Skip to content

Commit

Permalink
operator trivy-operator (0.19.2)
Browse files Browse the repository at this point in the history
  • Loading branch information
@chen-keinan
chen-keinan authored Mar 28, 2024
1 parent dfedac7 commit ec82bda
Show file tree
Hide file tree
Showing 14 changed files with 3,198 additions and 0 deletions.
257 changes: 257 additions & 0 deletions ...erator/0.19.2/manifests/clustercompliancereports.v1alpha1.aquasecurity.github.io.crd.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,257 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
creationTimestamp: null
name: clustercompliancereports.aquasecurity.github.io
spec:
group: aquasecurity.github.io
names:
kind: ClusterComplianceReport
listKind: ClusterComplianceReportList
plural: clustercompliancereports
shortNames:
- compliance
singular: clustercompliancereport
scope: Cluster
versions:
- additionalPrinterColumns:
- description: The age of the report
jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: The number of checks that failed
jsonPath: .status.summary.failCount
name: Fail
priority: 1
type: integer
- description: The number of checks that passed
jsonPath: .status.summary.passCount
name: Pass
priority: 1
type: integer
name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterComplianceReport is a specification for the ClusterComplianceReport
resource.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ReportSpec represent the compliance specification
properties:
compliance:
properties:
controls:
description: Control represent the cps controls data and mapping
checks
items:
description: Control represent the cps controls data and mapping
checks
properties:
checks:
items:
description: SpecCheck represent the scanner who perform
the control check
properties:
id:
description: id define the check id as produced by
scanner
type: string
required:
- id
type: object
type: array
defaultStatus:
description: define the default value for check status in
case resource not found
enum:
- PASS
- WARN
- FAIL
type: string
description:
type: string
id:
description: id define the control check id
type: string
name:
type: string
severity:
description: define the severity of the control
enum:
- CRITICAL
- HIGH
- MEDIUM
- LOW
- UNKNOWN
type: string
required:
- id
- name
- severity
type: object
type: array
description:
type: string
id:
type: string
relatedResources:
items:
type: string
type: array
title:
type: string
version:
type: string
required:
- controls
- description
- id
- relatedResources
- title
- version
type: object
cron:
description: cron define the intervals for report generation
pattern: ^(((([\*]{1}){1})|((\*\/){0,1}(([0-9]{1}){1}|(([1-5]{1}){1}([0-9]{1}){1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([0-9]{1}){1}|(([1]{1}){1}([0-9]{1}){1}){1}|([2]{1}){1}([0-3]{1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1}))|(jan|feb|mar|apr|may|jun|jul|aug|sep|okt|nov|dec))
((([\*]{1}){1})|((\*\/){0,1}(([0-7]{1}){1}))|(sun|mon|tue|wed|thu|fri|sat)))$
type: string
reportType:
enum:
- summary
- all
type: string
required:
- compliance
- cron
- reportType
type: object
status:
properties:
detailReport:
description: ComplianceReport represents a kubernetes scan report
properties:
description:
type: string
id:
type: string
relatedVersion:
items:
type: string
type: array
results:
items:
properties:
checks:
items:
description: ComplianceCheck provides the result of conducting
a single compliance step.
properties:
category:
type: string
checkID:
type: string
description:
type: string
messages:
items:
type: string
type: array
remediation:
description: Remediation provides description or links
to external resources to remediate failing check.
type: string
severity:
description: Severity level of a vulnerability or
a configuration audit check.
type: string
success:
type: boolean
target:
type: string
title:
type: string
required:
- checkID
- severity
- success
type: object
type: array
description:
type: string
id:
type: string
name:
type: string
severity:
type: string
status:
type: string
required:
- checks
type: object
type: array
title:
type: string
version:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
summary:
properties:
failCount:
type: integer
passCount:
type: integer
type: object
summaryReport:
description: SummaryReport represents a kubernetes scan report with
consolidated findings
properties:
controlCheck:
items:
properties:
id:
type: string
name:
type: string
severity:
type: string
totalFail:
type: integer
type: object
type: array
id:
type: string
title:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
updateTimestamp:
format: date-time
type: string
required:
- updateTimestamp
type: object
type: object
served: true
storage: true
subresources:
status: {}
Loading

0 comments on commit ec82bda

Please sign in to comment.