Skip to content

Commit

Permalink
operator trivy-operator (0.20.0)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chen-keinan
chen-keinan authored Apr 21, 2024
1 parent af4e29f commit 136116a
Show file tree
Hide file tree
Showing 14 changed files with 3,260 additions and 0 deletions.
262 changes: 262 additions & 0 deletions ...erator/0.20.0/manifests/clustercompliancereports.v1alpha1.aquasecurity.github.io.crd.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,262 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: clustercompliancereports.aquasecurity.github.io
spec:
group: aquasecurity.github.io
names:
kind: ClusterComplianceReport
listKind: ClusterComplianceReportList
plural: clustercompliancereports
shortNames:
- compliance
singular: clustercompliancereport
scope: Cluster
versions:
- additionalPrinterColumns:
- description: The age of the report
jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: The number of checks that failed
jsonPath: .status.summary.failCount
name: Fail
priority: 1
type: integer
- description: The number of checks that passed
jsonPath: .status.summary.passCount
name: Pass
priority: 1
type: integer
name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterComplianceReport is a specification for the ClusterComplianceReport
resource.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ReportSpec represent the compliance specification
properties:
compliance:
properties:
controls:
description: Control represent the cps controls data and mapping
checks
items:
description: Control represent the cps controls data and mapping
checks
properties:
checks:
items:
description: SpecCheck represent the scanner who perform
the control check
properties:
id:
description: id define the check id as produced by
scanner
type: string
required:
- id
type: object
type: array
defaultStatus:
description: define the default value for check status in
case resource not found
enum:
- PASS
- WARN
- FAIL
type: string
description:
type: string
id:
description: id define the control check id
type: string
name:
type: string
severity:
description: define the severity of the control
enum:
- CRITICAL
- HIGH
- MEDIUM
- LOW
- UNKNOWN
type: string
required:
- id
- name
- severity
type: object
type: array
description:
type: string
id:
type: string
relatedResources:
items:
type: string
type: array
title:
type: string
version:
type: string
required:
- controls
- description
- id
- relatedResources
- title
- version
type: object
cron:
description: cron define the intervals for report generation
pattern: ^(((([\*]{1}){1})|((\*\/){0,1}(([0-9]{1}){1}|(([1-5]{1}){1}([0-9]{1}){1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([0-9]{1}){1}|(([1]{1}){1}([0-9]{1}){1}){1}|([2]{1}){1}([0-3]{1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1}))|(jan|feb|mar|apr|may|jun|jul|aug|sep|okt|nov|dec))
((([\*]{1}){1})|((\*\/){0,1}(([0-7]{1}){1}))|(sun|mon|tue|wed|thu|fri|sat)))$
type: string
reportType:
enum:
- summary
- all
type: string
required:
- compliance
- cron
- reportType
type: object
status:
properties:
detailReport:
description: ComplianceReport represents a kubernetes scan report
properties:
description:
type: string
id:
type: string
relatedVersion:
items:
type: string
type: array
results:
items:
properties:
checks:
items:
description: ComplianceCheck provides the result of conducting
a single compliance step.
properties:
category:
type: string
checkID:
type: string
description:
type: string
messages:
items:
type: string
type: array
remediation:
description: Remediation provides description or links
to external resources to remediate failing check.
type: string
severity:
description: Severity level of a vulnerability or
a configuration audit check.
type: string
success:
type: boolean
target:
type: string
title:
type: string
required:
- checkID
- severity
- success
type: object
type: array
description:
type: string
id:
type: string
name:
type: string
severity:
type: string
status:
type: string
required:
- checks
type: object
type: array
title:
type: string
version:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
summary:
properties:
failCount:
type: integer
passCount:
type: integer
type: object
summaryReport:
description: SummaryReport represents a kubernetes scan report with
consolidated findings
properties:
controlCheck:
items:
properties:
id:
type: string
name:
type: string
severity:
type: string
totalFail:
type: integer
type: object
type: array
id:
type: string
title:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
updateTimestamp:
format: date-time
type: string
required:
- updateTimestamp
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
served: true
storage: true
subresources:
status: {}
Loading

0 comments on commit 136116a

Please sign in to comment.