github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-04-15 06:58:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'kubescape:master' into master

Browse Source
This commit is contained in:
itsCheithanya
2022-09-07 14:24:55 +05:30
committed by GitHub
parent f9e80b709a 43dbb55d50
commit ad608b08e0
3 changed files with 18 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
core/pkg/registryadaptors/contribute.md
View File

@@ -4,12 +4,12 @@
### Layers
* Controls and Rules: that actual control logic implementation, the "tests" themselves. Implemented in rego
* OPA engine: the [OPA](https://github.com/open-policy-agent/opa) rego interpreter
* Rules processor: Kubescape component, it enumerates and runs the controls while also preparing the all the input data that the controls need for running
* Data sources: set of different modules providing data to the Rules processor so it can run the controls with them. Examples: Kubernetes objects, cloud vendor API objects and adding in this proposal the vulnerability infomration
* Controls and Rules: that actual control logic implementation, the "tests" themselves. Implemented in rego.
* OPA engine: the [OPA](https://github.com/open-policy-agent/opa) rego interpreter.
* Rules processor: Kubescape component, it enumerates and runs the controls while preparing all of the input data that the controls need for running.
* Data sources: set of different modules providing data to the Rules processor so it can run the controls with them. Examples: Kubernetes objects, cloud vendor API objects and adding in this proposal the vulnerability information.
* Cloud Image Vulnerability adaption interface: the subject of this proposal, it gives a common interface for different registry/vulnerability vendors to adapt to.
* CIV adaptors: specific implementation of the CIV interface, example Harbor adaption
* CIV adaptors: specific implementation of the CIV interface, example Harbor adaption.
```
-----------------------
| Controls/Rules (rego) |
@@ -88,7 +88,7 @@ type ContainerImageInformation struct {
type IContainerImageVulnerabilityAdaptor interface {
// Credentials are coming from user input (CLI or configuration file) and they are abstracted at string to string map level
// so and example use would be like registry: "simpledockerregistry:80" and credentials like {"username":"joedoe","password":"abcd1234"}
// so an example use would be like registry: "simpledockerregistry:80" and credentials like {"username":"joedoe","password":"abcd1234"}
Login(registry string, credentials map[string]string) error
// For "help" purposes
@@ -161,4 +161,4 @@ The rego results will be a combination of the k8s artifact and the list of relev
}
]
}
```
```