Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
ClusterReport is the Schema for the ClusterReport API
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string |
openreports.io/v1alpha1 |
||
kind string |
ClusterReport |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
source string |
Source is an identifier for the source e.g. a policy engine that manages this report. Use this field if all the results are produced by a single policy engine. If the results are produced by multiple sources e.g. different engines or scanners, then use the Source field at the ReportResult level. |
||
scope ObjectReference |
Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node) | ||
scopeSelector LabelSelector |
ScopeSelector is an optional selector for multiple scopes (e.g. Pods). Either one of, or none of, but not both of, Scope or ScopeSelector should be specified. |
||
configuration ReportConfiguration |
Configuration is an optional field which can be used to specify a contract between Report generators and consumers |
||
summary ReportSummary |
ReportSummary provides a summary of results | ||
results ReportResult array |
ReportResult provides result details |
ClusterReportList contains a list of ClusterReport
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string |
openreports.io/v1alpha1 |
||
kind string |
ClusterReportList |
||
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items ClusterReport array |
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
maxResults integer |
MaxResults is the maximum number of results contained in the report | ||
statusFilter StatusFilter array |
StatusFilter indicates that the Report contains only those reports with statuses specified in this list | Enum: [pass fail warn error skip] |
Report is the Schema for the reports API
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string |
openreports.io/v1alpha1 |
||
kind string |
Report |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
source string |
Source is an identifier for the source e.g. a policy engine that manages this report. Use this field if all the results are produced by a single policy engine. If the results are produced by multiple sources e.g. different engines or scanners, then use the Source field at the ReportResult level. |
||
scope ObjectReference |
Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node) | ||
scopeSelector LabelSelector |
ScopeSelector is an optional selector for multiple scopes (e.g. Pods). Either one of, or none of, but not both of, Scope or ScopeSelector should be specified. |
||
configuration ReportConfiguration |
Configuration is an optional field which can be used to specify a contract between Report generators and consumers |
||
summary ReportSummary |
ReportSummary provides a summary of results | ||
results ReportResult array |
ReportResult provides result details |
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
limits Limits |
ReportList contains a list of Report
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string |
openreports.io/v1alpha1 |
||
kind string |
ReportList |
||
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
items Report array |
ReportResult provides the result for an individual policy
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
source string |
Source is an identifier for the policy engine that manages this report If the Source is specified at this level, it will override the Source field set at the Report level |
||
policy string |
Policy is the name or identifier of the policy | ||
rule string |
Rule is the name or identifier of the rule within the policy | ||
category string |
Category indicates policy category | ||
severity ResultSeverity |
Severity indicates policy check result criticality | Enum: [critical high low medium info] |
|
timestamp Timestamp |
Timestamp indicates the time the result was found | ||
result Result |
Result indicates the outcome of the policy rule execution | Enum: [pass fail warn error skip] |
|
scored boolean |
Scored indicates if this result is scored | ||
resources ObjectReference array |
Subjects is an optional reference to the checked Kubernetes resources | ||
resourceSelector LabelSelector |
ResourceSelector is an optional label selector for checked Kubernetes resources. For example, a policy result may apply to all pods that match a label. Either a Subject or a ResourceSelector can be specified. If neither are provided, the result is assumed to be for the policy report scope. |
||
message string |
Description is a short user friendly message for the policy rule | ||
properties object (keys:string, values:string) |
Properties provides additional information for the policy rule |
ReportSummary provides a status count summary
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
pass integer |
Pass provides the count of policies whose requirements were met | ||
fail integer |
Fail provides the count of policies whose requirements were not met | ||
warn integer |
Warn provides the count of non-scored policies whose requirements were not met | ||
error integer |
Error provides the count of policies that could not be evaluated | ||
skip integer |
Skip indicates the count of policies that were not selected for evaluation |
Underlying type: string
Result has one of the following values:
- pass: the policy requirements are met
- fail: the policy requirements are not met
- warn: the policy requirements are not met and the policy is not scored
- error: the policy could not be evaluated
- skip: the policy was not selected based on user inputs or applicability
Validation:
- Enum: [pass fail warn error skip]
Appears in:
Underlying type: string
ResultSeverity has one of the following values:
- critical
- high
- low
- medium
- info
Validation:
- Enum: [critical high low medium info]
Appears in:
Underlying type: string
StatusFilter is used by Report generators to write only those reports whose status is specified by the filters
Validation:
- Enum: [pass fail warn error skip]
Appears in: