From b70329d98bacd8255f502293207b1609351dc1aa Mon Sep 17 00:00:00 2001 From: Daniel Pacak Date: Mon, 11 May 2020 20:27:46 +0200 Subject: [PATCH] chore(crds): Merge starboard-crds repository in Signed-off-by: Daniel Pacak --- .github/workflows/build.yml | 21 + .gitignore | 2 + README.md | 6 + go.mod | 10 + go.sum | 410 +++++++++++++ hack/boilerplate.go.txt | 0 hack/tools.go | 6 + hack/update-codegen.sh | 12 + hack/verify-codegen.sh | 34 ++ kube/crd/ciskubernetesbenchmarks-crd.yaml | 20 + kube/crd/configauditreports-crd.yaml | 18 + kube/crd/kubehunterreports-crd.yaml | 18 + kube/crd/vulnerabilities-crd.yaml | 140 +++++ kube/example/vulnerabilities.yaml | 47 ++ pkg/apis/aquasecurity/register.go | 6 + .../v1alpha1/cis_benchmark_types.go | 99 +++ .../aquasecurity/v1alpha1/common_types.go | 18 + .../v1alpha1/config_audit_types.go | 81 +++ pkg/apis/aquasecurity/v1alpha1/doc.go | 5 + .../v1alpha1/kube_hunter_types.go | 80 +++ pkg/apis/aquasecurity/v1alpha1/register.go | 45 ++ .../v1alpha1/vulnerability_types.go | 242 ++++++++ .../v1alpha1/zz_generated.deepcopy.go | 574 ++++++++++++++++++ .../clientset/versioned/clientset.go | 81 +++ pkg/generated/clientset/versioned/doc.go | 4 + .../versioned/fake/clientset_generated.go | 66 ++ pkg/generated/clientset/versioned/fake/doc.go | 4 + .../clientset/versioned/fake/register.go | 40 ++ .../clientset/versioned/scheme/doc.go | 4 + .../clientset/versioned/scheme/register.go | 40 ++ .../v1alpha1/aquasecurity_client.go | 88 +++ .../v1alpha1/ciskubernetesbenchmark.go | 148 +++++ .../v1alpha1/configauditreport.go | 158 +++++ .../typed/aquasecurity/v1alpha1/doc.go | 4 + .../typed/aquasecurity/v1alpha1/fake/doc.go | 4 + .../v1alpha1/fake/fake_aquasecurity_client.go | 36 ++ .../fake/fake_ciskubernetesbenchmark.go | 104 ++++ .../v1alpha1/fake/fake_configauditreport.go | 112 ++++ .../v1alpha1/fake/fake_kubehunterreport.go | 104 ++++ .../v1alpha1/fake/fake_vulnerability.go | 112 ++++ .../v1alpha1/generated_expansion.go | 11 + .../aquasecurity/v1alpha1/kubehunterreport.go | 148 +++++ .../aquasecurity/v1alpha1/vulnerability.go | 158 +++++ .../aquasecurity/interface.go | 30 + .../v1alpha1/ciskubernetesbenchmark.go | 72 +++ .../v1alpha1/configauditreport.go | 73 +++ .../aquasecurity/v1alpha1/interface.go | 50 ++ .../aquasecurity/v1alpha1/kubehunterreport.go | 72 +++ .../aquasecurity/v1alpha1/vulnerability.go | 73 +++ .../informers/externalversions/factory.go | 164 +++++ .../informers/externalversions/generic.go | 52 ++ .../internalinterfaces/factory_interfaces.go | 24 + .../v1alpha1/ciskubernetesbenchmark.go | 49 ++ .../v1alpha1/configauditreport.go | 78 +++ .../v1alpha1/expansion_generated.go | 27 + .../aquasecurity/v1alpha1/kubehunterreport.go | 49 ++ .../aquasecurity/v1alpha1/vulnerability.go | 78 +++ 57 files changed, 4211 insertions(+) create mode 100644 .github/workflows/build.yml create mode 100644 go.mod create mode 100644 go.sum create mode 100644 hack/boilerplate.go.txt create mode 100644 hack/tools.go create mode 100755 hack/update-codegen.sh create mode 100755 hack/verify-codegen.sh create mode 100644 kube/crd/ciskubernetesbenchmarks-crd.yaml create mode 100644 kube/crd/configauditreports-crd.yaml create mode 100644 kube/crd/kubehunterreports-crd.yaml create mode 100644 kube/crd/vulnerabilities-crd.yaml create mode 100644 kube/example/vulnerabilities.yaml create mode 100644 pkg/apis/aquasecurity/register.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/cis_benchmark_types.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/common_types.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/config_audit_types.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/doc.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/kube_hunter_types.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/register.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/vulnerability_types.go create mode 100644 pkg/apis/aquasecurity/v1alpha1/zz_generated.deepcopy.go create mode 100644 pkg/generated/clientset/versioned/clientset.go create mode 100644 pkg/generated/clientset/versioned/doc.go create mode 100644 pkg/generated/clientset/versioned/fake/clientset_generated.go create mode 100644 pkg/generated/clientset/versioned/fake/doc.go create mode 100644 pkg/generated/clientset/versioned/fake/register.go create mode 100644 pkg/generated/clientset/versioned/scheme/doc.go create mode 100644 pkg/generated/clientset/versioned/scheme/register.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/aquasecurity_client.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/ciskubernetesbenchmark.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/configauditreport.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/doc.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/doc.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_aquasecurity_client.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_ciskubernetesbenchmark.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_configauditreport.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_kubehunterreport.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_vulnerability.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/generated_expansion.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/kubehunterreport.go create mode 100644 pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/vulnerability.go create mode 100644 pkg/generated/informers/externalversions/aquasecurity/interface.go create mode 100644 pkg/generated/informers/externalversions/aquasecurity/v1alpha1/ciskubernetesbenchmark.go create mode 100644 pkg/generated/informers/externalversions/aquasecurity/v1alpha1/configauditreport.go create mode 100644 pkg/generated/informers/externalversions/aquasecurity/v1alpha1/interface.go create mode 100644 pkg/generated/informers/externalversions/aquasecurity/v1alpha1/kubehunterreport.go create mode 100644 pkg/generated/informers/externalversions/aquasecurity/v1alpha1/vulnerability.go create mode 100644 pkg/generated/informers/externalversions/factory.go create mode 100644 pkg/generated/informers/externalversions/generic.go create mode 100644 pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go create mode 100644 pkg/generated/listers/aquasecurity/v1alpha1/ciskubernetesbenchmark.go create mode 100644 pkg/generated/listers/aquasecurity/v1alpha1/configauditreport.go create mode 100644 pkg/generated/listers/aquasecurity/v1alpha1/expansion_generated.go create mode 100644 pkg/generated/listers/aquasecurity/v1alpha1/kubehunterreport.go create mode 100644 pkg/generated/listers/aquasecurity/v1alpha1/vulnerability.go diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..b43bec5e7 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,21 @@ +name: build +on: + push: + branches: + - master + pull_request: +jobs: + build: + name: Build + runs-on: ubuntu-18.04 + steps: + - name: Setup Go + uses: actions/setup-go@v1 + with: + go-version: 1.14 + - name: Checkout code + uses: actions/checkout@v2 + - name: Vendor Go modules + run: go mod vendor + - name: Verify generated code + run: GOPATH="$(go env GOPATH)" ./hack/verify-codegen.sh diff --git a/.gitignore b/.gitignore index 9f11b755a..fc8e44b0c 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,3 @@ .idea/ + +vendor/ \ No newline at end of file diff --git a/README.md b/README.md index 137dde244..39bb821e4 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +[![GitHub Release][release-img]][release] +[![Build Actions][build-action-img]][build-action] [![License][license-img]][license] # Starboard @@ -161,6 +163,10 @@ Kubernetes-native ways. This repository is available under the [Apache License 2.0][license]. +[release-img]: https://img.shields.io/github/release/aquasecurity/starboard.svg +[release]: https://github.com/aquasecurity/starboard/releases +[build-action-img]: https://github.com/aquasecurity/starboard/workflows/build/badge.svg +[build-action]: https://github.com/aquasecurity/starboard/actions [license-img]: https://img.shields.io/github/license/aquasecurity/starboard.svg [license]: https://github.com/aquasecurity/starboard/blob/master/LICENSE diff --git a/go.mod b/go.mod new file mode 100644 index 000000000..33867f7a2 --- /dev/null +++ b/go.mod @@ -0,0 +1,10 @@ +module github.com/aquasecurity/starboard + +go 1.14 + +require ( + k8s.io/apiextensions-apiserver v0.17.5 + k8s.io/apimachinery v0.17.5 + k8s.io/code-generator v0.17.5 + k8s.io/utils v0.0.0-20191114184206-e782cd3c129f +) diff --git a/go.sum b/go.sum new file mode 100644 index 000000000..2e980db95 --- /dev/null +++ b/go.sum @@ -0,0 +1,410 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= +github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= +github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= +github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= +github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= +github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= +github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= +github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= +github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= +github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= +github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= +github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= +github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= +github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= +github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= +github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= +github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= +github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= +github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= +github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= +github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/emicklei/go-restful v2.9.5+incompatible h1:spTtZBk5DYEvbxMVutUuTyh1Ao2r4iyvLdACqsl/Ljk= +github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= +github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= +github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= +github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= +github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= +github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= +github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= +github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= +github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= +github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= +github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= +github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= +github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= +github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= +github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= +github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= +github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= +github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= +github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= +github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= +github.com/go-openapi/jsonreference v0.19.3 h1:5cxNfTy0UVC3X8JL5ymxzyoUZmo8iZb+jeTWn7tUa8o= +github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= +github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= +github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= +github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= +github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= +github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= +github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= +github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= +github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= +github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= +github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= +github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= +github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= +github.com/go-openapi/spec v0.19.3 h1:0XRyw8kguri6Yw4SxhsQA/atC88yqrk0+G4YhI2wabc= +github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= +github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= +github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= +github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= +github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= +github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= +github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= +github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= +github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= +github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= +github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= +github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= +github.com/go-openapi/validate v0.19.5/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d h1:3PaI8p3seN09VjbTYC/QWlUZdZ1qS1zGjy7LH2Wt07I= +github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= +github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= +github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= +github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= +github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok= +github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= +github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= +github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= +github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= +github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= +github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= +github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= +github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= +github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= +github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= +github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= +go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= +go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= +go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= +go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= +go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= +go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= +golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495 h1:I6A9Ag9FpEKOjcKrRNjQkPHawoXIhKyTGfvvjFAiiAk= +golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= +golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= +golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE= +golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI= +golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= +golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= +golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72 h1:bw9doJza/SFBEweII/rHQh338oozWyiFsBRHtrflcws= +golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485 h1:OB/uP/Puiu5vS5QMRPrXCDWUPb+kt8f1KW8oQzFejQw= +gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= +gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= +gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e h1:jRyg0XfpwWlhEV8mDfdNGBeSJM2fuyh9Yjrnd8kF2Ts= +gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= +google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= +gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= +k8s.io/api v0.17.5/go.mod h1:0zV5/ungglgy2Rlm3QK8fbxkXVs+BSJWpJP/+8gUVLY= +k8s.io/apiextensions-apiserver v0.17.5 h1:1MvO6pRopn9ZHweFEVFxnWDRpMd3ZE7SPY156qDnOeI= +k8s.io/apiextensions-apiserver v0.17.5/go.mod h1:Up8qgvIy2v9521+YBhg7fhVtd4jgh/1MjotWr5GvOn4= +k8s.io/apimachinery v0.17.5 h1:QAjfgeTtSGksdkgyaPrIb4lhU16FWMIzxKejYD5S0gc= +k8s.io/apimachinery v0.17.5/go.mod h1:ioIo1G/a+uONV7Tv+ZmCbMG1/a3kVw5YcDdncd8ugQ0= +k8s.io/apiserver v0.17.5/go.mod h1:yo2cFZJ7AUj6BYYRWzEzs2cLtkY6F6zdxs8GhLu5V28= +k8s.io/client-go v0.17.5/go.mod h1:S8uZpBpjJJdEH/fEyxcqg7Rn0P5jH+ilkgBHjriSmNo= +k8s.io/code-generator v0.17.5 h1:JKh5hYOFb0cTls9mce3ZC4DWh01/nLEgqj8OSJBpVRw= +k8s.io/code-generator v0.17.5/go.mod h1:qdiSCSTKtS+3WtPelj2h57fylSQcPUlhMVm+TD9Dvqc= +k8s.io/component-base v0.17.5/go.mod h1:cZQAW1AUbBjD1lh+e/krbiIpqGz6fipI+vHslOBbuHE= +k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20190822140433-26a664648505 h1:ZY6yclUKVbZ+SdWnkfY+Je5vrMpKOxmGeKRbsXVmqYM= +k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= +k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= +k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= +k8s.io/kube-openapi v0.0.0-20200316234421-82d701f24f9d h1:jocF7XFucw2pEiv2wS7wk2FRFCjDFGV1oa4TMs0SAT0= +k8s.io/kube-openapi v0.0.0-20200316234421-82d701f24f9d/go.mod h1:F+5wygcW0wmRTnM3cOgIqGivxkwSWIWT5YdsDbeAOaU= +k8s.io/utils v0.0.0-20191114184206-e782cd3c129f h1:GiPwtSzdP43eI1hpPCbROQCCIgCuiMMNF8YUVLF3vJo= +k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= +modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= +modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= +modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= +modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= +modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= +sigs.k8s.io/structured-merge-diff/v2 v2.0.1/go.mod h1:Wb7vfKAodbKgf6tn1Kl0VvGj7mRH6DGaRcixXEJXTsE= +sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= +sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= diff --git a/hack/boilerplate.go.txt b/hack/boilerplate.go.txt new file mode 100644 index 000000000..e69de29bb diff --git a/hack/tools.go b/hack/tools.go new file mode 100644 index 000000000..da99540ef --- /dev/null +++ b/hack/tools.go @@ -0,0 +1,6 @@ +// +build tools + +// This package imports things required by build scripts, to force `go mod` to see them as dependencies. +package tools + +import _ "k8s.io/code-generator" diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh new file mode 100755 index 000000000..9263408ed --- /dev/null +++ b/hack/update-codegen.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +bash vendor/k8s.io/code-generator/generate-groups.sh all \ + github.com/aquasecurity/starboard/pkg/generated \ + github.com/aquasecurity/starboard/pkg/apis \ + aquasecurity:v1alpha1 \ + --output-base "${GOPATH}/src" \ + --go-header-file "hack/boilerplate.go.txt" diff --git a/hack/verify-codegen.sh b/hack/verify-codegen.sh new file mode 100755 index 000000000..c3973c822 --- /dev/null +++ b/hack/verify-codegen.sh @@ -0,0 +1,34 @@ +#!/usr/bin/env bash + +set -o errexit +set -o nounset +set -o pipefail + +SCRIPT_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. + +DIFFROOT="${SCRIPT_ROOT}/pkg" +TMP_DIFFROOT="${SCRIPT_ROOT}/_tmp/pkg" +_tmp="${SCRIPT_ROOT}/_tmp" + +cleanup() { + rm -rf "${_tmp}" +} +trap "cleanup" EXIT SIGINT + +cleanup + +mkdir -p "${TMP_DIFFROOT}" +cp -a "${DIFFROOT}"/* "${TMP_DIFFROOT}" + +"${SCRIPT_ROOT}/hack/update-codegen.sh" +echo "diffing ${DIFFROOT} against freshly generated codegen" +ret=0 +diff -Naupr "${DIFFROOT}" "${TMP_DIFFROOT}" || ret=$? +cp -a "${TMP_DIFFROOT}"/* "${DIFFROOT}" +if [[ $ret -eq 0 ]] +then + echo "${DIFFROOT} up to date." +else + echo "${DIFFROOT} is out of date. Please run hack/update-codegen.sh" + exit 1 +fi diff --git a/kube/crd/ciskubernetesbenchmarks-crd.yaml b/kube/crd/ciskubernetesbenchmarks-crd.yaml new file mode 100644 index 000000000..aca18d105 --- /dev/null +++ b/kube/crd/ciskubernetesbenchmarks-crd.yaml @@ -0,0 +1,20 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: ciskubernetesbenchmarks.aquasecurity.github.com +spec: + group: aquasecurity.github.com + versions: + - name: v1alpha1 + served: true + storage: true + scope: Cluster + names: + singular: ciskubernetesbenchmark + plural: ciskubernetesbenchmarks + kind: CISKubernetesBenchmark + listKind: CISKubernetesBenchmarkList + categories: + - all + shortNames: + - ciskubebench diff --git a/kube/crd/configauditreports-crd.yaml b/kube/crd/configauditreports-crd.yaml new file mode 100644 index 000000000..30dbf6c81 --- /dev/null +++ b/kube/crd/configauditreports-crd.yaml @@ -0,0 +1,18 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: configauditreports.aquasecurity.github.com +spec: + group: aquasecurity.github.com + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + singular: configauditreport + plural: configauditreports + kind: ConfigAuditReport + listKind: ConfigAuditReportList + categories: + - all diff --git a/kube/crd/kubehunterreports-crd.yaml b/kube/crd/kubehunterreports-crd.yaml new file mode 100644 index 000000000..148260ec3 --- /dev/null +++ b/kube/crd/kubehunterreports-crd.yaml @@ -0,0 +1,18 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: kubehunterreports.aquasecurity.github.com +spec: + group: aquasecurity.github.com + versions: + - name: v1alpha1 + served: true + storage: true + scope: Cluster + names: + singular: kubehunterreport + plural: kubehunterreports + kind: KubeHunterReport + listKind: KubeHunterReportList + categories: + - all diff --git a/kube/crd/vulnerabilities-crd.yaml b/kube/crd/vulnerabilities-crd.yaml new file mode 100644 index 000000000..d40c4044c --- /dev/null +++ b/kube/crd/vulnerabilities-crd.yaml @@ -0,0 +1,140 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: vulnerabilities.aquasecurity.github.com +spec: + group: aquasecurity.github.com + versions: + - name: v1alpha1 + served: true + storage: true + scope: Namespaced + names: + singular: vulnerability + plural: vulnerabilities + kind: Vulnerability + listKind: VulnerabilityList + categories: + - all + shortNames: + - vuln + - vulns + validation: + openAPIV3Schema: + type: object + required: + - apiVersion + - kind + - metadata + - report + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + report: + type: object + required: + - generatedAt + - scanner + - artifact + - summary + - vulnerabilities + properties: + generatedAt: + type: string + format: date-time + scanner: + type: object + required: + - name + - vendor + - version + properties: + name: + type: string + vendor: + type: string + version: + type: string + registry: + type: object + properties: + url: + type: string + format: url + artifact: + type: object + properties: + repository: + type: string + digest: + type: string + tag: + type: string + mimeType: + type: string + summary: + type: object + required: + - criticalCount + - highCount + - mediumCount + - lowCount + - unknownCount + properties: + criticalCount: + type: integer + minimum: 0 + highCount: + type: integer + minimum: 0 + mediumCount: + type: integer + minimum: 0 + lowCount: + type: integer + minimum: 0 + unknownCount: + type: integer + minimum: 0 + vulnerabilities: + type: array + items: + type: object + required: + - vulnerabilityID + - resource + - installedVersion + - fixedVersion + - severity + - title + properties: + vulnerabilityID: + type: string + resource: + type: string + installedVersion: + type: string + fixedVersion: + type: string + severity: + type: string + enum: + - CRITICAL + - HIGH + - MEDIUM + - LOW + - UNKNOWN + title: + type: string + description: + type: string + layerID: + type: string + links: + type: array + items: + type: string diff --git a/kube/example/vulnerabilities.yaml b/kube/example/vulnerabilities.yaml new file mode 100644 index 000000000..a2a8e4e88 --- /dev/null +++ b/kube/example/vulnerabilities.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: aquasecurity.github.com/v1alpha1 +kind: Vulnerability +metadata: + name: "sha256.bfb2cb1b47766fc424a7826d5ae79dc3aa70a8bbb697de7e683b965d47eb4295" +report: + generatedAt: "2020-03-22T00:11:08Z" + scanner: + name: Trivy + vendor: Aqua Security + version: 0.5.2 + registry: + url: https://index.docker.io/v1/ + artifact: + repository: "library/alpine" + digest: "sha256:bfb2cb1b47766fc424a7826d5ae79dc3aa70a8bbb697de7e683b965d47eb4295" + tag: "3.10.2" + mimeType: "application/vnd.docker.distribution.manifest.v2+json" + summary: + criticalCount: 0 + highCount: 0 + mediumCount: 2 + lowCount: 0 + unknownCount: 0 + vulnerabilities: + - vulnerabilityID: CVE-2019-1549 + resource: openssl + installedVersion: 1.1.1c-r0 + fixedVersion: 1.1.1d-r0 + severity: MEDIUM + title: "openssl: information disclosure in fork()" + layerID: "sha256:bfb2cb1b47766fc424a7826d5ae79dc3aa70a8bbb697de7e683b965d47eb4295" + description: | + OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the + event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG + state. However this protection was not being used in the default case. A partial mitigation for this issue is that + the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process + sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using + OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). + links: + - "https://nvd.nist.gov/vuln/detail/CVE-2019-1549" + - vulnerabilityID: CVE-2019-1563 + resource: openssl + installedVersion: 1.1.1c-r0 + fixedVersion: 1.1.1d-r0 + severity: MEDIUM + title: "openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey" diff --git a/pkg/apis/aquasecurity/register.go b/pkg/apis/aquasecurity/register.go new file mode 100644 index 000000000..4139c0982 --- /dev/null +++ b/pkg/apis/aquasecurity/register.go @@ -0,0 +1,6 @@ +package aquasecurity + +// GroupName is the group name used in this package. +const ( + GroupName = "aquasecurity.github.com" +) diff --git a/pkg/apis/aquasecurity/v1alpha1/cis_benchmark_types.go b/pkg/apis/aquasecurity/v1alpha1/cis_benchmark_types.go new file mode 100644 index 000000000..0f8c0f7be --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/cis_benchmark_types.go @@ -0,0 +1,99 @@ +package v1alpha1 + +import ( + "github.com/aquasecurity/starboard/pkg/apis/aquasecurity" + extv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + meta "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + CISKubernetesBenchmarksCRName = "ciskubernetesbenchmarks.aquasecurity.github.com" + CISKubernetesBenchmarksCRVersion = "v1alpha1" +) + +var ( + CISKubernetesBenchmarksCRD = extv1beta1.CustomResourceDefinition{ + ObjectMeta: meta.ObjectMeta{ + Name: CISKubernetesBenchmarksCRName, + }, + Spec: extv1beta1.CustomResourceDefinitionSpec{ + Group: aquasecurity.GroupName, + Versions: []extv1beta1.CustomResourceDefinitionVersion{ + { + Name: CISKubernetesBenchmarksCRVersion, + Served: true, + Storage: true, + }, + }, + Scope: extv1beta1.ClusterScoped, + Names: extv1beta1.CustomResourceDefinitionNames{ + Singular: "ciskubernetesbenchmark", + Plural: "ciskubernetesbenchmarks", + Kind: "CISKubernetesBenchmark", + ListKind: "CISKubernetesBenchmarkList", + Categories: []string{"all"}, + ShortNames: []string{"ciskubebench"}, + }, + }, + } +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// CISKubernetesBenchmark is a specification for the CISKubernetesBenchmark resource. +type CISKubernetesBenchmark struct { + meta.TypeMeta `json:",inline"` + meta.ObjectMeta `json:"metadata,omitempty"` + + Report CISKubernetesBenchmarkReport `json:"report"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// CISKubernetesBenchmarkList is a list of CISKubernetesBenchmark resources. +type CISKubernetesBenchmarkList struct { + meta.TypeMeta `json:",inline"` + meta.ListMeta `json:"metadata"` + + Items []CISKubernetesBenchmark `json:"items"` +} + +type CISKubernetesBenchmarkReport struct { + GeneratedAt meta.Time `json:"generatedAt"` + Scanner Scanner `json:"scanner"` + Sections []CISKubernetesBenchmarkSection `json:"sections"` +} + +type CISKubernetesBenchmarkSection struct { + ID string `json:"id"` + Version string `json:"version"` + Text string `json:"text"` + NodeType string `json:"node_type"` + TotalPass int `json:"total_pass"` + TotalFail int `json:"total_fail"` + TotalWarn int `json:"total_warn"` + TotalInfo int `json:"total_info"` + + Tests []CISKubernetesBenchmarkTests `json:"tests"` +} + +type CISKubernetesBenchmarkTests struct { + Section string `json:"section"` + Pass int `json:"pass"` + Fail int `json:"fail"` + Warn int `json:"warn"` + Info int `json:"info"` + Desc string `json:"desc"` + + Results []CISKubernetesBenchmarkResult `json:"results"` +} + +type CISKubernetesBenchmarkResult struct { + TestNumber string `json:"test_number"` + TestDesc string `json:"test_desc"` + Remediation string `json:"remediation"` + Status string `json:"status"` + Scored bool `json:"scored"` +} diff --git a/pkg/apis/aquasecurity/v1alpha1/common_types.go b/pkg/apis/aquasecurity/v1alpha1/common_types.go new file mode 100644 index 000000000..ca65b25bc --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/common_types.go @@ -0,0 +1,18 @@ +package v1alpha1 + +// Scanner is the spec for a scanner generating a security assessment report. +type Scanner struct { + Name string `json:"name"` + Vendor string `json:"vendor"` + Version string `json:"version"` +} + +type KubernetesResource struct { + Kind string `json:"kind"` // Pod, Deployment, Node, etc. + Name string `json:"name"` // my-pod, my-deployment, my-node, etc. +} + +type KubernetesNamespacedResource struct { + Namespace string `json:"namespace"` + KubernetesResource +} diff --git a/pkg/apis/aquasecurity/v1alpha1/config_audit_types.go b/pkg/apis/aquasecurity/v1alpha1/config_audit_types.go new file mode 100644 index 000000000..59a365fa0 --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/config_audit_types.go @@ -0,0 +1,81 @@ +package v1alpha1 + +import ( + "github.com/aquasecurity/starboard/pkg/apis/aquasecurity" + extv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + meta "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + ConfigAuditReportsCRName = "configauditreports.aquasecurity.github.com" + ConfigAuditReportsCRVersion = "v1alpha1" + ConfigAuditReportKind = "ConfigAuditReport" + ConfigAuditReportListKind = "ConfigAuditReportList" +) + +var ( + ConfigAuditReportsCRD = extv1beta1.CustomResourceDefinition{ + ObjectMeta: meta.ObjectMeta{ + Name: ConfigAuditReportsCRName, + }, + Spec: extv1beta1.CustomResourceDefinitionSpec{ + Group: aquasecurity.GroupName, + Versions: []extv1beta1.CustomResourceDefinitionVersion{ + { + Name: ConfigAuditReportsCRVersion, + Served: true, + Storage: true, + }, + }, + Scope: extv1beta1.NamespaceScoped, + Names: extv1beta1.CustomResourceDefinitionNames{ + Singular: "configauditreport", + Plural: "configauditreports", + Kind: ConfigAuditReportKind, + ListKind: ConfigAuditReportListKind, + Categories: []string{"all"}, + }, + }, + } +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ConfigAuditReport is a specification for the ConfigAuditReport resource. +type ConfigAuditReport struct { + meta.TypeMeta `json:",inline"` + meta.ObjectMeta `json:"metadata,omitempty"` + + Report ConfigAudit `json:"report"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// ConfigAuditReportList is a list of AuditConfig resources. +type ConfigAuditReportList struct { + meta.TypeMeta `json:",inline"` + meta.ListMeta `json:"metadata"` + + Items []ConfigAuditReport `json:"items"` +} + +// TODO We can make this type even more generic and applicable not only to Pods or Controllers +// TODO by defining scope type (e.g. Pod, Container, Node) and the name of the scope (e.g. my-pod, my-container, +// TODO my-node) +type ConfigAudit struct { + GeneratedAt meta.Time `json:"generatedAt"` + Scanner Scanner `json:"scanner"` + Resource KubernetesNamespacedResource `json:"resource"` + PodChecks []Check `json:"podChecks"` + ContainerChecks map[string][]Check `json:"containerChecks"` +} + +// AuditCheck +type Check struct { + ID string `json:"checkID"` + Message string `json:"message"` + Success bool `json:"success"` + Severity string `json:"severity"` + Category string `json:"category"` +} diff --git a/pkg/apis/aquasecurity/v1alpha1/doc.go b/pkg/apis/aquasecurity/v1alpha1/doc.go new file mode 100644 index 000000000..402feeabe --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/doc.go @@ -0,0 +1,5 @@ +// +k8s:deepcopy-gen=package +// +groupName=aquasecurity.github.com + +// Package v1alpha1 is the v1alpha1 version of the API. +package v1alpha1 // import "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" diff --git a/pkg/apis/aquasecurity/v1alpha1/kube_hunter_types.go b/pkg/apis/aquasecurity/v1alpha1/kube_hunter_types.go new file mode 100644 index 000000000..9d5022916 --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/kube_hunter_types.go @@ -0,0 +1,80 @@ +package v1alpha1 + +import ( + "github.com/aquasecurity/starboard/pkg/apis/aquasecurity" + extv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + meta "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + KubeHunterReportKind = "KubeHunterReport" + KubeHunterReportListKind = "KubeHunterReportList" + KubeHunterReportCRName = "kubehunterreports.aquasecurity.github.com" + KubeHunterReportCRVersion = "v1alpha1" +) + +var ( + KubeHunterReportCRD = extv1beta1.CustomResourceDefinition{ + ObjectMeta: meta.ObjectMeta{ + Name: KubeHunterReportCRName, + }, + Spec: extv1beta1.CustomResourceDefinitionSpec{ + Group: aquasecurity.GroupName, + Versions: []extv1beta1.CustomResourceDefinitionVersion{ + { + Name: KubeHunterReportCRVersion, + Served: true, + Storage: true, + }, + }, + Scope: extv1beta1.ClusterScoped, + Names: extv1beta1.CustomResourceDefinitionNames{ + Singular: "kubehunterreport", + Plural: "kubehunterreports", + Kind: KubeHunterReportKind, + ListKind: KubeHunterReportListKind, + Categories: []string{"all"}, + }, + }, + } +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// KubeHunterReport is a specification for the KubeHunterReport resource. +type KubeHunterReport struct { + meta.TypeMeta `json:",inline"` + meta.ObjectMeta `json:"metadata,omitempty"` + + Report KubeHunterOutput `json:"report"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// KubeHunterReportList is a list of KubeHunterReport resources. +type KubeHunterReportList struct { + meta.TypeMeta `json:",inline"` + meta.ListMeta `json:"metadata"` + + Items []KubeHunterReport `json:"items"` +} + +type KubeHunterOutput struct { + GeneratedAt meta.Time `json:"generatedAt"` + Scanner Scanner `json:"scanner"` + + Vulnerabilities []KubeHunterVulnerability `json:"vulnerabilities"` +} + +type KubeHunterVulnerability struct { + Location string `json:"location"` // e.g. "Local to Pod(kube-hunter-sj7zj)" + ID string `json:"vid"` // e.g. "KHV050" + Category string `json:"category"` // e.g. "Access Risk" + Severity string `json:"severity"` // e.g. "low" + Vulnerability string `json:"vulnerability"` // e.g. "Read access to pod's service account token" + Description string `json:"description"` // e.g. "Accessing the pod service account token gives an attacker the option to use the server API" + Evidence string `json:"evidence"` // e.g. "eyJhbGciOiJSUzI1NiIMXA1..." + Hunter string `json:"hunter"` // e.g. "Access Secrets" +} diff --git a/pkg/apis/aquasecurity/v1alpha1/register.go b/pkg/apis/aquasecurity/v1alpha1/register.go new file mode 100644 index 000000000..b5cf39ab8 --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/register.go @@ -0,0 +1,45 @@ +package v1alpha1 + +import ( + meta "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/aquasecurity/starboard/pkg/apis/aquasecurity" +) + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: aquasecurity.GroupName, Version: "v1alpha1"} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder initializes a scheme builder + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // AddToScheme is a global function that registers this API group & version to a scheme + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to Scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &Vulnerability{}, + &VulnerabilityList{}, + &CISKubernetesBenchmark{}, + &CISKubernetesBenchmarkList{}, + &KubeHunterReport{}, + &KubeHunterReportList{}, + &ConfigAuditReport{}, + &ConfigAuditReportList{}, + ) + meta.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/apis/aquasecurity/v1alpha1/vulnerability_types.go b/pkg/apis/aquasecurity/v1alpha1/vulnerability_types.go new file mode 100644 index 000000000..93695d147 --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/vulnerability_types.go @@ -0,0 +1,242 @@ +package v1alpha1 + +import ( + "strconv" + + "k8s.io/utils/pointer" + + "github.com/aquasecurity/starboard/pkg/apis/aquasecurity" + extv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1" + meta "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +const ( + VulnerabilitiesCRName = "vulnerabilities.aquasecurity.github.com" + VulnerabilitiesCRVersion = "v1alpha1" +) + +var ( + VulnerabilitiesCRD = extv1beta1.CustomResourceDefinition{ + ObjectMeta: meta.ObjectMeta{ + Name: VulnerabilitiesCRName, + }, + Spec: extv1beta1.CustomResourceDefinitionSpec{ + Group: aquasecurity.GroupName, + Versions: []extv1beta1.CustomResourceDefinitionVersion{ + { + Name: VulnerabilitiesCRVersion, + Served: true, + Storage: true, + }, + }, + Scope: extv1beta1.NamespaceScoped, + Names: extv1beta1.CustomResourceDefinitionNames{ + Singular: "vulnerability", + Plural: "vulnerabilities", + Kind: "Vulnerability", + ListKind: "VulnerabilityList", + Categories: []string{"all"}, + ShortNames: []string{"vulns", "vuln"}, + }, + Validation: &extv1beta1.CustomResourceValidation{ + OpenAPIV3Schema: &extv1beta1.JSONSchemaProps{ + Type: "object", + Required: []string{ + "apiVersion", + "kind", + "metadata", + "report", + }, + Properties: map[string]extv1beta1.JSONSchemaProps{ + "apiVersion": {Type: "string"}, + "kind": {Type: "string"}, + "metadata": {Type: "object"}, + "report": { + Type: "object", + Required: []string{ + "generatedAt", + "scanner", + "artifact", + "vulnerabilities", + }, + Properties: map[string]extv1beta1.JSONSchemaProps{ + "generatedAt": { + Type: "string", + Format: "date-time", + }, + "scanner": { + Type: "object", + Required: []string{ + "name", + "vendor", + "version", + }, + Properties: map[string]extv1beta1.JSONSchemaProps{ + "name": {Type: "string"}, + "vendor": {Type: "string"}, + "version": {Type: "string"}, + }, + }, + "registry": { + Type: "object", + Properties: map[string]extv1beta1.JSONSchemaProps{ + "url": {Type: "string", Format: "url"}, + }, + }, + "artifact": { + Type: "object", + Properties: map[string]extv1beta1.JSONSchemaProps{ + "repository": {Type: "string"}, + "digest": {Type: "string"}, + "tag": {Type: "string"}, + "mimeType": {Type: "string"}, + }, + }, + "summary": { + Type: "object", + Required: []string{ + "criticalCount", + "highCount", + "mediumCount", + "lowCount", + "unknownCount", + }, + Properties: map[string]extv1beta1.JSONSchemaProps{ + "criticalCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, + "highCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, + "mediumCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, + "lowCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, + "unknownCount": {Type: "integer", Minimum: pointer.Float64Ptr(0)}, + }, + }, + "vulnerabilities": { + Type: "array", + Items: &extv1beta1.JSONSchemaPropsOrArray{ + Schema: &extv1beta1.JSONSchemaProps{ + Type: "object", + Required: []string{ + "vulnerabilityID", + "resource", + "installedVersion", + "fixedVersion", + "severity", + "title", + }, + Properties: map[string]extv1beta1.JSONSchemaProps{ + "vulnerabilityID": {Type: "string"}, + "resource": {Type: "string"}, + "installedVersion": {Type: "string"}, + "fixedVersion": {Type: "string"}, + "severity": { + Type: "string", + Enum: []extv1beta1.JSON{ + {Raw: []byte(strconv.Quote(string(SeverityCritical)))}, + {Raw: []byte(strconv.Quote(string(SeverityHigh)))}, + {Raw: []byte(strconv.Quote(string(SeverityMedium)))}, + {Raw: []byte(strconv.Quote(string(SeverityLow)))}, + {Raw: []byte(strconv.Quote(string(SeverityUnknown)))}, + }, + }, + "title": {Type: "string"}, + "layerID": {Type: "string"}, + "description": {Type: "string"}, + "links": { + Type: "array", + Items: &extv1beta1.JSONSchemaPropsOrArray{ + Schema: &extv1beta1.JSONSchemaProps{ + Type: "string", + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + }, + } +) + +type Severity string + +const ( + SeverityCritical Severity = "CRITICAL" + SeverityHigh Severity = "HIGH" + SeverityMedium Severity = "MEDIUM" + SeverityLow Severity = "LOW" + SeverityNone Severity = "NONE" + SeverityUnknown Severity = "UNKNOWN" +) + +type VulnerabilitySummary struct { + CriticalCount int `json:"criticalCount"` + HighCount int `json:"highCount"` + MediumCount int `json:"mediumCount"` + LowCount int `json:"lowCount"` + NoneCount int `json:"noneCount"` + UnknownCount int `json:"unknownCount"` +} + +type Registry struct { + URL string `json:"url"` +} + +// Artifact is the spec for an artifact that can be scanned. +type Artifact struct { + Repository string `json:"repository"` + Digest string `json:"digest"` + Tag string `json:"tag,omitempty"` + MimeType string `json:"mimeType,omitempty"` +} + +// VulnerabilityItem is the spec for a vulnerability record. +type VulnerabilityItem struct { + VulnerabilityID string `json:"vulnerabilityID"` + Resource string `json:"resource"` + // TODO Add ResourceType enum property to distinguish between OS packages and application dependencies + InstalledVersion string `json:"installedVersion"` + FixedVersion string `json:"fixedVersion"` + Severity Severity `json:"severity"` + LayerID string `json:"layerID"` + Title string `json:"title"` + Description string `json:"description"` + Links []string `json:"links"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// Vulnerability is a specification for the Vulnerability resource. +type Vulnerability struct { + meta.TypeMeta `json:",inline"` + meta.ObjectMeta `json:"metadata,omitempty"` + + Report VulnerabilityReport `json:"report"` +} + +// VulnerabilityReport is the spec for the vulnerability report. +// +// The spec follows the Pluggable Scanners API defined for Harbor. +// @see https://github.com/goharbor/pluggable-scanner-spec/blob/master/api/spec/scanner-adapter-openapi-v1.0.yaml +type VulnerabilityReport struct { + GeneratedAt meta.Time `json:"generatedAt"` + Scanner Scanner `json:"scanner"` + Registry Registry `json:"registry"` + Artifact Artifact `json:"artifact"` + Summary VulnerabilitySummary `json:"summary"` + Vulnerabilities []VulnerabilityItem `json:"vulnerabilities"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// VulnerabilityList is a list of Vulnerability resources. +type VulnerabilityList struct { + meta.TypeMeta `json:",inline"` + meta.ListMeta `json:"metadata"` + + Items []Vulnerability `json:"items"` +} diff --git a/pkg/apis/aquasecurity/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/aquasecurity/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 000000000..2f724a00f --- /dev/null +++ b/pkg/apis/aquasecurity/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,574 @@ +// +build !ignore_autogenerated + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Artifact) DeepCopyInto(out *Artifact) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Artifact. +func (in *Artifact) DeepCopy() *Artifact { + if in == nil { + return nil + } + out := new(Artifact) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CISKubernetesBenchmark) DeepCopyInto(out *CISKubernetesBenchmark) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Report.DeepCopyInto(&out.Report) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubernetesBenchmark. +func (in *CISKubernetesBenchmark) DeepCopy() *CISKubernetesBenchmark { + if in == nil { + return nil + } + out := new(CISKubernetesBenchmark) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CISKubernetesBenchmark) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CISKubernetesBenchmarkList) DeepCopyInto(out *CISKubernetesBenchmarkList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]CISKubernetesBenchmark, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubernetesBenchmarkList. +func (in *CISKubernetesBenchmarkList) DeepCopy() *CISKubernetesBenchmarkList { + if in == nil { + return nil + } + out := new(CISKubernetesBenchmarkList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *CISKubernetesBenchmarkList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CISKubernetesBenchmarkReport) DeepCopyInto(out *CISKubernetesBenchmarkReport) { + *out = *in + in.GeneratedAt.DeepCopyInto(&out.GeneratedAt) + out.Scanner = in.Scanner + if in.Sections != nil { + in, out := &in.Sections, &out.Sections + *out = make([]CISKubernetesBenchmarkSection, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubernetesBenchmarkReport. +func (in *CISKubernetesBenchmarkReport) DeepCopy() *CISKubernetesBenchmarkReport { + if in == nil { + return nil + } + out := new(CISKubernetesBenchmarkReport) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CISKubernetesBenchmarkResult) DeepCopyInto(out *CISKubernetesBenchmarkResult) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubernetesBenchmarkResult. +func (in *CISKubernetesBenchmarkResult) DeepCopy() *CISKubernetesBenchmarkResult { + if in == nil { + return nil + } + out := new(CISKubernetesBenchmarkResult) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CISKubernetesBenchmarkSection) DeepCopyInto(out *CISKubernetesBenchmarkSection) { + *out = *in + if in.Tests != nil { + in, out := &in.Tests, &out.Tests + *out = make([]CISKubernetesBenchmarkTests, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubernetesBenchmarkSection. +func (in *CISKubernetesBenchmarkSection) DeepCopy() *CISKubernetesBenchmarkSection { + if in == nil { + return nil + } + out := new(CISKubernetesBenchmarkSection) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CISKubernetesBenchmarkTests) DeepCopyInto(out *CISKubernetesBenchmarkTests) { + *out = *in + if in.Results != nil { + in, out := &in.Results, &out.Results + *out = make([]CISKubernetesBenchmarkResult, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CISKubernetesBenchmarkTests. +func (in *CISKubernetesBenchmarkTests) DeepCopy() *CISKubernetesBenchmarkTests { + if in == nil { + return nil + } + out := new(CISKubernetesBenchmarkTests) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Check) DeepCopyInto(out *Check) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Check. +func (in *Check) DeepCopy() *Check { + if in == nil { + return nil + } + out := new(Check) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigAudit) DeepCopyInto(out *ConfigAudit) { + *out = *in + in.GeneratedAt.DeepCopyInto(&out.GeneratedAt) + out.Scanner = in.Scanner + out.Resource = in.Resource + if in.PodChecks != nil { + in, out := &in.PodChecks, &out.PodChecks + *out = make([]Check, len(*in)) + copy(*out, *in) + } + if in.ContainerChecks != nil { + in, out := &in.ContainerChecks, &out.ContainerChecks + *out = make(map[string][]Check, len(*in)) + for key, val := range *in { + var outVal []Check + if val == nil { + (*out)[key] = nil + } else { + in, out := &val, &outVal + *out = make([]Check, len(*in)) + copy(*out, *in) + } + (*out)[key] = outVal + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAudit. +func (in *ConfigAudit) DeepCopy() *ConfigAudit { + if in == nil { + return nil + } + out := new(ConfigAudit) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigAuditReport) DeepCopyInto(out *ConfigAuditReport) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Report.DeepCopyInto(&out.Report) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditReport. +func (in *ConfigAuditReport) DeepCopy() *ConfigAuditReport { + if in == nil { + return nil + } + out := new(ConfigAuditReport) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ConfigAuditReport) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConfigAuditReportList) DeepCopyInto(out *ConfigAuditReportList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ConfigAuditReport, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigAuditReportList. +func (in *ConfigAuditReportList) DeepCopy() *ConfigAuditReportList { + if in == nil { + return nil + } + out := new(ConfigAuditReportList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ConfigAuditReportList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeHunterOutput) DeepCopyInto(out *KubeHunterOutput) { + *out = *in + in.GeneratedAt.DeepCopyInto(&out.GeneratedAt) + out.Scanner = in.Scanner + if in.Vulnerabilities != nil { + in, out := &in.Vulnerabilities, &out.Vulnerabilities + *out = make([]KubeHunterVulnerability, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterOutput. +func (in *KubeHunterOutput) DeepCopy() *KubeHunterOutput { + if in == nil { + return nil + } + out := new(KubeHunterOutput) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeHunterReport) DeepCopyInto(out *KubeHunterReport) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Report.DeepCopyInto(&out.Report) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterReport. +func (in *KubeHunterReport) DeepCopy() *KubeHunterReport { + if in == nil { + return nil + } + out := new(KubeHunterReport) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubeHunterReport) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeHunterReportList) DeepCopyInto(out *KubeHunterReportList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]KubeHunterReport, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterReportList. +func (in *KubeHunterReportList) DeepCopy() *KubeHunterReportList { + if in == nil { + return nil + } + out := new(KubeHunterReportList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *KubeHunterReportList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubeHunterVulnerability) DeepCopyInto(out *KubeHunterVulnerability) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeHunterVulnerability. +func (in *KubeHunterVulnerability) DeepCopy() *KubeHunterVulnerability { + if in == nil { + return nil + } + out := new(KubeHunterVulnerability) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesNamespacedResource) DeepCopyInto(out *KubernetesNamespacedResource) { + *out = *in + out.KubernetesResource = in.KubernetesResource + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesNamespacedResource. +func (in *KubernetesNamespacedResource) DeepCopy() *KubernetesNamespacedResource { + if in == nil { + return nil + } + out := new(KubernetesNamespacedResource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *KubernetesResource) DeepCopyInto(out *KubernetesResource) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesResource. +func (in *KubernetesResource) DeepCopy() *KubernetesResource { + if in == nil { + return nil + } + out := new(KubernetesResource) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Registry) DeepCopyInto(out *Registry) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Registry. +func (in *Registry) DeepCopy() *Registry { + if in == nil { + return nil + } + out := new(Registry) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Scanner) DeepCopyInto(out *Scanner) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Scanner. +func (in *Scanner) DeepCopy() *Scanner { + if in == nil { + return nil + } + out := new(Scanner) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Vulnerability) DeepCopyInto(out *Vulnerability) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Report.DeepCopyInto(&out.Report) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Vulnerability. +func (in *Vulnerability) DeepCopy() *Vulnerability { + if in == nil { + return nil + } + out := new(Vulnerability) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Vulnerability) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VulnerabilityItem) DeepCopyInto(out *VulnerabilityItem) { + *out = *in + if in.Links != nil { + in, out := &in.Links, &out.Links + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityItem. +func (in *VulnerabilityItem) DeepCopy() *VulnerabilityItem { + if in == nil { + return nil + } + out := new(VulnerabilityItem) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VulnerabilityList) DeepCopyInto(out *VulnerabilityList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Vulnerability, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityList. +func (in *VulnerabilityList) DeepCopy() *VulnerabilityList { + if in == nil { + return nil + } + out := new(VulnerabilityList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VulnerabilityList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VulnerabilityReport) DeepCopyInto(out *VulnerabilityReport) { + *out = *in + in.GeneratedAt.DeepCopyInto(&out.GeneratedAt) + out.Scanner = in.Scanner + out.Registry = in.Registry + out.Artifact = in.Artifact + out.Summary = in.Summary + if in.Vulnerabilities != nil { + in, out := &in.Vulnerabilities, &out.Vulnerabilities + *out = make([]VulnerabilityItem, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilityReport. +func (in *VulnerabilityReport) DeepCopy() *VulnerabilityReport { + if in == nil { + return nil + } + out := new(VulnerabilityReport) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VulnerabilitySummary) DeepCopyInto(out *VulnerabilitySummary) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VulnerabilitySummary. +func (in *VulnerabilitySummary) DeepCopy() *VulnerabilitySummary { + if in == nil { + return nil + } + out := new(VulnerabilitySummary) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/generated/clientset/versioned/clientset.go b/pkg/generated/clientset/versioned/clientset.go new file mode 100644 index 000000000..c98a31f66 --- /dev/null +++ b/pkg/generated/clientset/versioned/clientset.go @@ -0,0 +1,81 @@ +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + AquasecurityV1alpha1() aquasecurityv1alpha1.AquasecurityV1alpha1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + aquasecurityV1alpha1 *aquasecurityv1alpha1.AquasecurityV1alpha1Client +} + +// AquasecurityV1alpha1 retrieves the AquasecurityV1alpha1Client +func (c *Clientset) AquasecurityV1alpha1() aquasecurityv1alpha1.AquasecurityV1alpha1Interface { + return c.aquasecurityV1alpha1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("Burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.aquasecurityV1alpha1, err = aquasecurityv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.aquasecurityV1alpha1 = aquasecurityv1alpha1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.aquasecurityV1alpha1 = aquasecurityv1alpha1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/pkg/generated/clientset/versioned/doc.go b/pkg/generated/clientset/versioned/doc.go new file mode 100644 index 000000000..0e0c2a890 --- /dev/null +++ b/pkg/generated/clientset/versioned/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/pkg/generated/clientset/versioned/fake/clientset_generated.go b/pkg/generated/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 000000000..7b10a6390 --- /dev/null +++ b/pkg/generated/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,66 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1" + fakeaquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var _ clientset.Interface = &Clientset{} + +// AquasecurityV1alpha1 retrieves the AquasecurityV1alpha1Client +func (c *Clientset) AquasecurityV1alpha1() aquasecurityv1alpha1.AquasecurityV1alpha1Interface { + return &fakeaquasecurityv1alpha1.FakeAquasecurityV1alpha1{Fake: &c.Fake} +} diff --git a/pkg/generated/clientset/versioned/fake/doc.go b/pkg/generated/clientset/versioned/fake/doc.go new file mode 100644 index 000000000..3630ed1cd --- /dev/null +++ b/pkg/generated/clientset/versioned/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/pkg/generated/clientset/versioned/fake/register.go b/pkg/generated/clientset/versioned/fake/register.go new file mode 100644 index 000000000..85b9ea826 --- /dev/null +++ b/pkg/generated/clientset/versioned/fake/register.go @@ -0,0 +1,40 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + aquasecurityv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/pkg/generated/clientset/versioned/scheme/doc.go b/pkg/generated/clientset/versioned/scheme/doc.go new file mode 100644 index 000000000..14db57a58 --- /dev/null +++ b/pkg/generated/clientset/versioned/scheme/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/pkg/generated/clientset/versioned/scheme/register.go b/pkg/generated/clientset/versioned/scheme/register.go new file mode 100644 index 000000000..94a295001 --- /dev/null +++ b/pkg/generated/clientset/versioned/scheme/register.go @@ -0,0 +1,40 @@ +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + aquasecurityv1alpha1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/aquasecurity_client.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/aquasecurity_client.go new file mode 100644 index 000000000..8cd3712ef --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/aquasecurity_client.go @@ -0,0 +1,88 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type AquasecurityV1alpha1Interface interface { + RESTClient() rest.Interface + CISKubernetesBenchmarksGetter + ConfigAuditReportsGetter + KubeHunterReportsGetter + VulnerabilitiesGetter +} + +// AquasecurityV1alpha1Client is used to interact with features provided by the aquasecurity.github.com group. +type AquasecurityV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AquasecurityV1alpha1Client) CISKubernetesBenchmarks() CISKubernetesBenchmarkInterface { + return newCISKubernetesBenchmarks(c) +} + +func (c *AquasecurityV1alpha1Client) ConfigAuditReports(namespace string) ConfigAuditReportInterface { + return newConfigAuditReports(c, namespace) +} + +func (c *AquasecurityV1alpha1Client) KubeHunterReports() KubeHunterReportInterface { + return newKubeHunterReports(c) +} + +func (c *AquasecurityV1alpha1Client) Vulnerabilities(namespace string) VulnerabilityInterface { + return newVulnerabilities(c, namespace) +} + +// NewForConfig creates a new AquasecurityV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AquasecurityV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AquasecurityV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AquasecurityV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AquasecurityV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AquasecurityV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AquasecurityV1alpha1Client { + return &AquasecurityV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AquasecurityV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/ciskubernetesbenchmark.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/ciskubernetesbenchmark.go new file mode 100644 index 000000000..f5b306a99 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/ciskubernetesbenchmark.go @@ -0,0 +1,148 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "time" + + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + scheme "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// CISKubernetesBenchmarksGetter has a method to return a CISKubernetesBenchmarkInterface. +// A group's client should implement this interface. +type CISKubernetesBenchmarksGetter interface { + CISKubernetesBenchmarks() CISKubernetesBenchmarkInterface +} + +// CISKubernetesBenchmarkInterface has methods to work with CISKubernetesBenchmark resources. +type CISKubernetesBenchmarkInterface interface { + Create(*v1alpha1.CISKubernetesBenchmark) (*v1alpha1.CISKubernetesBenchmark, error) + Update(*v1alpha1.CISKubernetesBenchmark) (*v1alpha1.CISKubernetesBenchmark, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.CISKubernetesBenchmark, error) + List(opts v1.ListOptions) (*v1alpha1.CISKubernetesBenchmarkList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CISKubernetesBenchmark, err error) + CISKubernetesBenchmarkExpansion +} + +// cISKubernetesBenchmarks implements CISKubernetesBenchmarkInterface +type cISKubernetesBenchmarks struct { + client rest.Interface +} + +// newCISKubernetesBenchmarks returns a CISKubernetesBenchmarks +func newCISKubernetesBenchmarks(c *AquasecurityV1alpha1Client) *cISKubernetesBenchmarks { + return &cISKubernetesBenchmarks{ + client: c.RESTClient(), + } +} + +// Get takes name of the cISKubernetesBenchmark, and returns the corresponding cISKubernetesBenchmark object, and an error if there is any. +func (c *cISKubernetesBenchmarks) Get(name string, options v1.GetOptions) (result *v1alpha1.CISKubernetesBenchmark, err error) { + result = &v1alpha1.CISKubernetesBenchmark{} + err = c.client.Get(). + Resource("ciskubernetesbenchmarks"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of CISKubernetesBenchmarks that match those selectors. +func (c *cISKubernetesBenchmarks) List(opts v1.ListOptions) (result *v1alpha1.CISKubernetesBenchmarkList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.CISKubernetesBenchmarkList{} + err = c.client.Get(). + Resource("ciskubernetesbenchmarks"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested cISKubernetesBenchmarks. +func (c *cISKubernetesBenchmarks) Watch(opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("ciskubernetesbenchmarks"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch() +} + +// Create takes the representation of a cISKubernetesBenchmark and creates it. Returns the server's representation of the cISKubernetesBenchmark, and an error, if there is any. +func (c *cISKubernetesBenchmarks) Create(cISKubernetesBenchmark *v1alpha1.CISKubernetesBenchmark) (result *v1alpha1.CISKubernetesBenchmark, err error) { + result = &v1alpha1.CISKubernetesBenchmark{} + err = c.client.Post(). + Resource("ciskubernetesbenchmarks"). + Body(cISKubernetesBenchmark). + Do(). + Into(result) + return +} + +// Update takes the representation of a cISKubernetesBenchmark and updates it. Returns the server's representation of the cISKubernetesBenchmark, and an error, if there is any. +func (c *cISKubernetesBenchmarks) Update(cISKubernetesBenchmark *v1alpha1.CISKubernetesBenchmark) (result *v1alpha1.CISKubernetesBenchmark, err error) { + result = &v1alpha1.CISKubernetesBenchmark{} + err = c.client.Put(). + Resource("ciskubernetesbenchmarks"). + Name(cISKubernetesBenchmark.Name). + Body(cISKubernetesBenchmark). + Do(). + Into(result) + return +} + +// Delete takes name of the cISKubernetesBenchmark and deletes it. Returns an error if one occurs. +func (c *cISKubernetesBenchmarks) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Resource("ciskubernetesbenchmarks"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *cISKubernetesBenchmarks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + var timeout time.Duration + if listOptions.TimeoutSeconds != nil { + timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("ciskubernetesbenchmarks"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Timeout(timeout). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched cISKubernetesBenchmark. +func (c *cISKubernetesBenchmarks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CISKubernetesBenchmark, err error) { + result = &v1alpha1.CISKubernetesBenchmark{} + err = c.client.Patch(pt). + Resource("ciskubernetesbenchmarks"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/configauditreport.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/configauditreport.go new file mode 100644 index 000000000..3b536d13d --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/configauditreport.go @@ -0,0 +1,158 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "time" + + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + scheme "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ConfigAuditReportsGetter has a method to return a ConfigAuditReportInterface. +// A group's client should implement this interface. +type ConfigAuditReportsGetter interface { + ConfigAuditReports(namespace string) ConfigAuditReportInterface +} + +// ConfigAuditReportInterface has methods to work with ConfigAuditReport resources. +type ConfigAuditReportInterface interface { + Create(*v1alpha1.ConfigAuditReport) (*v1alpha1.ConfigAuditReport, error) + Update(*v1alpha1.ConfigAuditReport) (*v1alpha1.ConfigAuditReport, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.ConfigAuditReport, error) + List(opts v1.ListOptions) (*v1alpha1.ConfigAuditReportList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ConfigAuditReport, err error) + ConfigAuditReportExpansion +} + +// configAuditReports implements ConfigAuditReportInterface +type configAuditReports struct { + client rest.Interface + ns string +} + +// newConfigAuditReports returns a ConfigAuditReports +func newConfigAuditReports(c *AquasecurityV1alpha1Client, namespace string) *configAuditReports { + return &configAuditReports{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the configAuditReport, and returns the corresponding configAuditReport object, and an error if there is any. +func (c *configAuditReports) Get(name string, options v1.GetOptions) (result *v1alpha1.ConfigAuditReport, err error) { + result = &v1alpha1.ConfigAuditReport{} + err = c.client.Get(). + Namespace(c.ns). + Resource("configauditreports"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ConfigAuditReports that match those selectors. +func (c *configAuditReports) List(opts v1.ListOptions) (result *v1alpha1.ConfigAuditReportList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ConfigAuditReportList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("configauditreports"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested configAuditReports. +func (c *configAuditReports) Watch(opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("configauditreports"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch() +} + +// Create takes the representation of a configAuditReport and creates it. Returns the server's representation of the configAuditReport, and an error, if there is any. +func (c *configAuditReports) Create(configAuditReport *v1alpha1.ConfigAuditReport) (result *v1alpha1.ConfigAuditReport, err error) { + result = &v1alpha1.ConfigAuditReport{} + err = c.client.Post(). + Namespace(c.ns). + Resource("configauditreports"). + Body(configAuditReport). + Do(). + Into(result) + return +} + +// Update takes the representation of a configAuditReport and updates it. Returns the server's representation of the configAuditReport, and an error, if there is any. +func (c *configAuditReports) Update(configAuditReport *v1alpha1.ConfigAuditReport) (result *v1alpha1.ConfigAuditReport, err error) { + result = &v1alpha1.ConfigAuditReport{} + err = c.client.Put(). + Namespace(c.ns). + Resource("configauditreports"). + Name(configAuditReport.Name). + Body(configAuditReport). + Do(). + Into(result) + return +} + +// Delete takes name of the configAuditReport and deletes it. Returns an error if one occurs. +func (c *configAuditReports) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("configauditreports"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *configAuditReports) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + var timeout time.Duration + if listOptions.TimeoutSeconds != nil { + timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("configauditreports"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Timeout(timeout). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched configAuditReport. +func (c *configAuditReports) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ConfigAuditReport, err error) { + result = &v1alpha1.ConfigAuditReport{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("configauditreports"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/doc.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/doc.go new file mode 100644 index 000000000..93a7ca4e0 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/doc.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/doc.go new file mode 100644 index 000000000..2b5ba4c8e --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/doc.go @@ -0,0 +1,4 @@ +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_aquasecurity_client.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_aquasecurity_client.go new file mode 100644 index 000000000..6fe03ec0a --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_aquasecurity_client.go @@ -0,0 +1,36 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAquasecurityV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAquasecurityV1alpha1) CISKubernetesBenchmarks() v1alpha1.CISKubernetesBenchmarkInterface { + return &FakeCISKubernetesBenchmarks{c} +} + +func (c *FakeAquasecurityV1alpha1) ConfigAuditReports(namespace string) v1alpha1.ConfigAuditReportInterface { + return &FakeConfigAuditReports{c, namespace} +} + +func (c *FakeAquasecurityV1alpha1) KubeHunterReports() v1alpha1.KubeHunterReportInterface { + return &FakeKubeHunterReports{c} +} + +func (c *FakeAquasecurityV1alpha1) Vulnerabilities(namespace string) v1alpha1.VulnerabilityInterface { + return &FakeVulnerabilities{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAquasecurityV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_ciskubernetesbenchmark.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_ciskubernetesbenchmark.go new file mode 100644 index 000000000..d28e4616a --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_ciskubernetesbenchmark.go @@ -0,0 +1,104 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeCISKubernetesBenchmarks implements CISKubernetesBenchmarkInterface +type FakeCISKubernetesBenchmarks struct { + Fake *FakeAquasecurityV1alpha1 +} + +var ciskubernetesbenchmarksResource = schema.GroupVersionResource{Group: "aquasecurity.github.com", Version: "v1alpha1", Resource: "ciskubernetesbenchmarks"} + +var ciskubernetesbenchmarksKind = schema.GroupVersionKind{Group: "aquasecurity.github.com", Version: "v1alpha1", Kind: "CISKubernetesBenchmark"} + +// Get takes name of the cISKubernetesBenchmark, and returns the corresponding cISKubernetesBenchmark object, and an error if there is any. +func (c *FakeCISKubernetesBenchmarks) Get(name string, options v1.GetOptions) (result *v1alpha1.CISKubernetesBenchmark, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(ciskubernetesbenchmarksResource, name), &v1alpha1.CISKubernetesBenchmark{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CISKubernetesBenchmark), err +} + +// List takes label and field selectors, and returns the list of CISKubernetesBenchmarks that match those selectors. +func (c *FakeCISKubernetesBenchmarks) List(opts v1.ListOptions) (result *v1alpha1.CISKubernetesBenchmarkList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(ciskubernetesbenchmarksResource, ciskubernetesbenchmarksKind, opts), &v1alpha1.CISKubernetesBenchmarkList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.CISKubernetesBenchmarkList{ListMeta: obj.(*v1alpha1.CISKubernetesBenchmarkList).ListMeta} + for _, item := range obj.(*v1alpha1.CISKubernetesBenchmarkList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested cISKubernetesBenchmarks. +func (c *FakeCISKubernetesBenchmarks) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(ciskubernetesbenchmarksResource, opts)) +} + +// Create takes the representation of a cISKubernetesBenchmark and creates it. Returns the server's representation of the cISKubernetesBenchmark, and an error, if there is any. +func (c *FakeCISKubernetesBenchmarks) Create(cISKubernetesBenchmark *v1alpha1.CISKubernetesBenchmark) (result *v1alpha1.CISKubernetesBenchmark, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(ciskubernetesbenchmarksResource, cISKubernetesBenchmark), &v1alpha1.CISKubernetesBenchmark{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CISKubernetesBenchmark), err +} + +// Update takes the representation of a cISKubernetesBenchmark and updates it. Returns the server's representation of the cISKubernetesBenchmark, and an error, if there is any. +func (c *FakeCISKubernetesBenchmarks) Update(cISKubernetesBenchmark *v1alpha1.CISKubernetesBenchmark) (result *v1alpha1.CISKubernetesBenchmark, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(ciskubernetesbenchmarksResource, cISKubernetesBenchmark), &v1alpha1.CISKubernetesBenchmark{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CISKubernetesBenchmark), err +} + +// Delete takes name of the cISKubernetesBenchmark and deletes it. Returns an error if one occurs. +func (c *FakeCISKubernetesBenchmarks) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(ciskubernetesbenchmarksResource, name), &v1alpha1.CISKubernetesBenchmark{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeCISKubernetesBenchmarks) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(ciskubernetesbenchmarksResource, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.CISKubernetesBenchmarkList{}) + return err +} + +// Patch applies the patch and returns the patched cISKubernetesBenchmark. +func (c *FakeCISKubernetesBenchmarks) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.CISKubernetesBenchmark, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(ciskubernetesbenchmarksResource, name, pt, data, subresources...), &v1alpha1.CISKubernetesBenchmark{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.CISKubernetesBenchmark), err +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_configauditreport.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_configauditreport.go new file mode 100644 index 000000000..7f8d28a95 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_configauditreport.go @@ -0,0 +1,112 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeConfigAuditReports implements ConfigAuditReportInterface +type FakeConfigAuditReports struct { + Fake *FakeAquasecurityV1alpha1 + ns string +} + +var configauditreportsResource = schema.GroupVersionResource{Group: "aquasecurity.github.com", Version: "v1alpha1", Resource: "configauditreports"} + +var configauditreportsKind = schema.GroupVersionKind{Group: "aquasecurity.github.com", Version: "v1alpha1", Kind: "ConfigAuditReport"} + +// Get takes name of the configAuditReport, and returns the corresponding configAuditReport object, and an error if there is any. +func (c *FakeConfigAuditReports) Get(name string, options v1.GetOptions) (result *v1alpha1.ConfigAuditReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(configauditreportsResource, c.ns, name), &v1alpha1.ConfigAuditReport{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ConfigAuditReport), err +} + +// List takes label and field selectors, and returns the list of ConfigAuditReports that match those selectors. +func (c *FakeConfigAuditReports) List(opts v1.ListOptions) (result *v1alpha1.ConfigAuditReportList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(configauditreportsResource, configauditreportsKind, c.ns, opts), &v1alpha1.ConfigAuditReportList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.ConfigAuditReportList{ListMeta: obj.(*v1alpha1.ConfigAuditReportList).ListMeta} + for _, item := range obj.(*v1alpha1.ConfigAuditReportList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested configAuditReports. +func (c *FakeConfigAuditReports) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(configauditreportsResource, c.ns, opts)) + +} + +// Create takes the representation of a configAuditReport and creates it. Returns the server's representation of the configAuditReport, and an error, if there is any. +func (c *FakeConfigAuditReports) Create(configAuditReport *v1alpha1.ConfigAuditReport) (result *v1alpha1.ConfigAuditReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(configauditreportsResource, c.ns, configAuditReport), &v1alpha1.ConfigAuditReport{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ConfigAuditReport), err +} + +// Update takes the representation of a configAuditReport and updates it. Returns the server's representation of the configAuditReport, and an error, if there is any. +func (c *FakeConfigAuditReports) Update(configAuditReport *v1alpha1.ConfigAuditReport) (result *v1alpha1.ConfigAuditReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(configauditreportsResource, c.ns, configAuditReport), &v1alpha1.ConfigAuditReport{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ConfigAuditReport), err +} + +// Delete takes name of the configAuditReport and deletes it. Returns an error if one occurs. +func (c *FakeConfigAuditReports) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(configauditreportsResource, c.ns, name), &v1alpha1.ConfigAuditReport{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeConfigAuditReports) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(configauditreportsResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.ConfigAuditReportList{}) + return err +} + +// Patch applies the patch and returns the patched configAuditReport. +func (c *FakeConfigAuditReports) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.ConfigAuditReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(configauditreportsResource, c.ns, name, pt, data, subresources...), &v1alpha1.ConfigAuditReport{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ConfigAuditReport), err +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_kubehunterreport.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_kubehunterreport.go new file mode 100644 index 000000000..8f0bc4a3a --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_kubehunterreport.go @@ -0,0 +1,104 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeKubeHunterReports implements KubeHunterReportInterface +type FakeKubeHunterReports struct { + Fake *FakeAquasecurityV1alpha1 +} + +var kubehunterreportsResource = schema.GroupVersionResource{Group: "aquasecurity.github.com", Version: "v1alpha1", Resource: "kubehunterreports"} + +var kubehunterreportsKind = schema.GroupVersionKind{Group: "aquasecurity.github.com", Version: "v1alpha1", Kind: "KubeHunterReport"} + +// Get takes name of the kubeHunterReport, and returns the corresponding kubeHunterReport object, and an error if there is any. +func (c *FakeKubeHunterReports) Get(name string, options v1.GetOptions) (result *v1alpha1.KubeHunterReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(kubehunterreportsResource, name), &v1alpha1.KubeHunterReport{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KubeHunterReport), err +} + +// List takes label and field selectors, and returns the list of KubeHunterReports that match those selectors. +func (c *FakeKubeHunterReports) List(opts v1.ListOptions) (result *v1alpha1.KubeHunterReportList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(kubehunterreportsResource, kubehunterreportsKind, opts), &v1alpha1.KubeHunterReportList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.KubeHunterReportList{ListMeta: obj.(*v1alpha1.KubeHunterReportList).ListMeta} + for _, item := range obj.(*v1alpha1.KubeHunterReportList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested kubeHunterReports. +func (c *FakeKubeHunterReports) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(kubehunterreportsResource, opts)) +} + +// Create takes the representation of a kubeHunterReport and creates it. Returns the server's representation of the kubeHunterReport, and an error, if there is any. +func (c *FakeKubeHunterReports) Create(kubeHunterReport *v1alpha1.KubeHunterReport) (result *v1alpha1.KubeHunterReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(kubehunterreportsResource, kubeHunterReport), &v1alpha1.KubeHunterReport{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KubeHunterReport), err +} + +// Update takes the representation of a kubeHunterReport and updates it. Returns the server's representation of the kubeHunterReport, and an error, if there is any. +func (c *FakeKubeHunterReports) Update(kubeHunterReport *v1alpha1.KubeHunterReport) (result *v1alpha1.KubeHunterReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(kubehunterreportsResource, kubeHunterReport), &v1alpha1.KubeHunterReport{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KubeHunterReport), err +} + +// Delete takes name of the kubeHunterReport and deletes it. Returns an error if one occurs. +func (c *FakeKubeHunterReports) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(kubehunterreportsResource, name), &v1alpha1.KubeHunterReport{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeKubeHunterReports) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(kubehunterreportsResource, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.KubeHunterReportList{}) + return err +} + +// Patch applies the patch and returns the patched kubeHunterReport. +func (c *FakeKubeHunterReports) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.KubeHunterReport, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(kubehunterreportsResource, name, pt, data, subresources...), &v1alpha1.KubeHunterReport{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.KubeHunterReport), err +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_vulnerability.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_vulnerability.go new file mode 100644 index 000000000..73392fedf --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/fake/fake_vulnerability.go @@ -0,0 +1,112 @@ +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeVulnerabilities implements VulnerabilityInterface +type FakeVulnerabilities struct { + Fake *FakeAquasecurityV1alpha1 + ns string +} + +var vulnerabilitiesResource = schema.GroupVersionResource{Group: "aquasecurity.github.com", Version: "v1alpha1", Resource: "vulnerabilities"} + +var vulnerabilitiesKind = schema.GroupVersionKind{Group: "aquasecurity.github.com", Version: "v1alpha1", Kind: "Vulnerability"} + +// Get takes name of the vulnerability, and returns the corresponding vulnerability object, and an error if there is any. +func (c *FakeVulnerabilities) Get(name string, options v1.GetOptions) (result *v1alpha1.Vulnerability, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(vulnerabilitiesResource, c.ns, name), &v1alpha1.Vulnerability{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Vulnerability), err +} + +// List takes label and field selectors, and returns the list of Vulnerabilities that match those selectors. +func (c *FakeVulnerabilities) List(opts v1.ListOptions) (result *v1alpha1.VulnerabilityList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(vulnerabilitiesResource, vulnerabilitiesKind, c.ns, opts), &v1alpha1.VulnerabilityList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.VulnerabilityList{ListMeta: obj.(*v1alpha1.VulnerabilityList).ListMeta} + for _, item := range obj.(*v1alpha1.VulnerabilityList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested vulnerabilities. +func (c *FakeVulnerabilities) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(vulnerabilitiesResource, c.ns, opts)) + +} + +// Create takes the representation of a vulnerability and creates it. Returns the server's representation of the vulnerability, and an error, if there is any. +func (c *FakeVulnerabilities) Create(vulnerability *v1alpha1.Vulnerability) (result *v1alpha1.Vulnerability, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(vulnerabilitiesResource, c.ns, vulnerability), &v1alpha1.Vulnerability{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Vulnerability), err +} + +// Update takes the representation of a vulnerability and updates it. Returns the server's representation of the vulnerability, and an error, if there is any. +func (c *FakeVulnerabilities) Update(vulnerability *v1alpha1.Vulnerability) (result *v1alpha1.Vulnerability, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(vulnerabilitiesResource, c.ns, vulnerability), &v1alpha1.Vulnerability{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Vulnerability), err +} + +// Delete takes name of the vulnerability and deletes it. Returns an error if one occurs. +func (c *FakeVulnerabilities) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(vulnerabilitiesResource, c.ns, name), &v1alpha1.Vulnerability{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeVulnerabilities) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(vulnerabilitiesResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.VulnerabilityList{}) + return err +} + +// Patch applies the patch and returns the patched vulnerability. +func (c *FakeVulnerabilities) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Vulnerability, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(vulnerabilitiesResource, c.ns, name, pt, data, subresources...), &v1alpha1.Vulnerability{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Vulnerability), err +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/generated_expansion.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/generated_expansion.go new file mode 100644 index 000000000..794243598 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/generated_expansion.go @@ -0,0 +1,11 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type CISKubernetesBenchmarkExpansion interface{} + +type ConfigAuditReportExpansion interface{} + +type KubeHunterReportExpansion interface{} + +type VulnerabilityExpansion interface{} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/kubehunterreport.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/kubehunterreport.go new file mode 100644 index 000000000..c24582ac7 --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/kubehunterreport.go @@ -0,0 +1,148 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "time" + + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + scheme "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// KubeHunterReportsGetter has a method to return a KubeHunterReportInterface. +// A group's client should implement this interface. +type KubeHunterReportsGetter interface { + KubeHunterReports() KubeHunterReportInterface +} + +// KubeHunterReportInterface has methods to work with KubeHunterReport resources. +type KubeHunterReportInterface interface { + Create(*v1alpha1.KubeHunterReport) (*v1alpha1.KubeHunterReport, error) + Update(*v1alpha1.KubeHunterReport) (*v1alpha1.KubeHunterReport, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.KubeHunterReport, error) + List(opts v1.ListOptions) (*v1alpha1.KubeHunterReportList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.KubeHunterReport, err error) + KubeHunterReportExpansion +} + +// kubeHunterReports implements KubeHunterReportInterface +type kubeHunterReports struct { + client rest.Interface +} + +// newKubeHunterReports returns a KubeHunterReports +func newKubeHunterReports(c *AquasecurityV1alpha1Client) *kubeHunterReports { + return &kubeHunterReports{ + client: c.RESTClient(), + } +} + +// Get takes name of the kubeHunterReport, and returns the corresponding kubeHunterReport object, and an error if there is any. +func (c *kubeHunterReports) Get(name string, options v1.GetOptions) (result *v1alpha1.KubeHunterReport, err error) { + result = &v1alpha1.KubeHunterReport{} + err = c.client.Get(). + Resource("kubehunterreports"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of KubeHunterReports that match those selectors. +func (c *kubeHunterReports) List(opts v1.ListOptions) (result *v1alpha1.KubeHunterReportList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.KubeHunterReportList{} + err = c.client.Get(). + Resource("kubehunterreports"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested kubeHunterReports. +func (c *kubeHunterReports) Watch(opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("kubehunterreports"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch() +} + +// Create takes the representation of a kubeHunterReport and creates it. Returns the server's representation of the kubeHunterReport, and an error, if there is any. +func (c *kubeHunterReports) Create(kubeHunterReport *v1alpha1.KubeHunterReport) (result *v1alpha1.KubeHunterReport, err error) { + result = &v1alpha1.KubeHunterReport{} + err = c.client.Post(). + Resource("kubehunterreports"). + Body(kubeHunterReport). + Do(). + Into(result) + return +} + +// Update takes the representation of a kubeHunterReport and updates it. Returns the server's representation of the kubeHunterReport, and an error, if there is any. +func (c *kubeHunterReports) Update(kubeHunterReport *v1alpha1.KubeHunterReport) (result *v1alpha1.KubeHunterReport, err error) { + result = &v1alpha1.KubeHunterReport{} + err = c.client.Put(). + Resource("kubehunterreports"). + Name(kubeHunterReport.Name). + Body(kubeHunterReport). + Do(). + Into(result) + return +} + +// Delete takes name of the kubeHunterReport and deletes it. Returns an error if one occurs. +func (c *kubeHunterReports) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Resource("kubehunterreports"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *kubeHunterReports) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + var timeout time.Duration + if listOptions.TimeoutSeconds != nil { + timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("kubehunterreports"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Timeout(timeout). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched kubeHunterReport. +func (c *kubeHunterReports) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.KubeHunterReport, err error) { + result = &v1alpha1.KubeHunterReport{} + err = c.client.Patch(pt). + Resource("kubehunterreports"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/vulnerability.go b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/vulnerability.go new file mode 100644 index 000000000..53d15b0fd --- /dev/null +++ b/pkg/generated/clientset/versioned/typed/aquasecurity/v1alpha1/vulnerability.go @@ -0,0 +1,158 @@ +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "time" + + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + scheme "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// VulnerabilitiesGetter has a method to return a VulnerabilityInterface. +// A group's client should implement this interface. +type VulnerabilitiesGetter interface { + Vulnerabilities(namespace string) VulnerabilityInterface +} + +// VulnerabilityInterface has methods to work with Vulnerability resources. +type VulnerabilityInterface interface { + Create(*v1alpha1.Vulnerability) (*v1alpha1.Vulnerability, error) + Update(*v1alpha1.Vulnerability) (*v1alpha1.Vulnerability, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.Vulnerability, error) + List(opts v1.ListOptions) (*v1alpha1.VulnerabilityList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Vulnerability, err error) + VulnerabilityExpansion +} + +// vulnerabilities implements VulnerabilityInterface +type vulnerabilities struct { + client rest.Interface + ns string +} + +// newVulnerabilities returns a Vulnerabilities +func newVulnerabilities(c *AquasecurityV1alpha1Client, namespace string) *vulnerabilities { + return &vulnerabilities{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the vulnerability, and returns the corresponding vulnerability object, and an error if there is any. +func (c *vulnerabilities) Get(name string, options v1.GetOptions) (result *v1alpha1.Vulnerability, err error) { + result = &v1alpha1.Vulnerability{} + err = c.client.Get(). + Namespace(c.ns). + Resource("vulnerabilities"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Vulnerabilities that match those selectors. +func (c *vulnerabilities) List(opts v1.ListOptions) (result *v1alpha1.VulnerabilityList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.VulnerabilityList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("vulnerabilities"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested vulnerabilities. +func (c *vulnerabilities) Watch(opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("vulnerabilities"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch() +} + +// Create takes the representation of a vulnerability and creates it. Returns the server's representation of the vulnerability, and an error, if there is any. +func (c *vulnerabilities) Create(vulnerability *v1alpha1.Vulnerability) (result *v1alpha1.Vulnerability, err error) { + result = &v1alpha1.Vulnerability{} + err = c.client.Post(). + Namespace(c.ns). + Resource("vulnerabilities"). + Body(vulnerability). + Do(). + Into(result) + return +} + +// Update takes the representation of a vulnerability and updates it. Returns the server's representation of the vulnerability, and an error, if there is any. +func (c *vulnerabilities) Update(vulnerability *v1alpha1.Vulnerability) (result *v1alpha1.Vulnerability, err error) { + result = &v1alpha1.Vulnerability{} + err = c.client.Put(). + Namespace(c.ns). + Resource("vulnerabilities"). + Name(vulnerability.Name). + Body(vulnerability). + Do(). + Into(result) + return +} + +// Delete takes name of the vulnerability and deletes it. Returns an error if one occurs. +func (c *vulnerabilities) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("vulnerabilities"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *vulnerabilities) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + var timeout time.Duration + if listOptions.TimeoutSeconds != nil { + timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("vulnerabilities"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Timeout(timeout). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched vulnerability. +func (c *vulnerabilities) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Vulnerability, err error) { + result = &v1alpha1.Vulnerability{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("vulnerabilities"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/pkg/generated/informers/externalversions/aquasecurity/interface.go b/pkg/generated/informers/externalversions/aquasecurity/interface.go new file mode 100644 index 000000000..fc8b6b3a2 --- /dev/null +++ b/pkg/generated/informers/externalversions/aquasecurity/interface.go @@ -0,0 +1,30 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package aquasecurity + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/aquasecurity/v1alpha1" + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/ciskubernetesbenchmark.go b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/ciskubernetesbenchmark.go new file mode 100644 index 000000000..c73ac036d --- /dev/null +++ b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/ciskubernetesbenchmark.go @@ -0,0 +1,72 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + versioned "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/aquasecurity/starboard/pkg/generated/listers/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// CISKubernetesBenchmarkInformer provides access to a shared informer and lister for +// CISKubernetesBenchmarks. +type CISKubernetesBenchmarkInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.CISKubernetesBenchmarkLister +} + +type cISKubernetesBenchmarkInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewCISKubernetesBenchmarkInformer constructs a new informer for CISKubernetesBenchmark type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewCISKubernetesBenchmarkInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredCISKubernetesBenchmarkInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredCISKubernetesBenchmarkInformer constructs a new informer for CISKubernetesBenchmark type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredCISKubernetesBenchmarkInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().CISKubernetesBenchmarks().List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().CISKubernetesBenchmarks().Watch(options) + }, + }, + &aquasecurityv1alpha1.CISKubernetesBenchmark{}, + resyncPeriod, + indexers, + ) +} + +func (f *cISKubernetesBenchmarkInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredCISKubernetesBenchmarkInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *cISKubernetesBenchmarkInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&aquasecurityv1alpha1.CISKubernetesBenchmark{}, f.defaultInformer) +} + +func (f *cISKubernetesBenchmarkInformer) Lister() v1alpha1.CISKubernetesBenchmarkLister { + return v1alpha1.NewCISKubernetesBenchmarkLister(f.Informer().GetIndexer()) +} diff --git a/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/configauditreport.go b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/configauditreport.go new file mode 100644 index 000000000..7bd39fa97 --- /dev/null +++ b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/configauditreport.go @@ -0,0 +1,73 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + versioned "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/aquasecurity/starboard/pkg/generated/listers/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ConfigAuditReportInformer provides access to a shared informer and lister for +// ConfigAuditReports. +type ConfigAuditReportInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.ConfigAuditReportLister +} + +type configAuditReportInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewConfigAuditReportInformer constructs a new informer for ConfigAuditReport type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewConfigAuditReportInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredConfigAuditReportInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredConfigAuditReportInformer constructs a new informer for ConfigAuditReport type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredConfigAuditReportInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().ConfigAuditReports(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().ConfigAuditReports(namespace).Watch(options) + }, + }, + &aquasecurityv1alpha1.ConfigAuditReport{}, + resyncPeriod, + indexers, + ) +} + +func (f *configAuditReportInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredConfigAuditReportInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *configAuditReportInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&aquasecurityv1alpha1.ConfigAuditReport{}, f.defaultInformer) +} + +func (f *configAuditReportInformer) Lister() v1alpha1.ConfigAuditReportLister { + return v1alpha1.NewConfigAuditReportLister(f.Informer().GetIndexer()) +} diff --git a/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/interface.go b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/interface.go new file mode 100644 index 000000000..3e50ba610 --- /dev/null +++ b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/interface.go @@ -0,0 +1,50 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // CISKubernetesBenchmarks returns a CISKubernetesBenchmarkInformer. + CISKubernetesBenchmarks() CISKubernetesBenchmarkInformer + // ConfigAuditReports returns a ConfigAuditReportInformer. + ConfigAuditReports() ConfigAuditReportInformer + // KubeHunterReports returns a KubeHunterReportInformer. + KubeHunterReports() KubeHunterReportInformer + // Vulnerabilities returns a VulnerabilityInformer. + Vulnerabilities() VulnerabilityInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// CISKubernetesBenchmarks returns a CISKubernetesBenchmarkInformer. +func (v *version) CISKubernetesBenchmarks() CISKubernetesBenchmarkInformer { + return &cISKubernetesBenchmarkInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// ConfigAuditReports returns a ConfigAuditReportInformer. +func (v *version) ConfigAuditReports() ConfigAuditReportInformer { + return &configAuditReportInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// KubeHunterReports returns a KubeHunterReportInformer. +func (v *version) KubeHunterReports() KubeHunterReportInformer { + return &kubeHunterReportInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// Vulnerabilities returns a VulnerabilityInformer. +func (v *version) Vulnerabilities() VulnerabilityInformer { + return &vulnerabilityInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/kubehunterreport.go b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/kubehunterreport.go new file mode 100644 index 000000000..fd05b57f6 --- /dev/null +++ b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/kubehunterreport.go @@ -0,0 +1,72 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + versioned "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/aquasecurity/starboard/pkg/generated/listers/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// KubeHunterReportInformer provides access to a shared informer and lister for +// KubeHunterReports. +type KubeHunterReportInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.KubeHunterReportLister +} + +type kubeHunterReportInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewKubeHunterReportInformer constructs a new informer for KubeHunterReport type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewKubeHunterReportInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredKubeHunterReportInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredKubeHunterReportInformer constructs a new informer for KubeHunterReport type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredKubeHunterReportInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().KubeHunterReports().List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().KubeHunterReports().Watch(options) + }, + }, + &aquasecurityv1alpha1.KubeHunterReport{}, + resyncPeriod, + indexers, + ) +} + +func (f *kubeHunterReportInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredKubeHunterReportInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *kubeHunterReportInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&aquasecurityv1alpha1.KubeHunterReport{}, f.defaultInformer) +} + +func (f *kubeHunterReportInformer) Lister() v1alpha1.KubeHunterReportLister { + return v1alpha1.NewKubeHunterReportLister(f.Informer().GetIndexer()) +} diff --git a/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/vulnerability.go b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/vulnerability.go new file mode 100644 index 000000000..d4ad05d01 --- /dev/null +++ b/pkg/generated/informers/externalversions/aquasecurity/v1alpha1/vulnerability.go @@ -0,0 +1,73 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + aquasecurityv1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + versioned "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/aquasecurity/starboard/pkg/generated/listers/aquasecurity/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// VulnerabilityInformer provides access to a shared informer and lister for +// Vulnerabilities. +type VulnerabilityInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.VulnerabilityLister +} + +type vulnerabilityInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewVulnerabilityInformer constructs a new informer for Vulnerability type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewVulnerabilityInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredVulnerabilityInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredVulnerabilityInformer constructs a new informer for Vulnerability type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredVulnerabilityInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().Vulnerabilities(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AquasecurityV1alpha1().Vulnerabilities(namespace).Watch(options) + }, + }, + &aquasecurityv1alpha1.Vulnerability{}, + resyncPeriod, + indexers, + ) +} + +func (f *vulnerabilityInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredVulnerabilityInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *vulnerabilityInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&aquasecurityv1alpha1.Vulnerability{}, f.defaultInformer) +} + +func (f *vulnerabilityInformer) Lister() v1alpha1.VulnerabilityLister { + return v1alpha1.NewVulnerabilityLister(f.Informer().GetIndexer()) +} diff --git a/pkg/generated/informers/externalversions/factory.go b/pkg/generated/informers/externalversions/factory.go new file mode 100644 index 000000000..2e7348475 --- /dev/null +++ b/pkg/generated/informers/externalversions/factory.go @@ -0,0 +1,164 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + aquasecurity "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/aquasecurity" + internalinterfaces "github.com/aquasecurity/starboard/pkg/generated/informers/externalversions/internalinterfaces" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Aquasecurity() aquasecurity.Interface +} + +func (f *sharedInformerFactory) Aquasecurity() aquasecurity.Interface { + return aquasecurity.New(f, f.namespace, f.tweakListOptions) +} diff --git a/pkg/generated/informers/externalversions/generic.go b/pkg/generated/informers/externalversions/generic.go new file mode 100644 index 000000000..40d84eb72 --- /dev/null +++ b/pkg/generated/informers/externalversions/generic.go @@ -0,0 +1,52 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=aquasecurity.github.com, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("ciskubernetesbenchmarks"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Aquasecurity().V1alpha1().CISKubernetesBenchmarks().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("configauditreports"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Aquasecurity().V1alpha1().ConfigAuditReports().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("kubehunterreports"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Aquasecurity().V1alpha1().KubeHunterReports().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("vulnerabilities"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Aquasecurity().V1alpha1().Vulnerabilities().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 000000000..7710d1cc3 --- /dev/null +++ b/pkg/generated/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,24 @@ +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "github.com/aquasecurity/starboard/pkg/generated/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/pkg/generated/listers/aquasecurity/v1alpha1/ciskubernetesbenchmark.go b/pkg/generated/listers/aquasecurity/v1alpha1/ciskubernetesbenchmark.go new file mode 100644 index 000000000..b18955a51 --- /dev/null +++ b/pkg/generated/listers/aquasecurity/v1alpha1/ciskubernetesbenchmark.go @@ -0,0 +1,49 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// CISKubernetesBenchmarkLister helps list CISKubernetesBenchmarks. +type CISKubernetesBenchmarkLister interface { + // List lists all CISKubernetesBenchmarks in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.CISKubernetesBenchmark, err error) + // Get retrieves the CISKubernetesBenchmark from the index for a given name. + Get(name string) (*v1alpha1.CISKubernetesBenchmark, error) + CISKubernetesBenchmarkListerExpansion +} + +// cISKubernetesBenchmarkLister implements the CISKubernetesBenchmarkLister interface. +type cISKubernetesBenchmarkLister struct { + indexer cache.Indexer +} + +// NewCISKubernetesBenchmarkLister returns a new CISKubernetesBenchmarkLister. +func NewCISKubernetesBenchmarkLister(indexer cache.Indexer) CISKubernetesBenchmarkLister { + return &cISKubernetesBenchmarkLister{indexer: indexer} +} + +// List lists all CISKubernetesBenchmarks in the indexer. +func (s *cISKubernetesBenchmarkLister) List(selector labels.Selector) (ret []*v1alpha1.CISKubernetesBenchmark, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.CISKubernetesBenchmark)) + }) + return ret, err +} + +// Get retrieves the CISKubernetesBenchmark from the index for a given name. +func (s *cISKubernetesBenchmarkLister) Get(name string) (*v1alpha1.CISKubernetesBenchmark, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("ciskubernetesbenchmark"), name) + } + return obj.(*v1alpha1.CISKubernetesBenchmark), nil +} diff --git a/pkg/generated/listers/aquasecurity/v1alpha1/configauditreport.go b/pkg/generated/listers/aquasecurity/v1alpha1/configauditreport.go new file mode 100644 index 000000000..f34aa718e --- /dev/null +++ b/pkg/generated/listers/aquasecurity/v1alpha1/configauditreport.go @@ -0,0 +1,78 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ConfigAuditReportLister helps list ConfigAuditReports. +type ConfigAuditReportLister interface { + // List lists all ConfigAuditReports in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.ConfigAuditReport, err error) + // ConfigAuditReports returns an object that can list and get ConfigAuditReports. + ConfigAuditReports(namespace string) ConfigAuditReportNamespaceLister + ConfigAuditReportListerExpansion +} + +// configAuditReportLister implements the ConfigAuditReportLister interface. +type configAuditReportLister struct { + indexer cache.Indexer +} + +// NewConfigAuditReportLister returns a new ConfigAuditReportLister. +func NewConfigAuditReportLister(indexer cache.Indexer) ConfigAuditReportLister { + return &configAuditReportLister{indexer: indexer} +} + +// List lists all ConfigAuditReports in the indexer. +func (s *configAuditReportLister) List(selector labels.Selector) (ret []*v1alpha1.ConfigAuditReport, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ConfigAuditReport)) + }) + return ret, err +} + +// ConfigAuditReports returns an object that can list and get ConfigAuditReports. +func (s *configAuditReportLister) ConfigAuditReports(namespace string) ConfigAuditReportNamespaceLister { + return configAuditReportNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ConfigAuditReportNamespaceLister helps list and get ConfigAuditReports. +type ConfigAuditReportNamespaceLister interface { + // List lists all ConfigAuditReports in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.ConfigAuditReport, err error) + // Get retrieves the ConfigAuditReport from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.ConfigAuditReport, error) + ConfigAuditReportNamespaceListerExpansion +} + +// configAuditReportNamespaceLister implements the ConfigAuditReportNamespaceLister +// interface. +type configAuditReportNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ConfigAuditReports in the indexer for a given namespace. +func (s configAuditReportNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.ConfigAuditReport, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ConfigAuditReport)) + }) + return ret, err +} + +// Get retrieves the ConfigAuditReport from the indexer for a given namespace and name. +func (s configAuditReportNamespaceLister) Get(name string) (*v1alpha1.ConfigAuditReport, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("configauditreport"), name) + } + return obj.(*v1alpha1.ConfigAuditReport), nil +} diff --git a/pkg/generated/listers/aquasecurity/v1alpha1/expansion_generated.go b/pkg/generated/listers/aquasecurity/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..723738f31 --- /dev/null +++ b/pkg/generated/listers/aquasecurity/v1alpha1/expansion_generated.go @@ -0,0 +1,27 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// CISKubernetesBenchmarkListerExpansion allows custom methods to be added to +// CISKubernetesBenchmarkLister. +type CISKubernetesBenchmarkListerExpansion interface{} + +// ConfigAuditReportListerExpansion allows custom methods to be added to +// ConfigAuditReportLister. +type ConfigAuditReportListerExpansion interface{} + +// ConfigAuditReportNamespaceListerExpansion allows custom methods to be added to +// ConfigAuditReportNamespaceLister. +type ConfigAuditReportNamespaceListerExpansion interface{} + +// KubeHunterReportListerExpansion allows custom methods to be added to +// KubeHunterReportLister. +type KubeHunterReportListerExpansion interface{} + +// VulnerabilityListerExpansion allows custom methods to be added to +// VulnerabilityLister. +type VulnerabilityListerExpansion interface{} + +// VulnerabilityNamespaceListerExpansion allows custom methods to be added to +// VulnerabilityNamespaceLister. +type VulnerabilityNamespaceListerExpansion interface{} diff --git a/pkg/generated/listers/aquasecurity/v1alpha1/kubehunterreport.go b/pkg/generated/listers/aquasecurity/v1alpha1/kubehunterreport.go new file mode 100644 index 000000000..203925ae8 --- /dev/null +++ b/pkg/generated/listers/aquasecurity/v1alpha1/kubehunterreport.go @@ -0,0 +1,49 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// KubeHunterReportLister helps list KubeHunterReports. +type KubeHunterReportLister interface { + // List lists all KubeHunterReports in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.KubeHunterReport, err error) + // Get retrieves the KubeHunterReport from the index for a given name. + Get(name string) (*v1alpha1.KubeHunterReport, error) + KubeHunterReportListerExpansion +} + +// kubeHunterReportLister implements the KubeHunterReportLister interface. +type kubeHunterReportLister struct { + indexer cache.Indexer +} + +// NewKubeHunterReportLister returns a new KubeHunterReportLister. +func NewKubeHunterReportLister(indexer cache.Indexer) KubeHunterReportLister { + return &kubeHunterReportLister{indexer: indexer} +} + +// List lists all KubeHunterReports in the indexer. +func (s *kubeHunterReportLister) List(selector labels.Selector) (ret []*v1alpha1.KubeHunterReport, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.KubeHunterReport)) + }) + return ret, err +} + +// Get retrieves the KubeHunterReport from the index for a given name. +func (s *kubeHunterReportLister) Get(name string) (*v1alpha1.KubeHunterReport, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("kubehunterreport"), name) + } + return obj.(*v1alpha1.KubeHunterReport), nil +} diff --git a/pkg/generated/listers/aquasecurity/v1alpha1/vulnerability.go b/pkg/generated/listers/aquasecurity/v1alpha1/vulnerability.go new file mode 100644 index 000000000..3434839ae --- /dev/null +++ b/pkg/generated/listers/aquasecurity/v1alpha1/vulnerability.go @@ -0,0 +1,78 @@ +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/aquasecurity/starboard/pkg/apis/aquasecurity/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// VulnerabilityLister helps list Vulnerabilities. +type VulnerabilityLister interface { + // List lists all Vulnerabilities in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.Vulnerability, err error) + // Vulnerabilities returns an object that can list and get Vulnerabilities. + Vulnerabilities(namespace string) VulnerabilityNamespaceLister + VulnerabilityListerExpansion +} + +// vulnerabilityLister implements the VulnerabilityLister interface. +type vulnerabilityLister struct { + indexer cache.Indexer +} + +// NewVulnerabilityLister returns a new VulnerabilityLister. +func NewVulnerabilityLister(indexer cache.Indexer) VulnerabilityLister { + return &vulnerabilityLister{indexer: indexer} +} + +// List lists all Vulnerabilities in the indexer. +func (s *vulnerabilityLister) List(selector labels.Selector) (ret []*v1alpha1.Vulnerability, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Vulnerability)) + }) + return ret, err +} + +// Vulnerabilities returns an object that can list and get Vulnerabilities. +func (s *vulnerabilityLister) Vulnerabilities(namespace string) VulnerabilityNamespaceLister { + return vulnerabilityNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// VulnerabilityNamespaceLister helps list and get Vulnerabilities. +type VulnerabilityNamespaceLister interface { + // List lists all Vulnerabilities in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.Vulnerability, err error) + // Get retrieves the Vulnerability from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.Vulnerability, error) + VulnerabilityNamespaceListerExpansion +} + +// vulnerabilityNamespaceLister implements the VulnerabilityNamespaceLister +// interface. +type vulnerabilityNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all Vulnerabilities in the indexer for a given namespace. +func (s vulnerabilityNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.Vulnerability, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Vulnerability)) + }) + return ret, err +} + +// Get retrieves the Vulnerability from the indexer for a given namespace and name. +func (s vulnerabilityNamespaceLister) Get(name string) (*v1alpha1.Vulnerability, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("vulnerability"), name) + } + return obj.(*v1alpha1.Vulnerability), nil +}