72 lines
1.3 KiB
Go
72 lines
1.3 KiB
Go
// SPDX-License-Identifier: Apache-2.0
|
|
// Copyright Authors of K9s
|
|
|
|
package config
|
|
|
|
// Labels tracks a collection of labels.
|
|
type Labels map[string][]string
|
|
|
|
func (l Labels) exclude(k, val string) bool {
|
|
vv, ok := l[k]
|
|
if !ok {
|
|
return false
|
|
}
|
|
|
|
for _, v := range vv {
|
|
if v == val {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// Blacklist tracks vul scan exclusions.
|
|
type BlackList struct {
|
|
Namespaces []string `yaml:"namespaces"`
|
|
Labels Labels `yaml:"labels"`
|
|
}
|
|
|
|
func newBlackList() BlackList {
|
|
return BlackList{
|
|
Labels: make(Labels),
|
|
}
|
|
}
|
|
|
|
func (b BlackList) exclude(ns string, ll map[string]string) bool {
|
|
for _, nss := range b.Namespaces {
|
|
if nss == ns {
|
|
return true
|
|
}
|
|
}
|
|
for k, v := range ll {
|
|
if b.Labels.exclude(k, v) {
|
|
return true
|
|
}
|
|
}
|
|
|
|
return false
|
|
}
|
|
|
|
// ImageScans tracks vul scans options.
|
|
type ImageScans struct {
|
|
Enable bool `yaml:"enable"`
|
|
BlackList BlackList `yaml:"blackList"`
|
|
}
|
|
|
|
// NewImageScans returns a new instance.
|
|
func NewImageScans() *ImageScans {
|
|
return &ImageScans{
|
|
BlackList: newBlackList(),
|
|
}
|
|
}
|
|
|
|
// ShouldExclude checks if scan should be excluder given ns/labels
|
|
func (i *ImageScans) ShouldExclude(ns string, ll map[string]string) bool {
|
|
if !i.Enable {
|
|
return false
|
|
}
|
|
|
|
return i.BlackList.exclude(ns, ll)
|
|
}
|