkdir -p $(LOCALBIN)
16 |
17 | CONTROLLER_TOOLS_VERSION ?= v0.14.0
18 | CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
19 | GEN_CRD_API_REFERENCE_DOCS ?= $(LOCALBIN)/crd-ref-docs
20 | GEN_CRD_API_REFERENCE_DOCS_VERSION ?= latest
21 |
22 | all: code-generator manifests generate generate-api-docs generate-client build fmt vet
23 |
24 | .PHONY: manifests
25 | manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
26 | $(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./apis/openreports.io/v1alpha1" output:crd:artifacts:config=crd/openreports.io/v1alpha1
27 |
28 | .PHONY: generate
29 | generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
30 | $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./apis/..."
31 |
32 | .PHONY: generate-client
33 | generate-client:
34 | ./hack/update-codegen.sh
35 |
36 |
37 | # Run go build against code
38 | build:
39 | go build ./...
40 |
41 | # Run go fmt against code
42 | fmt:
43 | go fmt ./...
44 |
45 | # Run go vet against code
46 | vet:
47 | go vet ./...
48 |
49 | .PHONY: controller-gen
50 | controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. If wrong version is installed, it will be overwritten.
51 | $(CONTROLLER_GEN): $(LOCALBIN)
52 | test -s $(LOCALBIN)/controller-gen && $(LOCALBIN)/controller-gen --version | grep -q $(CONTROLLER_TOOLS_VERSION) || \
53 | GOBIN=$(LOCALBIN) $(GO_CMD) install sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_TOOLS_VERSION)
54 |
55 | # Use same code-generator version as k8s.io/api
56 | CODEGEN_VERSION := v0.30.0-rc.2
57 | CODEGEN = $(shell pwd)/bin/code-generator
58 | CODEGEN_ROOT = $(shell $(GO_CMD) env GOMODCACHE)/k8s.io/code-generator@$(CODEGEN_VERSION)
59 | .PHONY: code-generator
60 | code-generator:
61 | @GOBIN=$(PROJECT_DIR)/bin GO111MODULE=on $(GO_CMD) install k8s.io/code-generator/cmd/client-gen@$(CODEGEN_VERSION)
62 | cp -f $(CODEGEN_ROOT)/generate-groups.sh $(PROJECT_DIR)/bin/
63 | cp -f $(CODEGEN_ROOT)/generate-internal-groups.sh $(PROJECT_DIR)/bin/
64 | cp -f $(CODEGEN_ROOT)/kube_codegen.sh $(PROJECT_DIR)/bin/
65 |
66 | # generate-api-docs will create api docs
67 | generate-api-docs: $(GEN_CRD_API_REFERENCE_DOCS)
68 | $(GEN_CRD_API_REFERENCE_DOCS) --source-path=./apis/openreports.io/v1alpha1 --config=./docs/config.yaml --renderer=markdown --output-path=./docs/api-docs.md
69 |
70 | $(GEN_CRD_API_REFERENCE_DOCS): $(LOCALBIN)
71 | $(call go-install-tool,$(GEN_CRD_API_REFERENCE_DOCS),github.com/elastic/crd-ref-docs,$(GEN_CRD_API_REFERENCE_DOCS_VERSION))
72 |
73 | .PHONY: codegen-api-docs
74 | codegen-api-docs: $(PACKAGE_SHIM) $(GEN_CRD_API_REFERENCE_DOCS) $(GENREF) ## Generate API docs
75 | @echo Generate api docs... >&2
76 | $(GEN_CRD_API_REFERENCE_DOCS) -v=4 \
77 | -api-dir pkg/api \
78 | -config docs/config.json \
79 | -template-dir docs/template \
80 | -out-file docs/index.html
81 |
82 | # go-install-tool will 'go install' any package with custom target and name of binary, if it doesn't exist
83 | # $1 - target path with name of binary (ideally with version)
84 | # $2 - package url which can be installed
85 | # $3 - specific version of package
86 | define go-install-tool
87 | @[ -f $(1) ] || { \
88 | set -e; \
89 | package=$(2)@$(3) ;\
90 | echo "Downloading $${package}" ;\
91 | GOBIN=$(LOCALBIN) go install $${package} ;\
92 | mv "$$(echo "$(1)" | sed "s/-$(3)$$//")" $(1) ;\
93 | }
94 | endef
95 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # OpenReports API
2 |
3 | The OpenReports API enables uniform reporting of results and findings from policy engines, scanners, or other tooling.
4 |
5 | This repository contains the API specification and Custom Resource Definitions (CRDs).
6 |
7 | ## Concepts
8 |
9 | The API provides a `ClusterReport` and its namespaced variant `Report`.
10 |
11 | Each `Report` contains a set of `results` and a `summary`. Each `result` contains attributes such as the source policy and rule name, severity, timestamp, and the resource.
12 |
13 | ## Reference
14 |
15 | * [API Reference](./docs/api-docs.md)
16 |
17 | ## Demonstration
18 |
19 | Typically the Report API is installed and managed by a [producer](#producers). However, to try out the API in a test cluster you can follow the steps below:
20 |
21 | 1. Add Report API CRDs to your cluster:
22 |
23 | ```sh
24 | kubectl create -f crd/openreports.io/v1alpha1/
25 | ```
26 | 2. Create a sample policy report resource:
27 |
28 | ```sh
29 | kubectl create -f samples/sample-cis-k8s.yaml
30 | ```
31 | 3. View policy report resources:
32 |
33 | ```sh
34 | kubectl get reports
35 | ```
36 |
37 | ## Implementations
38 |
39 | The following is a list of projects that produce or consume policy reports:
40 |
41 | *(To add your project, please create a [pull request](https://github.com/openreports/reports-api/pulls).)*
42 |
43 | ### Report Producers
44 |
45 | * [Falco](https://github.com/falcosecurity/falcosidekick/blob/master/outputs/policyreport.go)
46 | * [Image Scanner](https://github.com/statnett/image-scanner-operator)
47 | * [jsPolicy](https://github.com/loft-sh/jspolicy/)
48 | * [Kyverno](https://kyverno.io/docs/policy-reports/)
49 | * [Netchecks](https://docs.netchecks.io/)
50 | * [Tracee Adapter](https://github.com/fjogeleit/tracee-polr-adapter)
51 | * [Trivy Operator](https://aquasecurity.github.io/trivy-operator/v0.15.1/tutorials/integrations/policy-reporter/)
52 | * [Kubewarden](https://docs.kubewarden.io/explanations/audit-scanner/policy-reports)
53 |
54 | ### Report Consumers
55 |
56 | * [Fairwinds Insights](https://fairwinds.com/insights)
57 | * [Kyverno Policy Reporter](https://kyverno.github.io/policy-reporter/)
58 | * [Lula](https://github.com/defenseunicorns/lula)
59 | * [Nirmata Control Hub](https://nirmata.com/nirmata-control-hub/)
60 | * [Open Cluster Management](https://open-cluster-management.io/)
61 |
62 | ## Building
63 |
64 | ```sh
65 | make all
66 | ```
67 |
68 | ## Community, discussion, contribution, and support
69 |
70 | You can reach the maintainers of this project at:
71 |
72 | - [Slack](https://cloud-native.slack.com/archives/C08JH5223A6)
73 | - [GitHub](https://github.com/orgs/openreports/discussions)
74 |
75 | ### Code of conduct
76 |
77 | Participation in the OpenReport community is governed by the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md).
78 |
79 | [owners]: https://git.k8s.io/community/contributors/guide/owners.md
80 | [Creative Commons 4.0]: https://git.k8s.io/website/LICENSE
81 |
82 | # Historical References
83 |
84 | See the [Kubernetes Policy Working Group repository](https://github.com/kubernetes-sigs/wg-policy-prototypes/tree/master/policy-report) and the [Policy Reports API proposal](https://docs.google.com/document/d/1nICYLkYS1RE3gJzuHOfHeAC25QIkFZfgymFjgOzMDVw/edit#) for background and details.
85 |
86 |
--------------------------------------------------------------------------------
/apis/openreports.io/v1alpha1/clusterreport_types.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024 The Kubernetes authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | package v1alpha1
18 |
19 | import (
20 | corev1 "k8s.io/api/core/v1"
21 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
22 | )
23 |
24 | // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
25 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
26 |
27 | // +genclient
28 | // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
29 | // +genclient:nonNamespaced
30 | // +kubebuilder:storageversion
31 | // +kubebuilder:object:root=true
32 | // +kubebuilder:resource:path=clusterreports,scope="Cluster",shortName=creps
33 | // +kubebuilder:printcolumn:name="Kind",type=string,JSONPath=`.scope.kind`,priority=1
34 | // +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.scope.name`,priority=1
35 | // +kubebuilder:printcolumn:name="Pass",type=integer,JSONPath=`.summary.pass`
36 | // +kubebuilder:printcolumn:name="Fail",type=integer,JSONPath=`.summary.fail`
37 | // +kubebuilder:printcolumn:name="Warn",type=integer,JSONPath=`.summary.warn`
38 | // +kubebuilder:printcolumn:name="Error",type=integer,JSONPath=`.summary.error`
39 | // +kubebuilder:printcolumn:name="Skip",type=integer,JSONPath=`.summary.skip`
40 | // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
41 |
42 | // ClusterReport is the Schema for the ClusterReport API
43 | type ClusterReport struct {
44 | metav1.TypeMeta `json:",inline"`
45 | metav1.ObjectMeta `json:"metadata,omitempty"`
46 |
47 | // Source is an identifier for the source e.g. a policy engine that manages this report.
48 | // Use this field if all the results are produced by a single policy engine.
49 | // If the results are produced by multiple sources e.g. different engines or scanners,
50 | // then use the Source field at the ReportResult level.
51 | // +optional
52 | Source string `json:"source"`
53 |
54 | // Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
55 | // +optional
56 | Scope *corev1.ObjectReference `json:"scope,omitempty"`
57 |
58 | // ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
59 | // Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
60 | // +optional
61 | ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
62 |
63 | // Configuration is an optional field which can be used to specify
64 | // a contract between Report generators and consumers
65 | // +optional
66 | Configuration *ReportConfiguration `json:"configuration,omitempty"`
67 |
68 | // ReportSummary provides a summary of results
69 | // +optional
70 | Summary ReportSummary `json:"summary,omitempty"`
71 |
72 | // ReportResult provides result details
73 | // +optional
74 | Results []ReportResult `json:"results,omitempty"`
75 | }
76 |
77 | // ClusterReportList contains a list of ClusterReport
78 | // +kubebuilder:object:root=true
79 | // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
80 | type ClusterReportList struct {
81 | metav1.TypeMeta `json:",inline"`
82 | metav1.ListMeta `json:"metadata,omitempty"`
83 | Items []ClusterReport `json:"items"`
84 | }
85 |
86 | func init() {
87 | SchemeBuilder.Register(&ClusterReport{}, &ClusterReportList{})
88 | }
89 |
--------------------------------------------------------------------------------
/apis/openreports.io/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024 The Kubernetes authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
18 | // +k8s:deepcopy-gen=package
19 | // +kubebuilder:object:generate=true
20 | // +k8s:openapi-gen=true
21 | // +groupName=openreports.io
22 | package v1alpha1
23 |
--------------------------------------------------------------------------------
/apis/openreports.io/v1alpha1/groupversion_info.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024 The Kubernetes authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 |
17 | // Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
18 | // +kubebuilder:object:generate=true
19 | // +groupName=openreports.io
20 | package v1alpha1
21 |
22 | import (
23 | "k8s.io/apimachinery/pkg/runtime/schema"
24 | "sigs.k8s.io/controller-runtime/pkg/scheme"
25 | )
26 |
27 | // Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
28 | // +kubebuilder:object:generate=true
29 | // +groupName=openreports.io
30 | var (
31 | // SchemeGroupVersion is group version used to register these objects
32 | SchemeGroupVersion = schema.GroupVersion{Group: "openreports.io", Version: "v1alpha1"}
33 |
34 | // SchemeBuilder is used to add go types to the GroupVersionKind scheme
35 | SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
36 |
37 | // AddToScheme adds the types in this group-version to the given scheme.
38 | AddToScheme = SchemeBuilder.AddToScheme
39 | )
40 |
41 | // Kind takes an unqualified kind and returns back a Group qualified GroupKind
42 | func Kind(kind string) schema.GroupKind {
43 | return SchemeGroupVersion.WithKind(kind).GroupKind()
44 | }
45 |
46 | // Resource takes an unqualified resource and returns a Group qualified GroupResource
47 | func Resource(resource string) schema.GroupResource {
48 | return SchemeGroupVersion.WithResource(resource).GroupResource()
49 | }
50 |
--------------------------------------------------------------------------------
/apis/openreports.io/v1alpha1/report_types.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright 2024 The Kubernetes authors.
3 | Licensed under the Apache License, Version 2.0 (the "License");
4 | you may not use this file except in compliance with the License.
5 | You may obtain a copy of the License at
6 | http://www.apache.org/licenses/LICENSE-2.0
7 | Unless required by applicable law or agreed to in writing, software
8 | distributed under the License is distributed on an "AS IS" BASIS,
9 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10 | See the License for the specific language governing permissions and
11 | limitations under the License.
12 | */
13 |
14 | package v1alpha1
15 |
16 | import (
17 | corev1 "k8s.io/api/core/v1"
18 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
19 | )
20 |
21 | // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
22 | // NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
23 |
24 | // StatusFilter is used by Report generators to write only those reports whose status is specified by the filters
25 | // +kubebuilder:validation:Enum=pass;fail;warn;error;skip
26 | type StatusFilter string
27 |
28 | type Limits struct {
29 | // MaxResults is the maximum number of results contained in the report
30 | // +optional
31 | MaxResults int `json:"maxResults"`
32 |
33 | // StatusFilter indicates that the Report contains only those reports with statuses specified in this list
34 | // +optional
35 | StatusFilter []StatusFilter `json:"statusFilter,omitempty"`
36 | }
37 |
38 | type ReportConfiguration struct {
39 | Limits Limits `json:"limits"`
40 | }
41 |
42 | // ReportSummary provides a status count summary
43 | type ReportSummary struct {
44 |
45 | // Pass provides the count of policies whose requirements were met
46 | // +optional
47 | Pass int `json:"pass"`
48 |
49 | // Fail provides the count of policies whose requirements were not met
50 | // +optional
51 | Fail int `json:"fail"`
52 |
53 | // Warn provides the count of non-scored policies whose requirements were not met
54 | // +optional
55 | Warn int `json:"warn"`
56 |
57 | // Error provides the count of policies that could not be evaluated
58 | // +optional
59 | Error int `json:"error"`
60 |
61 | // Skip indicates the count of policies that were not selected for evaluation
62 | // +optional
63 | Skip int `json:"skip"`
64 | }
65 |
66 | // Result has one of the following values:
67 | // - pass: the policy requirements are met
68 | // - fail: the policy requirements are not met
69 | // - warn: the policy requirements are not met and the policy is not scored
70 | // - error: the policy could not be evaluated
71 | // - skip: the policy was not selected based on user inputs or applicability
72 | //
73 | // +kubebuilder:validation:Enum=pass;fail;warn;error;skip
74 | type Result string
75 |
76 | // ResultSeverity has one of the following values:
77 | // - critical
78 | // - high
79 | // - low
80 | // - medium
81 | // - info
82 | //
83 | // +kubebuilder:validation:Enum=critical;high;low;medium;info
84 | type ResultSeverity string
85 |
86 | // ReportResult provides the result for an individual policy
87 | type ReportResult struct {
88 |
89 | // Source is an identifier for the policy engine that manages this report
90 | // If the Source is specified at this level, it will override the Source
91 | // field set at the Report level
92 | // +optional
93 | Source string `json:"source"`
94 |
95 | // Policy is the name or identifier of the policy
96 | Policy string `json:"policy"`
97 |
98 | // Rule is the name or identifier of the rule within the policy
99 | // +optional
100 | Rule string `json:"rule,omitempty"`
101 |
102 | // Category indicates policy category
103 | // +optional
104 | Category string `json:"category,omitempty"`
105 |
106 | // Severity indicates policy check result criticality
107 | // +optional
108 | Severity ResultSeverity `json:"severity,omitempty"`
109 |
110 | // Timestamp indicates the time the result was found
111 | Timestamp metav1.Timestamp `json:"timestamp,omitempty"`
112 |
113 | // Result indicates the outcome of the policy rule execution
114 | Result Result `json:"result,omitempty"`
115 |
116 | // Scored indicates if this result is scored
117 | Scored bool `json:"scored,omitempty"`
118 |
119 | // Subjects is an optional reference to the checked Kubernetes resources
120 | // +optional
121 | Subjects []corev1.ObjectReference `json:"resources,omitempty"`
122 |
123 | // ResourceSelector is an optional label selector for checked Kubernetes resources.
124 | // For example, a policy result may apply to all pods that match a label.
125 | // Either a Subject or a ResourceSelector can be specified. If neither are provided, the
126 | // result is assumed to be for the policy report scope.
127 | // +optional
128 | ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`
129 |
130 | // Description is a short user friendly message for the policy rule
131 | Description string `json:"message,omitempty"`
132 |
133 | // Properties provides additional information for the policy rule
134 | Properties map[string]string `json:"properties,omitempty"`
135 | }
136 |
137 | // +genclient
138 | // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
139 | // +kubebuilder:storageversion
140 | // +kubebuilder:object:root=true
141 | // +kubebuilder:printcolumn:name="Kind",type=string,JSONPath=`.scope.kind`,priority=1
142 | // +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.scope.name`,priority=1
143 | // +kubebuilder:printcolumn:name="Pass",type=integer,JSONPath=`.summary.pass`
144 | // +kubebuilder:printcolumn:name="Fail",type=integer,JSONPath=`.summary.fail`
145 | // +kubebuilder:printcolumn:name="Warn",type=integer,JSONPath=`.summary.warn`
146 | // +kubebuilder:printcolumn:name="Error",type=integer,JSONPath=`.summary.error`
147 | // +kubebuilder:printcolumn:name="Skip",type=integer,JSONPath=`.summary.skip`
148 | // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
149 | // +kubebuilder:resource:shortName=reps
150 |
151 | // Report is the Schema for the reports API
152 | type Report struct {
153 | metav1.TypeMeta `json:",inline"`
154 | metav1.ObjectMeta `json:"metadata,omitempty"`
155 |
156 | // Source is an identifier for the source e.g. a policy engine that manages this report.
157 | // Use this field if all the results are produced by a single policy engine.
158 | // If the results are produced by multiple sources e.g. different engines or scanners,
159 | // then use the Source field at the ReportResult level.
160 | // +optional
161 | Source string `json:"source"`
162 |
163 | // Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
164 | // +optional
165 | Scope *corev1.ObjectReference `json:"scope,omitempty"`
166 |
167 | // ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
168 | // Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
169 | // +optional
170 | ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
171 |
172 | // Configuration is an optional field which can be used to specify
173 | // a contract between Report generators and consumers
174 | // +optional
175 | Configuration *ReportConfiguration `json:"configuration,omitempty"`
176 |
177 | // ReportSummary provides a summary of results
178 | // +optional
179 | Summary ReportSummary `json:"summary,omitempty"`
180 |
181 | // ReportResult provides result details
182 | // +optional
183 | Results []ReportResult `json:"results,omitempty"`
184 | }
185 |
186 | // ReportList contains a list of Report
187 | // +kubebuilder:object:root=true
188 | // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
189 | type ReportList struct {
190 | metav1.TypeMeta `json:",inline"`
191 | metav1.ListMeta `json:"metadata,omitempty"`
192 | Items []Report `json:"items"`
193 | }
194 |
195 | func init() {
196 | SchemeBuilder.Register(&Report{}, &ReportList{})
197 | }
198 |
--------------------------------------------------------------------------------
/apis/openreports.io/v1alpha1/zz_generated.deepcopy.go:
--------------------------------------------------------------------------------
1 | //go:build !ignore_autogenerated
2 | // +build !ignore_autogenerated
3 |
4 | /*
5 | Copyright The Kubernetes Authors.
6 |
7 | Licensed under the Apache License, Version 2.0 (the "License");
8 | you may not use this file except in compliance with the License.
9 | You may obtain a copy of the License at
10 |
11 | http://www.apache.org/licenses/LICENSE-2.0
12 |
13 | Unless required by applicable law or agreed to in writing, software
14 | distributed under the License is distributed on an "AS IS" BASIS,
15 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | See the License for the specific language governing permissions and
17 | limitations under the License.
18 | */
19 | // Code generated by deepcopy-gen. DO NOT EDIT.
20 |
21 | package v1alpha1
22 |
23 | import (
24 | v1 "k8s.io/api/core/v1"
25 | metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
26 | runtime "k8s.io/apimachinery/pkg/runtime"
27 | )
28 |
29 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
30 | func (in *ClusterReport) DeepCopyInto(out *ClusterReport) {
31 | *out = *in
32 | out.TypeMeta = in.TypeMeta
33 | in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
34 | if in.Scope != nil {
35 | in, out := &in.Scope, &out.Scope
36 | *out = new(v1.ObjectReference)
37 | **out = **in
38 | }
39 | if in.ScopeSelector != nil {
40 | in, out := &in.ScopeSelector, &out.ScopeSelector
41 | *out = new(metav1.LabelSelector)
42 | (*in).DeepCopyInto(*out)
43 | }
44 | if in.Configuration != nil {
45 | in, out := &in.Configuration, &out.Configuration
46 | *out = new(ReportConfiguration)
47 | (*in).DeepCopyInto(*out)
48 | }
49 | out.Summary = in.Summary
50 | if in.Results != nil {
51 | in, out := &in.Results, &out.Results
52 | *out = make([]ReportResult, len(*in))
53 | for i := range *in {
54 | (*in)[i].DeepCopyInto(&(*out)[i])
55 | }
56 | }
57 | return
58 | }
59 |
60 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterReport.
61 | func (in *ClusterReport) DeepCopy() *ClusterReport {
62 | if in == nil {
63 | return nil
64 | }
65 | out := new(ClusterReport)
66 | in.DeepCopyInto(out)
67 | return out
68 | }
69 |
70 | // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
71 | func (in *ClusterReport) DeepCopyObject() runtime.Object {
72 | if c := in.DeepCopy(); c != nil {
73 | return c
74 | }
75 | return nil
76 | }
77 |
78 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
79 | func (in *ClusterReportList) DeepCopyInto(out *ClusterReportList) {
80 | *out = *in
81 | out.TypeMeta = in.TypeMeta
82 | in.ListMeta.DeepCopyInto(&out.ListMeta)
83 | if in.Items != nil {
84 | in, out := &in.Items, &out.Items
85 | *out = make([]ClusterReport, len(*in))
86 | for i := range *in {
87 | (*in)[i].DeepCopyInto(&(*out)[i])
88 | }
89 | }
90 | return
91 | }
92 |
93 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterReportList.
94 | func (in *ClusterReportList) DeepCopy() *ClusterReportList {
95 | if in == nil {
96 | return nil
97 | }
98 | out := new(ClusterReportList)
99 | in.DeepCopyInto(out)
100 | return out
101 | }
102 |
103 | // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
104 | func (in *ClusterReportList) DeepCopyObject() runtime.Object {
105 | if c := in.DeepCopy(); c != nil {
106 | return c
107 | }
108 | return nil
109 | }
110 |
111 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
112 | func (in *Limits) DeepCopyInto(out *Limits) {
113 | *out = *in
114 | if in.StatusFilter != nil {
115 | in, out := &in.StatusFilter, &out.StatusFilter
116 | *out = make([]StatusFilter, len(*in))
117 | copy(*out, *in)
118 | }
119 | return
120 | }
121 |
122 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Limits.
123 | func (in *Limits) DeepCopy() *Limits {
124 | if in == nil {
125 | return nil
126 | }
127 | out := new(Limits)
128 | in.DeepCopyInto(out)
129 | return out
130 | }
131 |
132 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
133 | func (in *Report) DeepCopyInto(out *Report) {
134 | *out = *in
135 | out.TypeMeta = in.TypeMeta
136 | in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
137 | if in.Scope != nil {
138 | in, out := &in.Scope, &out.Scope
139 | *out = new(v1.ObjectReference)
140 | **out = **in
141 | }
142 | if in.ScopeSelector != nil {
143 | in, out := &in.ScopeSelector, &out.ScopeSelector
144 | *out = new(metav1.LabelSelector)
145 | (*in).DeepCopyInto(*out)
146 | }
147 | if in.Configuration != nil {
148 | in, out := &in.Configuration, &out.Configuration
149 | *out = new(ReportConfiguration)
150 | (*in).DeepCopyInto(*out)
151 | }
152 | out.Summary = in.Summary
153 | if in.Results != nil {
154 | in, out := &in.Results, &out.Results
155 | *out = make([]ReportResult, len(*in))
156 | for i := range *in {
157 | (*in)[i].DeepCopyInto(&(*out)[i])
158 | }
159 | }
160 | return
161 | }
162 |
163 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Report.
164 | func (in *Report) DeepCopy() *Report {
165 | if in == nil {
166 | return nil
167 | }
168 | out := new(Report)
169 | in.DeepCopyInto(out)
170 | return out
171 | }
172 |
173 | // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
174 | func (in *Report) DeepCopyObject() runtime.Object {
175 | if c := in.DeepCopy(); c != nil {
176 | return c
177 | }
178 | return nil
179 | }
180 |
181 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
182 | func (in *ReportConfiguration) DeepCopyInto(out *ReportConfiguration) {
183 | *out = *in
184 | in.Limits.DeepCopyInto(&out.Limits)
185 | return
186 | }
187 |
188 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReportConfiguration.
189 | func (in *ReportConfiguration) DeepCopy() *ReportConfiguration {
190 | if in == nil {
191 | return nil
192 | }
193 | out := new(ReportConfiguration)
194 | in.DeepCopyInto(out)
195 | return out
196 | }
197 |
198 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
199 | func (in *ReportList) DeepCopyInto(out *ReportList) {
200 | *out = *in
201 | out.TypeMeta = in.TypeMeta
202 | in.ListMeta.DeepCopyInto(&out.ListMeta)
203 | if in.Items != nil {
204 | in, out := &in.Items, &out.Items
205 | *out = make([]Report, len(*in))
206 | for i := range *in {
207 | (*in)[i].DeepCopyInto(&(*out)[i])
208 | }
209 | }
210 | return
211 | }
212 |
213 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReportList.
214 | func (in *ReportList) DeepCopy() *ReportList {
215 | if in == nil {
216 | return nil
217 | }
218 | out := new(ReportList)
219 | in.DeepCopyInto(out)
220 | return out
221 | }
222 |
223 | // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
224 | func (in *ReportList) DeepCopyObject() runtime.Object {
225 | if c := in.DeepCopy(); c != nil {
226 | return c
227 | }
228 | return nil
229 | }
230 |
231 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
232 | func (in *ReportResult) DeepCopyInto(out *ReportResult) {
233 | *out = *in
234 | out.Timestamp = in.Timestamp
235 | if in.Subjects != nil {
236 | in, out := &in.Subjects, &out.Subjects
237 | *out = make([]v1.ObjectReference, len(*in))
238 | copy(*out, *in)
239 | }
240 | if in.ResourceSelector != nil {
241 | in, out := &in.ResourceSelector, &out.ResourceSelector
242 | *out = new(metav1.LabelSelector)
243 | (*in).DeepCopyInto(*out)
244 | }
245 | if in.Properties != nil {
246 | in, out := &in.Properties, &out.Properties
247 | *out = make(map[string]string, len(*in))
248 | for key, val := range *in {
249 | (*out)[key] = val
250 | }
251 | }
252 | return
253 | }
254 |
255 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReportResult.
256 | func (in *ReportResult) DeepCopy() *ReportResult {
257 | if in == nil {
258 | return nil
259 | }
260 | out := new(ReportResult)
261 | in.DeepCopyInto(out)
262 | return out
263 | }
264 |
265 | // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
266 | func (in *ReportSummary) DeepCopyInto(out *ReportSummary) {
267 | *out = *in
268 | return
269 | }
270 |
271 | // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReportSummary.
272 | func (in *ReportSummary) DeepCopy() *ReportSummary {
273 | if in == nil {
274 | return nil
275 | }
276 | out := new(ReportSummary)
277 | in.DeepCopyInto(out)
278 | return out
279 | }
280 |
--------------------------------------------------------------------------------
/crd/openreports.io/v1alpha1/openreports.io_clusterreports.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | controller-gen.kubebuilder.io/version: v0.14.0
7 | name: clusterreports.openreports.io
8 | spec:
9 | group: openreports.io
10 | names:
11 | kind: ClusterReport
12 | listKind: ClusterReportList
13 | plural: clusterreports
14 | shortNames:
15 | - creps
16 | singular: clusterreport
17 | scope: Cluster
18 | versions:
19 | - additionalPrinterColumns:
20 | - jsonPath: .scope.kind
21 | name: Kind
22 | priority: 1
23 | type: string
24 | - jsonPath: .scope.name
25 | name: Name
26 | priority: 1
27 | type: string
28 | - jsonPath: .summary.pass
29 | name: Pass
30 | type: integer
31 | - jsonPath: .summary.fail
32 | name: Fail
33 | type: integer
34 | - jsonPath: .summary.warn
35 | name: Warn
36 | type: integer
37 | - jsonPath: .summary.error
38 | name: Error
39 | type: integer
40 | - jsonPath: .summary.skip
41 | name: Skip
42 | type: integer
43 | - jsonPath: .metadata.creationTimestamp
44 | name: Age
45 | type: date
46 | name: v1alpha1
47 | schema:
48 | openAPIV3Schema:
49 | description: ClusterReport is the Schema for the ClusterReport API
50 | properties:
51 | apiVersion:
52 | description: |-
53 | APIVersion defines the versioned schema of this representation of an object.
54 | Servers should convert recognized schemas to the latest internal value, and
55 | may reject unrecognized values.
56 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
57 | type: string
58 | configuration:
59 | description: |-
60 | Configuration is an optional field which can be used to specify
61 | a contract between Report generators and consumers
62 | properties:
63 | limits:
64 | properties:
65 | maxResults:
66 | description: MaxResults is the maximum number of results contained
67 | in the report
68 | type: integer
69 | statusFilter:
70 | description: StatusFilter indicates that the Report contains only
71 | those reports with statuses specified in this list
72 | items:
73 | description: StatusFilter is used by Report generators to write
74 | only those reports whose status is specified by the filters
75 | enum:
76 | - pass
77 | - fail
78 | - warn
79 | - error
80 | - skip
81 | type: string
82 | type: array
83 | type: object
84 | required:
85 | - limits
86 | type: object
87 | kind:
88 | description: |-
89 | Kind is a string value representing the REST resource this object represents.
90 | Servers may infer this from the endpoint the client submits requests to.
91 | Cannot be updated.
92 | In CamelCase.
93 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
94 | type: string
95 | metadata:
96 | type: object
97 | results:
98 | description: ReportResult provides result details
99 | items:
100 | description: ReportResult provides the result for an individual policy
101 | properties:
102 | category:
103 | description: Category indicates policy category
104 | type: string
105 | message:
106 | description: Description is a short user friendly message for the
107 | policy rule
108 | type: string
109 | policy:
110 | description: Policy is the name or identifier of the policy
111 | type: string
112 | properties:
113 | additionalProperties:
114 | type: string
115 | description: Properties provides additional information for the
116 | policy rule
117 | type: object
118 | resourceSelector:
119 | description: |-
120 | ResourceSelector is an optional label selector for checked Kubernetes resources.
121 | For example, a policy result may apply to all pods that match a label.
122 | Either a Subject or a ResourceSelector can be specified. If neither are provided, the
123 | result is assumed to be for the policy report scope.
124 | properties:
125 | matchExpressions:
126 | description: matchExpressions is a list of label selector requirements.
127 | The requirements are ANDed.
128 | items:
129 | description: |-
130 | A label selector requirement is a selector that contains values, a key, and an operator that
131 | relates the key and values.
132 | properties:
133 | key:
134 | description: key is the label key that the selector applies
135 | to.
136 | type: string
137 | operator:
138 | description: |-
139 | operator represents a key's relationship to a set of values.
140 | Valid operators are In, NotIn, Exists and DoesNotExist.
141 | type: string
142 | values:
143 | description: |-
144 | values is an array of string values. If the operator is In or NotIn,
145 | the values array must be non-empty. If the operator is Exists or DoesNotExist,
146 | the values array must be empty. This array is replaced during a strategic
147 | merge patch.
148 | items:
149 | type: string
150 | type: array
151 | x-kubernetes-list-type: atomic
152 | required:
153 | - key
154 | - operator
155 | type: object
156 | type: array
157 | x-kubernetes-list-type: atomic
158 | matchLabels:
159 | additionalProperties:
160 | type: string
161 | description: |-
162 | matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
163 | map is equivalent to an element of matchExpressions, whose key field is "key", the
164 | operator is "In", and the values array contains only "value". The requirements are ANDed.
165 | type: object
166 | type: object
167 | x-kubernetes-map-type: atomic
168 | resources:
169 | description: Subjects is an optional reference to the checked Kubernetes
170 | resources
171 | items:
172 | description: |-
173 | ObjectReference contains enough information to let you inspect or modify the referred object.
174 | ---
175 | New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.
176 | 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.
177 | 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular
178 | restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted".
179 | Those cannot be well described when embedded.
180 | 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.
181 | 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity
182 | during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple
183 | and the version of the actual struct is irrelevant.
184 | 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type
185 | will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.
186 |
187 |
188 | Instead of using this type, create a locally provided and used type that is well-focused on your reference.
189 | For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .
190 | properties:
191 | apiVersion:
192 | description: API version of the referent.
193 | type: string
194 | fieldPath:
195 | description: |-
196 | If referring to a piece of an object instead of an entire object, this string
197 | should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
198 | For example, if the object reference is to a container within a pod, this would take on a value like:
199 | "spec.containers{name}" (where "name" refers to the name of the container that triggered
200 | the event) or if no container name is specified "spec.containers[2]" (container with
201 | index 2 in this pod). This syntax is chosen only to have some well-defined way of
202 | referencing a part of an object.
203 | TODO: this design is not final and this field is subject to change in the future.
204 | type: string
205 | kind:
206 | description: |-
207 | Kind of the referent.
208 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
209 | type: string
210 | name:
211 | description: |-
212 | Name of the referent.
213 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
214 | type: string
215 | namespace:
216 | description: |-
217 | Namespace of the referent.
218 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
219 | type: string
220 | resourceVersion:
221 | description: |-
222 | Specific resourceVersion to which this reference is made, if any.
223 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
224 | type: string
225 | uid:
226 | description: |-
227 | UID of the referent.
228 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
229 | type: string
230 | type: object
231 | x-kubernetes-map-type: atomic
232 | type: array
233 | result:
234 | description: Result indicates the outcome of the policy rule execution
235 | enum:
236 | - pass
237 | - fail
238 | - warn
239 | - error
240 | - skip
241 | type: string
242 | rule:
243 | description: Rule is the name or identifier of the rule within the
244 | policy
245 | type: string
246 | scored:
247 | description: Scored indicates if this result is scored
248 | type: boolean
249 | severity:
250 | description: Severity indicates policy check result criticality
251 | enum:
252 | - critical
253 | - high
254 | - low
255 | - medium
256 | - info
257 | type: string
258 | source:
259 | description: |-
260 | Source is an identifier for the policy engine that manages this report
261 | If the Source is specified at this level, it will override the Source
262 | field set at the Report level
263 | type: string
264 | timestamp:
265 | description: Timestamp indicates the time the result was found
266 | properties:
267 | nanos:
268 | description: |-
269 | Non-negative fractions of a second at nanosecond resolution. Negative
270 | second values with fractions must still have non-negative nanos values
271 | that count forward in time. Must be from 0 to 999,999,999
272 | inclusive. This field may be limited in precision depending on context.
273 | format: int32
274 | type: integer
275 | seconds:
276 | description: |-
277 | Represents seconds of UTC time since Unix epoch
278 | 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
279 | 9999-12-31T23:59:59Z inclusive.
280 | format: int64
281 | type: integer
282 | required:
283 | - nanos
284 | - seconds
285 | type: object
286 | required:
287 | - policy
288 | type: object
289 | type: array
290 | scope:
291 | description: Scope is an optional reference to the report scope (e.g.
292 | a Deployment, Namespace, or Node)
293 | properties:
294 | apiVersion:
295 | description: API version of the referent.
296 | type: string
297 | fieldPath:
298 | description: |-
299 | If referring to a piece of an object instead of an entire object, this string
300 | should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
301 | For example, if the object reference is to a container within a pod, this would take on a value like:
302 | "spec.containers{name}" (where "name" refers to the name of the container that triggered
303 | the event) or if no container name is specified "spec.containers[2]" (container with
304 | index 2 in this pod). This syntax is chosen only to have some well-defined way of
305 | referencing a part of an object.
306 | TODO: this design is not final and this field is subject to change in the future.
307 | type: string
308 | kind:
309 | description: |-
310 | Kind of the referent.
311 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
312 | type: string
313 | name:
314 | description: |-
315 | Name of the referent.
316 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
317 | type: string
318 | namespace:
319 | description: |-
320 | Namespace of the referent.
321 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
322 | type: string
323 | resourceVersion:
324 | description: |-
325 | Specific resourceVersion to which this reference is made, if any.
326 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
327 | type: string
328 | uid:
329 | description: |-
330 | UID of the referent.
331 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
332 | type: string
333 | type: object
334 | x-kubernetes-map-type: atomic
335 | scopeSelector:
336 | description: |-
337 | ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
338 | Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
339 | properties:
340 | matchExpressions:
341 | description: matchExpressions is a list of label selector requirements.
342 | The requirements are ANDed.
343 | items:
344 | description: |-
345 | A label selector requirement is a selector that contains values, a key, and an operator that
346 | relates the key and values.
347 | properties:
348 | key:
349 | description: key is the label key that the selector applies
350 | to.
351 | type: string
352 | operator:
353 | description: |-
354 | operator represents a key's relationship to a set of values.
355 | Valid operators are In, NotIn, Exists and DoesNotExist.
356 | type: string
357 | values:
358 | description: |-
359 | values is an array of string values. If the operator is In or NotIn,
360 | the values array must be non-empty. If the operator is Exists or DoesNotExist,
361 | the values array must be empty. This array is replaced during a strategic
362 | merge patch.
363 | items:
364 | type: string
365 | type: array
366 | x-kubernetes-list-type: atomic
367 | required:
368 | - key
369 | - operator
370 | type: object
371 | type: array
372 | x-kubernetes-list-type: atomic
373 | matchLabels:
374 | additionalProperties:
375 | type: string
376 | description: |-
377 | matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
378 | map is equivalent to an element of matchExpressions, whose key field is "key", the
379 | operator is "In", and the values array contains only "value". The requirements are ANDed.
380 | type: object
381 | type: object
382 | x-kubernetes-map-type: atomic
383 | source:
384 | description: |-
385 | Source is an identifier for the source e.g. a policy engine that manages this report.
386 | Use this field if all the results are produced by a single policy engine.
387 | If the results are produced by multiple sources e.g. different engines or scanners,
388 | then use the Source field at the ReportResult level.
389 | type: string
390 | summary:
391 | description: ReportSummary provides a summary of results
392 | properties:
393 | error:
394 | description: Error provides the count of policies that could not be
395 | evaluated
396 | type: integer
397 | fail:
398 | description: Fail provides the count of policies whose requirements
399 | were not met
400 | type: integer
401 | pass:
402 | description: Pass provides the count of policies whose requirements
403 | were met
404 | type: integer
405 | skip:
406 | description: Skip indicates the count of policies that were not selected
407 | for evaluation
408 | type: integer
409 | warn:
410 | description: Warn provides the count of non-scored policies whose
411 | requirements were not met
412 | type: integer
413 | type: object
414 | type: object
415 | served: true
416 | storage: true
417 | subresources: {}
418 |
--------------------------------------------------------------------------------
/crd/openreports.io/v1alpha1/openreports.io_reports.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apiextensions.k8s.io/v1
3 | kind: CustomResourceDefinition
4 | metadata:
5 | annotations:
6 | controller-gen.kubebuilder.io/version: v0.14.0
7 | name: reports.openreports.io
8 | spec:
9 | group: openreports.io
10 | names:
11 | kind: Report
12 | listKind: ReportList
13 | plural: reports
14 | shortNames:
15 | - reps
16 | singular: report
17 | scope: Namespaced
18 | versions:
19 | - additionalPrinterColumns:
20 | - jsonPath: .scope.kind
21 | name: Kind
22 | priority: 1
23 | type: string
24 | - jsonPath: .scope.name
25 | name: Name
26 | priority: 1
27 | type: string
28 | - jsonPath: .summary.pass
29 | name: Pass
30 | type: integer
31 | - jsonPath: .summary.fail
32 | name: Fail
33 | type: integer
34 | - jsonPath: .summary.warn
35 | name: Warn
36 | type: integer
37 | - jsonPath: .summary.error
38 | name: Error
39 | type: integer
40 | - jsonPath: .summary.skip
41 | name: Skip
42 | type: integer
43 | - jsonPath: .metadata.creationTimestamp
44 | name: Age
45 | type: date
46 | name: v1alpha1
47 | schema:
48 | openAPIV3Schema:
49 | description: Report is the Schema for the reports API
50 | properties:
51 | apiVersion:
52 | description: |-
53 | APIVersion defines the versioned schema of this representation of an object.
54 | Servers should convert recognized schemas to the latest internal value, and
55 | may reject unrecognized values.
56 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
57 | type: string
58 | configuration:
59 | description: |-
60 | Configuration is an optional field which can be used to specify
61 | a contract between Report generators and consumers
62 | properties:
63 | limits:
64 | properties:
65 | maxResults:
66 | description: MaxResults is the maximum number of results contained
67 | in the report
68 | type: integer
69 | statusFilter:
70 | description: StatusFilter indicates that the Report contains only
71 | those reports with statuses specified in this list
72 | items:
73 | description: StatusFilter is used by Report generators to write
74 | only those reports whose status is specified by the filters
75 | enum:
76 | - pass
77 | - fail
78 | - warn
79 | - error
80 | - skip
81 | type: string
82 | type: array
83 | type: object
84 | required:
85 | - limits
86 | type: object
87 | kind:
88 | description: |-
89 | Kind is a string value representing the REST resource this object represents.
90 | Servers may infer this from the endpoint the client submits requests to.
91 | Cannot be updated.
92 | In CamelCase.
93 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
94 | type: string
95 | metadata:
96 | type: object
97 | results:
98 | description: ReportResult provides result details
99 | items:
100 | description: ReportResult provides the result for an individual policy
101 | properties:
102 | category:
103 | description: Category indicates policy category
104 | type: string
105 | message:
106 | description: Description is a short user friendly message for the
107 | policy rule
108 | type: string
109 | policy:
110 | description: Policy is the name or identifier of the policy
111 | type: string
112 | properties:
113 | additionalProperties:
114 | type: string
115 | description: Properties provides additional information for the
116 | policy rule
117 | type: object
118 | resourceSelector:
119 | description: |-
120 | ResourceSelector is an optional label selector for checked Kubernetes resources.
121 | For example, a policy result may apply to all pods that match a label.
122 | Either a Subject or a ResourceSelector can be specified. If neither are provided, the
123 | result is assumed to be for the policy report scope.
124 | properties:
125 | matchExpressions:
126 | description: matchExpressions is a list of label selector requirements.
127 | The requirements are ANDed.
128 | items:
129 | description: |-
130 | A label selector requirement is a selector that contains values, a key, and an operator that
131 | relates the key and values.
132 | properties:
133 | key:
134 | description: key is the label key that the selector applies
135 | to.
136 | type: string
137 | operator:
138 | description: |-
139 | operator represents a key's relationship to a set of values.
140 | Valid operators are In, NotIn, Exists and DoesNotExist.
141 | type: string
142 | values:
143 | description: |-
144 | values is an array of string values. If the operator is In or NotIn,
145 | the values array must be non-empty. If the operator is Exists or DoesNotExist,
146 | the values array must be empty. This array is replaced during a strategic
147 | merge patch.
148 | items:
149 | type: string
150 | type: array
151 | x-kubernetes-list-type: atomic
152 | required:
153 | - key
154 | - operator
155 | type: object
156 | type: array
157 | x-kubernetes-list-type: atomic
158 | matchLabels:
159 | additionalProperties:
160 | type: string
161 | description: |-
162 | matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
163 | map is equivalent to an element of matchExpressions, whose key field is "key", the
164 | operator is "In", and the values array contains only "value". The requirements are ANDed.
165 | type: object
166 | type: object
167 | x-kubernetes-map-type: atomic
168 | resources:
169 | description: Subjects is an optional reference to the checked Kubernetes
170 | resources
171 | items:
172 | description: |-
173 | ObjectReference contains enough information to let you inspect or modify the referred object.
174 | ---
175 | New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.
176 | 1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.
177 | 2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular
178 | restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted".
179 | Those cannot be well described when embedded.
180 | 3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.
181 | 4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity
182 | during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple
183 | and the version of the actual struct is irrelevant.
184 | 5. We cannot easily change it. Because this type is embedded in many locations, updates to this type
185 | will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.
186 |
187 |
188 | Instead of using this type, create a locally provided and used type that is well-focused on your reference.
189 | For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .
190 | properties:
191 | apiVersion:
192 | description: API version of the referent.
193 | type: string
194 | fieldPath:
195 | description: |-
196 | If referring to a piece of an object instead of an entire object, this string
197 | should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
198 | For example, if the object reference is to a container within a pod, this would take on a value like:
199 | "spec.containers{name}" (where "name" refers to the name of the container that triggered
200 | the event) or if no container name is specified "spec.containers[2]" (container with
201 | index 2 in this pod). This syntax is chosen only to have some well-defined way of
202 | referencing a part of an object.
203 | TODO: this design is not final and this field is subject to change in the future.
204 | type: string
205 | kind:
206 | description: |-
207 | Kind of the referent.
208 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
209 | type: string
210 | name:
211 | description: |-
212 | Name of the referent.
213 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
214 | type: string
215 | namespace:
216 | description: |-
217 | Namespace of the referent.
218 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
219 | type: string
220 | resourceVersion:
221 | description: |-
222 | Specific resourceVersion to which this reference is made, if any.
223 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
224 | type: string
225 | uid:
226 | description: |-
227 | UID of the referent.
228 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
229 | type: string
230 | type: object
231 | x-kubernetes-map-type: atomic
232 | type: array
233 | result:
234 | description: Result indicates the outcome of the policy rule execution
235 | enum:
236 | - pass
237 | - fail
238 | - warn
239 | - error
240 | - skip
241 | type: string
242 | rule:
243 | description: Rule is the name or identifier of the rule within the
244 | policy
245 | type: string
246 | scored:
247 | description: Scored indicates if this result is scored
248 | type: boolean
249 | severity:
250 | description: Severity indicates policy check result criticality
251 | enum:
252 | - critical
253 | - high
254 | - low
255 | - medium
256 | - info
257 | type: string
258 | source:
259 | description: |-
260 | Source is an identifier for the policy engine that manages this report
261 | If the Source is specified at this level, it will override the Source
262 | field set at the Report level
263 | type: string
264 | timestamp:
265 | description: Timestamp indicates the time the result was found
266 | properties:
267 | nanos:
268 | description: |-
269 | Non-negative fractions of a second at nanosecond resolution. Negative
270 | second values with fractions must still have non-negative nanos values
271 | that count forward in time. Must be from 0 to 999,999,999
272 | inclusive. This field may be limited in precision depending on context.
273 | format: int32
274 | type: integer
275 | seconds:
276 | description: |-
277 | Represents seconds of UTC time since Unix epoch
278 | 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
279 | 9999-12-31T23:59:59Z inclusive.
280 | format: int64
281 | type: integer
282 | required:
283 | - nanos
284 | - seconds
285 | type: object
286 | required:
287 | - policy
288 | type: object
289 | type: array
290 | scope:
291 | description: Scope is an optional reference to the report scope (e.g.
292 | a Deployment, Namespace, or Node)
293 | properties:
294 | apiVersion:
295 | description: API version of the referent.
296 | type: string
297 | fieldPath:
298 | description: |-
299 | If referring to a piece of an object instead of an entire object, this string
300 | should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
301 | For example, if the object reference is to a container within a pod, this would take on a value like:
302 | "spec.containers{name}" (where "name" refers to the name of the container that triggered
303 | the event) or if no container name is specified "spec.containers[2]" (container with
304 | index 2 in this pod). This syntax is chosen only to have some well-defined way of
305 | referencing a part of an object.
306 | TODO: this design is not final and this field is subject to change in the future.
307 | type: string
308 | kind:
309 | description: |-
310 | Kind of the referent.
311 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
312 | type: string
313 | name:
314 | description: |-
315 | Name of the referent.
316 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
317 | type: string
318 | namespace:
319 | description: |-
320 | Namespace of the referent.
321 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
322 | type: string
323 | resourceVersion:
324 | description: |-
325 | Specific resourceVersion to which this reference is made, if any.
326 | More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
327 | type: string
328 | uid:
329 | description: |-
330 | UID of the referent.
331 | More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
332 | type: string
333 | type: object
334 | x-kubernetes-map-type: atomic
335 | scopeSelector:
336 | description: |-
337 | ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
338 | Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
339 | properties:
340 | matchExpressions:
341 | description: matchExpressions is a list of label selector requirements.
342 | The requirements are ANDed.
343 | items:
344 | description: |-
345 | A label selector requirement is a selector that contains values, a key, and an operator that
346 | relates the key and values.
347 | properties:
348 | key:
349 | description: key is the label key that the selector applies
350 | to.
351 | type: string
352 | operator:
353 | description: |-
354 | operator represents a key's relationship to a set of values.
355 | Valid operators are In, NotIn, Exists and DoesNotExist.
356 | type: string
357 | values:
358 | description: |-
359 | values is an array of string values. If the operator is In or NotIn,
360 | the values array must be non-empty. If the operator is Exists or DoesNotExist,
361 | the values array must be empty. This array is replaced during a strategic
362 | merge patch.
363 | items:
364 | type: string
365 | type: array
366 | x-kubernetes-list-type: atomic
367 | required:
368 | - key
369 | - operator
370 | type: object
371 | type: array
372 | x-kubernetes-list-type: atomic
373 | matchLabels:
374 | additionalProperties:
375 | type: string
376 | description: |-
377 | matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
378 | map is equivalent to an element of matchExpressions, whose key field is "key", the
379 | operator is "In", and the values array contains only "value". The requirements are ANDed.
380 | type: object
381 | type: object
382 | x-kubernetes-map-type: atomic
383 | source:
384 | description: |-
385 | Source is an identifier for the source e.g. a policy engine that manages this report.
386 | Use this field if all the results are produced by a single policy engine.
387 | If the results are produced by multiple sources e.g. different engines or scanners,
388 | then use the Source field at the ReportResult level.
389 | type: string
390 | summary:
391 | description: ReportSummary provides a summary of results
392 | properties:
393 | error:
394 | description: Error provides the count of policies that could not be
395 | evaluated
396 | type: integer
397 | fail:
398 | description: Fail provides the count of policies whose requirements
399 | were not met
400 | type: integer
401 | pass:
402 | description: Pass provides the count of policies whose requirements
403 | were met
404 | type: integer
405 | skip:
406 | description: Skip indicates the count of policies that were not selected
407 | for evaluation
408 | type: integer
409 | warn:
410 | description: Warn provides the count of non-scored policies whose
411 | requirements were not met
412 | type: integer
413 | type: object
414 | type: object
415 | served: true
416 | storage: true
417 | subresources: {}
418 |
--------------------------------------------------------------------------------
/docs/api-docs.md:
--------------------------------------------------------------------------------
1 | # API Reference
2 |
3 | ## Packages
4 | - [openreports.io/v1alpha1](#openreportsiov1alpha1)
5 |
6 |
7 | ## openreports.io/v1alpha1
8 |
9 | Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
10 |
11 | Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
12 |
13 | ### Resource Types
14 | - [ClusterReport](#clusterreport)
15 | - [ClusterReportList](#clusterreportlist)
16 | - [Report](#report)
17 | - [ReportList](#reportlist)
18 |
19 |
20 |
21 | #### ClusterReport
22 |
23 |
24 |
25 | ClusterReport is the Schema for the ClusterReport API
26 |
27 |
28 |
29 | _Appears in:_
30 | - [ClusterReportList](#clusterreportlist)
31 |
32 | | Field | Description | Default | Validation |
33 | | --- | --- | --- | --- |
34 | | `apiVersion` _string_ | `openreports.io/v1alpha1` | | |
35 | | `kind` _string_ | `ClusterReport` | | |
36 | | `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | |
37 | | `source` _string_ | Source is an identifier for the source e.g. a policy engine that manages this report.
Use this field if all the results are produced by a single policy engine.
If the results are produced by multiple sources e.g. different engines or scanners,
then use the Source field at the ReportResult level. | | |
38 | | `scope` _[ObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectreference-v1-core)_ | Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node) | | |
39 | | `scopeSelector` _[LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#labelselector-v1-meta)_ | ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
Either one of, or none of, but not both of, Scope or ScopeSelector should be specified. | | |
40 | | `configuration` _[ReportConfiguration](#reportconfiguration)_ | Configuration is an optional field which can be used to specify
a contract between Report generators and consumers | | |
41 | | `summary` _[ReportSummary](#reportsummary)_ | ReportSummary provides a summary of results | | |
42 | | `results` _[ReportResult](#reportresult) array_ | ReportResult provides result details | | |
43 |
44 |
45 | #### ClusterReportList
46 |
47 |
48 |
49 | ClusterReportList contains a list of ClusterReport
50 |
51 |
52 |
53 |
54 |
55 | | Field | Description | Default | Validation |
56 | | --- | --- | --- | --- |
57 | | `apiVersion` _string_ | `openreports.io/v1alpha1` | | |
58 | | `kind` _string_ | `ClusterReportList` | | |
59 | | `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | |
60 | | `items` _[ClusterReport](#clusterreport) array_ | | | |
61 |
62 |
63 | #### Limits
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 | _Appears in:_
72 | - [ReportConfiguration](#reportconfiguration)
73 |
74 | | Field | Description | Default | Validation |
75 | | --- | --- | --- | --- |
76 | | `maxResults` _integer_ | MaxResults is the maximum number of results contained in the report | | |
77 | | `statusFilter` _[StatusFilter](#statusfilter) array_ | StatusFilter indicates that the Report contains only those reports with statuses specified in this list | | Enum: [pass fail warn error skip]
|
78 |
79 |
80 | #### Report
81 |
82 |
83 |
84 | Report is the Schema for the reports API
85 |
86 |
87 |
88 | _Appears in:_
89 | - [ReportList](#reportlist)
90 |
91 | | Field | Description | Default | Validation |
92 | | --- | --- | --- | --- |
93 | | `apiVersion` _string_ | `openreports.io/v1alpha1` | | |
94 | | `kind` _string_ | `Report` | | |
95 | | `metadata` _[ObjectMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | |
96 | | `source` _string_ | Source is an identifier for the source e.g. a policy engine that manages this report.
Use this field if all the results are produced by a single policy engine.
If the results are produced by multiple sources e.g. different engines or scanners,
then use the Source field at the ReportResult level. | | |
97 | | `scope` _[ObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectreference-v1-core)_ | Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node) | | |
98 | | `scopeSelector` _[LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#labelselector-v1-meta)_ | ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
Either one of, or none of, but not both of, Scope or ScopeSelector should be specified. | | |
99 | | `configuration` _[ReportConfiguration](#reportconfiguration)_ | Configuration is an optional field which can be used to specify
a contract between Report generators and consumers | | |
100 | | `summary` _[ReportSummary](#reportsummary)_ | ReportSummary provides a summary of results | | |
101 | | `results` _[ReportResult](#reportresult) array_ | ReportResult provides result details | | |
102 |
103 |
104 | #### ReportConfiguration
105 |
106 |
107 |
108 |
109 |
110 |
111 |
112 | _Appears in:_
113 | - [ClusterReport](#clusterreport)
114 | - [Report](#report)
115 |
116 | | Field | Description | Default | Validation |
117 | | --- | --- | --- | --- |
118 | | `limits` _[Limits](#limits)_ | | | |
119 |
120 |
121 | #### ReportList
122 |
123 |
124 |
125 | ReportList contains a list of Report
126 |
127 |
128 |
129 |
130 |
131 | | Field | Description | Default | Validation |
132 | | --- | --- | --- | --- |
133 | | `apiVersion` _string_ | `openreports.io/v1alpha1` | | |
134 | | `kind` _string_ | `ReportList` | | |
135 | | `metadata` _[ListMeta](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#listmeta-v1-meta)_ | Refer to Kubernetes API documentation for fields of `metadata`. | | |
136 | | `items` _[Report](#report) array_ | | | |
137 |
138 |
139 | #### ReportResult
140 |
141 |
142 |
143 | ReportResult provides the result for an individual policy
144 |
145 |
146 |
147 | _Appears in:_
148 | - [ClusterReport](#clusterreport)
149 | - [Report](#report)
150 |
151 | | Field | Description | Default | Validation |
152 | | --- | --- | --- | --- |
153 | | `source` _string_ | Source is an identifier for the policy engine that manages this report
If the Source is specified at this level, it will override the Source
field set at the Report level | | |
154 | | `policy` _string_ | Policy is the name or identifier of the policy | | |
155 | | `rule` _string_ | Rule is the name or identifier of the rule within the policy | | |
156 | | `category` _string_ | Category indicates policy category | | |
157 | | `severity` _[ResultSeverity](#resultseverity)_ | Severity indicates policy check result criticality | | Enum: [critical high low medium info]
|
158 | | `timestamp` _[Timestamp](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#timestamp-v1-meta)_ | Timestamp indicates the time the result was found | | |
159 | | `result` _[Result](#result)_ | Result indicates the outcome of the policy rule execution | | Enum: [pass fail warn error skip]
|
160 | | `scored` _boolean_ | Scored indicates if this result is scored | | |
161 | | `resources` _[ObjectReference](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#objectreference-v1-core) array_ | Subjects is an optional reference to the checked Kubernetes resources | | |
162 | | `resourceSelector` _[LabelSelector](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.29/#labelselector-v1-meta)_ | ResourceSelector is an optional label selector for checked Kubernetes resources.
For example, a policy result may apply to all pods that match a label.
Either a Subject or a ResourceSelector can be specified. If neither are provided, the
result is assumed to be for the policy report scope. | | |
163 | | `message` _string_ | Description is a short user friendly message for the policy rule | | |
164 | | `properties` _object (keys:string, values:string)_ | Properties provides additional information for the policy rule | | |
165 |
166 |
167 | #### ReportSummary
168 |
169 |
170 |
171 | ReportSummary provides a status count summary
172 |
173 |
174 |
175 | _Appears in:_
176 | - [ClusterReport](#clusterreport)
177 | - [Report](#report)
178 |
179 | | Field | Description | Default | Validation |
180 | | --- | --- | --- | --- |
181 | | `pass` _integer_ | Pass provides the count of policies whose requirements were met | | |
182 | | `fail` _integer_ | Fail provides the count of policies whose requirements were not met | | |
183 | | `warn` _integer_ | Warn provides the count of non-scored policies whose requirements were not met | | |
184 | | `error` _integer_ | Error provides the count of policies that could not be evaluated | | |
185 | | `skip` _integer_ | Skip indicates the count of policies that were not selected for evaluation | | |
186 |
187 |
188 | #### Result
189 |
190 | _Underlying type:_ _string_
191 |
192 | Result has one of the following values:
193 | - pass: the policy requirements are met
194 | - fail: the policy requirements are not met
195 | - warn: the policy requirements are not met and the policy is not scored
196 | - error: the policy could not be evaluated
197 | - skip: the policy was not selected based on user inputs or applicability
198 |
199 | _Validation:_
200 | - Enum: [pass fail warn error skip]
201 |
202 | _Appears in:_
203 | - [ReportResult](#reportresult)
204 |
205 |
206 |
207 | #### ResultSeverity
208 |
209 | _Underlying type:_ _string_
210 |
211 | ResultSeverity has one of the following values:
212 | - critical
213 | - high
214 | - low
215 | - medium
216 | - info
217 |
218 | _Validation:_
219 | - Enum: [critical high low medium info]
220 |
221 | _Appears in:_
222 | - [ReportResult](#reportresult)
223 |
224 |
225 |
226 | #### StatusFilter
227 |
228 | _Underlying type:_ _string_
229 |
230 | StatusFilter is used by Report generators to write only those reports whose status is specified by the filters
231 |
232 | _Validation:_
233 | - Enum: [pass fail warn error skip]
234 |
235 | _Appears in:_
236 | - [Limits](#limits)
237 |
238 |
239 |
240 |
--------------------------------------------------------------------------------
/docs/config.yaml:
--------------------------------------------------------------------------------
1 | processor:
2 | ignoreGroupVersions:
3 | ignoreTypes:
4 | ignoreFields:
5 | - "status$"
6 | - "TypeMeta$"
7 | - "kind$"
8 | - "apiVersion$"
9 | customMarkers:
10 | - name: "hidefromdoc"
11 | target: field
12 |
13 | render:
14 | kubernetesVersion: 1.29
15 | knownTypes:
16 |
--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
1 | module openreports.io
2 |
3 | go 1.24.1
4 |
5 | require (
6 | k8s.io/api v0.29.3
7 | k8s.io/apimachinery v0.30.0-rc.2
8 | k8s.io/client-go v0.29.3
9 | k8s.io/code-generator v0.30.0-rc.2
10 | sigs.k8s.io/controller-runtime v0.16.3
11 | )
12 |
13 | require (
14 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
15 | github.com/emicklei/go-restful/v3 v3.11.0 // indirect
16 | github.com/evanphx/json-patch v5.7.0+incompatible // indirect
17 | github.com/go-logr/logr v1.4.1 // indirect
18 | github.com/go-openapi/jsonpointer v0.20.0 // indirect
19 | github.com/go-openapi/jsonreference v0.20.2 // indirect
20 | github.com/go-openapi/swag v0.22.4 // indirect
21 | github.com/gogo/protobuf v1.3.2 // indirect
22 | github.com/golang/protobuf v1.5.4 // indirect
23 | github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 // indirect
24 | github.com/google/go-cmp v0.6.0 // indirect
25 | github.com/google/gofuzz v1.2.0 // indirect
26 | github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b // indirect
27 | github.com/google/uuid v1.6.0 // indirect
28 | github.com/josharian/intern v1.0.0 // indirect
29 | github.com/json-iterator/go v1.1.12 // indirect
30 | github.com/mailru/easyjson v0.7.7 // indirect
31 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
32 | github.com/modern-go/reflect2 v1.0.2 // indirect
33 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
34 | github.com/pkg/errors v0.9.1 // indirect
35 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
36 | github.com/spf13/pflag v1.0.5 // indirect
37 | github.com/stretchr/testify v1.9.0 // indirect
38 | golang.org/x/mod v0.17.0 // indirect
39 | golang.org/x/net v0.24.0 // indirect
40 | golang.org/x/oauth2 v0.14.0 // indirect
41 | golang.org/x/sync v0.7.0 // indirect
42 | golang.org/x/sys v0.19.0 // indirect
43 | golang.org/x/term v0.19.0 // indirect
44 | golang.org/x/text v0.14.0 // indirect
45 | golang.org/x/time v0.5.0 // indirect
46 | golang.org/x/tools v0.20.0 // indirect
47 | google.golang.org/appengine v1.6.8 // indirect
48 | google.golang.org/protobuf v1.33.0 // indirect
49 | gopkg.in/inf.v0 v0.9.1 // indirect
50 | gopkg.in/yaml.v2 v2.4.0 // indirect
51 | gopkg.in/yaml.v3 v3.0.1 // indirect
52 | k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 // indirect
53 | k8s.io/klog/v2 v2.120.1 // indirect
54 | k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
55 | k8s.io/utils v0.0.0-20240310230437-4693a0247e57 // indirect
56 | sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
57 | sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
58 | sigs.k8s.io/yaml v1.4.0 // indirect
59 | )
60 |
--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
1 | github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
2 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
3 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
4 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
5 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
6 | github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
7 | github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
8 | github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI=
9 | github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
10 | github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
11 | github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
12 | github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
13 | github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ=
14 | github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA=
15 | github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
16 | github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
17 | github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
18 | github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU=
19 | github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
20 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
21 | github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
22 | github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
23 | github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
24 | github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
25 | github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
26 | github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
27 | github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
28 | github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49 h1:0VpGH+cDhbDtdcweoyCVsF3fhN8kejK6rFe/2FFX2nU=
29 | github.com/google/gnostic-models v0.6.9-0.20230804172637-c7be7c783f49/go.mod h1:BkkQ4L1KS1xMt2aWSPStnn55ChGC0DPOn2FQYj+f25M=
30 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
31 | github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
32 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
33 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
34 | github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
35 | github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
36 | github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
37 | github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b h1:RMpPgZTSApbPf7xaVel+QkoGPRLFLrwFO89uDUHEGf0=
38 | github.com/google/pprof v0.0.0-20231023181126-ff6d637d2a7b/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik=
39 | github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
40 | github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
41 | github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
42 | github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
43 | github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
44 | github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
45 | github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
46 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
47 | github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
48 | github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
49 | github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
50 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
51 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
52 | github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
53 | github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
54 | github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
55 | github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
56 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
57 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
58 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
59 | github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
60 | github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
61 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
62 | github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
63 | github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
64 | github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
65 | github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE=
66 | github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk=
67 | github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
68 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
69 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
70 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
71 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
72 | github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
73 | github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
74 | github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
75 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
76 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
77 | github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
78 | github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
79 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
80 | github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
81 | github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
82 | github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
83 | github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
84 | github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
85 | github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
86 | github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
87 | github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
88 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
89 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
90 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
91 | golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
92 | golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
93 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
94 | golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
95 | golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
96 | golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
97 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
98 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
99 | golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
100 | golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
101 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
102 | golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
103 | golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w=
104 | golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
105 | golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0=
106 | golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM=
107 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
108 | golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
109 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
110 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
111 | golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
112 | golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
113 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
114 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
115 | golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
116 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
117 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
118 | golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
119 | golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
120 | golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
121 | golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
122 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
123 | golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
124 | golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q=
125 | golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
126 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
127 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
128 | golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
129 | golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
130 | golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
131 | golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
132 | golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
133 | golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
134 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
135 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
136 | golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
137 | golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
138 | golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
139 | golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY=
140 | golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg=
141 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
142 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
143 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
144 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
145 | google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
146 | google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
147 | google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
148 | google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
149 | google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
150 | google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
151 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
152 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
153 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
154 | gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
155 | gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
156 | gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
157 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
158 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
159 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
160 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
161 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
162 | k8s.io/api v0.29.3 h1:2ORfZ7+bGC3YJqGpV0KSDDEVf8hdGQ6A03/50vj8pmw=
163 | k8s.io/api v0.29.3/go.mod h1:y2yg2NTyHUUkIoTC+phinTnEa3KFM6RZ3szxt014a80=
164 | k8s.io/apimachinery v0.30.0-rc.2 h1:Q1JPqws5zCGjRwKtLW8ZKOY8lvl6aJejqIixJlHoAhc=
165 | k8s.io/apimachinery v0.30.0-rc.2/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
166 | k8s.io/client-go v0.29.3 h1:R/zaZbEAxqComZ9FHeQwOh3Y1ZUs7FaHKZdQtIc2WZg=
167 | k8s.io/client-go v0.29.3/go.mod h1:tkDisCvgPfiRpxGnOORfkljmS+UrW+WtXAy2fTvXJB0=
168 | k8s.io/code-generator v0.30.0-rc.2 h1:FpFPiuhuaZXGm6MUNBRwCdcBO9RhTvu0DwU8xW07XJo=
169 | k8s.io/code-generator v0.30.0-rc.2/go.mod h1:EnOT8yIxF1CXH4qxYhPgJ3wqVeATHN0LCF7RnVmMCyE=
170 | k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70 h1:NGrVE502P0s0/1hudf8zjgwki1X/TByhmAoILTarmzo=
171 | k8s.io/gengo/v2 v2.0.0-20240228010128-51d4e06bde70/go.mod h1:VH3AT8AaQOqiGjMF9p0/IM1Dj+82ZwjfxUP1IxaHE+8=
172 | k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
173 | k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
174 | k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
175 | k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
176 | k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0gQBEuevE/AaBsHY=
177 | k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
178 | sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4=
179 | sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0=
180 | sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
181 | sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
182 | sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
183 | sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
184 | sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
185 | sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
186 |
--------------------------------------------------------------------------------
/hack/boilerplate.go.txt:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
--------------------------------------------------------------------------------
/hack/codegen.go:
--------------------------------------------------------------------------------
1 | package hack
2 |
3 | import (
4 | _ "k8s.io/code-generator"
5 | )
6 |
--------------------------------------------------------------------------------
/hack/update-codegen.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | # Copyright 2023 The Kubernetes Authors.
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 |
17 | # Derived from: https://github.com/kubernetes/code-generator/blob/master/examples/hack/update-codegen.sh
18 |
19 | set -o errexit
20 | set -o nounset
21 | set -o pipefail
22 |
23 | SCRIPT_DIR="$(dirname "${BASH_SOURCE[0]}")"
24 | SCRIPT_ROOT="${SCRIPT_DIR}/.."
25 | CODEGEN_PKG="${CODEGEN_PKG:-"${SCRIPT_ROOT}/bin"}"
26 |
27 | source "${CODEGEN_PKG}/kube_codegen.sh"
28 |
29 | kube::codegen::gen_helpers \
30 | --boilerplate "${SCRIPT_ROOT}/hack/boilerplate.go.txt" \
31 | "${SCRIPT_ROOT}/apis"
32 |
33 | kube::codegen::gen_client \
34 | --with-watch \
35 | --output-dir "${SCRIPT_ROOT}/pkg/client" \
36 | --output-pkg "openreports.io/pkg/client" \
37 | --boilerplate "${SCRIPT_ROOT}/hack/boilerplate.go.txt" \
38 | "${SCRIPT_ROOT}/apis"
39 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/clientset.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package versioned
19 |
20 | import (
21 | "fmt"
22 | "net/http"
23 |
24 | discovery "k8s.io/client-go/discovery"
25 | rest "k8s.io/client-go/rest"
26 | flowcontrol "k8s.io/client-go/util/flowcontrol"
27 | openreportsv1alpha1 "openreports.io/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1"
28 | )
29 |
30 | type Interface interface {
31 | Discovery() discovery.DiscoveryInterface
32 | OpenreportsV1alpha1() openreportsv1alpha1.OpenreportsV1alpha1Interface
33 | }
34 |
35 | // Clientset contains the clients for groups.
36 | type Clientset struct {
37 | *discovery.DiscoveryClient
38 | openreportsV1alpha1 *openreportsv1alpha1.OpenreportsV1alpha1Client
39 | }
40 |
41 | // OpenreportsV1alpha1 retrieves the OpenreportsV1alpha1Client
42 | func (c *Clientset) OpenreportsV1alpha1() openreportsv1alpha1.OpenreportsV1alpha1Interface {
43 | return c.openreportsV1alpha1
44 | }
45 |
46 | // Discovery retrieves the DiscoveryClient
47 | func (c *Clientset) Discovery() discovery.DiscoveryInterface {
48 | if c == nil {
49 | return nil
50 | }
51 | return c.DiscoveryClient
52 | }
53 |
54 | // NewForConfig creates a new Clientset for the given config.
55 | // If config's RateLimiter is not set and QPS and Burst are acceptable,
56 | // NewForConfig will generate a rate-limiter in configShallowCopy.
57 | // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
58 | // where httpClient was generated with rest.HTTPClientFor(c).
59 | func NewForConfig(c *rest.Config) (*Clientset, error) {
60 | configShallowCopy := *c
61 |
62 | if configShallowCopy.UserAgent == "" {
63 | configShallowCopy.UserAgent = rest.DefaultKubernetesUserAgent()
64 | }
65 |
66 | // share the transport between all clients
67 | httpClient, err := rest.HTTPClientFor(&configShallowCopy)
68 | if err != nil {
69 | return nil, err
70 | }
71 |
72 | return NewForConfigAndClient(&configShallowCopy, httpClient)
73 | }
74 |
75 | // NewForConfigAndClient creates a new Clientset for the given config and http client.
76 | // Note the http client provided takes precedence over the configured transport values.
77 | // If config's RateLimiter is not set and QPS and Burst are acceptable,
78 | // NewForConfigAndClient will generate a rate-limiter in configShallowCopy.
79 | func NewForConfigAndClient(c *rest.Config, httpClient *http.Client) (*Clientset, error) {
80 | configShallowCopy := *c
81 | if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 {
82 | if configShallowCopy.Burst <= 0 {
83 | return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0")
84 | }
85 | configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst)
86 | }
87 |
88 | var cs Clientset
89 | var err error
90 | cs.openreportsV1alpha1, err = openreportsv1alpha1.NewForConfigAndClient(&configShallowCopy, httpClient)
91 | if err != nil {
92 | return nil, err
93 | }
94 |
95 | cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfigAndClient(&configShallowCopy, httpClient)
96 | if err != nil {
97 | return nil, err
98 | }
99 | return &cs, nil
100 | }
101 |
102 | // NewForConfigOrDie creates a new Clientset for the given config and
103 | // panics if there is an error in the config.
104 | func NewForConfigOrDie(c *rest.Config) *Clientset {
105 | cs, err := NewForConfig(c)
106 | if err != nil {
107 | panic(err)
108 | }
109 | return cs
110 | }
111 |
112 | // New creates a new Clientset for the given RESTClient.
113 | func New(c rest.Interface) *Clientset {
114 | var cs Clientset
115 | cs.openreportsV1alpha1 = openreportsv1alpha1.New(c)
116 |
117 | cs.DiscoveryClient = discovery.NewDiscoveryClient(c)
118 | return &cs
119 | }
120 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/fake/clientset_generated.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | "k8s.io/apimachinery/pkg/runtime"
22 | "k8s.io/apimachinery/pkg/watch"
23 | "k8s.io/client-go/discovery"
24 | fakediscovery "k8s.io/client-go/discovery/fake"
25 | "k8s.io/client-go/testing"
26 | clientset "openreports.io/pkg/client/clientset/versioned"
27 | openreportsv1alpha1 "openreports.io/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1"
28 | fakeopenreportsv1alpha1 "openreports.io/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/fake"
29 | )
30 |
31 | // NewSimpleClientset returns a clientset that will respond with the provided objects.
32 | // It's backed by a very simple object tracker that processes creates, updates and deletions as-is,
33 | // without applying any validations and/or defaults. It shouldn't be considered a replacement
34 | // for a real clientset and is mostly useful in simple unit tests.
35 | func NewSimpleClientset(objects ...runtime.Object) *Clientset {
36 | o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder())
37 | for _, obj := range objects {
38 | if err := o.Add(obj); err != nil {
39 | panic(err)
40 | }
41 | }
42 |
43 | cs := &Clientset{tracker: o}
44 | cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake}
45 | cs.AddReactor("*", "*", testing.ObjectReaction(o))
46 | cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) {
47 | gvr := action.GetResource()
48 | ns := action.GetNamespace()
49 | watch, err := o.Watch(gvr, ns)
50 | if err != nil {
51 | return false, nil, err
52 | }
53 | return true, watch, nil
54 | })
55 |
56 | return cs
57 | }
58 |
59 | // Clientset implements clientset.Interface. Meant to be embedded into a
60 | // struct to get a default implementation. This makes faking out just the method
61 | // you want to test easier.
62 | type Clientset struct {
63 | testing.Fake
64 | discovery *fakediscovery.FakeDiscovery
65 | tracker testing.ObjectTracker
66 | }
67 |
68 | func (c *Clientset) Discovery() discovery.DiscoveryInterface {
69 | return c.discovery
70 | }
71 |
72 | func (c *Clientset) Tracker() testing.ObjectTracker {
73 | return c.tracker
74 | }
75 |
76 | var (
77 | _ clientset.Interface = &Clientset{}
78 | _ testing.FakeClient = &Clientset{}
79 | )
80 |
81 | // OpenreportsV1alpha1 retrieves the OpenreportsV1alpha1Client
82 | func (c *Clientset) OpenreportsV1alpha1() openreportsv1alpha1.OpenreportsV1alpha1Interface {
83 | return &fakeopenreportsv1alpha1.FakeOpenreportsV1alpha1{Fake: &c.Fake}
84 | }
85 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | // This package has the automatically generated fake clientset.
19 | package fake
20 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/fake/register.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
22 | runtime "k8s.io/apimachinery/pkg/runtime"
23 | schema "k8s.io/apimachinery/pkg/runtime/schema"
24 | serializer "k8s.io/apimachinery/pkg/runtime/serializer"
25 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
26 | openreportsv1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
27 | )
28 |
29 | var scheme = runtime.NewScheme()
30 | var codecs = serializer.NewCodecFactory(scheme)
31 |
32 | var localSchemeBuilder = runtime.SchemeBuilder{
33 | openreportsv1alpha1.AddToScheme,
34 | }
35 |
36 | // AddToScheme adds all types of this clientset into the given scheme. This allows composition
37 | // of clientsets, like in:
38 | //
39 | // import (
40 | // "k8s.io/client-go/kubernetes"
41 | // clientsetscheme "k8s.io/client-go/kubernetes/scheme"
42 | // aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
43 | // )
44 | //
45 | // kclientset, _ := kubernetes.NewForConfig(c)
46 | // _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme)
47 | //
48 | // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types
49 | // correctly.
50 | var AddToScheme = localSchemeBuilder.AddToScheme
51 |
52 | func init() {
53 | v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"})
54 | utilruntime.Must(AddToScheme(scheme))
55 | }
56 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/scheme/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | // This package contains the scheme of the automatically generated clientset.
19 | package scheme
20 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/scheme/register.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package scheme
19 |
20 | import (
21 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
22 | runtime "k8s.io/apimachinery/pkg/runtime"
23 | schema "k8s.io/apimachinery/pkg/runtime/schema"
24 | serializer "k8s.io/apimachinery/pkg/runtime/serializer"
25 | utilruntime "k8s.io/apimachinery/pkg/util/runtime"
26 | openreportsv1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
27 | )
28 |
29 | var Scheme = runtime.NewScheme()
30 | var Codecs = serializer.NewCodecFactory(Scheme)
31 | var ParameterCodec = runtime.NewParameterCodec(Scheme)
32 | var localSchemeBuilder = runtime.SchemeBuilder{
33 | openreportsv1alpha1.AddToScheme,
34 | }
35 |
36 | // AddToScheme adds all types of this clientset into the given scheme. This allows composition
37 | // of clientsets, like in:
38 | //
39 | // import (
40 | // "k8s.io/client-go/kubernetes"
41 | // clientsetscheme "k8s.io/client-go/kubernetes/scheme"
42 | // aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme"
43 | // )
44 | //
45 | // kclientset, _ := kubernetes.NewForConfig(c)
46 | // _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme)
47 | //
48 | // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types
49 | // correctly.
50 | var AddToScheme = localSchemeBuilder.AddToScheme
51 |
52 | func init() {
53 | v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"})
54 | utilruntime.Must(AddToScheme(Scheme))
55 | }
56 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/clusterreport.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "context"
22 | "time"
23 |
24 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
25 | types "k8s.io/apimachinery/pkg/types"
26 | watch "k8s.io/apimachinery/pkg/watch"
27 | rest "k8s.io/client-go/rest"
28 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
29 | scheme "openreports.io/pkg/client/clientset/versioned/scheme"
30 | )
31 |
32 | // ClusterReportsGetter has a method to return a ClusterReportInterface.
33 | // A group's client should implement this interface.
34 | type ClusterReportsGetter interface {
35 | ClusterReports() ClusterReportInterface
36 | }
37 |
38 | // ClusterReportInterface has methods to work with ClusterReport resources.
39 | type ClusterReportInterface interface {
40 | Create(ctx context.Context, clusterReport *v1alpha1.ClusterReport, opts v1.CreateOptions) (*v1alpha1.ClusterReport, error)
41 | Update(ctx context.Context, clusterReport *v1alpha1.ClusterReport, opts v1.UpdateOptions) (*v1alpha1.ClusterReport, error)
42 | Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
43 | DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
44 | Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ClusterReport, error)
45 | List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ClusterReportList, error)
46 | Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
47 | Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterReport, err error)
48 | ClusterReportExpansion
49 | }
50 |
51 | // clusterReports implements ClusterReportInterface
52 | type clusterReports struct {
53 | client rest.Interface
54 | }
55 |
56 | // newClusterReports returns a ClusterReports
57 | func newClusterReports(c *OpenreportsV1alpha1Client) *clusterReports {
58 | return &clusterReports{
59 | client: c.RESTClient(),
60 | }
61 | }
62 |
63 | // Get takes name of the clusterReport, and returns the corresponding clusterReport object, and an error if there is any.
64 | func (c *clusterReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterReport, err error) {
65 | result = &v1alpha1.ClusterReport{}
66 | err = c.client.Get().
67 | Resource("clusterreports").
68 | Name(name).
69 | VersionedParams(&options, scheme.ParameterCodec).
70 | Do(ctx).
71 | Into(result)
72 | return
73 | }
74 |
75 | // List takes label and field selectors, and returns the list of ClusterReports that match those selectors.
76 | func (c *clusterReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterReportList, err error) {
77 | var timeout time.Duration
78 | if opts.TimeoutSeconds != nil {
79 | timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
80 | }
81 | result = &v1alpha1.ClusterReportList{}
82 | err = c.client.Get().
83 | Resource("clusterreports").
84 | VersionedParams(&opts, scheme.ParameterCodec).
85 | Timeout(timeout).
86 | Do(ctx).
87 | Into(result)
88 | return
89 | }
90 |
91 | // Watch returns a watch.Interface that watches the requested clusterReports.
92 | func (c *clusterReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
93 | var timeout time.Duration
94 | if opts.TimeoutSeconds != nil {
95 | timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
96 | }
97 | opts.Watch = true
98 | return c.client.Get().
99 | Resource("clusterreports").
100 | VersionedParams(&opts, scheme.ParameterCodec).
101 | Timeout(timeout).
102 | Watch(ctx)
103 | }
104 |
105 | // Create takes the representation of a clusterReport and creates it. Returns the server's representation of the clusterReport, and an error, if there is any.
106 | func (c *clusterReports) Create(ctx context.Context, clusterReport *v1alpha1.ClusterReport, opts v1.CreateOptions) (result *v1alpha1.ClusterReport, err error) {
107 | result = &v1alpha1.ClusterReport{}
108 | err = c.client.Post().
109 | Resource("clusterreports").
110 | VersionedParams(&opts, scheme.ParameterCodec).
111 | Body(clusterReport).
112 | Do(ctx).
113 | Into(result)
114 | return
115 | }
116 |
117 | // Update takes the representation of a clusterReport and updates it. Returns the server's representation of the clusterReport, and an error, if there is any.
118 | func (c *clusterReports) Update(ctx context.Context, clusterReport *v1alpha1.ClusterReport, opts v1.UpdateOptions) (result *v1alpha1.ClusterReport, err error) {
119 | result = &v1alpha1.ClusterReport{}
120 | err = c.client.Put().
121 | Resource("clusterreports").
122 | Name(clusterReport.Name).
123 | VersionedParams(&opts, scheme.ParameterCodec).
124 | Body(clusterReport).
125 | Do(ctx).
126 | Into(result)
127 | return
128 | }
129 |
130 | // Delete takes name of the clusterReport and deletes it. Returns an error if one occurs.
131 | func (c *clusterReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
132 | return c.client.Delete().
133 | Resource("clusterreports").
134 | Name(name).
135 | Body(&opts).
136 | Do(ctx).
137 | Error()
138 | }
139 |
140 | // DeleteCollection deletes a collection of objects.
141 | func (c *clusterReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
142 | var timeout time.Duration
143 | if listOpts.TimeoutSeconds != nil {
144 | timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
145 | }
146 | return c.client.Delete().
147 | Resource("clusterreports").
148 | VersionedParams(&listOpts, scheme.ParameterCodec).
149 | Timeout(timeout).
150 | Body(&opts).
151 | Do(ctx).
152 | Error()
153 | }
154 |
155 | // Patch applies the patch and returns the patched clusterReport.
156 | func (c *clusterReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterReport, err error) {
157 | result = &v1alpha1.ClusterReport{}
158 | err = c.client.Patch(pt).
159 | Resource("clusterreports").
160 | Name(name).
161 | SubResource(subresources...).
162 | VersionedParams(&opts, scheme.ParameterCodec).
163 | Body(data).
164 | Do(ctx).
165 | Into(result)
166 | return
167 | }
168 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | // This package has the automatically generated typed clients.
19 | package v1alpha1
20 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/fake/doc.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | // Package fake has the automatically generated clients.
19 | package fake
20 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/fake/fake_clusterreport.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | "context"
22 |
23 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
24 | labels "k8s.io/apimachinery/pkg/labels"
25 | types "k8s.io/apimachinery/pkg/types"
26 | watch "k8s.io/apimachinery/pkg/watch"
27 | testing "k8s.io/client-go/testing"
28 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
29 | )
30 |
31 | // FakeClusterReports implements ClusterReportInterface
32 | type FakeClusterReports struct {
33 | Fake *FakeOpenreportsV1alpha1
34 | }
35 |
36 | var clusterreportsResource = v1alpha1.SchemeGroupVersion.WithResource("clusterreports")
37 |
38 | var clusterreportsKind = v1alpha1.SchemeGroupVersion.WithKind("ClusterReport")
39 |
40 | // Get takes name of the clusterReport, and returns the corresponding clusterReport object, and an error if there is any.
41 | func (c *FakeClusterReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterReport, err error) {
42 | obj, err := c.Fake.
43 | Invokes(testing.NewRootGetAction(clusterreportsResource, name), &v1alpha1.ClusterReport{})
44 | if obj == nil {
45 | return nil, err
46 | }
47 | return obj.(*v1alpha1.ClusterReport), err
48 | }
49 |
50 | // List takes label and field selectors, and returns the list of ClusterReports that match those selectors.
51 | func (c *FakeClusterReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterReportList, err error) {
52 | obj, err := c.Fake.
53 | Invokes(testing.NewRootListAction(clusterreportsResource, clusterreportsKind, opts), &v1alpha1.ClusterReportList{})
54 | if obj == nil {
55 | return nil, err
56 | }
57 |
58 | label, _, _ := testing.ExtractFromListOptions(opts)
59 | if label == nil {
60 | label = labels.Everything()
61 | }
62 | list := &v1alpha1.ClusterReportList{ListMeta: obj.(*v1alpha1.ClusterReportList).ListMeta}
63 | for _, item := range obj.(*v1alpha1.ClusterReportList).Items {
64 | if label.Matches(labels.Set(item.Labels)) {
65 | list.Items = append(list.Items, item)
66 | }
67 | }
68 | return list, err
69 | }
70 |
71 | // Watch returns a watch.Interface that watches the requested clusterReports.
72 | func (c *FakeClusterReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
73 | return c.Fake.
74 | InvokesWatch(testing.NewRootWatchAction(clusterreportsResource, opts))
75 | }
76 |
77 | // Create takes the representation of a clusterReport and creates it. Returns the server's representation of the clusterReport, and an error, if there is any.
78 | func (c *FakeClusterReports) Create(ctx context.Context, clusterReport *v1alpha1.ClusterReport, opts v1.CreateOptions) (result *v1alpha1.ClusterReport, err error) {
79 | obj, err := c.Fake.
80 | Invokes(testing.NewRootCreateAction(clusterreportsResource, clusterReport), &v1alpha1.ClusterReport{})
81 | if obj == nil {
82 | return nil, err
83 | }
84 | return obj.(*v1alpha1.ClusterReport), err
85 | }
86 |
87 | // Update takes the representation of a clusterReport and updates it. Returns the server's representation of the clusterReport, and an error, if there is any.
88 | func (c *FakeClusterReports) Update(ctx context.Context, clusterReport *v1alpha1.ClusterReport, opts v1.UpdateOptions) (result *v1alpha1.ClusterReport, err error) {
89 | obj, err := c.Fake.
90 | Invokes(testing.NewRootUpdateAction(clusterreportsResource, clusterReport), &v1alpha1.ClusterReport{})
91 | if obj == nil {
92 | return nil, err
93 | }
94 | return obj.(*v1alpha1.ClusterReport), err
95 | }
96 |
97 | // Delete takes name of the clusterReport and deletes it. Returns an error if one occurs.
98 | func (c *FakeClusterReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
99 | _, err := c.Fake.
100 | Invokes(testing.NewRootDeleteActionWithOptions(clusterreportsResource, name, opts), &v1alpha1.ClusterReport{})
101 | return err
102 | }
103 |
104 | // DeleteCollection deletes a collection of objects.
105 | func (c *FakeClusterReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
106 | action := testing.NewRootDeleteCollectionAction(clusterreportsResource, listOpts)
107 |
108 | _, err := c.Fake.Invokes(action, &v1alpha1.ClusterReportList{})
109 | return err
110 | }
111 |
112 | // Patch applies the patch and returns the patched clusterReport.
113 | func (c *FakeClusterReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterReport, err error) {
114 | obj, err := c.Fake.
115 | Invokes(testing.NewRootPatchSubresourceAction(clusterreportsResource, name, pt, data, subresources...), &v1alpha1.ClusterReport{})
116 | if obj == nil {
117 | return nil, err
118 | }
119 | return obj.(*v1alpha1.ClusterReport), err
120 | }
121 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/fake/fake_openreports.io_client.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | rest "k8s.io/client-go/rest"
22 | testing "k8s.io/client-go/testing"
23 | v1alpha1 "openreports.io/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1"
24 | )
25 |
26 | type FakeOpenreportsV1alpha1 struct {
27 | *testing.Fake
28 | }
29 |
30 | func (c *FakeOpenreportsV1alpha1) ClusterReports() v1alpha1.ClusterReportInterface {
31 | return &FakeClusterReports{c}
32 | }
33 |
34 | func (c *FakeOpenreportsV1alpha1) Reports(namespace string) v1alpha1.ReportInterface {
35 | return &FakeReports{c, namespace}
36 | }
37 |
38 | // RESTClient returns a RESTClient that is used to communicate
39 | // with API server by this client implementation.
40 | func (c *FakeOpenreportsV1alpha1) RESTClient() rest.Interface {
41 | var ret *rest.RESTClient
42 | return ret
43 | }
44 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/fake/fake_report.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package fake
19 |
20 | import (
21 | "context"
22 |
23 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
24 | labels "k8s.io/apimachinery/pkg/labels"
25 | types "k8s.io/apimachinery/pkg/types"
26 | watch "k8s.io/apimachinery/pkg/watch"
27 | testing "k8s.io/client-go/testing"
28 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
29 | )
30 |
31 | // FakeReports implements ReportInterface
32 | type FakeReports struct {
33 | Fake *FakeOpenreportsV1alpha1
34 | ns string
35 | }
36 |
37 | var reportsResource = v1alpha1.SchemeGroupVersion.WithResource("reports")
38 |
39 | var reportsKind = v1alpha1.SchemeGroupVersion.WithKind("Report")
40 |
41 | // Get takes name of the report, and returns the corresponding report object, and an error if there is any.
42 | func (c *FakeReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Report, err error) {
43 | obj, err := c.Fake.
44 | Invokes(testing.NewGetAction(reportsResource, c.ns, name), &v1alpha1.Report{})
45 |
46 | if obj == nil {
47 | return nil, err
48 | }
49 | return obj.(*v1alpha1.Report), err
50 | }
51 |
52 | // List takes label and field selectors, and returns the list of Reports that match those selectors.
53 | func (c *FakeReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ReportList, err error) {
54 | obj, err := c.Fake.
55 | Invokes(testing.NewListAction(reportsResource, reportsKind, c.ns, opts), &v1alpha1.ReportList{})
56 |
57 | if obj == nil {
58 | return nil, err
59 | }
60 |
61 | label, _, _ := testing.ExtractFromListOptions(opts)
62 | if label == nil {
63 | label = labels.Everything()
64 | }
65 | list := &v1alpha1.ReportList{ListMeta: obj.(*v1alpha1.ReportList).ListMeta}
66 | for _, item := range obj.(*v1alpha1.ReportList).Items {
67 | if label.Matches(labels.Set(item.Labels)) {
68 | list.Items = append(list.Items, item)
69 | }
70 | }
71 | return list, err
72 | }
73 |
74 | // Watch returns a watch.Interface that watches the requested reports.
75 | func (c *FakeReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
76 | return c.Fake.
77 | InvokesWatch(testing.NewWatchAction(reportsResource, c.ns, opts))
78 |
79 | }
80 |
81 | // Create takes the representation of a report and creates it. Returns the server's representation of the report, and an error, if there is any.
82 | func (c *FakeReports) Create(ctx context.Context, report *v1alpha1.Report, opts v1.CreateOptions) (result *v1alpha1.Report, err error) {
83 | obj, err := c.Fake.
84 | Invokes(testing.NewCreateAction(reportsResource, c.ns, report), &v1alpha1.Report{})
85 |
86 | if obj == nil {
87 | return nil, err
88 | }
89 | return obj.(*v1alpha1.Report), err
90 | }
91 |
92 | // Update takes the representation of a report and updates it. Returns the server's representation of the report, and an error, if there is any.
93 | func (c *FakeReports) Update(ctx context.Context, report *v1alpha1.Report, opts v1.UpdateOptions) (result *v1alpha1.Report, err error) {
94 | obj, err := c.Fake.
95 | Invokes(testing.NewUpdateAction(reportsResource, c.ns, report), &v1alpha1.Report{})
96 |
97 | if obj == nil {
98 | return nil, err
99 | }
100 | return obj.(*v1alpha1.Report), err
101 | }
102 |
103 | // Delete takes name of the report and deletes it. Returns an error if one occurs.
104 | func (c *FakeReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
105 | _, err := c.Fake.
106 | Invokes(testing.NewDeleteActionWithOptions(reportsResource, c.ns, name, opts), &v1alpha1.Report{})
107 |
108 | return err
109 | }
110 |
111 | // DeleteCollection deletes a collection of objects.
112 | func (c *FakeReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
113 | action := testing.NewDeleteCollectionAction(reportsResource, c.ns, listOpts)
114 |
115 | _, err := c.Fake.Invokes(action, &v1alpha1.ReportList{})
116 | return err
117 | }
118 |
119 | // Patch applies the patch and returns the patched report.
120 | func (c *FakeReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Report, err error) {
121 | obj, err := c.Fake.
122 | Invokes(testing.NewPatchSubresourceAction(reportsResource, c.ns, name, pt, data, subresources...), &v1alpha1.Report{})
123 |
124 | if obj == nil {
125 | return nil, err
126 | }
127 | return obj.(*v1alpha1.Report), err
128 | }
129 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/generated_expansion.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | type ClusterReportExpansion interface{}
21 |
22 | type ReportExpansion interface{}
23 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/openreports.io_client.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "net/http"
22 |
23 | rest "k8s.io/client-go/rest"
24 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
25 | "openreports.io/pkg/client/clientset/versioned/scheme"
26 | )
27 |
28 | type OpenreportsV1alpha1Interface interface {
29 | RESTClient() rest.Interface
30 | ClusterReportsGetter
31 | ReportsGetter
32 | }
33 |
34 | // OpenreportsV1alpha1Client is used to interact with features provided by the openreports.io group.
35 | type OpenreportsV1alpha1Client struct {
36 | restClient rest.Interface
37 | }
38 |
39 | func (c *OpenreportsV1alpha1Client) ClusterReports() ClusterReportInterface {
40 | return newClusterReports(c)
41 | }
42 |
43 | func (c *OpenreportsV1alpha1Client) Reports(namespace string) ReportInterface {
44 | return newReports(c, namespace)
45 | }
46 |
47 | // NewForConfig creates a new OpenreportsV1alpha1Client for the given config.
48 | // NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
49 | // where httpClient was generated with rest.HTTPClientFor(c).
50 | func NewForConfig(c *rest.Config) (*OpenreportsV1alpha1Client, error) {
51 | config := *c
52 | if err := setConfigDefaults(&config); err != nil {
53 | return nil, err
54 | }
55 | httpClient, err := rest.HTTPClientFor(&config)
56 | if err != nil {
57 | return nil, err
58 | }
59 | return NewForConfigAndClient(&config, httpClient)
60 | }
61 |
62 | // NewForConfigAndClient creates a new OpenreportsV1alpha1Client for the given config and http client.
63 | // Note the http client provided takes precedence over the configured transport values.
64 | func NewForConfigAndClient(c *rest.Config, h *http.Client) (*OpenreportsV1alpha1Client, error) {
65 | config := *c
66 | if err := setConfigDefaults(&config); err != nil {
67 | return nil, err
68 | }
69 | client, err := rest.RESTClientForConfigAndClient(&config, h)
70 | if err != nil {
71 | return nil, err
72 | }
73 | return &OpenreportsV1alpha1Client{client}, nil
74 | }
75 |
76 | // NewForConfigOrDie creates a new OpenreportsV1alpha1Client for the given config and
77 | // panics if there is an error in the config.
78 | func NewForConfigOrDie(c *rest.Config) *OpenreportsV1alpha1Client {
79 | client, err := NewForConfig(c)
80 | if err != nil {
81 | panic(err)
82 | }
83 | return client
84 | }
85 |
86 | // New creates a new OpenreportsV1alpha1Client for the given RESTClient.
87 | func New(c rest.Interface) *OpenreportsV1alpha1Client {
88 | return &OpenreportsV1alpha1Client{c}
89 | }
90 |
91 | func setConfigDefaults(config *rest.Config) error {
92 | gv := v1alpha1.SchemeGroupVersion
93 | config.GroupVersion = &gv
94 | config.APIPath = "/apis"
95 | config.NegotiatedSerializer = scheme.Codecs.WithoutConversion()
96 |
97 | if config.UserAgent == "" {
98 | config.UserAgent = rest.DefaultKubernetesUserAgent()
99 | }
100 |
101 | return nil
102 | }
103 |
104 | // RESTClient returns a RESTClient that is used to communicate
105 | // with API server by this client implementation.
106 | func (c *OpenreportsV1alpha1Client) RESTClient() rest.Interface {
107 | if c == nil {
108 | return nil
109 | }
110 | return c.restClient
111 | }
112 |
--------------------------------------------------------------------------------
/pkg/client/clientset/versioned/typed/openreports.io/v1alpha1/report.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by client-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "context"
22 | "time"
23 |
24 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
25 | types "k8s.io/apimachinery/pkg/types"
26 | watch "k8s.io/apimachinery/pkg/watch"
27 | rest "k8s.io/client-go/rest"
28 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
29 | scheme "openreports.io/pkg/client/clientset/versioned/scheme"
30 | )
31 |
32 | // ReportsGetter has a method to return a ReportInterface.
33 | // A group's client should implement this interface.
34 | type ReportsGetter interface {
35 | Reports(namespace string) ReportInterface
36 | }
37 |
38 | // ReportInterface has methods to work with Report resources.
39 | type ReportInterface interface {
40 | Create(ctx context.Context, report *v1alpha1.Report, opts v1.CreateOptions) (*v1alpha1.Report, error)
41 | Update(ctx context.Context, report *v1alpha1.Report, opts v1.UpdateOptions) (*v1alpha1.Report, error)
42 | Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
43 | DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
44 | Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.Report, error)
45 | List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ReportList, error)
46 | Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
47 | Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Report, err error)
48 | ReportExpansion
49 | }
50 |
51 | // reports implements ReportInterface
52 | type reports struct {
53 | client rest.Interface
54 | ns string
55 | }
56 |
57 | // newReports returns a Reports
58 | func newReports(c *OpenreportsV1alpha1Client, namespace string) *reports {
59 | return &reports{
60 | client: c.RESTClient(),
61 | ns: namespace,
62 | }
63 | }
64 |
65 | // Get takes name of the report, and returns the corresponding report object, and an error if there is any.
66 | func (c *reports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Report, err error) {
67 | result = &v1alpha1.Report{}
68 | err = c.client.Get().
69 | Namespace(c.ns).
70 | Resource("reports").
71 | Name(name).
72 | VersionedParams(&options, scheme.ParameterCodec).
73 | Do(ctx).
74 | Into(result)
75 | return
76 | }
77 |
78 | // List takes label and field selectors, and returns the list of Reports that match those selectors.
79 | func (c *reports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ReportList, err error) {
80 | var timeout time.Duration
81 | if opts.TimeoutSeconds != nil {
82 | timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
83 | }
84 | result = &v1alpha1.ReportList{}
85 | err = c.client.Get().
86 | Namespace(c.ns).
87 | Resource("reports").
88 | VersionedParams(&opts, scheme.ParameterCodec).
89 | Timeout(timeout).
90 | Do(ctx).
91 | Into(result)
92 | return
93 | }
94 |
95 | // Watch returns a watch.Interface that watches the requested reports.
96 | func (c *reports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
97 | var timeout time.Duration
98 | if opts.TimeoutSeconds != nil {
99 | timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
100 | }
101 | opts.Watch = true
102 | return c.client.Get().
103 | Namespace(c.ns).
104 | Resource("reports").
105 | VersionedParams(&opts, scheme.ParameterCodec).
106 | Timeout(timeout).
107 | Watch(ctx)
108 | }
109 |
110 | // Create takes the representation of a report and creates it. Returns the server's representation of the report, and an error, if there is any.
111 | func (c *reports) Create(ctx context.Context, report *v1alpha1.Report, opts v1.CreateOptions) (result *v1alpha1.Report, err error) {
112 | result = &v1alpha1.Report{}
113 | err = c.client.Post().
114 | Namespace(c.ns).
115 | Resource("reports").
116 | VersionedParams(&opts, scheme.ParameterCodec).
117 | Body(report).
118 | Do(ctx).
119 | Into(result)
120 | return
121 | }
122 |
123 | // Update takes the representation of a report and updates it. Returns the server's representation of the report, and an error, if there is any.
124 | func (c *reports) Update(ctx context.Context, report *v1alpha1.Report, opts v1.UpdateOptions) (result *v1alpha1.Report, err error) {
125 | result = &v1alpha1.Report{}
126 | err = c.client.Put().
127 | Namespace(c.ns).
128 | Resource("reports").
129 | Name(report.Name).
130 | VersionedParams(&opts, scheme.ParameterCodec).
131 | Body(report).
132 | Do(ctx).
133 | Into(result)
134 | return
135 | }
136 |
137 | // Delete takes name of the report and deletes it. Returns an error if one occurs.
138 | func (c *reports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
139 | return c.client.Delete().
140 | Namespace(c.ns).
141 | Resource("reports").
142 | Name(name).
143 | Body(&opts).
144 | Do(ctx).
145 | Error()
146 | }
147 |
148 | // DeleteCollection deletes a collection of objects.
149 | func (c *reports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
150 | var timeout time.Duration
151 | if listOpts.TimeoutSeconds != nil {
152 | timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
153 | }
154 | return c.client.Delete().
155 | Namespace(c.ns).
156 | Resource("reports").
157 | VersionedParams(&listOpts, scheme.ParameterCodec).
158 | Timeout(timeout).
159 | Body(&opts).
160 | Do(ctx).
161 | Error()
162 | }
163 |
164 | // Patch applies the patch and returns the patched report.
165 | func (c *reports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Report, err error) {
166 | result = &v1alpha1.Report{}
167 | err = c.client.Patch(pt).
168 | Namespace(c.ns).
169 | Resource("reports").
170 | Name(name).
171 | SubResource(subresources...).
172 | VersionedParams(&opts, scheme.ParameterCodec).
173 | Body(data).
174 | Do(ctx).
175 | Into(result)
176 | return
177 | }
178 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/factory.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package externalversions
19 |
20 | import (
21 | reflect "reflect"
22 | sync "sync"
23 | time "time"
24 |
25 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
26 | runtime "k8s.io/apimachinery/pkg/runtime"
27 | schema "k8s.io/apimachinery/pkg/runtime/schema"
28 | cache "k8s.io/client-go/tools/cache"
29 | versioned "openreports.io/pkg/client/clientset/versioned"
30 | internalinterfaces "openreports.io/pkg/client/informers/externalversions/internalinterfaces"
31 | openreportsio "openreports.io/pkg/client/informers/externalversions/openreports.io"
32 | )
33 |
34 | // SharedInformerOption defines the functional option type for SharedInformerFactory.
35 | type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory
36 |
37 | type sharedInformerFactory struct {
38 | client versioned.Interface
39 | namespace string
40 | tweakListOptions internalinterfaces.TweakListOptionsFunc
41 | lock sync.Mutex
42 | defaultResync time.Duration
43 | customResync map[reflect.Type]time.Duration
44 | transform cache.TransformFunc
45 |
46 | informers map[reflect.Type]cache.SharedIndexInformer
47 | // startedInformers is used for tracking which informers have been started.
48 | // This allows Start() to be called multiple times safely.
49 | startedInformers map[reflect.Type]bool
50 | // wg tracks how many goroutines were started.
51 | wg sync.WaitGroup
52 | // shuttingDown is true when Shutdown has been called. It may still be running
53 | // because it needs to wait for goroutines.
54 | shuttingDown bool
55 | }
56 |
57 | // WithCustomResyncConfig sets a custom resync period for the specified informer types.
58 | func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption {
59 | return func(factory *sharedInformerFactory) *sharedInformerFactory {
60 | for k, v := range resyncConfig {
61 | factory.customResync[reflect.TypeOf(k)] = v
62 | }
63 | return factory
64 | }
65 | }
66 |
67 | // WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory.
68 | func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption {
69 | return func(factory *sharedInformerFactory) *sharedInformerFactory {
70 | factory.tweakListOptions = tweakListOptions
71 | return factory
72 | }
73 | }
74 |
75 | // WithNamespace limits the SharedInformerFactory to the specified namespace.
76 | func WithNamespace(namespace string) SharedInformerOption {
77 | return func(factory *sharedInformerFactory) *sharedInformerFactory {
78 | factory.namespace = namespace
79 | return factory
80 | }
81 | }
82 |
83 | // WithTransform sets a transform on all informers.
84 | func WithTransform(transform cache.TransformFunc) SharedInformerOption {
85 | return func(factory *sharedInformerFactory) *sharedInformerFactory {
86 | factory.transform = transform
87 | return factory
88 | }
89 | }
90 |
91 | // NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces.
92 | func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory {
93 | return NewSharedInformerFactoryWithOptions(client, defaultResync)
94 | }
95 |
96 | // NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory.
97 | // Listers obtained via this SharedInformerFactory will be subject to the same filters
98 | // as specified here.
99 | // Deprecated: Please use NewSharedInformerFactoryWithOptions instead
100 | func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory {
101 | return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions))
102 | }
103 |
104 | // NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options.
105 | func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory {
106 | factory := &sharedInformerFactory{
107 | client: client,
108 | namespace: v1.NamespaceAll,
109 | defaultResync: defaultResync,
110 | informers: make(map[reflect.Type]cache.SharedIndexInformer),
111 | startedInformers: make(map[reflect.Type]bool),
112 | customResync: make(map[reflect.Type]time.Duration),
113 | }
114 |
115 | // Apply all options
116 | for _, opt := range options {
117 | factory = opt(factory)
118 | }
119 |
120 | return factory
121 | }
122 |
123 | func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) {
124 | f.lock.Lock()
125 | defer f.lock.Unlock()
126 |
127 | if f.shuttingDown {
128 | return
129 | }
130 |
131 | for informerType, informer := range f.informers {
132 | if !f.startedInformers[informerType] {
133 | f.wg.Add(1)
134 | // We need a new variable in each loop iteration,
135 | // otherwise the goroutine would use the loop variable
136 | // and that keeps changing.
137 | informer := informer
138 | go func() {
139 | defer f.wg.Done()
140 | informer.Run(stopCh)
141 | }()
142 | f.startedInformers[informerType] = true
143 | }
144 | }
145 | }
146 |
147 | func (f *sharedInformerFactory) Shutdown() {
148 | f.lock.Lock()
149 | f.shuttingDown = true
150 | f.lock.Unlock()
151 |
152 | // Will return immediately if there is nothing to wait for.
153 | f.wg.Wait()
154 | }
155 |
156 | func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool {
157 | informers := func() map[reflect.Type]cache.SharedIndexInformer {
158 | f.lock.Lock()
159 | defer f.lock.Unlock()
160 |
161 | informers := map[reflect.Type]cache.SharedIndexInformer{}
162 | for informerType, informer := range f.informers {
163 | if f.startedInformers[informerType] {
164 | informers[informerType] = informer
165 | }
166 | }
167 | return informers
168 | }()
169 |
170 | res := map[reflect.Type]bool{}
171 | for informType, informer := range informers {
172 | res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced)
173 | }
174 | return res
175 | }
176 |
177 | // InformerFor returns the SharedIndexInformer for obj using an internal
178 | // client.
179 | func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer {
180 | f.lock.Lock()
181 | defer f.lock.Unlock()
182 |
183 | informerType := reflect.TypeOf(obj)
184 | informer, exists := f.informers[informerType]
185 | if exists {
186 | return informer
187 | }
188 |
189 | resyncPeriod, exists := f.customResync[informerType]
190 | if !exists {
191 | resyncPeriod = f.defaultResync
192 | }
193 |
194 | informer = newFunc(f.client, resyncPeriod)
195 | informer.SetTransform(f.transform)
196 | f.informers[informerType] = informer
197 |
198 | return informer
199 | }
200 |
201 | // SharedInformerFactory provides shared informers for resources in all known
202 | // API group versions.
203 | //
204 | // It is typically used like this:
205 | //
206 | // ctx, cancel := context.Background()
207 | // defer cancel()
208 | // factory := NewSharedInformerFactory(client, resyncPeriod)
209 | // defer factory.WaitForStop() // Returns immediately if nothing was started.
210 | // genericInformer := factory.ForResource(resource)
211 | // typedInformer := factory.SomeAPIGroup().V1().SomeType()
212 | // factory.Start(ctx.Done()) // Start processing these informers.
213 | // synced := factory.WaitForCacheSync(ctx.Done())
214 | // for v, ok := range synced {
215 | // if !ok {
216 | // fmt.Fprintf(os.Stderr, "caches failed to sync: %v", v)
217 | // return
218 | // }
219 | // }
220 | //
221 | // // Creating informers can also be created after Start, but then
222 | // // Start must be called again:
223 | // anotherGenericInformer := factory.ForResource(resource)
224 | // factory.Start(ctx.Done())
225 | type SharedInformerFactory interface {
226 | internalinterfaces.SharedInformerFactory
227 |
228 | // Start initializes all requested informers. They are handled in goroutines
229 | // which run until the stop channel gets closed.
230 | Start(stopCh <-chan struct{})
231 |
232 | // Shutdown marks a factory as shutting down. At that point no new
233 | // informers can be started anymore and Start will return without
234 | // doing anything.
235 | //
236 | // In addition, Shutdown blocks until all goroutines have terminated. For that
237 | // to happen, the close channel(s) that they were started with must be closed,
238 | // either before Shutdown gets called or while it is waiting.
239 | //
240 | // Shutdown may be called multiple times, even concurrently. All such calls will
241 | // block until all goroutines have terminated.
242 | Shutdown()
243 |
244 | // WaitForCacheSync blocks until all started informers' caches were synced
245 | // or the stop channel gets closed.
246 | WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool
247 |
248 | // ForResource gives generic access to a shared informer of the matching type.
249 | ForResource(resource schema.GroupVersionResource) (GenericInformer, error)
250 |
251 | // InformerFor returns the SharedIndexInformer for obj using an internal
252 | // client.
253 | InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer
254 |
255 | Openreports() openreportsio.Interface
256 | }
257 |
258 | func (f *sharedInformerFactory) Openreports() openreportsio.Interface {
259 | return openreportsio.New(f, f.namespace, f.tweakListOptions)
260 | }
261 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/generic.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package externalversions
19 |
20 | import (
21 | "fmt"
22 |
23 | schema "k8s.io/apimachinery/pkg/runtime/schema"
24 | cache "k8s.io/client-go/tools/cache"
25 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
26 | )
27 |
28 | // GenericInformer is type of SharedIndexInformer which will locate and delegate to other
29 | // sharedInformers based on type
30 | type GenericInformer interface {
31 | Informer() cache.SharedIndexInformer
32 | Lister() cache.GenericLister
33 | }
34 |
35 | type genericInformer struct {
36 | informer cache.SharedIndexInformer
37 | resource schema.GroupResource
38 | }
39 |
40 | // Informer returns the SharedIndexInformer.
41 | func (f *genericInformer) Informer() cache.SharedIndexInformer {
42 | return f.informer
43 | }
44 |
45 | // Lister returns the GenericLister.
46 | func (f *genericInformer) Lister() cache.GenericLister {
47 | return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource)
48 | }
49 |
50 | // ForResource gives generic access to a shared informer of the matching type
51 | // TODO extend this to unknown resources with a client pool
52 | func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) {
53 | switch resource {
54 | // Group=openreports.io, Version=v1alpha1
55 | case v1alpha1.SchemeGroupVersion.WithResource("clusterreports"):
56 | return &genericInformer{resource: resource.GroupResource(), informer: f.Openreports().V1alpha1().ClusterReports().Informer()}, nil
57 | case v1alpha1.SchemeGroupVersion.WithResource("reports"):
58 | return &genericInformer{resource: resource.GroupResource(), informer: f.Openreports().V1alpha1().Reports().Informer()}, nil
59 |
60 | }
61 |
62 | return nil, fmt.Errorf("no informer found for %v", resource)
63 | }
64 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package internalinterfaces
19 |
20 | import (
21 | time "time"
22 |
23 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
24 | runtime "k8s.io/apimachinery/pkg/runtime"
25 | cache "k8s.io/client-go/tools/cache"
26 | versioned "openreports.io/pkg/client/clientset/versioned"
27 | )
28 |
29 | // NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer.
30 | type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer
31 |
32 | // SharedInformerFactory a small interface to allow for adding an informer without an import cycle
33 | type SharedInformerFactory interface {
34 | Start(stopCh <-chan struct{})
35 | InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer
36 | }
37 |
38 | // TweakListOptionsFunc is a function that transforms a v1.ListOptions.
39 | type TweakListOptionsFunc func(*v1.ListOptions)
40 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/openreports.io/interface.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package openreports
19 |
20 | import (
21 | internalinterfaces "openreports.io/pkg/client/informers/externalversions/internalinterfaces"
22 | v1alpha1 "openreports.io/pkg/client/informers/externalversions/openreports.io/v1alpha1"
23 | )
24 |
25 | // Interface provides access to each of this group's versions.
26 | type Interface interface {
27 | // V1alpha1 provides access to shared informers for resources in V1alpha1.
28 | V1alpha1() v1alpha1.Interface
29 | }
30 |
31 | type group struct {
32 | factory internalinterfaces.SharedInformerFactory
33 | namespace string
34 | tweakListOptions internalinterfaces.TweakListOptionsFunc
35 | }
36 |
37 | // New returns a new Interface.
38 | func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface {
39 | return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
40 | }
41 |
42 | // V1alpha1 returns a new v1alpha1.Interface.
43 | func (g *group) V1alpha1() v1alpha1.Interface {
44 | return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions)
45 | }
46 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/openreports.io/v1alpha1/clusterreport.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "context"
22 | time "time"
23 |
24 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
25 | runtime "k8s.io/apimachinery/pkg/runtime"
26 | watch "k8s.io/apimachinery/pkg/watch"
27 | cache "k8s.io/client-go/tools/cache"
28 | openreportsiov1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
29 | versioned "openreports.io/pkg/client/clientset/versioned"
30 | internalinterfaces "openreports.io/pkg/client/informers/externalversions/internalinterfaces"
31 | v1alpha1 "openreports.io/pkg/client/listers/openreports.io/v1alpha1"
32 | )
33 |
34 | // ClusterReportInformer provides access to a shared informer and lister for
35 | // ClusterReports.
36 | type ClusterReportInformer interface {
37 | Informer() cache.SharedIndexInformer
38 | Lister() v1alpha1.ClusterReportLister
39 | }
40 |
41 | type clusterReportInformer struct {
42 | factory internalinterfaces.SharedInformerFactory
43 | tweakListOptions internalinterfaces.TweakListOptionsFunc
44 | }
45 |
46 | // NewClusterReportInformer constructs a new informer for ClusterReport type.
47 | // Always prefer using an informer factory to get a shared informer instead of getting an independent
48 | // one. This reduces memory footprint and number of connections to the server.
49 | func NewClusterReportInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
50 | return NewFilteredClusterReportInformer(client, resyncPeriod, indexers, nil)
51 | }
52 |
53 | // NewFilteredClusterReportInformer constructs a new informer for ClusterReport type.
54 | // Always prefer using an informer factory to get a shared informer instead of getting an independent
55 | // one. This reduces memory footprint and number of connections to the server.
56 | func NewFilteredClusterReportInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
57 | return cache.NewSharedIndexInformer(
58 | &cache.ListWatch{
59 | ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
60 | if tweakListOptions != nil {
61 | tweakListOptions(&options)
62 | }
63 | return client.OpenreportsV1alpha1().ClusterReports().List(context.TODO(), options)
64 | },
65 | WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
66 | if tweakListOptions != nil {
67 | tweakListOptions(&options)
68 | }
69 | return client.OpenreportsV1alpha1().ClusterReports().Watch(context.TODO(), options)
70 | },
71 | },
72 | &openreportsiov1alpha1.ClusterReport{},
73 | resyncPeriod,
74 | indexers,
75 | )
76 | }
77 |
78 | func (f *clusterReportInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
79 | return NewFilteredClusterReportInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
80 | }
81 |
82 | func (f *clusterReportInformer) Informer() cache.SharedIndexInformer {
83 | return f.factory.InformerFor(&openreportsiov1alpha1.ClusterReport{}, f.defaultInformer)
84 | }
85 |
86 | func (f *clusterReportInformer) Lister() v1alpha1.ClusterReportLister {
87 | return v1alpha1.NewClusterReportLister(f.Informer().GetIndexer())
88 | }
89 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/openreports.io/v1alpha1/interface.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | internalinterfaces "openreports.io/pkg/client/informers/externalversions/internalinterfaces"
22 | )
23 |
24 | // Interface provides access to all the informers in this group version.
25 | type Interface interface {
26 | // ClusterReports returns a ClusterReportInformer.
27 | ClusterReports() ClusterReportInformer
28 | // Reports returns a ReportInformer.
29 | Reports() ReportInformer
30 | }
31 |
32 | type version struct {
33 | factory internalinterfaces.SharedInformerFactory
34 | namespace string
35 | tweakListOptions internalinterfaces.TweakListOptionsFunc
36 | }
37 |
38 | // New returns a new Interface.
39 | func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface {
40 | return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
41 | }
42 |
43 | // ClusterReports returns a ClusterReportInformer.
44 | func (v *version) ClusterReports() ClusterReportInformer {
45 | return &clusterReportInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
46 | }
47 |
48 | // Reports returns a ReportInformer.
49 | func (v *version) Reports() ReportInformer {
50 | return &reportInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
51 | }
52 |
--------------------------------------------------------------------------------
/pkg/client/informers/externalversions/openreports.io/v1alpha1/report.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by informer-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "context"
22 | time "time"
23 |
24 | v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
25 | runtime "k8s.io/apimachinery/pkg/runtime"
26 | watch "k8s.io/apimachinery/pkg/watch"
27 | cache "k8s.io/client-go/tools/cache"
28 | openreportsiov1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
29 | versioned "openreports.io/pkg/client/clientset/versioned"
30 | internalinterfaces "openreports.io/pkg/client/informers/externalversions/internalinterfaces"
31 | v1alpha1 "openreports.io/pkg/client/listers/openreports.io/v1alpha1"
32 | )
33 |
34 | // ReportInformer provides access to a shared informer and lister for
35 | // Reports.
36 | type ReportInformer interface {
37 | Informer() cache.SharedIndexInformer
38 | Lister() v1alpha1.ReportLister
39 | }
40 |
41 | type reportInformer struct {
42 | factory internalinterfaces.SharedInformerFactory
43 | tweakListOptions internalinterfaces.TweakListOptionsFunc
44 | namespace string
45 | }
46 |
47 | // NewReportInformer constructs a new informer for Report type.
48 | // Always prefer using an informer factory to get a shared informer instead of getting an independent
49 | // one. This reduces memory footprint and number of connections to the server.
50 | func NewReportInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
51 | return NewFilteredReportInformer(client, namespace, resyncPeriod, indexers, nil)
52 | }
53 |
54 | // NewFilteredReportInformer constructs a new informer for Report type.
55 | // Always prefer using an informer factory to get a shared informer instead of getting an independent
56 | // one. This reduces memory footprint and number of connections to the server.
57 | func NewFilteredReportInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
58 | return cache.NewSharedIndexInformer(
59 | &cache.ListWatch{
60 | ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
61 | if tweakListOptions != nil {
62 | tweakListOptions(&options)
63 | }
64 | return client.OpenreportsV1alpha1().Reports(namespace).List(context.TODO(), options)
65 | },
66 | WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
67 | if tweakListOptions != nil {
68 | tweakListOptions(&options)
69 | }
70 | return client.OpenreportsV1alpha1().Reports(namespace).Watch(context.TODO(), options)
71 | },
72 | },
73 | &openreportsiov1alpha1.Report{},
74 | resyncPeriod,
75 | indexers,
76 | )
77 | }
78 |
79 | func (f *reportInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
80 | return NewFilteredReportInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
81 | }
82 |
83 | func (f *reportInformer) Informer() cache.SharedIndexInformer {
84 | return f.factory.InformerFor(&openreportsiov1alpha1.Report{}, f.defaultInformer)
85 | }
86 |
87 | func (f *reportInformer) Lister() v1alpha1.ReportLister {
88 | return v1alpha1.NewReportLister(f.Informer().GetIndexer())
89 | }
90 |
--------------------------------------------------------------------------------
/pkg/client/listers/openreports.io/v1alpha1/clusterreport.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by lister-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "k8s.io/apimachinery/pkg/api/errors"
22 | "k8s.io/apimachinery/pkg/labels"
23 | "k8s.io/client-go/tools/cache"
24 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
25 | )
26 |
27 | // ClusterReportLister helps list ClusterReports.
28 | // All objects returned here must be treated as read-only.
29 | type ClusterReportLister interface {
30 | // List lists all ClusterReports in the indexer.
31 | // Objects returned here must be treated as read-only.
32 | List(selector labels.Selector) (ret []*v1alpha1.ClusterReport, err error)
33 | // Get retrieves the ClusterReport from the index for a given name.
34 | // Objects returned here must be treated as read-only.
35 | Get(name string) (*v1alpha1.ClusterReport, error)
36 | ClusterReportListerExpansion
37 | }
38 |
39 | // clusterReportLister implements the ClusterReportLister interface.
40 | type clusterReportLister struct {
41 | indexer cache.Indexer
42 | }
43 |
44 | // NewClusterReportLister returns a new ClusterReportLister.
45 | func NewClusterReportLister(indexer cache.Indexer) ClusterReportLister {
46 | return &clusterReportLister{indexer: indexer}
47 | }
48 |
49 | // List lists all ClusterReports in the indexer.
50 | func (s *clusterReportLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterReport, err error) {
51 | err = cache.ListAll(s.indexer, selector, func(m interface{}) {
52 | ret = append(ret, m.(*v1alpha1.ClusterReport))
53 | })
54 | return ret, err
55 | }
56 |
57 | // Get retrieves the ClusterReport from the index for a given name.
58 | func (s *clusterReportLister) Get(name string) (*v1alpha1.ClusterReport, error) {
59 | obj, exists, err := s.indexer.GetByKey(name)
60 | if err != nil {
61 | return nil, err
62 | }
63 | if !exists {
64 | return nil, errors.NewNotFound(v1alpha1.Resource("clusterreport"), name)
65 | }
66 | return obj.(*v1alpha1.ClusterReport), nil
67 | }
68 |
--------------------------------------------------------------------------------
/pkg/client/listers/openreports.io/v1alpha1/expansion_generated.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by lister-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | // ClusterReportListerExpansion allows custom methods to be added to
21 | // ClusterReportLister.
22 | type ClusterReportListerExpansion interface{}
23 |
24 | // ReportListerExpansion allows custom methods to be added to
25 | // ReportLister.
26 | type ReportListerExpansion interface{}
27 |
28 | // ReportNamespaceListerExpansion allows custom methods to be added to
29 | // ReportNamespaceLister.
30 | type ReportNamespaceListerExpansion interface{}
31 |
--------------------------------------------------------------------------------
/pkg/client/listers/openreports.io/v1alpha1/report.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright The Kubernetes Authors.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | http://www.apache.org/licenses/LICENSE-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | // Code generated by lister-gen. DO NOT EDIT.
17 |
18 | package v1alpha1
19 |
20 | import (
21 | "k8s.io/apimachinery/pkg/api/errors"
22 | "k8s.io/apimachinery/pkg/labels"
23 | "k8s.io/client-go/tools/cache"
24 | v1alpha1 "openreports.io/apis/openreports.io/v1alpha1"
25 | )
26 |
27 | // ReportLister helps list Reports.
28 | // All objects returned here must be treated as read-only.
29 | type ReportLister interface {
30 | // List lists all Reports in the indexer.
31 | // Objects returned here must be treated as read-only.
32 | List(selector labels.Selector) (ret []*v1alpha1.Report, err error)
33 | // Reports returns an object that can list and get Reports.
34 | Reports(namespace string) ReportNamespaceLister
35 | ReportListerExpansion
36 | }
37 |
38 | // reportLister implements the ReportLister interface.
39 | type reportLister struct {
40 | indexer cache.Indexer
41 | }
42 |
43 | // NewReportLister returns a new ReportLister.
44 | func NewReportLister(indexer cache.Indexer) ReportLister {
45 | return &reportLister{indexer: indexer}
46 | }
47 |
48 | // List lists all Reports in the indexer.
49 | func (s *reportLister) List(selector labels.Selector) (ret []*v1alpha1.Report, err error) {
50 | err = cache.ListAll(s.indexer, selector, func(m interface{}) {
51 | ret = append(ret, m.(*v1alpha1.Report))
52 | })
53 | return ret, err
54 | }
55 |
56 | // Reports returns an object that can list and get Reports.
57 | func (s *reportLister) Reports(namespace string) ReportNamespaceLister {
58 | return reportNamespaceLister{indexer: s.indexer, namespace: namespace}
59 | }
60 |
61 | // ReportNamespaceLister helps list and get Reports.
62 | // All objects returned here must be treated as read-only.
63 | type ReportNamespaceLister interface {
64 | // List lists all Reports in the indexer for a given namespace.
65 | // Objects returned here must be treated as read-only.
66 | List(selector labels.Selector) (ret []*v1alpha1.Report, err error)
67 | // Get retrieves the Report from the indexer for a given namespace and name.
68 | // Objects returned here must be treated as read-only.
69 | Get(name string) (*v1alpha1.Report, error)
70 | ReportNamespaceListerExpansion
71 | }
72 |
73 | // reportNamespaceLister implements the ReportNamespaceLister
74 | // interface.
75 | type reportNamespaceLister struct {
76 | indexer cache.Indexer
77 | namespace string
78 | }
79 |
80 | // List lists all Reports in the indexer for a given namespace.
81 | func (s reportNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.Report, err error) {
82 | err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
83 | ret = append(ret, m.(*v1alpha1.Report))
84 | })
85 | return ret, err
86 | }
87 |
88 | // Get retrieves the Report from the indexer for a given namespace and name.
89 | func (s reportNamespaceLister) Get(name string) (*v1alpha1.Report, error) {
90 | obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
91 | if err != nil {
92 | return nil, err
93 | }
94 | if !exists {
95 | return nil, errors.NewNotFound(v1alpha1.Resource("report"), name)
96 | }
97 | return obj.(*v1alpha1.Report), nil
98 | }
99 |
--------------------------------------------------------------------------------
/samples/sample-cis-k8s.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: openreports.io/v1alpha1
2 | kind: Report
3 | metadata:
4 | name: sample-cis-bench-api-server
5 | annotations:
6 | name: CIS Kubernetes Benchmarks
7 | category: API Server
8 | version: v1.5.1 - 02-14-2020
9 | source: kube-bench-adapter
10 | summary:
11 | pass: 8
12 | fail: 2
13 | warn: 0
14 | error: 0
15 | skip: 0
16 | results:
17 | - policy: api-server:anonymous-auth
18 | message: ensure that --anonymous-auth argument is set to false
19 | result: warn
20 | scored: true
21 | properties:
22 | category: API Server
23 | index: 1.2.2
24 | - policy: api-server:basic-auth-file
25 | message: ensure that --basic-auth-file argument is not set
26 | result: fail
27 | scored: true
28 | properties:
29 | category: API Server
30 | index: 1.2.2
31 | - policy: api-server:token-auth-file
32 | message: ensure that --token-auth-file argument is not set
33 | result: warn
34 | scored: false
35 | properties:
36 | category: API Server
37 | index: 1.2.2
38 |
--------------------------------------------------------------------------------
/samples/sample-co.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: openreports.io/v1alpha1
2 | kind: PolicyReport
3 | metadata:
4 | name: sample-fedramp-compliance-operator
5 | labels:
6 | policy.kubernetes.io/engine: openshift-compliance-operator
7 | annotations:
8 | name: FedRAMP Moderate Benchmarks
9 | category: OCP4 CoreOS
10 | file: ssg-ocp4-ds.xml
11 | version: v1.5.1 - 02-14-2020
12 | summary:
13 | pass: 8
14 | fail: 1
15 | warn: 1
16 | error: 0
17 | skip: 0
18 | results:
19 | - policy: xccdf_org.ssgproject.content_rule_audit_rules_etc_group_open
20 | message: |-
21 | Record Events that Modify User/Group Information via open syscall - /etc/group
22 | Creation of groups through direct edition of /etc/group could be an indicator of malicious activity on a system.
23 | Auditing these events could serve as evidence of potential system compromise.
24 | result: fail
25 | scored: true
26 | severity: medium
27 | properties:
28 | suite: fedramp-moderate
29 | scan: workers-scan
30 | - policy: xccdf_org.ssgproject.content_rule_sshd_limit_user_access
31 | message: |-
32 | Limit Users' SSH Access
33 | Specifying which accounts are allowed SSH access into the system reduces the
34 | possibility of unauthorized access to the system.
35 | result: warn
36 | scored: false
37 | properties:
38 | suite: fedramp-moderate
39 | scan: workers-scan
40 |
--------------------------------------------------------------------------------
/samples/sample-falco-policy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: openreports.io/v1alpha1
2 | kind: PolicyReport
3 | metadata:
4 | name: falco-alerts-policy
5 | namespace: my-namespace
6 | labels:
7 | policy.kubernetes.io/engine: falco-agent
8 | summary:
9 | fail: 1
10 | results:
11 | - policy: "Change thread namespace"
12 | message: "Falco alert created due to the Change thread namespace rule"
13 | result: fail
14 | scored: false
15 | resources:
16 | - apiVersion: v1
17 | kind: Pod
18 | name: a-pod
19 | namespace: my-namespace
20 | properties:
21 | details: '12:57:37.086240437: Notice Namespace change (setns) by unexpected program (user=root user_loginuid=-1 command=ovnkube --init-node ...'
22 | container.id: "0f8d7e2a3296"
23 | evt.arg.path: "/bin/directory-created-by-event-generator"
24 | proc.cmdline: "event-generator run --loop ^syscall"
25 | severity: low
26 | ---
27 | apiVersion: openreports.io/v1alpha1
28 | kind: ClusterPolicyReport
29 | metadata:
30 | name: falco-alerts-policy
31 | labels:
32 | policy.kubernetes.io/engine: falco-agent
33 | summary:
34 | fail: 1
35 | results:
36 | - policy: audit
37 | message: "audit rule violation from the kubernetes api server"
38 | result: fail
39 | scored: false
40 | properties:
41 | details: 'Warning K8s Operation performed by user not in allowed list of users'
42 | severity: medium
43 | user: username
44 | target: kubernetes/endpoints
45 | verb: create
46 | uri: '/api/v1/namespaces/default/endpoints/kubernetes'
47 | resp: '200'
48 |
--------------------------------------------------------------------------------
/samples/sample-rhacm-policy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: openreports.io/v1alpha1
2 | kind: PolicyReport
3 | metadata:
4 | name: sample-rhacm-policy
5 | labels:
6 | policy.kubernetes.io/engine: rhacm-configuration-policy
7 | scope:
8 | apiVersion: policy.open-cluster-management.io/v1
9 | kind: Policy
10 | name: policy-imagemanifestvuln
11 | namespace: cluster1
12 | summary:
13 | pass: 1
14 | fail: 11
15 | results:
16 | - policy: mustnothaveimagevuln
17 | message: must not have imagemanifestvulns
18 | result: fail
19 | scored: false
20 | resources:
21 | - apiVersion: secscan.quay.redhat.com/v1alpha1
22 | kind: ImageManifestVuln
23 | name: sha256.8d104847fc2371a983f7cb01c7c0a3ab35b7381d6bf7ce355d9b32a08c0031f0
24 | namespace: openshift-cluster-version
25 | properties:
26 | details: 'NonCompliant; violation - imagemanifestvulns exist and should be deleted: [sha256.8d104847fc2371a983f7cb01c7c0a3ab35b7381d6bf7ce355d9b32a08c0031f0] in namespace openshift-cluster-version'
27 | standards: NIST-CSF
28 | categories: 'DE.CM Security Continuous Monitoring'
29 | controls: 'DE.CM-8 Vulnerability scans'
30 | severity: high
--------------------------------------------------------------------------------
/samples/sample-v1beta1-kyverno.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: openreports.io/v1alpha1
2 | kind: PolicyReport
3 | metadata:
4 | name: sample-v1beta1-cr
5 | annotations:
6 | name: Sample CR
7 | configuration:
8 | limits:
9 | maxResults: 100
10 | statusFilter:
11 | - pass
12 | - fail
13 | - skip
14 | source: kyverno
15 | summary:
16 | pass: 1
17 | fail: 0
18 | warn: 0
19 | error: 0
20 | skip: 0
21 | results:
22 | - category: Pod Security Standards (Baseline)
23 | message: validation rule 'adding-capabilities' passed.
24 | policy: disallow-capabilities
25 | resources:
26 | - apiVersion: v1
27 | kind: Pod
28 | name: kyverno-6d88f6dcdd-k6bc5
29 | namespace: nirmata
30 | uid: 3407b31a-b0bb-4716-a443-f4aa15662ef2
31 | result: pass
32 | rule: adding-capabilities
33 | scored: true
34 | severity: medium
35 | source: kyverno
36 | timestamp:
37 | nanos: 0
38 | seconds: 1679565894
39 |
--------------------------------------------------------------------------------
/samples/sample-v1beta2-kyverno.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: openreports.io/v1alpha1
2 | kind: PolicyReport
3 | metadata:
4 | name: sample-v1beta2-cr
5 | annotations:
6 | name: Sample CR
7 | configuration:
8 | limits:
9 | maxResults: 100
10 | statusFilter:
11 | - pass
12 | - fail
13 | - skip
14 | source: kyverno
15 | summary:
16 | pass: 1
17 | fail: 0
18 | warn: 0
19 | error: 0
20 | skip: 0
21 | results:
22 | - category: Pod Security Standards (Baseline)
23 | message: validation rule 'adding-capabilities' passed.
24 | policy: disallow-capabilities
25 | resources:
26 | - apiVersion: v1
27 | kind: Pod
28 | name: kyverno-6d88f6dcdd-k6bc5
29 | namespace: nirmata
30 | uid: 3407b31a-b0bb-4716-a443-f4aa15662ef2
31 | result: pass
32 | rule: adding-capabilities
33 | scored: true
34 | severity: medium
35 | source: kyverno
36 | timestamp:
37 | nanos: 0
38 | seconds: 1679565894
39 |
--------------------------------------------------------------------------------