@kwirthmagnify/kwirth-plugin-trivy 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/back.js +38 -1012
- package/front.js +138 -12043
- package/package.json +1 -1
package/back.js
CHANGED
|
@@ -29,992 +29,24 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
|
|
|
29
29
|
));
|
|
30
30
|
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
|
|
31
31
|
|
|
32
|
-
//
|
|
33
|
-
var
|
|
34
|
-
"
|
|
35
|
-
|
|
36
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
37
|
-
exports2.EClusterType = exports2.ClusterTypeEnum = void 0;
|
|
38
|
-
var ClusterTypeEnum;
|
|
39
|
-
(function(ClusterTypeEnum2) {
|
|
40
|
-
ClusterTypeEnum2["KUBERNETES"] = "kubernetes";
|
|
41
|
-
ClusterTypeEnum2["DOCKER"] = "docker";
|
|
42
|
-
})(ClusterTypeEnum || (exports2.ClusterTypeEnum = ClusterTypeEnum = {}));
|
|
43
|
-
var EClusterType2;
|
|
44
|
-
(function(EClusterType3) {
|
|
45
|
-
EClusterType3["KUBERNETES"] = "kubernetes";
|
|
46
|
-
EClusterType3["DOCKER"] = "docker";
|
|
47
|
-
})(EClusterType2 || (exports2.EClusterType = EClusterType2 = {}));
|
|
32
|
+
// kwirth-back-globals:@kwirthmagnify/kwirth-common
|
|
33
|
+
var require_kwirth_common = __commonJS({
|
|
34
|
+
"kwirth-back-globals:@kwirthmagnify/kwirth-common"(exports2, module2) {
|
|
35
|
+
module2.exports = global.__kwirth_back__.kwirthCommon;
|
|
48
36
|
}
|
|
49
37
|
});
|
|
50
38
|
|
|
51
|
-
//
|
|
52
|
-
var
|
|
53
|
-
"
|
|
54
|
-
|
|
55
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
39
|
+
// kwirth-back-globals:@kwirthmagnify/kwirth-common-back
|
|
40
|
+
var require_kwirth_common_back = __commonJS({
|
|
41
|
+
"kwirth-back-globals:@kwirthmagnify/kwirth-common-back"(exports2, module2) {
|
|
42
|
+
module2.exports = global.__kwirth_back__.kwirthCommonBack;
|
|
56
43
|
}
|
|
57
44
|
});
|
|
58
45
|
|
|
59
|
-
//
|
|
60
|
-
var
|
|
61
|
-
"
|
|
62
|
-
"use strict";
|
|
63
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
64
|
-
exports2.EInstanceMessageFlow = exports2.InstanceMessageFlowEnum = exports2.EInstanceMessageAction = exports2.InstanceMessageActionEnum = exports2.EInstanceMessageType = exports2.InstanceMessageTypeEnum = exports2.EInstanceMessageChannel = exports2.InstanceMessageChannelEnum = void 0;
|
|
65
|
-
var InstanceMessageChannelEnum;
|
|
66
|
-
(function(InstanceMessageChannelEnum2) {
|
|
67
|
-
InstanceMessageChannelEnum2["NONE"] = "none";
|
|
68
|
-
InstanceMessageChannelEnum2["LOG"] = "log";
|
|
69
|
-
InstanceMessageChannelEnum2["METRICS"] = "metrics";
|
|
70
|
-
InstanceMessageChannelEnum2["AUDIT"] = "audit";
|
|
71
|
-
InstanceMessageChannelEnum2["OPS"] = "ops";
|
|
72
|
-
InstanceMessageChannelEnum2["ALERT"] = "alert";
|
|
73
|
-
InstanceMessageChannelEnum2["TRIVY"] = "trivy";
|
|
74
|
-
})(InstanceMessageChannelEnum || (exports2.InstanceMessageChannelEnum = InstanceMessageChannelEnum = {}));
|
|
75
|
-
var EInstanceMessageChannel2;
|
|
76
|
-
(function(EInstanceMessageChannel3) {
|
|
77
|
-
EInstanceMessageChannel3["NONE"] = "none";
|
|
78
|
-
EInstanceMessageChannel3["LOG"] = "log";
|
|
79
|
-
EInstanceMessageChannel3["METRICS"] = "metrics";
|
|
80
|
-
EInstanceMessageChannel3["AUDIT"] = "audit";
|
|
81
|
-
EInstanceMessageChannel3["OPS"] = "ops";
|
|
82
|
-
EInstanceMessageChannel3["ALERT"] = "alert";
|
|
83
|
-
EInstanceMessageChannel3["TRIVY"] = "trivy";
|
|
84
|
-
EInstanceMessageChannel3["MAGNIFY"] = "magnify";
|
|
85
|
-
})(EInstanceMessageChannel2 || (exports2.EInstanceMessageChannel = EInstanceMessageChannel2 = {}));
|
|
86
|
-
var InstanceMessageTypeEnum;
|
|
87
|
-
(function(InstanceMessageTypeEnum2) {
|
|
88
|
-
InstanceMessageTypeEnum2["DATA"] = "data";
|
|
89
|
-
InstanceMessageTypeEnum2["SIGNAL"] = "signal";
|
|
90
|
-
})(InstanceMessageTypeEnum || (exports2.InstanceMessageTypeEnum = InstanceMessageTypeEnum = {}));
|
|
91
|
-
var EInstanceMessageType2;
|
|
92
|
-
(function(EInstanceMessageType3) {
|
|
93
|
-
EInstanceMessageType3["DATA"] = "data";
|
|
94
|
-
EInstanceMessageType3["SIGNAL"] = "signal";
|
|
95
|
-
})(EInstanceMessageType2 || (exports2.EInstanceMessageType = EInstanceMessageType2 = {}));
|
|
96
|
-
var InstanceMessageActionEnum;
|
|
97
|
-
(function(InstanceMessageActionEnum2) {
|
|
98
|
-
InstanceMessageActionEnum2["NONE"] = "none";
|
|
99
|
-
InstanceMessageActionEnum2["ROUTE"] = "route";
|
|
100
|
-
InstanceMessageActionEnum2["START"] = "start";
|
|
101
|
-
InstanceMessageActionEnum2["STOP"] = "stop";
|
|
102
|
-
InstanceMessageActionEnum2["PAUSE"] = "pause";
|
|
103
|
-
InstanceMessageActionEnum2["CONTINUE"] = "continue";
|
|
104
|
-
InstanceMessageActionEnum2["MODIFY"] = "modify";
|
|
105
|
-
InstanceMessageActionEnum2["PING"] = "ping";
|
|
106
|
-
InstanceMessageActionEnum2["RECONNECT"] = "reconnect";
|
|
107
|
-
InstanceMessageActionEnum2["COMMAND"] = "command";
|
|
108
|
-
InstanceMessageActionEnum2["WEBSOCKET"] = "websocket";
|
|
109
|
-
})(InstanceMessageActionEnum || (exports2.InstanceMessageActionEnum = InstanceMessageActionEnum = {}));
|
|
110
|
-
var EInstanceMessageAction2;
|
|
111
|
-
(function(EInstanceMessageAction3) {
|
|
112
|
-
EInstanceMessageAction3["NONE"] = "none";
|
|
113
|
-
EInstanceMessageAction3["RI"] = "ri";
|
|
114
|
-
EInstanceMessageAction3["ROUTE"] = "route";
|
|
115
|
-
EInstanceMessageAction3["START"] = "start";
|
|
116
|
-
EInstanceMessageAction3["STOP"] = "stop";
|
|
117
|
-
EInstanceMessageAction3["PAUSE"] = "pause";
|
|
118
|
-
EInstanceMessageAction3["CONTINUE"] = "continue";
|
|
119
|
-
EInstanceMessageAction3["MODIFY"] = "modify";
|
|
120
|
-
EInstanceMessageAction3["PING"] = "ping";
|
|
121
|
-
EInstanceMessageAction3["RECONNECT"] = "reconnect";
|
|
122
|
-
EInstanceMessageAction3["COMMAND"] = "command";
|
|
123
|
-
EInstanceMessageAction3["WEBSOCKET"] = "websocket";
|
|
124
|
-
})(EInstanceMessageAction2 || (exports2.EInstanceMessageAction = EInstanceMessageAction2 = {}));
|
|
125
|
-
var InstanceMessageFlowEnum;
|
|
126
|
-
(function(InstanceMessageFlowEnum2) {
|
|
127
|
-
InstanceMessageFlowEnum2["IMMEDIATE"] = "immediate";
|
|
128
|
-
InstanceMessageFlowEnum2["REQUEST"] = "request";
|
|
129
|
-
InstanceMessageFlowEnum2["RESPONSE"] = "response";
|
|
130
|
-
InstanceMessageFlowEnum2["UNSOLICITED"] = "unsolicited";
|
|
131
|
-
})(InstanceMessageFlowEnum || (exports2.InstanceMessageFlowEnum = InstanceMessageFlowEnum = {}));
|
|
132
|
-
var EInstanceMessageFlow2;
|
|
133
|
-
(function(EInstanceMessageFlow3) {
|
|
134
|
-
EInstanceMessageFlow3["IMMEDIATE"] = "immediate";
|
|
135
|
-
EInstanceMessageFlow3["REQUEST"] = "request";
|
|
136
|
-
EInstanceMessageFlow3["RESPONSE"] = "response";
|
|
137
|
-
EInstanceMessageFlow3["UNSOLICITED"] = "unsolicited";
|
|
138
|
-
})(EInstanceMessageFlow2 || (exports2.EInstanceMessageFlow = EInstanceMessageFlow2 = {}));
|
|
139
|
-
}
|
|
140
|
-
});
|
|
141
|
-
|
|
142
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/InstanceConfig.js
|
|
143
|
-
var require_InstanceConfig = __commonJS({
|
|
144
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/InstanceConfig.js"(exports2) {
|
|
145
|
-
"use strict";
|
|
146
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
147
|
-
exports2.EInstanceConfigScope = exports2.EInstanceConfigView = exports2.EInstanceConfigObject = exports2.InstanceConfigScopeEnum = exports2.InstanceConfigViewEnum = exports2.InstanceConfigObjectEnum = void 0;
|
|
148
|
-
var InstanceConfigObjectEnum;
|
|
149
|
-
(function(InstanceConfigObjectEnum2) {
|
|
150
|
-
InstanceConfigObjectEnum2["PODS"] = "pods";
|
|
151
|
-
InstanceConfigObjectEnum2["EVENTS"] = "events";
|
|
152
|
-
})(InstanceConfigObjectEnum || (exports2.InstanceConfigObjectEnum = InstanceConfigObjectEnum = {}));
|
|
153
|
-
var InstanceConfigViewEnum;
|
|
154
|
-
(function(InstanceConfigViewEnum2) {
|
|
155
|
-
InstanceConfigViewEnum2["NONE"] = "none";
|
|
156
|
-
InstanceConfigViewEnum2["CLUSTER"] = "cluster";
|
|
157
|
-
InstanceConfigViewEnum2["NAMESPACE"] = "namespace";
|
|
158
|
-
InstanceConfigViewEnum2["GROUP"] = "group";
|
|
159
|
-
InstanceConfigViewEnum2["POD"] = "pod";
|
|
160
|
-
InstanceConfigViewEnum2["CONTAINER"] = "container";
|
|
161
|
-
})(InstanceConfigViewEnum || (exports2.InstanceConfigViewEnum = InstanceConfigViewEnum = {}));
|
|
162
|
-
var InstanceConfigScopeEnum;
|
|
163
|
-
(function(InstanceConfigScopeEnum2) {
|
|
164
|
-
InstanceConfigScopeEnum2["NONE"] = "none";
|
|
165
|
-
InstanceConfigScopeEnum2["API"] = "api";
|
|
166
|
-
InstanceConfigScopeEnum2["CLUSTER"] = "cluster";
|
|
167
|
-
InstanceConfigScopeEnum2["FILTER"] = "filter";
|
|
168
|
-
InstanceConfigScopeEnum2["VIEW"] = "view";
|
|
169
|
-
InstanceConfigScopeEnum2["SNAPSHOT"] = "snapshot";
|
|
170
|
-
InstanceConfigScopeEnum2["STREAM"] = "stream";
|
|
171
|
-
InstanceConfigScopeEnum2["CREATE"] = "create";
|
|
172
|
-
InstanceConfigScopeEnum2["SUBSCRIBE"] = "subscribe";
|
|
173
|
-
InstanceConfigScopeEnum2["GET"] = "get";
|
|
174
|
-
InstanceConfigScopeEnum2["EXECUTE"] = "execute";
|
|
175
|
-
InstanceConfigScopeEnum2["RESTART"] = "restart";
|
|
176
|
-
InstanceConfigScopeEnum2["WORKLOAD"] = "workload";
|
|
177
|
-
InstanceConfigScopeEnum2["KUBERNETES"] = "kubernetes";
|
|
178
|
-
})(InstanceConfigScopeEnum || (exports2.InstanceConfigScopeEnum = InstanceConfigScopeEnum = {}));
|
|
179
|
-
var EInstanceConfigObject;
|
|
180
|
-
(function(EInstanceConfigObject2) {
|
|
181
|
-
EInstanceConfigObject2["PODS"] = "pods";
|
|
182
|
-
EInstanceConfigObject2["EVENTS"] = "events";
|
|
183
|
-
})(EInstanceConfigObject || (exports2.EInstanceConfigObject = EInstanceConfigObject = {}));
|
|
184
|
-
var EInstanceConfigView;
|
|
185
|
-
(function(EInstanceConfigView2) {
|
|
186
|
-
EInstanceConfigView2["NONE"] = "none";
|
|
187
|
-
EInstanceConfigView2["CLUSTER"] = "cluster";
|
|
188
|
-
EInstanceConfigView2["NAMESPACE"] = "namespace";
|
|
189
|
-
EInstanceConfigView2["GROUP"] = "group";
|
|
190
|
-
EInstanceConfigView2["POD"] = "pod";
|
|
191
|
-
EInstanceConfigView2["CONTAINER"] = "container";
|
|
192
|
-
})(EInstanceConfigView || (exports2.EInstanceConfigView = EInstanceConfigView = {}));
|
|
193
|
-
var EInstanceConfigScope;
|
|
194
|
-
(function(EInstanceConfigScope2) {
|
|
195
|
-
EInstanceConfigScope2["NONE"] = "none";
|
|
196
|
-
EInstanceConfigScope2["API"] = "api";
|
|
197
|
-
EInstanceConfigScope2["CLUSTER"] = "cluster";
|
|
198
|
-
EInstanceConfigScope2["FILTER"] = "filter";
|
|
199
|
-
EInstanceConfigScope2["VIEW"] = "view";
|
|
200
|
-
EInstanceConfigScope2["SNAPSHOT"] = "snapshot";
|
|
201
|
-
EInstanceConfigScope2["STREAM"] = "stream";
|
|
202
|
-
EInstanceConfigScope2["CREATE"] = "create";
|
|
203
|
-
EInstanceConfigScope2["SUBSCRIBE"] = "subscribe";
|
|
204
|
-
EInstanceConfigScope2["GET"] = "get";
|
|
205
|
-
EInstanceConfigScope2["EXECUTE"] = "execute";
|
|
206
|
-
EInstanceConfigScope2["RESTART"] = "restart";
|
|
207
|
-
EInstanceConfigScope2["WORKLOAD"] = "workload";
|
|
208
|
-
EInstanceConfigScope2["KUBERNETES"] = "kubernetes";
|
|
209
|
-
})(EInstanceConfigScope || (exports2.EInstanceConfigScope = EInstanceConfigScope = {}));
|
|
210
|
-
}
|
|
211
|
-
});
|
|
212
|
-
|
|
213
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/RouteMessage.js
|
|
214
|
-
var require_RouteMessage = __commonJS({
|
|
215
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/RouteMessage.js"(exports2) {
|
|
216
|
-
"use strict";
|
|
217
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
218
|
-
}
|
|
219
|
-
});
|
|
220
|
-
|
|
221
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/SignalMessage.js
|
|
222
|
-
var require_SignalMessage = __commonJS({
|
|
223
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/SignalMessage.js"(exports2) {
|
|
224
|
-
"use strict";
|
|
225
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
226
|
-
exports2.ESignalMessageEvent = exports2.ESignalMessageLevel = exports2.SignalMessageEventEnum = exports2.SignalMessageLevelEnum = void 0;
|
|
227
|
-
var SignalMessageLevelEnum;
|
|
228
|
-
(function(SignalMessageLevelEnum2) {
|
|
229
|
-
SignalMessageLevelEnum2["INFO"] = "info";
|
|
230
|
-
SignalMessageLevelEnum2["WARNING"] = "warning";
|
|
231
|
-
SignalMessageLevelEnum2["ERROR"] = "error";
|
|
232
|
-
})(SignalMessageLevelEnum || (exports2.SignalMessageLevelEnum = SignalMessageLevelEnum = {}));
|
|
233
|
-
var SignalMessageEventEnum;
|
|
234
|
-
(function(SignalMessageEventEnum2) {
|
|
235
|
-
SignalMessageEventEnum2["ADD"] = "add";
|
|
236
|
-
SignalMessageEventEnum2["DELETE"] = "delete";
|
|
237
|
-
SignalMessageEventEnum2["OTHER"] = "other";
|
|
238
|
-
})(SignalMessageEventEnum || (exports2.SignalMessageEventEnum = SignalMessageEventEnum = {}));
|
|
239
|
-
var ESignalMessageLevel2;
|
|
240
|
-
(function(ESignalMessageLevel3) {
|
|
241
|
-
ESignalMessageLevel3["INFO"] = "info";
|
|
242
|
-
ESignalMessageLevel3["WARNING"] = "warning";
|
|
243
|
-
ESignalMessageLevel3["ERROR"] = "error";
|
|
244
|
-
})(ESignalMessageLevel2 || (exports2.ESignalMessageLevel = ESignalMessageLevel2 = {}));
|
|
245
|
-
var ESignalMessageEvent;
|
|
246
|
-
(function(ESignalMessageEvent2) {
|
|
247
|
-
ESignalMessageEvent2["ADD"] = "add";
|
|
248
|
-
ESignalMessageEvent2["DELETE"] = "delete";
|
|
249
|
-
ESignalMessageEvent2["OTHER"] = "other";
|
|
250
|
-
})(ESignalMessageEvent || (exports2.ESignalMessageEvent = ESignalMessageEvent = {}));
|
|
251
|
-
}
|
|
252
|
-
});
|
|
253
|
-
|
|
254
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/ApiKey.js
|
|
255
|
-
var require_ApiKey = __commonJS({
|
|
256
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/ApiKey.js"(exports2) {
|
|
257
|
-
"use strict";
|
|
258
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
259
|
-
}
|
|
260
|
-
});
|
|
261
|
-
|
|
262
|
-
// node_modules/uuid/dist/cjs/max.js
|
|
263
|
-
var require_max = __commonJS({
|
|
264
|
-
"node_modules/uuid/dist/cjs/max.js"(exports2) {
|
|
265
|
-
"use strict";
|
|
266
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
267
|
-
exports2.default = "ffffffff-ffff-ffff-ffff-ffffffffffff";
|
|
268
|
-
}
|
|
269
|
-
});
|
|
270
|
-
|
|
271
|
-
// node_modules/uuid/dist/cjs/nil.js
|
|
272
|
-
var require_nil = __commonJS({
|
|
273
|
-
"node_modules/uuid/dist/cjs/nil.js"(exports2) {
|
|
274
|
-
"use strict";
|
|
275
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
276
|
-
exports2.default = "00000000-0000-0000-0000-000000000000";
|
|
277
|
-
}
|
|
278
|
-
});
|
|
279
|
-
|
|
280
|
-
// node_modules/uuid/dist/cjs/regex.js
|
|
281
|
-
var require_regex = __commonJS({
|
|
282
|
-
"node_modules/uuid/dist/cjs/regex.js"(exports2) {
|
|
283
|
-
"use strict";
|
|
284
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
285
|
-
exports2.default = /^(?:[0-9a-f]{8}-[0-9a-f]{4}-[1-8][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$/i;
|
|
286
|
-
}
|
|
287
|
-
});
|
|
288
|
-
|
|
289
|
-
// node_modules/uuid/dist/cjs/validate.js
|
|
290
|
-
var require_validate = __commonJS({
|
|
291
|
-
"node_modules/uuid/dist/cjs/validate.js"(exports2) {
|
|
292
|
-
"use strict";
|
|
293
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
294
|
-
var regex_js_1 = require_regex();
|
|
295
|
-
function validate(uuid) {
|
|
296
|
-
return typeof uuid === "string" && regex_js_1.default.test(uuid);
|
|
297
|
-
}
|
|
298
|
-
exports2.default = validate;
|
|
299
|
-
}
|
|
300
|
-
});
|
|
301
|
-
|
|
302
|
-
// node_modules/uuid/dist/cjs/parse.js
|
|
303
|
-
var require_parse = __commonJS({
|
|
304
|
-
"node_modules/uuid/dist/cjs/parse.js"(exports2) {
|
|
305
|
-
"use strict";
|
|
306
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
307
|
-
var validate_js_1 = require_validate();
|
|
308
|
-
function parse(uuid) {
|
|
309
|
-
if (!(0, validate_js_1.default)(uuid)) {
|
|
310
|
-
throw TypeError("Invalid UUID");
|
|
311
|
-
}
|
|
312
|
-
let v;
|
|
313
|
-
return Uint8Array.of((v = parseInt(uuid.slice(0, 8), 16)) >>> 24, v >>> 16 & 255, v >>> 8 & 255, v & 255, (v = parseInt(uuid.slice(9, 13), 16)) >>> 8, v & 255, (v = parseInt(uuid.slice(14, 18), 16)) >>> 8, v & 255, (v = parseInt(uuid.slice(19, 23), 16)) >>> 8, v & 255, (v = parseInt(uuid.slice(24, 36), 16)) / 1099511627776 & 255, v / 4294967296 & 255, v >>> 24 & 255, v >>> 16 & 255, v >>> 8 & 255, v & 255);
|
|
314
|
-
}
|
|
315
|
-
exports2.default = parse;
|
|
316
|
-
}
|
|
317
|
-
});
|
|
318
|
-
|
|
319
|
-
// node_modules/uuid/dist/cjs/stringify.js
|
|
320
|
-
var require_stringify = __commonJS({
|
|
321
|
-
"node_modules/uuid/dist/cjs/stringify.js"(exports2) {
|
|
322
|
-
"use strict";
|
|
323
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
324
|
-
exports2.unsafeStringify = void 0;
|
|
325
|
-
var validate_js_1 = require_validate();
|
|
326
|
-
var byteToHex = [];
|
|
327
|
-
for (let i = 0; i < 256; ++i) {
|
|
328
|
-
byteToHex.push((i + 256).toString(16).slice(1));
|
|
329
|
-
}
|
|
330
|
-
function unsafeStringify(arr, offset = 0) {
|
|
331
|
-
return (byteToHex[arr[offset + 0]] + byteToHex[arr[offset + 1]] + byteToHex[arr[offset + 2]] + byteToHex[arr[offset + 3]] + "-" + byteToHex[arr[offset + 4]] + byteToHex[arr[offset + 5]] + "-" + byteToHex[arr[offset + 6]] + byteToHex[arr[offset + 7]] + "-" + byteToHex[arr[offset + 8]] + byteToHex[arr[offset + 9]] + "-" + byteToHex[arr[offset + 10]] + byteToHex[arr[offset + 11]] + byteToHex[arr[offset + 12]] + byteToHex[arr[offset + 13]] + byteToHex[arr[offset + 14]] + byteToHex[arr[offset + 15]]).toLowerCase();
|
|
332
|
-
}
|
|
333
|
-
exports2.unsafeStringify = unsafeStringify;
|
|
334
|
-
function stringify(arr, offset = 0) {
|
|
335
|
-
const uuid = unsafeStringify(arr, offset);
|
|
336
|
-
if (!(0, validate_js_1.default)(uuid)) {
|
|
337
|
-
throw TypeError("Stringified UUID is invalid");
|
|
338
|
-
}
|
|
339
|
-
return uuid;
|
|
340
|
-
}
|
|
341
|
-
exports2.default = stringify;
|
|
342
|
-
}
|
|
343
|
-
});
|
|
344
|
-
|
|
345
|
-
// node_modules/uuid/dist/cjs/rng.js
|
|
346
|
-
var require_rng = __commonJS({
|
|
347
|
-
"node_modules/uuid/dist/cjs/rng.js"(exports2) {
|
|
348
|
-
"use strict";
|
|
349
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
350
|
-
var crypto_1 = require("crypto");
|
|
351
|
-
var rnds8Pool = new Uint8Array(256);
|
|
352
|
-
var poolPtr = rnds8Pool.length;
|
|
353
|
-
function rng() {
|
|
354
|
-
if (poolPtr > rnds8Pool.length - 16) {
|
|
355
|
-
(0, crypto_1.randomFillSync)(rnds8Pool);
|
|
356
|
-
poolPtr = 0;
|
|
357
|
-
}
|
|
358
|
-
return rnds8Pool.slice(poolPtr, poolPtr += 16);
|
|
359
|
-
}
|
|
360
|
-
exports2.default = rng;
|
|
361
|
-
}
|
|
362
|
-
});
|
|
363
|
-
|
|
364
|
-
// node_modules/uuid/dist/cjs/v1.js
|
|
365
|
-
var require_v1 = __commonJS({
|
|
366
|
-
"node_modules/uuid/dist/cjs/v1.js"(exports2) {
|
|
367
|
-
"use strict";
|
|
368
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
369
|
-
exports2.updateV1State = void 0;
|
|
370
|
-
var rng_js_1 = require_rng();
|
|
371
|
-
var stringify_js_1 = require_stringify();
|
|
372
|
-
var _state = {};
|
|
373
|
-
function v1(options, buf, offset) {
|
|
374
|
-
let bytes;
|
|
375
|
-
const isV6 = options?._v6 ?? false;
|
|
376
|
-
if (options) {
|
|
377
|
-
const optionsKeys = Object.keys(options);
|
|
378
|
-
if (optionsKeys.length === 1 && optionsKeys[0] === "_v6") {
|
|
379
|
-
options = void 0;
|
|
380
|
-
}
|
|
381
|
-
}
|
|
382
|
-
if (options) {
|
|
383
|
-
bytes = v1Bytes(options.random ?? options.rng?.() ?? (0, rng_js_1.default)(), options.msecs, options.nsecs, options.clockseq, options.node, buf, offset);
|
|
384
|
-
} else {
|
|
385
|
-
const now = Date.now();
|
|
386
|
-
const rnds = (0, rng_js_1.default)();
|
|
387
|
-
updateV1State(_state, now, rnds);
|
|
388
|
-
bytes = v1Bytes(rnds, _state.msecs, _state.nsecs, isV6 ? void 0 : _state.clockseq, isV6 ? void 0 : _state.node, buf, offset);
|
|
389
|
-
}
|
|
390
|
-
return buf ?? (0, stringify_js_1.unsafeStringify)(bytes);
|
|
391
|
-
}
|
|
392
|
-
function updateV1State(state, now, rnds) {
|
|
393
|
-
state.msecs ??= -Infinity;
|
|
394
|
-
state.nsecs ??= 0;
|
|
395
|
-
if (now === state.msecs) {
|
|
396
|
-
state.nsecs++;
|
|
397
|
-
if (state.nsecs >= 1e4) {
|
|
398
|
-
state.node = void 0;
|
|
399
|
-
state.nsecs = 0;
|
|
400
|
-
}
|
|
401
|
-
} else if (now > state.msecs) {
|
|
402
|
-
state.nsecs = 0;
|
|
403
|
-
} else if (now < state.msecs) {
|
|
404
|
-
state.node = void 0;
|
|
405
|
-
}
|
|
406
|
-
if (!state.node) {
|
|
407
|
-
state.node = rnds.slice(10, 16);
|
|
408
|
-
state.node[0] |= 1;
|
|
409
|
-
state.clockseq = (rnds[8] << 8 | rnds[9]) & 16383;
|
|
410
|
-
}
|
|
411
|
-
state.msecs = now;
|
|
412
|
-
return state;
|
|
413
|
-
}
|
|
414
|
-
exports2.updateV1State = updateV1State;
|
|
415
|
-
function v1Bytes(rnds, msecs, nsecs, clockseq, node, buf, offset = 0) {
|
|
416
|
-
if (rnds.length < 16) {
|
|
417
|
-
throw new Error("Random bytes length must be >= 16");
|
|
418
|
-
}
|
|
419
|
-
if (!buf) {
|
|
420
|
-
buf = new Uint8Array(16);
|
|
421
|
-
offset = 0;
|
|
422
|
-
} else {
|
|
423
|
-
if (offset < 0 || offset + 16 > buf.length) {
|
|
424
|
-
throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`);
|
|
425
|
-
}
|
|
426
|
-
}
|
|
427
|
-
msecs ??= Date.now();
|
|
428
|
-
nsecs ??= 0;
|
|
429
|
-
clockseq ??= (rnds[8] << 8 | rnds[9]) & 16383;
|
|
430
|
-
node ??= rnds.slice(10, 16);
|
|
431
|
-
msecs += 122192928e5;
|
|
432
|
-
const tl = ((msecs & 268435455) * 1e4 + nsecs) % 4294967296;
|
|
433
|
-
buf[offset++] = tl >>> 24 & 255;
|
|
434
|
-
buf[offset++] = tl >>> 16 & 255;
|
|
435
|
-
buf[offset++] = tl >>> 8 & 255;
|
|
436
|
-
buf[offset++] = tl & 255;
|
|
437
|
-
const tmh = msecs / 4294967296 * 1e4 & 268435455;
|
|
438
|
-
buf[offset++] = tmh >>> 8 & 255;
|
|
439
|
-
buf[offset++] = tmh & 255;
|
|
440
|
-
buf[offset++] = tmh >>> 24 & 15 | 16;
|
|
441
|
-
buf[offset++] = tmh >>> 16 & 255;
|
|
442
|
-
buf[offset++] = clockseq >>> 8 | 128;
|
|
443
|
-
buf[offset++] = clockseq & 255;
|
|
444
|
-
for (let n = 0; n < 6; ++n) {
|
|
445
|
-
buf[offset++] = node[n];
|
|
446
|
-
}
|
|
447
|
-
return buf;
|
|
448
|
-
}
|
|
449
|
-
exports2.default = v1;
|
|
450
|
-
}
|
|
451
|
-
});
|
|
452
|
-
|
|
453
|
-
// node_modules/uuid/dist/cjs/v1ToV6.js
|
|
454
|
-
var require_v1ToV6 = __commonJS({
|
|
455
|
-
"node_modules/uuid/dist/cjs/v1ToV6.js"(exports2) {
|
|
456
|
-
"use strict";
|
|
457
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
458
|
-
var parse_js_1 = require_parse();
|
|
459
|
-
var stringify_js_1 = require_stringify();
|
|
460
|
-
function v1ToV6(uuid) {
|
|
461
|
-
const v1Bytes = typeof uuid === "string" ? (0, parse_js_1.default)(uuid) : uuid;
|
|
462
|
-
const v6Bytes = _v1ToV6(v1Bytes);
|
|
463
|
-
return typeof uuid === "string" ? (0, stringify_js_1.unsafeStringify)(v6Bytes) : v6Bytes;
|
|
464
|
-
}
|
|
465
|
-
exports2.default = v1ToV6;
|
|
466
|
-
function _v1ToV6(v1Bytes) {
|
|
467
|
-
return Uint8Array.of((v1Bytes[6] & 15) << 4 | v1Bytes[7] >> 4 & 15, (v1Bytes[7] & 15) << 4 | (v1Bytes[4] & 240) >> 4, (v1Bytes[4] & 15) << 4 | (v1Bytes[5] & 240) >> 4, (v1Bytes[5] & 15) << 4 | (v1Bytes[0] & 240) >> 4, (v1Bytes[0] & 15) << 4 | (v1Bytes[1] & 240) >> 4, (v1Bytes[1] & 15) << 4 | (v1Bytes[2] & 240) >> 4, 96 | v1Bytes[2] & 15, v1Bytes[3], v1Bytes[8], v1Bytes[9], v1Bytes[10], v1Bytes[11], v1Bytes[12], v1Bytes[13], v1Bytes[14], v1Bytes[15]);
|
|
468
|
-
}
|
|
469
|
-
}
|
|
470
|
-
});
|
|
471
|
-
|
|
472
|
-
// node_modules/uuid/dist/cjs/md5.js
|
|
473
|
-
var require_md5 = __commonJS({
|
|
474
|
-
"node_modules/uuid/dist/cjs/md5.js"(exports2) {
|
|
475
|
-
"use strict";
|
|
476
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
477
|
-
var crypto_1 = require("crypto");
|
|
478
|
-
function md5(bytes) {
|
|
479
|
-
if (Array.isArray(bytes)) {
|
|
480
|
-
bytes = Buffer.from(bytes);
|
|
481
|
-
} else if (typeof bytes === "string") {
|
|
482
|
-
bytes = Buffer.from(bytes, "utf8");
|
|
483
|
-
}
|
|
484
|
-
return (0, crypto_1.createHash)("md5").update(bytes).digest();
|
|
485
|
-
}
|
|
486
|
-
exports2.default = md5;
|
|
487
|
-
}
|
|
488
|
-
});
|
|
489
|
-
|
|
490
|
-
// node_modules/uuid/dist/cjs/v35.js
|
|
491
|
-
var require_v35 = __commonJS({
|
|
492
|
-
"node_modules/uuid/dist/cjs/v35.js"(exports2) {
|
|
493
|
-
"use strict";
|
|
494
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
495
|
-
exports2.URL = exports2.DNS = exports2.stringToBytes = void 0;
|
|
496
|
-
var parse_js_1 = require_parse();
|
|
497
|
-
var stringify_js_1 = require_stringify();
|
|
498
|
-
function stringToBytes(str) {
|
|
499
|
-
str = unescape(encodeURIComponent(str));
|
|
500
|
-
const bytes = new Uint8Array(str.length);
|
|
501
|
-
for (let i = 0; i < str.length; ++i) {
|
|
502
|
-
bytes[i] = str.charCodeAt(i);
|
|
503
|
-
}
|
|
504
|
-
return bytes;
|
|
505
|
-
}
|
|
506
|
-
exports2.stringToBytes = stringToBytes;
|
|
507
|
-
exports2.DNS = "6ba7b810-9dad-11d1-80b4-00c04fd430c8";
|
|
508
|
-
exports2.URL = "6ba7b811-9dad-11d1-80b4-00c04fd430c8";
|
|
509
|
-
function v35(version, hash, value, namespace, buf, offset) {
|
|
510
|
-
const valueBytes = typeof value === "string" ? stringToBytes(value) : value;
|
|
511
|
-
const namespaceBytes = typeof namespace === "string" ? (0, parse_js_1.default)(namespace) : namespace;
|
|
512
|
-
if (typeof namespace === "string") {
|
|
513
|
-
namespace = (0, parse_js_1.default)(namespace);
|
|
514
|
-
}
|
|
515
|
-
if (namespace?.length !== 16) {
|
|
516
|
-
throw TypeError("Namespace must be array-like (16 iterable integer values, 0-255)");
|
|
517
|
-
}
|
|
518
|
-
let bytes = new Uint8Array(16 + valueBytes.length);
|
|
519
|
-
bytes.set(namespaceBytes);
|
|
520
|
-
bytes.set(valueBytes, namespaceBytes.length);
|
|
521
|
-
bytes = hash(bytes);
|
|
522
|
-
bytes[6] = bytes[6] & 15 | version;
|
|
523
|
-
bytes[8] = bytes[8] & 63 | 128;
|
|
524
|
-
if (buf) {
|
|
525
|
-
offset = offset || 0;
|
|
526
|
-
if (offset < 0 || offset + 16 > buf.length) {
|
|
527
|
-
throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`);
|
|
528
|
-
}
|
|
529
|
-
for (let i = 0; i < 16; ++i) {
|
|
530
|
-
buf[offset + i] = bytes[i];
|
|
531
|
-
}
|
|
532
|
-
return buf;
|
|
533
|
-
}
|
|
534
|
-
return (0, stringify_js_1.unsafeStringify)(bytes);
|
|
535
|
-
}
|
|
536
|
-
exports2.default = v35;
|
|
537
|
-
}
|
|
538
|
-
});
|
|
539
|
-
|
|
540
|
-
// node_modules/uuid/dist/cjs/v3.js
|
|
541
|
-
var require_v3 = __commonJS({
|
|
542
|
-
"node_modules/uuid/dist/cjs/v3.js"(exports2) {
|
|
543
|
-
"use strict";
|
|
544
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
545
|
-
exports2.URL = exports2.DNS = void 0;
|
|
546
|
-
var md5_js_1 = require_md5();
|
|
547
|
-
var v35_js_1 = require_v35();
|
|
548
|
-
var v35_js_2 = require_v35();
|
|
549
|
-
Object.defineProperty(exports2, "DNS", { enumerable: true, get: function() {
|
|
550
|
-
return v35_js_2.DNS;
|
|
551
|
-
} });
|
|
552
|
-
Object.defineProperty(exports2, "URL", { enumerable: true, get: function() {
|
|
553
|
-
return v35_js_2.URL;
|
|
554
|
-
} });
|
|
555
|
-
function v3(value, namespace, buf, offset) {
|
|
556
|
-
return (0, v35_js_1.default)(48, md5_js_1.default, value, namespace, buf, offset);
|
|
557
|
-
}
|
|
558
|
-
v3.DNS = v35_js_1.DNS;
|
|
559
|
-
v3.URL = v35_js_1.URL;
|
|
560
|
-
exports2.default = v3;
|
|
561
|
-
}
|
|
562
|
-
});
|
|
563
|
-
|
|
564
|
-
// node_modules/uuid/dist/cjs/native.js
|
|
565
|
-
var require_native = __commonJS({
|
|
566
|
-
"node_modules/uuid/dist/cjs/native.js"(exports2) {
|
|
567
|
-
"use strict";
|
|
568
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
569
|
-
var crypto_1 = require("crypto");
|
|
570
|
-
exports2.default = { randomUUID: crypto_1.randomUUID };
|
|
571
|
-
}
|
|
572
|
-
});
|
|
573
|
-
|
|
574
|
-
// node_modules/uuid/dist/cjs/v4.js
|
|
575
|
-
var require_v4 = __commonJS({
|
|
576
|
-
"node_modules/uuid/dist/cjs/v4.js"(exports2) {
|
|
577
|
-
"use strict";
|
|
578
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
579
|
-
var native_js_1 = require_native();
|
|
580
|
-
var rng_js_1 = require_rng();
|
|
581
|
-
var stringify_js_1 = require_stringify();
|
|
582
|
-
function v4(options, buf, offset) {
|
|
583
|
-
if (native_js_1.default.randomUUID && !buf && !options) {
|
|
584
|
-
return native_js_1.default.randomUUID();
|
|
585
|
-
}
|
|
586
|
-
options = options || {};
|
|
587
|
-
const rnds = options.random ?? options.rng?.() ?? (0, rng_js_1.default)();
|
|
588
|
-
if (rnds.length < 16) {
|
|
589
|
-
throw new Error("Random bytes length must be >= 16");
|
|
590
|
-
}
|
|
591
|
-
rnds[6] = rnds[6] & 15 | 64;
|
|
592
|
-
rnds[8] = rnds[8] & 63 | 128;
|
|
593
|
-
if (buf) {
|
|
594
|
-
offset = offset || 0;
|
|
595
|
-
if (offset < 0 || offset + 16 > buf.length) {
|
|
596
|
-
throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`);
|
|
597
|
-
}
|
|
598
|
-
for (let i = 0; i < 16; ++i) {
|
|
599
|
-
buf[offset + i] = rnds[i];
|
|
600
|
-
}
|
|
601
|
-
return buf;
|
|
602
|
-
}
|
|
603
|
-
return (0, stringify_js_1.unsafeStringify)(rnds);
|
|
604
|
-
}
|
|
605
|
-
exports2.default = v4;
|
|
606
|
-
}
|
|
607
|
-
});
|
|
608
|
-
|
|
609
|
-
// node_modules/uuid/dist/cjs/sha1.js
|
|
610
|
-
var require_sha1 = __commonJS({
|
|
611
|
-
"node_modules/uuid/dist/cjs/sha1.js"(exports2) {
|
|
612
|
-
"use strict";
|
|
613
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
614
|
-
var crypto_1 = require("crypto");
|
|
615
|
-
function sha1(bytes) {
|
|
616
|
-
if (Array.isArray(bytes)) {
|
|
617
|
-
bytes = Buffer.from(bytes);
|
|
618
|
-
} else if (typeof bytes === "string") {
|
|
619
|
-
bytes = Buffer.from(bytes, "utf8");
|
|
620
|
-
}
|
|
621
|
-
return (0, crypto_1.createHash)("sha1").update(bytes).digest();
|
|
622
|
-
}
|
|
623
|
-
exports2.default = sha1;
|
|
624
|
-
}
|
|
625
|
-
});
|
|
626
|
-
|
|
627
|
-
// node_modules/uuid/dist/cjs/v5.js
|
|
628
|
-
var require_v5 = __commonJS({
|
|
629
|
-
"node_modules/uuid/dist/cjs/v5.js"(exports2) {
|
|
630
|
-
"use strict";
|
|
631
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
632
|
-
exports2.URL = exports2.DNS = void 0;
|
|
633
|
-
var sha1_js_1 = require_sha1();
|
|
634
|
-
var v35_js_1 = require_v35();
|
|
635
|
-
var v35_js_2 = require_v35();
|
|
636
|
-
Object.defineProperty(exports2, "DNS", { enumerable: true, get: function() {
|
|
637
|
-
return v35_js_2.DNS;
|
|
638
|
-
} });
|
|
639
|
-
Object.defineProperty(exports2, "URL", { enumerable: true, get: function() {
|
|
640
|
-
return v35_js_2.URL;
|
|
641
|
-
} });
|
|
642
|
-
function v5(value, namespace, buf, offset) {
|
|
643
|
-
return (0, v35_js_1.default)(80, sha1_js_1.default, value, namespace, buf, offset);
|
|
644
|
-
}
|
|
645
|
-
v5.DNS = v35_js_1.DNS;
|
|
646
|
-
v5.URL = v35_js_1.URL;
|
|
647
|
-
exports2.default = v5;
|
|
648
|
-
}
|
|
649
|
-
});
|
|
650
|
-
|
|
651
|
-
// node_modules/uuid/dist/cjs/v6.js
|
|
652
|
-
var require_v6 = __commonJS({
|
|
653
|
-
"node_modules/uuid/dist/cjs/v6.js"(exports2) {
|
|
654
|
-
"use strict";
|
|
655
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
656
|
-
var stringify_js_1 = require_stringify();
|
|
657
|
-
var v1_js_1 = require_v1();
|
|
658
|
-
var v1ToV6_js_1 = require_v1ToV6();
|
|
659
|
-
function v6(options, buf, offset) {
|
|
660
|
-
options ??= {};
|
|
661
|
-
offset ??= 0;
|
|
662
|
-
let bytes = (0, v1_js_1.default)({ ...options, _v6: true }, new Uint8Array(16));
|
|
663
|
-
bytes = (0, v1ToV6_js_1.default)(bytes);
|
|
664
|
-
if (buf) {
|
|
665
|
-
if (offset < 0 || offset + 16 > buf.length) {
|
|
666
|
-
throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`);
|
|
667
|
-
}
|
|
668
|
-
for (let i = 0; i < 16; i++) {
|
|
669
|
-
buf[offset + i] = bytes[i];
|
|
670
|
-
}
|
|
671
|
-
return buf;
|
|
672
|
-
}
|
|
673
|
-
return (0, stringify_js_1.unsafeStringify)(bytes);
|
|
674
|
-
}
|
|
675
|
-
exports2.default = v6;
|
|
676
|
-
}
|
|
677
|
-
});
|
|
678
|
-
|
|
679
|
-
// node_modules/uuid/dist/cjs/v6ToV1.js
|
|
680
|
-
var require_v6ToV1 = __commonJS({
|
|
681
|
-
"node_modules/uuid/dist/cjs/v6ToV1.js"(exports2) {
|
|
682
|
-
"use strict";
|
|
683
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
684
|
-
var parse_js_1 = require_parse();
|
|
685
|
-
var stringify_js_1 = require_stringify();
|
|
686
|
-
function v6ToV1(uuid) {
|
|
687
|
-
const v6Bytes = typeof uuid === "string" ? (0, parse_js_1.default)(uuid) : uuid;
|
|
688
|
-
const v1Bytes = _v6ToV1(v6Bytes);
|
|
689
|
-
return typeof uuid === "string" ? (0, stringify_js_1.unsafeStringify)(v1Bytes) : v1Bytes;
|
|
690
|
-
}
|
|
691
|
-
exports2.default = v6ToV1;
|
|
692
|
-
function _v6ToV1(v6Bytes) {
|
|
693
|
-
return Uint8Array.of((v6Bytes[3] & 15) << 4 | v6Bytes[4] >> 4 & 15, (v6Bytes[4] & 15) << 4 | (v6Bytes[5] & 240) >> 4, (v6Bytes[5] & 15) << 4 | v6Bytes[6] & 15, v6Bytes[7], (v6Bytes[1] & 15) << 4 | (v6Bytes[2] & 240) >> 4, (v6Bytes[2] & 15) << 4 | (v6Bytes[3] & 240) >> 4, 16 | (v6Bytes[0] & 240) >> 4, (v6Bytes[0] & 15) << 4 | (v6Bytes[1] & 240) >> 4, v6Bytes[8], v6Bytes[9], v6Bytes[10], v6Bytes[11], v6Bytes[12], v6Bytes[13], v6Bytes[14], v6Bytes[15]);
|
|
694
|
-
}
|
|
695
|
-
}
|
|
696
|
-
});
|
|
697
|
-
|
|
698
|
-
// node_modules/uuid/dist/cjs/v7.js
|
|
699
|
-
var require_v7 = __commonJS({
|
|
700
|
-
"node_modules/uuid/dist/cjs/v7.js"(exports2) {
|
|
701
|
-
"use strict";
|
|
702
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
703
|
-
exports2.updateV7State = void 0;
|
|
704
|
-
var rng_js_1 = require_rng();
|
|
705
|
-
var stringify_js_1 = require_stringify();
|
|
706
|
-
var _state = {};
|
|
707
|
-
function v7(options, buf, offset) {
|
|
708
|
-
let bytes;
|
|
709
|
-
if (options) {
|
|
710
|
-
bytes = v7Bytes(options.random ?? options.rng?.() ?? (0, rng_js_1.default)(), options.msecs, options.seq, buf, offset);
|
|
711
|
-
} else {
|
|
712
|
-
const now = Date.now();
|
|
713
|
-
const rnds = (0, rng_js_1.default)();
|
|
714
|
-
updateV7State(_state, now, rnds);
|
|
715
|
-
bytes = v7Bytes(rnds, _state.msecs, _state.seq, buf, offset);
|
|
716
|
-
}
|
|
717
|
-
return buf ?? (0, stringify_js_1.unsafeStringify)(bytes);
|
|
718
|
-
}
|
|
719
|
-
function updateV7State(state, now, rnds) {
|
|
720
|
-
state.msecs ??= -Infinity;
|
|
721
|
-
state.seq ??= 0;
|
|
722
|
-
if (now > state.msecs) {
|
|
723
|
-
state.seq = rnds[6] << 23 | rnds[7] << 16 | rnds[8] << 8 | rnds[9];
|
|
724
|
-
state.msecs = now;
|
|
725
|
-
} else {
|
|
726
|
-
state.seq = state.seq + 1 | 0;
|
|
727
|
-
if (state.seq === 0) {
|
|
728
|
-
state.msecs++;
|
|
729
|
-
}
|
|
730
|
-
}
|
|
731
|
-
return state;
|
|
732
|
-
}
|
|
733
|
-
exports2.updateV7State = updateV7State;
|
|
734
|
-
function v7Bytes(rnds, msecs, seq, buf, offset = 0) {
|
|
735
|
-
if (rnds.length < 16) {
|
|
736
|
-
throw new Error("Random bytes length must be >= 16");
|
|
737
|
-
}
|
|
738
|
-
if (!buf) {
|
|
739
|
-
buf = new Uint8Array(16);
|
|
740
|
-
offset = 0;
|
|
741
|
-
} else {
|
|
742
|
-
if (offset < 0 || offset + 16 > buf.length) {
|
|
743
|
-
throw new RangeError(`UUID byte range ${offset}:${offset + 15} is out of buffer bounds`);
|
|
744
|
-
}
|
|
745
|
-
}
|
|
746
|
-
msecs ??= Date.now();
|
|
747
|
-
seq ??= rnds[6] * 127 << 24 | rnds[7] << 16 | rnds[8] << 8 | rnds[9];
|
|
748
|
-
buf[offset++] = msecs / 1099511627776 & 255;
|
|
749
|
-
buf[offset++] = msecs / 4294967296 & 255;
|
|
750
|
-
buf[offset++] = msecs / 16777216 & 255;
|
|
751
|
-
buf[offset++] = msecs / 65536 & 255;
|
|
752
|
-
buf[offset++] = msecs / 256 & 255;
|
|
753
|
-
buf[offset++] = msecs & 255;
|
|
754
|
-
buf[offset++] = 112 | seq >>> 28 & 15;
|
|
755
|
-
buf[offset++] = seq >>> 20 & 255;
|
|
756
|
-
buf[offset++] = 128 | seq >>> 14 & 63;
|
|
757
|
-
buf[offset++] = seq >>> 6 & 255;
|
|
758
|
-
buf[offset++] = seq << 2 & 255 | rnds[10] & 3;
|
|
759
|
-
buf[offset++] = rnds[11];
|
|
760
|
-
buf[offset++] = rnds[12];
|
|
761
|
-
buf[offset++] = rnds[13];
|
|
762
|
-
buf[offset++] = rnds[14];
|
|
763
|
-
buf[offset++] = rnds[15];
|
|
764
|
-
return buf;
|
|
765
|
-
}
|
|
766
|
-
exports2.default = v7;
|
|
767
|
-
}
|
|
768
|
-
});
|
|
769
|
-
|
|
770
|
-
// node_modules/uuid/dist/cjs/version.js
|
|
771
|
-
var require_version = __commonJS({
|
|
772
|
-
"node_modules/uuid/dist/cjs/version.js"(exports2) {
|
|
773
|
-
"use strict";
|
|
774
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
775
|
-
var validate_js_1 = require_validate();
|
|
776
|
-
function version(uuid) {
|
|
777
|
-
if (!(0, validate_js_1.default)(uuid)) {
|
|
778
|
-
throw TypeError("Invalid UUID");
|
|
779
|
-
}
|
|
780
|
-
return parseInt(uuid.slice(14, 15), 16);
|
|
781
|
-
}
|
|
782
|
-
exports2.default = version;
|
|
783
|
-
}
|
|
784
|
-
});
|
|
785
|
-
|
|
786
|
-
// node_modules/uuid/dist/cjs/index.js
|
|
787
|
-
var require_cjs = __commonJS({
|
|
788
|
-
"node_modules/uuid/dist/cjs/index.js"(exports2) {
|
|
789
|
-
"use strict";
|
|
790
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
791
|
-
exports2.version = exports2.validate = exports2.v7 = exports2.v6ToV1 = exports2.v6 = exports2.v5 = exports2.v4 = exports2.v3 = exports2.v1ToV6 = exports2.v1 = exports2.stringify = exports2.parse = exports2.NIL = exports2.MAX = void 0;
|
|
792
|
-
var max_js_1 = require_max();
|
|
793
|
-
Object.defineProperty(exports2, "MAX", { enumerable: true, get: function() {
|
|
794
|
-
return max_js_1.default;
|
|
795
|
-
} });
|
|
796
|
-
var nil_js_1 = require_nil();
|
|
797
|
-
Object.defineProperty(exports2, "NIL", { enumerable: true, get: function() {
|
|
798
|
-
return nil_js_1.default;
|
|
799
|
-
} });
|
|
800
|
-
var parse_js_1 = require_parse();
|
|
801
|
-
Object.defineProperty(exports2, "parse", { enumerable: true, get: function() {
|
|
802
|
-
return parse_js_1.default;
|
|
803
|
-
} });
|
|
804
|
-
var stringify_js_1 = require_stringify();
|
|
805
|
-
Object.defineProperty(exports2, "stringify", { enumerable: true, get: function() {
|
|
806
|
-
return stringify_js_1.default;
|
|
807
|
-
} });
|
|
808
|
-
var v1_js_1 = require_v1();
|
|
809
|
-
Object.defineProperty(exports2, "v1", { enumerable: true, get: function() {
|
|
810
|
-
return v1_js_1.default;
|
|
811
|
-
} });
|
|
812
|
-
var v1ToV6_js_1 = require_v1ToV6();
|
|
813
|
-
Object.defineProperty(exports2, "v1ToV6", { enumerable: true, get: function() {
|
|
814
|
-
return v1ToV6_js_1.default;
|
|
815
|
-
} });
|
|
816
|
-
var v3_js_1 = require_v3();
|
|
817
|
-
Object.defineProperty(exports2, "v3", { enumerable: true, get: function() {
|
|
818
|
-
return v3_js_1.default;
|
|
819
|
-
} });
|
|
820
|
-
var v4_js_1 = require_v4();
|
|
821
|
-
Object.defineProperty(exports2, "v4", { enumerable: true, get: function() {
|
|
822
|
-
return v4_js_1.default;
|
|
823
|
-
} });
|
|
824
|
-
var v5_js_1 = require_v5();
|
|
825
|
-
Object.defineProperty(exports2, "v5", { enumerable: true, get: function() {
|
|
826
|
-
return v5_js_1.default;
|
|
827
|
-
} });
|
|
828
|
-
var v6_js_1 = require_v6();
|
|
829
|
-
Object.defineProperty(exports2, "v6", { enumerable: true, get: function() {
|
|
830
|
-
return v6_js_1.default;
|
|
831
|
-
} });
|
|
832
|
-
var v6ToV1_js_1 = require_v6ToV1();
|
|
833
|
-
Object.defineProperty(exports2, "v6ToV1", { enumerable: true, get: function() {
|
|
834
|
-
return v6ToV1_js_1.default;
|
|
835
|
-
} });
|
|
836
|
-
var v7_js_1 = require_v7();
|
|
837
|
-
Object.defineProperty(exports2, "v7", { enumerable: true, get: function() {
|
|
838
|
-
return v7_js_1.default;
|
|
839
|
-
} });
|
|
840
|
-
var validate_js_1 = require_validate();
|
|
841
|
-
Object.defineProperty(exports2, "validate", { enumerable: true, get: function() {
|
|
842
|
-
return validate_js_1.default;
|
|
843
|
-
} });
|
|
844
|
-
var version_js_1 = require_version();
|
|
845
|
-
Object.defineProperty(exports2, "version", { enumerable: true, get: function() {
|
|
846
|
-
return version_js_1.default;
|
|
847
|
-
} });
|
|
848
|
-
}
|
|
849
|
-
});
|
|
850
|
-
|
|
851
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/AccessKey.js
|
|
852
|
-
var require_AccessKey = __commonJS({
|
|
853
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/AccessKey.js"(exports2) {
|
|
854
|
-
"use strict";
|
|
855
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
856
|
-
exports2.AccessKey = void 0;
|
|
857
|
-
exports2.accessKeyBuild = accessKeyBuild;
|
|
858
|
-
exports2.accessKeyCreate = accessKeyCreate;
|
|
859
|
-
exports2.accessKeyDeserialize = accessKeyDeserialize2;
|
|
860
|
-
exports2.accessKeySerialize = accessKeySerialize;
|
|
861
|
-
exports2.parseResource = parseResource;
|
|
862
|
-
exports2.parseResources = parseResources2;
|
|
863
|
-
exports2.buildResource = buildResource;
|
|
864
|
-
var uuid_1 = require_cjs();
|
|
865
|
-
var AccessKey2 = class {
|
|
866
|
-
constructor() {
|
|
867
|
-
this.id = "";
|
|
868
|
-
this.type = "volatile";
|
|
869
|
-
this.resources = "";
|
|
870
|
-
}
|
|
871
|
-
};
|
|
872
|
-
exports2.AccessKey = AccessKey2;
|
|
873
|
-
function accessKeyCreate(type, resources) {
|
|
874
|
-
let accessKey = new AccessKey2();
|
|
875
|
-
accessKey.id = (0, uuid_1.v4)();
|
|
876
|
-
accessKey.type = type;
|
|
877
|
-
accessKey.resources = resources;
|
|
878
|
-
return accessKey;
|
|
879
|
-
}
|
|
880
|
-
function accessKeyBuild(id, type, resources) {
|
|
881
|
-
let accessKey = new AccessKey2();
|
|
882
|
-
accessKey.id = id;
|
|
883
|
-
accessKey.type = type;
|
|
884
|
-
accessKey.resources = resources;
|
|
885
|
-
return accessKey;
|
|
886
|
-
}
|
|
887
|
-
function accessKeySerialize(accessKey) {
|
|
888
|
-
return `${accessKey.id}|${accessKey.type}|${accessKey.resources}`;
|
|
889
|
-
}
|
|
890
|
-
function accessKeyDeserialize2(key) {
|
|
891
|
-
var parts = key.split("|");
|
|
892
|
-
return accessKeyBuild(parts[0], parts[1], parts[2]);
|
|
893
|
-
}
|
|
894
|
-
function parseResource(key) {
|
|
895
|
-
var parts = key.split(":");
|
|
896
|
-
return {
|
|
897
|
-
scopes: parts[0],
|
|
898
|
-
namespaces: parts[1],
|
|
899
|
-
groups: parts[2],
|
|
900
|
-
pods: parts[3],
|
|
901
|
-
containers: parts[4]
|
|
902
|
-
};
|
|
903
|
-
}
|
|
904
|
-
function parseResources2(key) {
|
|
905
|
-
if (!key)
|
|
906
|
-
return [];
|
|
907
|
-
let ress = key.split(";");
|
|
908
|
-
let result = [];
|
|
909
|
-
for (var res of ress) {
|
|
910
|
-
result.push(parseResource(res));
|
|
911
|
-
}
|
|
912
|
-
return result;
|
|
913
|
-
}
|
|
914
|
-
function buildResource(scopes, namespaces, groups, pods, containers) {
|
|
915
|
-
return `${scopes.join(",")}:${namespaces.join(",")}:${groups.join(",")}:${pods.join(",")}:${containers.join(",")}`;
|
|
916
|
-
}
|
|
917
|
-
}
|
|
918
|
-
});
|
|
919
|
-
|
|
920
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/Global.js
|
|
921
|
-
var require_Global = __commonJS({
|
|
922
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/Global.js"(exports2) {
|
|
923
|
-
"use strict";
|
|
924
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
925
|
-
}
|
|
926
|
-
});
|
|
927
|
-
|
|
928
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/Version.js
|
|
929
|
-
var require_Version = __commonJS({
|
|
930
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/Version.js"(exports2) {
|
|
931
|
-
"use strict";
|
|
932
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
933
|
-
exports2.versionGreaterThan = exports2.versionGreatOrEqualThan = void 0;
|
|
934
|
-
var versionGreatOrEqualThan = (version1, version2) => {
|
|
935
|
-
return versionGreaterThan(version1, version2) || version1 === version2;
|
|
936
|
-
};
|
|
937
|
-
exports2.versionGreatOrEqualThan = versionGreatOrEqualThan;
|
|
938
|
-
var versionGreaterThan = (version1, version2) => {
|
|
939
|
-
const v1 = version1.split(".").map(Number);
|
|
940
|
-
const v2 = version2.split(".").map(Number);
|
|
941
|
-
for (let i = 0; i < Math.max(v1.length, v2.length); i++) {
|
|
942
|
-
const num1 = v1[i] || 0;
|
|
943
|
-
const num2 = v2[i] || 0;
|
|
944
|
-
if (num1 > num2)
|
|
945
|
-
return true;
|
|
946
|
-
else if (num1 < num2)
|
|
947
|
-
return false;
|
|
948
|
-
}
|
|
949
|
-
return false;
|
|
950
|
-
};
|
|
951
|
-
exports2.versionGreaterThan = versionGreaterThan;
|
|
952
|
-
}
|
|
953
|
-
});
|
|
954
|
-
|
|
955
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/FrontChannel.js
|
|
956
|
-
var require_FrontChannel = __commonJS({
|
|
957
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/FrontChannel.js"(exports2) {
|
|
958
|
-
"use strict";
|
|
959
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
960
|
-
exports2.EChannelRefreshAction = exports2.ENotifyLevel = void 0;
|
|
961
|
-
var ENotifyLevel;
|
|
962
|
-
(function(ENotifyLevel2) {
|
|
963
|
-
ENotifyLevel2["INFO"] = "info";
|
|
964
|
-
ENotifyLevel2["ERROR"] = "error";
|
|
965
|
-
ENotifyLevel2["WARNING"] = "warning";
|
|
966
|
-
ENotifyLevel2["SUCCESS"] = "success";
|
|
967
|
-
})(ENotifyLevel || (exports2.ENotifyLevel = ENotifyLevel = {}));
|
|
968
|
-
var EChannelRefreshAction;
|
|
969
|
-
(function(EChannelRefreshAction2) {
|
|
970
|
-
EChannelRefreshAction2[EChannelRefreshAction2["NONE"] = 0] = "NONE";
|
|
971
|
-
EChannelRefreshAction2[EChannelRefreshAction2["REFRESH"] = 1] = "REFRESH";
|
|
972
|
-
EChannelRefreshAction2[EChannelRefreshAction2["STOP"] = 2] = "STOP";
|
|
973
|
-
})(EChannelRefreshAction || (exports2.EChannelRefreshAction = EChannelRefreshAction = {}));
|
|
974
|
-
}
|
|
975
|
-
});
|
|
976
|
-
|
|
977
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/Daemon.js
|
|
978
|
-
var require_Daemon = __commonJS({
|
|
979
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/Daemon.js"(exports2) {
|
|
980
|
-
"use strict";
|
|
981
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
982
|
-
}
|
|
983
|
-
});
|
|
984
|
-
|
|
985
|
-
// node_modules/@kwirthmagnify/kwirth-common/dist/index.js
|
|
986
|
-
var require_dist = __commonJS({
|
|
987
|
-
"node_modules/@kwirthmagnify/kwirth-common/dist/index.js"(exports2) {
|
|
988
|
-
"use strict";
|
|
989
|
-
var __createBinding = exports2 && exports2.__createBinding || (Object.create ? (function(o, m, k, k2) {
|
|
990
|
-
if (k2 === void 0) k2 = k;
|
|
991
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
992
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
993
|
-
desc = { enumerable: true, get: function() {
|
|
994
|
-
return m[k];
|
|
995
|
-
} };
|
|
996
|
-
}
|
|
997
|
-
Object.defineProperty(o, k2, desc);
|
|
998
|
-
}) : (function(o, m, k, k2) {
|
|
999
|
-
if (k2 === void 0) k2 = k;
|
|
1000
|
-
o[k2] = m[k];
|
|
1001
|
-
}));
|
|
1002
|
-
var __exportStar = exports2 && exports2.__exportStar || function(m, exports3) {
|
|
1003
|
-
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports3, p)) __createBinding(exports3, m, p);
|
|
1004
|
-
};
|
|
1005
|
-
Object.defineProperty(exports2, "__esModule", { value: true });
|
|
1006
|
-
__exportStar(require_Channel(), exports2);
|
|
1007
|
-
__exportStar(require_Sender(), exports2);
|
|
1008
|
-
__exportStar(require_InstanceMessage(), exports2);
|
|
1009
|
-
__exportStar(require_InstanceConfig(), exports2);
|
|
1010
|
-
__exportStar(require_RouteMessage(), exports2);
|
|
1011
|
-
__exportStar(require_SignalMessage(), exports2);
|
|
1012
|
-
__exportStar(require_ApiKey(), exports2);
|
|
1013
|
-
__exportStar(require_AccessKey(), exports2);
|
|
1014
|
-
__exportStar(require_Global(), exports2);
|
|
1015
|
-
__exportStar(require_Version(), exports2);
|
|
1016
|
-
__exportStar(require_FrontChannel(), exports2);
|
|
1017
|
-
__exportStar(require_Daemon(), exports2);
|
|
46
|
+
// src/back/trivy-operator-0.30.1.yaml
|
|
47
|
+
var require_trivy_operator_0_30_1 = __commonJS({
|
|
48
|
+
"src/back/trivy-operator-0.30.1.yaml"(exports2, module2) {
|
|
49
|
+
module2.exports = "H4sIAAAAAAAACu197XPbtrL3987kf8D4PB/SO5bsvPSe1t8USUnUypKvZDu305zHA5GQxIYkePjixKfu/34HLyRBEgQBSnIch5zJTCwsgAWwWGD3twB6vd6zH2DgXKMwcrB/BmDgoC8x8slfUf/Tz1HfwSe3L5798Mnx7TMwTKIYewsU4SS00AitHd+JHew/+8FDMbRhDM+e/QAA9H0cQ5IQ0b8BsLAfh9h1UdjbIL//KVmhVeK4NgppBWn1t6f9Fz/3T0keH3roDFhuEsUotLAXuA70LRSiAIdx1If/TmCErCR04rv+xom3yarv4Gc/RAGyaJ2bECfBGaijYxWk7PHWscqGWWULWhkjcZ0o/k1FNnUiThq4SQjdeuYZVbTFYTwTmOiBnJKTOP4mcWFYWxQhiywcoIwr8gvvTlZuD0DbpoME3YvQ8SnnbuL5ebU2iqzQCWI6BJdbBOAGAbwG8RaBUOgCAP6MsH8B4+0Z6KcD3rdCRIf60vFQFEMvSInZCA42KP0hviOM2jBGtTX7ibdCIanc2iLrUwTiLYzBGjousiVMRDGMk6gfJZ4Hw7s+oRvixI+LLLyFjpv+EoQOJrJwBl4U2SI9s2H9Z8BZAKNIhzNCJ+HsAkaRGWcs3+0L6AZbyAkja4s8eJbmwgHyBxeT61fL4u+g2KgaMQZOBCAg08hZOxYdWbDGIRUG5QRhX8h1Qz//MQhxgMLYyQSdfYLaEX8ucXnfKyYCQJrG8gGbKCAUUd640CObdwcTYCciEhyiCPlMIZGfoQ/w6k9kxf1y2UsUknLI3Excm2itWxTGIEQW3vjOf7LCIxBjWqsLYxTFdIhCH7rgFroJOgbQt8tFe/AOhIjUChJfKJDmiCqcnOMQAcdf4zOwjeMgOjs52ThxqpEt7HmJ78R3J1SxOqskxmF0YqNb5J5EzqYHQ2vrxMiKkxCdwMDp0ab4VCX3Pfsf6TBFxXqZwEVx6PgbMYXqR6NRIqqSixItjbUzHwzyE+nAxXh5mQkNGzA2NjlptXPSYSJ96vhrFLKM6xB7tFDk2wF2/Jj+YbkO8mMQJSvPiYk4/DtBUUxGsFLukC5cYIVAEhA1ZVcoJj4YQg+5Qxihhx4zMjhRjwyF5qgV1uQyOetlMSVbOmsGmU32ZYCsfGxYD2f6oKg3imXVqAFAdwdpAZUkZT6Q7yzkiWWVx2jL7AdRVgpZnSCZvsCDQVDqz0K1dBGQpzox8ur4ORxHap4a+1EsQkHQ1DpJG4nEDEm5pVZGFvR9FILPWwwCFK5x6KlLBVzaWJdRVtUZtJrMW1XWb43Ncmy+/jCuaAMdG8CIVGsnFrLB6q65TJD2QzNp3TyvfkTJOSFqalMPOJV1SlZlVVfI6WAYQkWTiQaEvr1n8RryUqtKif0cY6LQ0RdkJTFqaC4Aqzua28c26lnEYLFi3DA0DyllaaOaxg08AXGx0RombrykO2kla4UeE7qLl8D3HmQXy6Yp25wDx1e3xoIRyvcmZGewxkl1Zyd+yE88Jas9cDFYLtUUHwaLmZri7WAybe7fpqEXu2330hpkWynVgkZvkDE9XqiVtHsxEbpF1CRrI3xp5tSS5q3cUXqGi8nlZDhQjn4PvJ+8e6+mOB+PJlfnaprp/IOa4Gr222z+QSmrOh3dqH5UiqdHB7s+NR2GOopmldWgrJpnUVMf1M6cpoyBC2OybWqZPUTEfLVTd16djlWvyM0D3NB/sRO7dZO1qXCa3i7rrdT3oJdbIbC9bOMuSxNkRZYsk/JeNsqytPIQymhoB0sT7gLp77xrqkmquWKF0s4saEdCI6pI6ja5hW5E12bmagQb5KNQYj+SL4AxcbScgf///Pnz5398/K9//fXi7x/Jv/vnzz/+18eTH/86PX7x9/Pnf5z2fknT7p8//+NF76f0z0Ia/ffjjzIhMKygtvj753+8FBNf/Wunel+UG/ZSVfMrMfHFY6j5/vmf0L9fo9W9B8N7GIT3Hry7/zPx7/9M3HuYbO4jFNzjT/G9j2/vbWS1HJ1/ilVGiX/vYf8+TtD9Z2Tfx9vkfh069xGMf/zxx/9XJ+ny+c/k9FKuemqW8B7gnmBZEnQlu4J6Dmq0TxU+EFLC8mzqCc3QdA/J9uEK28dGMXRc5jRqUgwVJ3Tu/AMQELQo9FGMImorlzAJLWbKNT7wQs3VtNzfnZV+2HU2RFHixu0W+a/mO8oFg3mQghDfOjZ3+bMWUUgG+3ZixY2GLiD+aMffuEWnZYyCijO3RQfwboAx2uBQbTSwT99C5707Ge25VF0T0LxkD0UR3Gj0l55UmDOg6WVgX4g8ZDtQsx9KbvEsay6eAgXAIXAdv94xW2AZA4K/Uywpw2jIrymDiIKhBD2hAtEgtsCwz7QMXkkfLFNb1yVoBsXYwG3iko3cynGpEazh3ySz08L+2tkkbAMIYGI78WFamlgWinSkjpW6wthFsMFhBEAMww2SLXe78KqykNqVqe3w41qniazJyM7oWK8/qBPxAX1cj885pVlUs4t1T34cNUS1sy9mF1/CLg4BNeNfevkOtkf3teEt6iX+Jx9/9ntrB7l2dAbiMKlY49xoMEdFs0gYZXMKkSWl8tOAlXYFqDqEN0rPMliKxDpmAfjsxFsZzxb2I+w6FNcHa8e3HX8jkUQ9uJnuRg+3lX6ieibGMXRJNJZGWQrZBPtQFa1tufY65lBaggWrZPF3Et6I+xDGLPauFzsyf3kLf0OpXh03gvxX06bTdLvwS4xDuEGFn5JVWPFs85UO/PX3sx9630zwK9kS063wg0S/ktoGpLaG8NcSnSL+tcw/HyBJAGwlByetBsKWynx2mEhY0k0CgLd2NtwmKQVtCJGfjJ8+J+iL6BQb1mUxa3XiPdKIXBaFm4a/kmUWWKETOxZ0KwaApD94JGyaRRINO+RJ6a97iNWV8Lx1NlsDfgm5hNf3zmZ7WD6JvZ94BpyyDBJez2nCYbl18WcDVl38WcLnFH82Y/IAwdAlpaYVDS1VmOzrwqG7cGjQhUN/i+HQocw+VQUx18EfRUXDdGbmKOaoTBHESPcYMQqqo60yMKtVNSMmOSQibLjKXy1E0mjONsIhzaZjE/TRXIKOF7C5lEZIownI0LGSG72aOlBFO4BCRB/qG7ETLNHcA2wTr9WwJSEFxJNDhCziUXdWuq7x/To9p/UZKpzOVO4l2i39tFw2ilAkCesEdhc5J3+mKzTtgWOA+ps+PR8AHR+Fx6qiAWCbkHMY/IYI1gJ+Xc5nZOulRE30nDZ0pdJv2TVd2PKmsYWu0DY2JDYKUEV3lz/s067ivWGlvUF3fsd5q8GnYrPVhaIvZCmVhziZ9Y6Gx1seZJWm0t5p7+Nq9M0Zo3RlCK5h1uw+3RtwOA30TQ2PNYdmKIZQCYCpYS8l2KUeWcUSwL0KjV5zfrTG4UqRnNla08FND92kUXZs/ecuIhmr5IBrFHlkz8iNuCpVg4JUOKILXBNfEDt9IXhdUj9Kzdg3gjq+jWXdVan8mlJWqmcF8HUz3aXvypMKaCoxxSw7waLbR78o41fl4dQ93hPylBbxovXQVvmAXGpdcygIWMRzEJWcEKu7bDaaC2jBJ6V1kFDMkM4ylX+kTjtVHGjK8VRgIpmbSof99ymxDuu06Dr+d2U7dQTpcD3ltGqmq+6otrwJ/jQd9s5zcq1u9Qpeuf12rDpAXeaBFQkqLk8xsey6E9MkHsgyy3Jl8LUQLFk4gpxPSRG9SiDq10K3vik4y/HXIcx3FQ8AaU1IjYOsRiWsJaWthbbkbeEjVAtvlXJx8jLEJS372eFhLlov3/Yhuu/rsK4O6zosnx3W9fBYl1TTaeBdCm2aLpUd5tVhXh3m1WFeHeZVY911mJeEpsO8NBrWYV7Z12FeHeYl+zrMq8O8Osyrw7yK3zeEeZUs7A736nCvDvfSYv7bwr2MYKme/J7QmotlOhDrsCBWuILWg2JYixW0NCEsGWktgiVtCB+dWgBLlonnKaNYdaQHBrFIteI2roOwOgjrsHx2ENbDQ1gyTaeBYNXr0nSZ7ACsDsDqAKwOwOoArJYexg7AKn4dgNUBWJWvA7A6AEv2dQBWB2B1AFYHYBW/bwjAKhrYHX7V4VcdfqXFfIdfKSvt8Kt94VfRCnsPgFotV6RxCqwqJ6hFqARWea/X4lKElNOUcai8lGeHRZ8cj4A/pKrIiXGo8K7DMHbW0Ir7VWI2VovK71rgU5GTGG40WBCoWN2X+Q9GldJdzgp7wjM+3yP4xuxk5FsOIu8MgkwwlVgb9gLsE2+xDG3LEtPfWyNDxSUur1WbUbF1ElZHQrIZs3tHiHL9wtcZ5z8oEptMHtYtDFbliUfHF1wYdE7lqR0sBDpYqIOFvk1YSPK4eWoAQCtOiHFHFjJ+rTxdLYoFKKzTdGFtspSr0kW+Ac9dvO8+iqFvQxf7xLNKnzOGKxeBAFqf+JIX4XX8GYbcV+v4lpsQ2ICYJHfxlsilj5CNbBBjWbVh4hMFAoPA5ci5uUluOxsUadldI0rJJlLiO/9OEFXGjufxhjk2kZC1w5ap+rdX0t5q6dnxHA/VPOZW4fmc0xYHhgIBhHd2SQXXwzuylW8KdRjLt4qZDStGQwmpzC+VMlfXpyHaOFEcqs1YxR35cKPD9SXcsPHnQ34MtokH/V6IoE1FgCvYJKIym0pE7XMvu/a6yvWV7xma5vQb7NFWpZN45bjUb+9BcqsDdGXocMOsWmHvLbsApd14KJkH+3mzYoW9XojWStBJD7xi9ubu5WxhtG14gEzn6TGDt9+gWyf35tyzjyyoqNaR1a7UZohKpGt4YMl1LORHD9vNORa4597mjdEo1YBb0PygSztugc4jL+2LTkL1Oy1tS9YVvz0L6p6ew9Ec+D1LvOYwmwxEc4iAaZl7Ha6gSfz0+IoSspuVgq9CXboDQR0B0l198dN90dJQiyCv6e2k/HtEiiTYYv8wZeurEk2pA7o9oc+njhrVlReT3tFsr14XNgZKaYYlKVF0/ZKamW5ovejyO9yWmEdLzdUN1hl83YHXGvR97NJ3HoEaD076afRvZtQoGqOpYHVsF/1BaLZf9MvSsGF01YfRYqNnyZjqa31rpo2u099SNmpFLavmIB1vZNuY9r++fWO8NzGwccx3EEbbkzbF69s65qWbb1L2KMga/abbHm2BOMCs0B5+s8HRtYG+sjZqtIX0+dOyh4wGR9cm0t/lttA9JpbRI1Q/JhbSYRWQgZ10EK+EniLWl6Q29qRG241cHfuZuTq2k25pOuzHitvYTWqLMXZVY6U51xshjPQ7wOqjZx6wz0zgdEyFNuVqmQ3s059LLfSyviHBPnPVaWZUtK3FTIUaKVFtY4N9Bx4uQ/ODfW1GzcQUYV+L1gAzs4R9bVoDTPcIu1VlYq7sUpOp2B94ohzICjDF8g47Aw3FqM3A6ps9bes4qBhomENt+NY0jTgPpgOrbyaxz0TKWjHEPjPDiX3fgII0M6h2qctcRRpKO3hc3i9TuWzTq4b908K+PYArScs8My95z84kXdymniKiQWwzen6gZTgaOVkkD5DXLUHd25KTBeKnPGWXhdrJEgXGq8mqjkvjKSVVluI4GV0axZnmKwRtkosxQJC45GQiCQw3jyekp9u0TlizeHRa/dv/Gc1IHGPGEytl75GWLY/L8z9p6DM/fESiRvk5ie4MfHcGXpJyuDPw6al3dlCE/0Fi9PMzBS0OvBdPiOmMxLCYpXrEuXL+q2ZkPMd3vMQ7A6etlG4x5kKb/VE5U7UBpbN2dWvfwVqmPrQtP9MnktSepitz0PbtzEKHXhXJmXxmvt7qKSam5GUdQzIRkbm6HILPW+SLupYuUXUnjQ71mieUHmoQx6CcYnIkvVfu6WKyfIhanlh/4qfPC/cXPcAx9GuxPuV5dAll7cF0WSv4yNSeUCd5OE35hLqkuGfdUfUDH1Uv3qT1HR5Uzy6yEXtCOLf9WG6GptdAG/P4MLdB86ufjbl7uBugybU6xuzt6dZnJWP8AhZz5nhGCYNXLMWMyf1dPFA80Vu/rIj3EZRaTzZVwiHc4gaXnDMlNgK7Bi66i2LkpWeAC/sbsiDT4/u4fH+BeACxu8EAdDcYdDcYPNUbDIr7m+4qg8LXXWXQXWXQyPwTvMoAN15hMF9SVUlEQPDcyv0roHkmIRzVAYyFasc4cumgh+Q26jVhI3UebyFZHaC1RTZZQaiKQOGtY9VexOw665o01jeK64nX0HNcLWGdZzuxJduJvaVZ24maEdyAw7Jjfb7ct6B0qJV+X3WoVYdaPV3UqmDApjc5U4csqhhT5FvdZRfXf/1rncvmtepi57QoFftgH2jYvi5+ljWu4OAqf4du2H6uhpY2S/A9PXSr9nmptIk8soIO3jwf+0i7cbOUuNq01BFF24STGED/rmiEHqoFokNQpxFXAv1uQ5T6MBuu/j4oyvx1rgbvAZkbttykDrbmX0mompp8XfYKkyYTxJIIaMUF/Hy+/BHINgyg4EvO/CrFFZ1GdbK7b8t2dfu3zEpVVJ41KTunLBzK33Nqfq/MhY3P0SgfK7tVZBcBVo0Ya81A7OuXSwuHeocDmV5Sl3aNrLh2610srjnwlIAce2Tu1X6Ze326V+5en+6RPa2TlY00RB6Z130Hod7P+3lr5wuy1cG6pWn/VshReuitZFSlkSf13en44PPWsbZMSRcVBnEJrRDyGYs7PGfl+FEMiV/CqJmTUq5SU7NC6+219Cv1xg4tcWEUn2ObeJrtEYw1n+SblnKVWkIKpUseGF6PSa/Xt4QOh8eL2qUd5GXDWuYf5MVGvpO9uFpMd5g9aSkEw965FIVrX6uU0CHm/NTxP+1SSrJynWhrIl8XYpaScFG5IoZDSkOEbAfJSdFKPc7SKcf2Vql6yZGoY3HvpHjNkT7GuQphLcqgw3qkXNSal7PH/q4g8hOvlrceGC4ml5PhYFpP8X7y7n196vl4NLk6r0+fzj/UJ17NfpvNP8zaD14Mww2qP92nUcBODyIWjYs7xbu79Tv0yUgSEpcjl60lu+GxRnGDIacor89yqvLaJ6cqqC85SajYlTQ9H0lHUZ5UGiCpaarcGNYuWcYB0fiQgdC9umAuVRu7l712j62mmpoq4oOGVNNqBqSamkjqMoEkgLrCKu91Sdx0Tir5Kc2Xx1KXS36Wh1DTggNoMcRib1HUNIyJvVrNX4D//qKIJc8kVl7IVPTHV4kornkx04Dfh4kurn2C0oDTh4s0lnArvunZzOqeoo73+JJYWZ9xcDRAlrNO3aprjmXXaMd0kasY+F34LejCb7vw228z/Fbh6Wf6rwnhGTItyaJdEOn/KHHjiJ3K9e3EYk+9s11FjALZy0GaWAytKq+J7RZIbeXK6GbKRUDYcpU/wkpLnAbGaFMfB6oF1ZCGKOzbh/KLeyiKCNL9db2UISJLO1S2peTxyjLk0iBQMFeW/4lqcWLfENVd34hMVxLylBlEdwFEmtQOIS2XmMLlWQqsw0HZuRghK13X+A6dxtl9VrmwqdwrnNda8F7jHTPFHdRdkXPyZ7pC0x44Bqi/6ZPNBTvGo/BEko9tQs5h8BuiXrxfl/MZ2WzVtgloiqPOzWFF/xJd2PKmsYWu0DY2JPylBHW7sE+7ivdGfqiJ7PWO81aDT8VmqwvNLzzctXeUfi7A3EN3QS3Y1WO9o54sKtDwsft/NaZ7YlmoEchXBG7v6kZtcFXytUeeqHYM8qbJElt6/VqHHOcBGGn0cfpWN1v/uSNIxiqMIhRFHtkzdtHJXXSyPOVw0cmCdZ0GKvNQ5KLbYXWnCsZ74OjjqkekTjtVXGbK8XyA2OIaF1kd/7uyvZ/IYZHpqgOqLW/7jP+t9egdpmMfY+TobpGhh7k+iI2Hjj+gQ6t2RqvQlwBHyI6QFaKD4lVjVtGSViRHrCQkVcxKxjDv/SpqVSCW/lhBriTlPzs4dtXdAJT2O2Ad/z2Cd9m2o9gVj/MKIGMeH/QKIGPuHvYKIGP2Hh0YJ1HV4kU6pQaS8OHAhYSXLzFYO253Q04H0WmNUgfRPQ2IrvmGnNL6312RU/i6K3K6K3K+xytyuptP9Puqu/mkwxYeM7bAbIEm8RyXTQfxtHUAo+gzDu2IHAhyCMAcHYMYf0K+FNGjd3TGW7LHO8jB6oIVJMH1KnuaHU5W7x6x48HYqj/9VlxxCSk5lR+ignMmTFzEytnpWCEpRvdozILSks6lldMjnbufhXn8KP3jPaW18yGs0m6E0JLxrYobnzdk2aYzd4fhPmw8Ap+c8lQ6X+RJbCLI0xoOONFuq0mrO/zUPsLB+Naq6jBGpeuqHtfdVGVen9TdVLLGPYG7qaTNeiJ3U5nI44PcTfX00Osndq+R8enTurOmRVAi+/lrv8UDOtQ+Q+0dfx3CPAjwkLj9hFQ1yKqSI/dSoip2L2ebj0IVvS+R1/xcQfCltTx7kPOntGoxOvM7hLG7M6gCr90Z1Cd1BlWq51TnUBXaM10Mu7OoHdDdAd1PBejuzqKWvu4sqvB1Z1G7s6i1X3cWtTuLWkntzqJ2Z1FrnIDdWdQuXuQpx4voYY4lC7s7j9qdR+3Oo2ox/20hekbHRc0uUt0rTPVUIadwBa2HQZwWK2g1AU4ymireJOWZj0AVbipSy3+tgE2yKp49CNZEau6gpg5q6qCmJwk1yTScCmmq15rpctYBTR3Q1AFNHdDUAU0tPYEd0FT8OqCpA5oqXwc0dUCT7OuApg5o6oCmDmgqft8Q0FQ0sDucqcOZOpxJi/kOZ1JW2h2H2hmbilbYOyQitVyR5shwqDylij4JXPGerWJOhEb8fwVfygt51t1CevhbSEl3ZztS7H+PoBqzhpFvOYhe3JhJqBJDw16AfeITlqFoWWL6e2vEp7iQ5bVqMyq2TsLqSEg2Y3Z/yE+uU8QrNYW2kmttCqOUXWuTuSXEhYdOpvyHDvUBHerToT7fJurTfI8mXcG62zMLX3d7Znd75vd4e2a+Z2ia02+wR1uVTuKV41K3vAdjFDrQlYG/DbNqhb237D6TduOhZB40YpxaUNkKe70QrZWYkh42xazK3cvZwmirZLkZ2wW6rWcfdOvk3px79pEFFdX6qdqV2oxAiXQK0BpQ+91CfvSw3ZxDfXvubd4YjVINuCWfUw8mtucWqFGYXYtOQvcgJeuK354FtbGn9FqhOfB7lnjNYTYZiOYIANMy9zpcQZP46fEVJWQ3W3vPNK9LdyCoT0C6qy9+OqNvVDH7kAedw8zJgyqSYIv9w5Str0o0pQ7o9oQ+nzpqVFdeTHpHs716XdgYB6UZdaQEyfVLama6ofWiy+9wW2IeDDVXN1hn8HUHXmvQ97FL33kEajw46afRv5lRo2iMpoLVsV30B6HZftEvS8OG0VUfRouNniVjqq/1rZk2uk5/S9moFbWsmoN0vJFtY9r/+vaN8d7EwMYx30EYbU/aFK9v65iXbr5J2aMga/Sbbnu0BeIAs0J7+M0GR9cG+sraqNEW0udPyx4yGhxdm0h/l9tC95hYRo9Q/ZhYSIdVQAZ20kG8EnqKWF+S2tiTGm03cnXsZ+bq2E66pemwHyuuezepLcbYVY2V5lxvhDDS7wCrj555wD4zgdMxFdqUq2U2sE9/LrXQy/qGBPvMVaeZUdG2FjMVaqREtY0N9h14uAzND/a1GTUTU4R9LVoDzMwS9rVpDTDdI+xWlYm5sktNpmJ/4IlyICvAFMs77Aw0FKM2A6tv9rSt46BioGEOteFb0zTiPJgOrL6ZxD4TKWvFEPvMDCf2fQMK0syg2qUucxVpKO3gcXm/TOWyTa8a9k8L+/YAriQt88y85D07k3Rxm3qKiAaxzejBgZbhaOT8kDxAXrcEdW9LjhSIn/IQXRZqJ0sUGK8mqzque3tbv6+6t7e7I+7f/hF34f1WmOahMfr5mYIW59mLR8N0RmJYzFI9wVw5+HWoJz0rx8V02B+VM1UbUDpkV7f2Haxl6jPZ8sN8IkntMboyB93jnKr+rn+c06qcmUxTTE6cd+9zfp0D6YW7jA55Mv1arEh+RF1CUj2rLmOY93710DohFv9fObQuKe1Zd3r98KfXi1dofYdn17MbbMSeEI5yP5ZLoOmNz8Y8PszFz/yWZ2PuHu6yZ3KfjjF7e7rgWckYX+jMmeMZJQxesRQzJvd3F0HxrK9kKRGvKCg1m+yzhHO5xT0vOXpKzAZ28Vt0F8XIS48FF7Y8ZL2lJ/qxcOki1bDimcTuUgPQXWrQXWrwVC81KG5sutsNCl93u0F3u0Ej80/wdgPceKvBfElVJREBwZkrd7mA5pmEcFSHORaqHePIpYMekvun14SN1J+8hWR1gNYW2WQFoSoChbeOVXv1suusa9JY3yguJF5Dz3G1hHWe7cSWbCf2lmZtJ2pGCAQOy772+XLfgtIBWfp91QFZHZD1dIGsggGb3t1M3a6oYkyRb3WXXVX/9S9yLpvXqquc06JU7IN9AGT7uupZ1riCZ6v8Hbph+7kMWtoswen00K3a5zXSJvLICjp483zsI+3GzVLiatNSRxRtE05iAP27ohF6qBaInkCdRlwJ9LsNUeq8bLjs+6DA89e5DLwHZP7XcpM6JJt/JaFqavJ12StMmkzgSSKgFRfw8/nyRyDbMICCLznzqxRXdBromV+HK+7b279eVqqi8pBJ2Tll4VD+glPzC2UubHyARvk82a0iu4isaoRda8ZmX79cWjjUOy/I9JK6tGtkxbVb72JxzbGoBN3YI3Ov9svc69O9cvf6dI/saR22bKQh8si87jsI9X5ezFs7X5Ctjt8tTfu3Qo7S024loyoNLKnvTscHn7eOtWVKuqgwiEtohZDPWNzhASvHj2JI/BJGzZyUcpWamhVab6+lX6k3dmiJC6P4HNvE02yPYKz5CN+0lKvUElIoXfLA8HpMer2+JXQ4PF7ULu0gbxnWMv8gbzTynezF1WK6w+xJSyHg9c6lKFz7WqWEDjHnp47/aZdSkpXrRFsT+boQs5SEi8oVMRxSGiJkO0hOilbqcZZOOba3StVLjkQdi3snxfuN9PnNVQhrUQYd1iPlota8nD32lwSRn3i1vPXAcDG5nAwH03qK95N37+tTz8ejydV5ffp0/qE+8Wr222z+YdZ+8GIYblD9gT+NAnZ6ArFoXNwpXtqt36FPRpJYuBy5bC3ZDc8zihsMOUV5fZZTldc+OVVBfclJQsWupOnBSDqK8qTSAElNU+XGsHbJMo6RxoeMje7VRXGp2vgNhk7nUdJZXG4pLJpFk8Whc3vXY1Y6+dWFK5TdkQKDoJ+zTyJRxEzMyE+N+iotnRi+pU2fxV0fnfZfnfZfHNURetCHG2T3VndngKRYsct74B9gydbXUpUnMfICGnB1wpYMDwbRSZrav4OeW9d92RPAiu4TW+an3f2E+jZvNLbRkATOE4u0f0tiuIkEHv3x18ejLY5ispP8eHT218ejgP3v49HJLQxPXGd1gmLL/nj09/HHI9JQmnYLw57rrHppkkYphCcXxTUFCamaZfVIVJ6duChUFFkk0i1ZOGXAelVZhZxaUReKrRMmW+VuRbHVE1IUZRBe5WUQvvTKIHzkMiRhpZjYUJLlOyc+ivv2iaQky3d6PooJR/86qpPHcwr/caH0yB8XNbJYL4rHH49IaMzcd+8+Hp0RxUsZryktkzqlSJqXKYqdjmi2qEEmdUYiqldnQVZrRVWvLEFmT4qFFWRWnzFRPlWyq1+iKMT1Miwpj0k12e78ilf9JELvhoslCyQaWBTXPgNHhLJAF2D7kq9vwzSWeslPGpEf0BeS7a+PR9B18eeL0Ll1XLRB48iCLrWcPh6draEboeOPRxYMsq0Rm592iIOPR2d/fDwaTKcfj/5FZmWQlmELWdPGLDCO3zouYkPBm0bSE38QXUVEas5O/y60gByLI3c9TfEmElt4W41Mj9LzLWfg6JKsfWrCX/EqmvhL6KFZvjAfUZZpRrYdGBADUVU+YdB1yIrbJ8/sjkkULoqmjueQrn1xSol4SAyDCt7S13iH9HVZ0itis4ja6luZ3qJh7wu0PgNHm61Fz6CJh8VOCHkvIz877b/iC3iAXYeE3fdXiW+7qI8tpx/ScjwnDHHY3xRKO2F7Bfbi7Zm8CMen1YqdJOGY/LlEnJ+sYS22YEWaHkvh+7HK/qu8QWvcj/Hynvy2bH4xXgwu54ub6fzdzWh8fXM+H40LYp5RLIeD2c2v8zc3l5fTM3BUlzg5H8+vLs/A0U9ekWQ4nw2vFovx7DKjXt5MJ+cTSlxLO5uPxjfD+XQ6HlI+eYYXNfUvxpeL328Gby/HizNw9Oo0KtK9GVwO39+MxtPx5Tgv61RBNBpPB79TolJR5+PLxWS4vHkzmY1uBqPRYrxcnoGjs59Pfz6VU76dzEaT2bvlzXg2eDMdj8SJXSG+vprObiYjgVYyJu/Hg+nl+5uLxfzNuMLIL6e/lBi5uFjM35bpiiSk2vFi8GYynVz+Trt1Nl4oGV6+mZ/fvBuTXJeT+UxJO5xeLS/HPM9wMHw/VrdPzg0d7Pls+vtNKiSL8fVkOZnPlnIOeb7F+GK+uOTy+/L1tsQbZadA8+LlKSMazmeXCyKDKdny99lQLetvJ+9uBlejyaVWJy7eDIY3g+VyvFyepzOkKc9k9nYxMM0k5cy0Q8f/ezFfjkc3y/FwMdarNxXrUtbJ7O1cLQJpxgLj+tnKHaufs9K9BlnPB+/GJm3j02I4P7+YTgazoU7mD+M37+fz327eLOaD0XCwvLwhkE55PlepcqmtaMcq8fBqeTk/J3pmNF5UtcVyPBtxRTniU2cp5/ZiMbkeXJL59W6yJCqayhyTguXNbHA+Jhn/+ruYazAcjpfLm3fT+ZvBNKNejhfXk+GYpM6vZpdyGX1zNZmSMbu5XEyuf6d56JKQ8yYmpJp0+H48/C3VTP97MWE6jar/bXnsFu/GTLy4Xr/5MCElCHIq7wrJaFdmTtsN0d4cUj2+4/s+tkGs74TzPMp98FGehZyiIXX/9y/9V8LPdF9+kbjuBdkkk+Im6xmOL1gsl0CYx+BIjtK+5T7eIyFDBoaBI47tHE/nH44ZSHRMkKTjFHASc7n4szhL+K+fnOBXeAtHb1gUWkFceUPYAbURuh2hIJIRkJaS4P8hOcMycsim/iT2AtZTJ32L/CzQrzPzrpyJeBcoTS7mVATslZDdXi00B6mY70/STP28hLxYADlICckkOspbIHbDxschuvIp6CPp6RX2lqnX/aimPZOqAZWSJRF6Q449O/4CbfAFt7zkhGNvhWwb2SXKMkdJQEQM2cPcjCXHZwnpBxx+cjG0j7kD4XiBXXQ8dJMoRiH9/wzFn3H4iUn38cTfEBP8mBq1C+hv0HEKQP9PgmMozhfHQziJ6ZaJrz4swcM2afgyO0B5JM5Ljlj003O0fStIqFI+9dR0HvLYaL84PT2XkrqE6bTAn+oK5FRZcT+x4nTVdISsEMWauMGSEneggWnnNi+A2j37Pa1+ut1so8DFdx7yY0kfwyCIhPuVRhntdyzG2TVOIaKxNhG/oyOKyWG4TRrPwtDfBaI34FCYNkr9Y4zAg7G1nYq9YNYPpj2RDnlafflAf/VWLPIx32Di8S3pGXj1wn4N169eWy9fvnxtv1hb8OefV/bLl6uf//ul/Rqevlivf/l5/csvP//yz59P/2nBn1798vr16tWLFz9Zr16/fpmdJnCLLTdtu7kcZOOWouq5D32m6uQkxtSjX3S7X+JPyBcheJBfWxIVwgJYK46KpR/lFIDdctKwdUkznhVEVsgvbkvFXalIiPzbStAFYy+zYqjJdjEYjot06b3slWmsKOpysHg3vsxLrJz35UUeHTUUNP7f4fRqNN5DSZylD/PFb9P5YFRbToDt43R6ozj9L5kbOeR1HMUwRuvEJRQ2RB72yf+sEPt/4tXxn3jVxE3J4K1jRiE5yL99G+JymFqPgxjnMFhIX4ZpcI2nH0U/agTGQ3HoWJXY2mwOXJDrPwBxmsrzByFelWNtKtmJq1MkIYASuaQnuiC5S5yRa1LeSWLaAnoT0wnJe/efk0oqrUjGDb07ELoj5MK7JbIw3UT/VKQJUOhgO0t9UWpslFgWiqLLbYiiLXZt4TYn9hHoKAmRQPBKJHCdW9SyuVsE3Xj7+NtbLCIqgZTF3HVo5Rmg9lKRWMQtK51EIMzKjz0wmJbCOXNYU1qHHOAsrgrkK8QhlOdDBhefAWJhl7li04Xa270UmyvTpHyUmEzDccTVCHlBfEdNcxIl1lSN7ibSwz6xdU/4stqwW+f3YHQ7SIvZ3pMLdkj12Q9FnVujawOuWtO/WSwv05hl0hDH2MLuGbgcXgjbxovy76W96eF6k22Lh2nD9UUsXEHrhHdYiF2ZjBGSPkziLQ6d/7BblKpXxObuDi0JDBOXzqAeuWPuHblBIL3B9IhD/GnYJfs199yyv6mHISTOE/4DQcr5fwNs8/9JNxhZGqvh38Tnwn/j84z+dYvCVVr7BsVptRH/32diZujzn803edm6xZCmnbh408BgtTjZDb/SfqZX/aa/2tlVvzt1CTF3ZZVluzve/bnNXBy/nELYG+7MUZ/c4RhtnXVc0xc5O0z6dqux9lbiyhCwqZRHwtgoho4r3CosoZGnEq7pmQxZsuOvQwijCEURaaOMhMx8NQVx1cp+r7sQOZ3JVa7QlwBHyGbuqUKKilEFhxXW6ngShzR3K5Dxd1H6f8lQB2yo80j4w0kAZ/aEiH9SL4YSjqpsrFKiSq3MwtpJymsLlxVs0Ne1FfrMte74G4VSc5jHPVsqWB5x19e2vbVLo2JYySq7Isff/E1USUjFukKTJe53XeLeYNXQZJXUy1Rd2XQ1hcyzo7fw1ZWWLfEnQYi/3BXLyktruenhXb373ucNK0hzE/7N7rRJn6UukHT8FH1FyCTbxLqOiRJ6tieVk4J5w92EjNv6Dqo1b4wkxEXQRmGP7uEd7PeE/fE/iM3uOfTVVHrTsI0BIwcped9ckjS3z70SY8+eqEGXGgl8A1tQE2wrgUPb8cuiVtUdVEUiGKUmvqg6iupOUCbpH+LiLuMi9Y7KKkW3+RMkdZXuLJK7aS8ztfXdiF5bDadSbdXOezSqbgfTX9vmf6KS0qCkVOqh6NUw1Etu9gqNsO9rw4WwBzRkId+1F1Wlseg9pAp7soJ4CJX1iFTUrYM+96reg17VeVncnJFbxshd0UlE3iOIMSAFSd0Q+3Z6ws0mRBtySxyrrUer66WMEz6+aYmjCqW2n/LWx5i2VQyr086IbCdulRHanuO3yskFil7ajoRjV02avt7Bo9L+ZU9YVQU3a33zeSTztrWcSXLH3eHmEq+vxyrsZlM3m4DKf/ww80nmW245n+Ru6sPNp0J93XTqplP1nqIHmk5Fh7FOtEO2Af1Od/3/B9R0+yL5CgIA";
|
|
1018
50
|
}
|
|
1019
51
|
});
|
|
1020
52
|
|
|
@@ -1024,14 +56,11 @@ __export(index_exports, {
|
|
|
1024
56
|
TrivyChannel: () => TrivyChannel
|
|
1025
57
|
});
|
|
1026
58
|
module.exports = __toCommonJS(index_exports);
|
|
1027
|
-
var import_kwirth_common = __toESM(
|
|
1028
|
-
var
|
|
1029
|
-
var
|
|
1030
|
-
|
|
1031
|
-
|
|
1032
|
-
var trivy_operator_0_30_1_default = '---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: clustercompliancereports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ClusterComplianceReport\r\n listKind: ClusterComplianceReportList\r\n plural: clustercompliancereports\r\n shortNames:\r\n - compliance\r\n singular: clustercompliancereport\r\n scope: Cluster\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of checks that failed\r\n jsonPath: .status.summary.failCount\r\n name: Fail\r\n priority: 1\r\n type: integer\r\n - description: The number of checks that passed\r\n jsonPath: .status.summary.passCount\r\n name: Pass\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ClusterComplianceReport is a specification for the ClusterComplianceReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n spec:\r\n description: ReportSpec represent the compliance specification\r\n properties:\r\n compliance:\r\n properties:\r\n controls:\r\n description: Control represent the cps controls data and mapping\r\n checks\r\n items:\r\n description: Control represent the cps controls data and mapping\r\n checks\r\n properties:\r\n checks:\r\n items:\r\n description: SpecCheck represent the scanner who perform\r\n the control check\r\n properties:\r\n id:\r\n description: id define the check id as produced by\r\n scanner\r\n type: string\r\n required:\r\n - id\r\n type: object\r\n type: array\r\n commands:\r\n items:\r\n description: Commands represent the commands to be executed\r\n by the node-collector\r\n properties:\r\n id:\r\n description: id define the commands id\r\n type: string\r\n required:\r\n - id\r\n type: object\r\n type: array\r\n defaultStatus:\r\n description: define the default value for check status in\r\n case resource not found\r\n enum:\r\n - PASS\r\n - WARN\r\n - FAIL\r\n type: string\r\n description:\r\n type: string\r\n id:\r\n description: id define the control check id\r\n type: string\r\n name:\r\n type: string\r\n severity:\r\n description: define the severity of the control\r\n enum:\r\n - CRITICAL\r\n - HIGH\r\n - MEDIUM\r\n - LOW\r\n - UNKNOWN\r\n type: string\r\n required:\r\n - id\r\n - name\r\n - severity\r\n type: object\r\n type: array\r\n description:\r\n type: string\r\n id:\r\n type: string\r\n platform:\r\n type: string\r\n relatedResources:\r\n items:\r\n type: string\r\n type: array\r\n title:\r\n type: string\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n required:\r\n - controls\r\n - description\r\n - id\r\n - platform\r\n - relatedResources\r\n - title\r\n - type\r\n - version\r\n type: object\r\n cron:\r\n description: cron define the intervals for report generation\r\n pattern: ^(((([\\*]{1}){1})|((\\*\\/){0,1}(([0-9]{1}){1}|(([1-5]{1}){1}([0-9]{1}){1}){1})))\r\n ((([\\*]{1}){1})|((\\*\\/){0,1}(([0-9]{1}){1}|(([1]{1}){1}([0-9]{1}){1}){1}|([2]{1}){1}([0-3]{1}){1})))\r\n ((([\\*]{1}){1})|((\\*\\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1})))\r\n ((([\\*]{1}){1})|((\\*\\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1}))|(jan|feb|mar|apr|may|jun|jul|aug|sep|okt|nov|dec))\r\n ((([\\*]{1}){1})|((\\*\\/){0,1}(([0-7]{1}){1}))|(sun|mon|tue|wed|thu|fri|sat)))$\r\n type: string\r\n reportType:\r\n enum:\r\n - summary\r\n - all\r\n type: string\r\n required:\r\n - compliance\r\n - cron\r\n - reportType\r\n type: object\r\n status:\r\n properties:\r\n detailReport:\r\n description: ComplianceReport represents a kubernetes scan report\r\n properties:\r\n description:\r\n type: string\r\n id:\r\n type: string\r\n relatedVersion:\r\n items:\r\n type: string\r\n type: array\r\n results:\r\n items:\r\n properties:\r\n checks:\r\n items:\r\n description: ComplianceCheck provides the result of conducting\r\n a single compliance step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links\r\n to external resources to remediate failing check.\r\n type: string\r\n severity:\r\n description: Severity level of a vulnerability or\r\n a configuration audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n target:\r\n type: string\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n description:\r\n type: string\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n severity:\r\n type: string\r\n status:\r\n type: string\r\n required:\r\n - checks\r\n type: object\r\n type: array\r\n title:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n summary:\r\n properties:\r\n failCount:\r\n type: integer\r\n passCount:\r\n type: integer\r\n type: object\r\n summaryReport:\r\n description: SummaryReport represents a kubernetes scan report with\r\n consolidated findings\r\n properties:\r\n controlCheck:\r\n items:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n severity:\r\n type: string\r\n totalFail:\r\n type: integer\r\n type: object\r\n type: array\r\n id:\r\n type: string\r\n title:\r\n type: string\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n updateTimestamp:\r\n format: date-time\r\n type: string\r\n required:\r\n - updateTimestamp\r\n type: object\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources:\r\n status: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: clusterconfigauditreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ClusterConfigAuditReport\r\n listKind: ClusterConfigAuditReportList\r\n plural: clusterconfigauditreports\r\n shortNames:\r\n - clusterconfigaudit\r\n singular: clusterconfigauditreport\r\n scope: Cluster\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of the config audit scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of failed checks with critical severity\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with high severity\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with medium severity\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with low severity\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ClusterConfigAuditReport is a specification for the ClusterConfigAuditReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n properties:\r\n checks:\r\n description: Checks provides results of conducting audit steps.\r\n items:\r\n description: Check provides the result of conducting a single audit\r\n step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links to external\r\n resources to remediate failing check.\r\n type: string\r\n scope:\r\n description: Scope indicates the section of config that was\r\n audited.\r\n properties:\r\n type:\r\n description: Type indicates type of this scope, e.g. Container,\r\n ConfigMapKey or JSONPath.\r\n type: string\r\n value:\r\n description: Value indicates value of this scope that depends\r\n on Type, e.g. container name, ConfigMap key or JSONPath\r\n expression\r\n type: string\r\n required:\r\n - type\r\n - value\r\n type: object\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n scanner:\r\n description: Scanner is the spec for a scanner generating a security\r\n assessment report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: ConfigAuditSummary counts failed checks by severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of failed checks with\r\n critical severity.\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of failed checks with high\r\n severity.\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of failed check with low severity.\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of failed checks with medium\r\n severity.\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n updateTimestamp:\r\n format: date-time\r\n type: string\r\n required:\r\n - checks\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: clusterinfraassessmentreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ClusterInfraAssessmentReport\r\n listKind: ClusterInfraAssessmentReportList\r\n plural: clusterinfraassessmentreports\r\n shortNames:\r\n - clusterinfraassessment\r\n singular: clusterinfraassessmentreport\r\n scope: Cluster\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of the infra assessement scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of failed checks with critical severity\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with high severity\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with medium severity\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with low severity\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ClusterInfraAssessmentReport is a specification for the ClusterInfraAssessmentReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n properties:\r\n checks:\r\n description: Checks provides results of conducting audit steps.\r\n items:\r\n description: Check provides the result of conducting a single audit\r\n step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links to external\r\n resources to remediate failing check.\r\n type: string\r\n scope:\r\n description: Scope indicates the section of config that was\r\n audited.\r\n properties:\r\n type:\r\n description: Type indicates type of this scope, e.g. Container,\r\n ConfigMapKey or JSONPath.\r\n type: string\r\n value:\r\n description: Value indicates value of this scope that depends\r\n on Type, e.g. container name, ConfigMap key or JSONPath\r\n expression\r\n type: string\r\n required:\r\n - type\r\n - value\r\n type: object\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n scanner:\r\n description: Scanner is the spec for a scanner generating a security\r\n assessment report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: InfraAssessmentSummary counts failed checks by severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of failed checks with\r\n critical severity.\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of failed checks with high\r\n severity.\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of failed check with low severity.\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of failed checks with medium\r\n severity.\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n required:\r\n - checks\r\n - scanner\r\n - summary\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: clusterrbacassessmentreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ClusterRbacAssessmentReport\r\n listKind: ClusterRbacAssessmentReportList\r\n plural: clusterrbacassessmentreports\r\n shortNames:\r\n - clusterrbacassessmentreport\r\n singular: clusterrbacassessmentreport\r\n scope: Cluster\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of the rbac assessment scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of failed checks with critical severity\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with high severity\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with medium severity\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with low severity\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ClusterRbacAssessmentReport is a specification for the ClusterRbacAssessmentReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n properties:\r\n checks:\r\n description: Checks provides results of conducting audit steps.\r\n items:\r\n description: Check provides the result of conducting a single audit\r\n step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links to external\r\n resources to remediate failing check.\r\n type: string\r\n scope:\r\n description: Scope indicates the section of config that was\r\n audited.\r\n properties:\r\n type:\r\n description: Type indicates type of this scope, e.g. Container,\r\n ConfigMapKey or JSONPath.\r\n type: string\r\n value:\r\n description: Value indicates value of this scope that depends\r\n on Type, e.g. container name, ConfigMap key or JSONPath\r\n expression\r\n type: string\r\n required:\r\n - type\r\n - value\r\n type: object\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n scanner:\r\n description: Scanner is the spec for a scanner generating a security\r\n assessment report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: RbacAssessmentSummary counts failed checks by severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of failed checks with\r\n critical severity.\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of failed checks with high\r\n severity.\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of failed check with low severity.\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of failed checks with medium\r\n severity.\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n required:\r\n - checks\r\n - scanner\r\n - summary\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: clustersbomreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ClusterSbomReport\r\n listKind: ClusterSbomReportList\r\n plural: clustersbomreports\r\n shortNames:\r\n - clustersbom\r\n singular: clustersbomreport\r\n scope: Cluster\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of image repository\r\n jsonPath: .report.artifact.repository\r\n name: Repository\r\n type: string\r\n - description: The name of image tag\r\n jsonPath: .report.artifact.tag\r\n name: Tag\r\n type: string\r\n - description: The name of the sbom generation scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of dependencies in bom\r\n jsonPath: .report.summary.componentsCount\r\n name: Components\r\n priority: 1\r\n type: integer\r\n - description: The the number of components in bom\r\n jsonPath: .report.summary.dependenciesCount\r\n name: Dependencies\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ClusterSbomReport summarizes components and dependencies found\r\n in container image\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n description: Report is the actual sbom report data.\r\n properties:\r\n artifact:\r\n description: |-\r\n Artifact represents a standalone, executable package of software that includes everything needed to\r\n run an application.\r\n properties:\r\n digest:\r\n description: Digest is a unique and immutable identifier of an\r\n Artifact.\r\n type: string\r\n mimeType:\r\n description: MimeType represents a type and format of an Artifact.\r\n type: string\r\n repository:\r\n description: Repository is the name of the repository in the Artifact\r\n registry.\r\n type: string\r\n tag:\r\n description: Tag is a mutable, human-readable string used to identify\r\n an Artifact.\r\n type: string\r\n type: object\r\n components:\r\n description: Bom is artifact bill of materials.\r\n properties:\r\n bomFormat:\r\n type: string\r\n components:\r\n items:\r\n properties:\r\n bom-ref:\r\n type: string\r\n group:\r\n type: string\r\n hashes:\r\n items:\r\n properties:\r\n alg:\r\n type: string\r\n content:\r\n type: string\r\n type: object\r\n type: array\r\n licenses:\r\n items:\r\n properties:\r\n expression:\r\n type: string\r\n license:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n url:\r\n type: string\r\n type: object\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n properties:\r\n items:\r\n properties:\r\n name:\r\n type: string\r\n value:\r\n type: string\r\n type: object\r\n type: array\r\n purl:\r\n type: string\r\n supplier:\r\n properties:\r\n contact:\r\n items:\r\n properties:\r\n email:\r\n type: string\r\n name:\r\n type: string\r\n phone:\r\n type: string\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n url:\r\n items:\r\n type: string\r\n type: array\r\n type: object\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n type: array\r\n dependencies:\r\n items:\r\n properties:\r\n dependsOn:\r\n items:\r\n type: string\r\n type: array\r\n ref:\r\n type: string\r\n type: object\r\n type: array\r\n metadata:\r\n properties:\r\n component:\r\n properties:\r\n bom-ref:\r\n type: string\r\n group:\r\n type: string\r\n hashes:\r\n items:\r\n properties:\r\n alg:\r\n type: string\r\n content:\r\n type: string\r\n type: object\r\n type: array\r\n licenses:\r\n items:\r\n properties:\r\n expression:\r\n type: string\r\n license:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n url:\r\n type: string\r\n type: object\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n properties:\r\n items:\r\n properties:\r\n name:\r\n type: string\r\n value:\r\n type: string\r\n type: object\r\n type: array\r\n purl:\r\n type: string\r\n supplier:\r\n properties:\r\n contact:\r\n items:\r\n properties:\r\n email:\r\n type: string\r\n name:\r\n type: string\r\n phone:\r\n type: string\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n url:\r\n items:\r\n type: string\r\n type: array\r\n type: object\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n timestamp:\r\n type: string\r\n tools:\r\n properties:\r\n components:\r\n items:\r\n properties:\r\n bom-ref:\r\n type: string\r\n group:\r\n type: string\r\n hashes:\r\n items:\r\n properties:\r\n alg:\r\n type: string\r\n content:\r\n type: string\r\n type: object\r\n type: array\r\n licenses:\r\n items:\r\n properties:\r\n expression:\r\n type: string\r\n license:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n url:\r\n type: string\r\n type: object\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n properties:\r\n items:\r\n properties:\r\n name:\r\n type: string\r\n value:\r\n type: string\r\n type: object\r\n type: array\r\n purl:\r\n type: string\r\n supplier:\r\n properties:\r\n contact:\r\n items:\r\n properties:\r\n email:\r\n type: string\r\n name:\r\n type: string\r\n phone:\r\n type: string\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n url:\r\n items:\r\n type: string\r\n type: array\r\n type: object\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n type: array\r\n type: object\r\n type: object\r\n serialNumber:\r\n type: string\r\n specVersion:\r\n type: string\r\n version:\r\n type: integer\r\n required:\r\n - bomFormat\r\n - specVersion\r\n type: object\r\n registry:\r\n description: Registry is the registry the Artifact was pulled from.\r\n properties:\r\n server:\r\n description: Server the FQDN of registry server.\r\n type: string\r\n type: object\r\n scanner:\r\n description: Scanner is the scanner that generated this report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: Summary is a summary of sbom report.\r\n properties:\r\n componentsCount:\r\n description: ComponentsCount is the number of components in bom.\r\n minimum: 0\r\n type: integer\r\n dependenciesCount:\r\n description: DependenciesCount is the number of dependencies in\r\n bom.\r\n minimum: 0\r\n type: integer\r\n required:\r\n - componentsCount\r\n - dependenciesCount\r\n type: object\r\n updateTimestamp:\r\n description: UpdateTimestamp is a timestamp representing the server\r\n time in UTC when this report was updated.\r\n format: date-time\r\n type: string\r\n required:\r\n - artifact\r\n - components\r\n - scanner\r\n - summary\r\n - updateTimestamp\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: clustervulnerabilityreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ClusterVulnerabilityReport\r\n listKind: ClusterVulnerabilityReportList\r\n plural: clustervulnerabilityreports\r\n shortNames:\r\n - clustervuln\r\n singular: clustervulnerabilityreport\r\n scope: Cluster\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of image repository\r\n jsonPath: .report.artifact.repository\r\n name: Repository\r\n type: string\r\n - description: The name of image tag\r\n jsonPath: .report.artifact.tag\r\n name: Tag\r\n type: string\r\n - description: The name of the vulnerability scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of critical vulnerabilities\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of high vulnerabilities\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of medium vulnerabilities\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of low vulnerabilities\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n - description: The number of unknown vulnerabilities\r\n jsonPath: .report.summary.unknownCount\r\n name: Unknown\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: |-\r\n ClusterVulnerabilityReport summarizes vulnerabilities in application dependencies and operating system packages\r\n built into container images.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n description: Report is the actual vulnerability report data.\r\n properties:\r\n artifact:\r\n description: |-\r\n Artifact represents a standalone, executable package of software that includes everything needed to\r\n run an application.\r\n properties:\r\n digest:\r\n description: Digest is a unique and immutable identifier of an\r\n Artifact.\r\n type: string\r\n mimeType:\r\n description: MimeType represents a type and format of an Artifact.\r\n type: string\r\n repository:\r\n description: Repository is the name of the repository in the Artifact\r\n registry.\r\n type: string\r\n tag:\r\n description: Tag is a mutable, human-readable string used to identify\r\n an Artifact.\r\n type: string\r\n type: object\r\n os:\r\n description: OS information of the artifact\r\n properties:\r\n eosl:\r\n description: Eosl is true if OS version has reached end of service\r\n life\r\n type: boolean\r\n family:\r\n description: Operating System Family\r\n type: string\r\n name:\r\n description: Name or version of the OS\r\n type: string\r\n type: object\r\n registry:\r\n description: Registry is the registry the Artifact was pulled from.\r\n properties:\r\n server:\r\n description: Server the FQDN of registry server.\r\n type: string\r\n type: object\r\n scanner:\r\n description: Scanner is the scanner that generated this report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: Summary is a summary of Vulnerability counts grouped\r\n by Severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of vulnerabilities with\r\n Critical Severity.\r\n minimum: 0\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of vulnerabilities with High\r\n Severity.\r\n minimum: 0\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of vulnerabilities with Low\r\n Severity.\r\n minimum: 0\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of vulnerabilities with\r\n Medium Severity.\r\n minimum: 0\r\n type: integer\r\n noneCount:\r\n description: NoneCount is the number of packages without any vulnerability.\r\n minimum: 0\r\n type: integer\r\n unknownCount:\r\n description: UnknownCount is the number of vulnerabilities with\r\n unknown severity.\r\n minimum: 0\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n - unknownCount\r\n type: object\r\n updateTimestamp:\r\n description: UpdateTimestamp is a timestamp representing the server\r\n time in UTC when this report was updated.\r\n format: date-time\r\n type: string\r\n vulnerabilities:\r\n description: Vulnerabilities is a list of operating system (OS) or\r\n application software Vulnerability items found in the Artifact.\r\n items:\r\n description: Vulnerability is the spec for a vulnerability record.\r\n properties:\r\n class:\r\n type: string\r\n cvss:\r\n additionalProperties:\r\n properties:\r\n V2Score:\r\n type: number\r\n V2Vector:\r\n type: string\r\n V3Score:\r\n type: number\r\n V3Vector:\r\n type: string\r\n V40Score:\r\n type: number\r\n V40Vector:\r\n type: string\r\n type: object\r\n type: object\r\n cvsssource:\r\n type: string\r\n description:\r\n type: string\r\n fixedVersion:\r\n description: FixedVersion indicates the version of the Resource\r\n in which this vulnerability has been fixed.\r\n type: string\r\n installedVersion:\r\n description: InstalledVersion indicates the installed version\r\n of the Resource.\r\n type: string\r\n lastModifiedDate:\r\n description: LastModifiedDate indicates the last date CVE has\r\n been modified.\r\n type: string\r\n links:\r\n items:\r\n type: string\r\n type: array\r\n packagePURL:\r\n type: string\r\n packagePath:\r\n type: string\r\n packageType:\r\n type: string\r\n primaryLink:\r\n type: string\r\n publishedDate:\r\n description: PublishedDate indicates the date of published CVE.\r\n type: string\r\n resource:\r\n description: Resource is a vulnerable package, application,\r\n or library.\r\n type: string\r\n score:\r\n type: number\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n enum:\r\n - CRITICAL\r\n - HIGH\r\n - MEDIUM\r\n - LOW\r\n - UNKNOWN\r\n type: string\r\n target:\r\n type: string\r\n title:\r\n type: string\r\n vulnerabilityID:\r\n description: VulnerabilityID the vulnerability identifier.\r\n type: string\r\n required:\r\n - fixedVersion\r\n - installedVersion\r\n - lastModifiedDate\r\n - publishedDate\r\n - resource\r\n - severity\r\n - title\r\n - vulnerabilityID\r\n type: object\r\n type: array\r\n required:\r\n - artifact\r\n - os\r\n - scanner\r\n - summary\r\n - updateTimestamp\r\n - vulnerabilities\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: configauditreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ConfigAuditReport\r\n listKind: ConfigAuditReportList\r\n plural: configauditreports\r\n shortNames:\r\n - configaudit\r\n - configaudits\r\n singular: configauditreport\r\n scope: Namespaced\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of the config audit scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of failed checks with critical severity\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with high severity\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with medium severity\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with low severity\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ConfigAuditReport is a specification for the ConfigAuditReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n properties:\r\n checks:\r\n description: Checks provides results of conducting audit steps.\r\n items:\r\n description: Check provides the result of conducting a single audit\r\n step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links to external\r\n resources to remediate failing check.\r\n type: string\r\n scope:\r\n description: Scope indicates the section of config that was\r\n audited.\r\n properties:\r\n type:\r\n description: Type indicates type of this scope, e.g. Container,\r\n ConfigMapKey or JSONPath.\r\n type: string\r\n value:\r\n description: Value indicates value of this scope that depends\r\n on Type, e.g. container name, ConfigMap key or JSONPath\r\n expression\r\n type: string\r\n required:\r\n - type\r\n - value\r\n type: object\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n scanner:\r\n description: Scanner is the spec for a scanner generating a security\r\n assessment report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: ConfigAuditSummary counts failed checks by severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of failed checks with\r\n critical severity.\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of failed checks with high\r\n severity.\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of failed check with low severity.\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of failed checks with medium\r\n severity.\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n updateTimestamp:\r\n format: date-time\r\n type: string\r\n required:\r\n - checks\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: exposedsecretreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: ExposedSecretReport\r\n listKind: ExposedSecretReportList\r\n plural: exposedsecretreports\r\n shortNames:\r\n - exposedsecret\r\n - exposedsecrets\r\n singular: exposedsecretreport\r\n scope: Namespaced\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of image repository\r\n jsonPath: .report.artifact.repository\r\n name: Repository\r\n type: string\r\n - description: The name of image tag\r\n jsonPath: .report.artifact.tag\r\n name: Tag\r\n type: string\r\n - description: The name of the exposed secret scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of critical exposed secrets\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of high exposed secrets\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of medium exposed secrets\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of low exposed secrets\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: ExposedSecretReport summarizes exposed secrets in plaintext files\r\n built into container images.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n description: Report is the actual exposed secret report data.\r\n properties:\r\n artifact:\r\n description: |-\r\n Artifact represents a standalone, executable package of software that includes everything needed to\r\n run an application.\r\n properties:\r\n digest:\r\n description: Digest is a unique and immutable identifier of an\r\n Artifact.\r\n type: string\r\n mimeType:\r\n description: MimeType represents a type and format of an Artifact.\r\n type: string\r\n repository:\r\n description: Repository is the name of the repository in the Artifact\r\n registry.\r\n type: string\r\n tag:\r\n description: Tag is a mutable, human-readable string used to identify\r\n an Artifact.\r\n type: string\r\n type: object\r\n registry:\r\n description: Registry is the registry the Artifact was pulled from.\r\n properties:\r\n server:\r\n description: Server the FQDN of registry server.\r\n type: string\r\n type: object\r\n scanner:\r\n description: Scanner is the scanner that generated this report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n secrets:\r\n description: Exposed secrets is a list of passwords, api keys, tokens\r\n and others items found in the Artifact.\r\n items:\r\n description: ExposedSecret is the spec for a exposed secret record.\r\n properties:\r\n category:\r\n type: string\r\n match:\r\n description: Match where the exposed rule matched.\r\n type: string\r\n ruleID:\r\n description: RuleID is rule the identifier.\r\n type: string\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n enum:\r\n - CRITICAL\r\n - HIGH\r\n - MEDIUM\r\n - LOW\r\n type: string\r\n target:\r\n description: Target is where the exposed secret was found.\r\n type: string\r\n title:\r\n type: string\r\n required:\r\n - category\r\n - match\r\n - ruleID\r\n - severity\r\n - target\r\n - title\r\n type: object\r\n type: array\r\n summary:\r\n description: Summary is the exposed secrets counts grouped by Severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of exposed secrets with\r\n Critical Severity.\r\n minimum: 0\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of exposed secrets with High\r\n Severity.\r\n minimum: 0\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of exposed secrets with Low\r\n Severity.\r\n minimum: 0\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of exposed secrets with\r\n Medium Severity.\r\n minimum: 0\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n updateTimestamp:\r\n description: UpdateTimestamp is a timestamp representing the server\r\n time in UTC when this report was updated.\r\n format: date-time\r\n type: string\r\n required:\r\n - artifact\r\n - scanner\r\n - secrets\r\n - summary\r\n - updateTimestamp\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: infraassessmentreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: InfraAssessmentReport\r\n listKind: InfraAssessmentReportList\r\n plural: infraassessmentreports\r\n shortNames:\r\n - infraassessment\r\n - infraassessments\r\n singular: infraassessmentreport\r\n scope: Namespaced\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of the infra assessment scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of failed checks with critical severity\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with high severity\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with medium severity\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with low severity\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: InfraAssessmentReport is a specification for the InfraAssessmentReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n properties:\r\n checks:\r\n description: Checks provides results of conducting audit steps.\r\n items:\r\n description: Check provides the result of conducting a single audit\r\n step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links to external\r\n resources to remediate failing check.\r\n type: string\r\n scope:\r\n description: Scope indicates the section of config that was\r\n audited.\r\n properties:\r\n type:\r\n description: Type indicates type of this scope, e.g. Container,\r\n ConfigMapKey or JSONPath.\r\n type: string\r\n value:\r\n description: Value indicates value of this scope that depends\r\n on Type, e.g. container name, ConfigMap key or JSONPath\r\n expression\r\n type: string\r\n required:\r\n - type\r\n - value\r\n type: object\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n scanner:\r\n description: Scanner is the spec for a scanner generating a security\r\n assessment report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: InfraAssessmentSummary counts failed checks by severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of failed checks with\r\n critical severity.\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of failed checks with high\r\n severity.\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of failed check with low severity.\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of failed checks with medium\r\n severity.\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n required:\r\n - checks\r\n - scanner\r\n - summary\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: rbacassessmentreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: RbacAssessmentReport\r\n listKind: RbacAssessmentReportList\r\n plural: rbacassessmentreports\r\n shortNames:\r\n - rbacassessment\r\n - rbacassessments\r\n singular: rbacassessmentreport\r\n scope: Namespaced\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of the rbac assessment scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of failed checks with critical severity\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with high severity\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with medium severity\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of failed checks with low severity\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: RbacAssessmentReport is a specification for the RbacAssessmentReport\r\n resource.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n properties:\r\n checks:\r\n description: Checks provides results of conducting audit steps.\r\n items:\r\n description: Check provides the result of conducting a single audit\r\n step.\r\n properties:\r\n category:\r\n type: string\r\n checkID:\r\n type: string\r\n description:\r\n type: string\r\n messages:\r\n items:\r\n type: string\r\n type: array\r\n remediation:\r\n description: Remediation provides description or links to external\r\n resources to remediate failing check.\r\n type: string\r\n scope:\r\n description: Scope indicates the section of config that was\r\n audited.\r\n properties:\r\n type:\r\n description: Type indicates type of this scope, e.g. Container,\r\n ConfigMapKey or JSONPath.\r\n type: string\r\n value:\r\n description: Value indicates value of this scope that depends\r\n on Type, e.g. container name, ConfigMap key or JSONPath\r\n expression\r\n type: string\r\n required:\r\n - type\r\n - value\r\n type: object\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n type: string\r\n success:\r\n type: boolean\r\n title:\r\n type: string\r\n required:\r\n - checkID\r\n - severity\r\n - success\r\n type: object\r\n type: array\r\n scanner:\r\n description: Scanner is the spec for a scanner generating a security\r\n assessment report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: RbacAssessmentSummary counts failed checks by severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of failed checks with\r\n critical severity.\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of failed checks with high\r\n severity.\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of failed check with low severity.\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of failed checks with medium\r\n severity.\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n type: object\r\n required:\r\n - checks\r\n - scanner\r\n - summary\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: sbomreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: SbomReport\r\n listKind: SbomReportList\r\n plural: sbomreports\r\n shortNames:\r\n - sbom\r\n - sboms\r\n singular: sbomreport\r\n scope: Namespaced\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of image repository\r\n jsonPath: .report.artifact.repository\r\n name: Repository\r\n type: string\r\n - description: The name of image tag\r\n jsonPath: .report.artifact.tag\r\n name: Tag\r\n type: string\r\n - description: The name of the sbom generation scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of dependencies in bom\r\n jsonPath: .report.summary.componentsCount\r\n name: Components\r\n priority: 1\r\n type: integer\r\n - description: The the number of components in bom\r\n jsonPath: .report.summary.dependenciesCount\r\n name: Dependencies\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: SbomReport summarizes components and dependencies found in container\r\n image\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n description: Report is the actual sbom report data.\r\n properties:\r\n artifact:\r\n description: |-\r\n Artifact represents a standalone, executable package of software that includes everything needed to\r\n run an application.\r\n properties:\r\n digest:\r\n description: Digest is a unique and immutable identifier of an\r\n Artifact.\r\n type: string\r\n mimeType:\r\n description: MimeType represents a type and format of an Artifact.\r\n type: string\r\n repository:\r\n description: Repository is the name of the repository in the Artifact\r\n registry.\r\n type: string\r\n tag:\r\n description: Tag is a mutable, human-readable string used to identify\r\n an Artifact.\r\n type: string\r\n type: object\r\n components:\r\n description: Bom is artifact bill of materials.\r\n properties:\r\n bomFormat:\r\n type: string\r\n components:\r\n items:\r\n properties:\r\n bom-ref:\r\n type: string\r\n group:\r\n type: string\r\n hashes:\r\n items:\r\n properties:\r\n alg:\r\n type: string\r\n content:\r\n type: string\r\n type: object\r\n type: array\r\n licenses:\r\n items:\r\n properties:\r\n expression:\r\n type: string\r\n license:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n url:\r\n type: string\r\n type: object\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n properties:\r\n items:\r\n properties:\r\n name:\r\n type: string\r\n value:\r\n type: string\r\n type: object\r\n type: array\r\n purl:\r\n type: string\r\n supplier:\r\n properties:\r\n contact:\r\n items:\r\n properties:\r\n email:\r\n type: string\r\n name:\r\n type: string\r\n phone:\r\n type: string\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n url:\r\n items:\r\n type: string\r\n type: array\r\n type: object\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n type: array\r\n dependencies:\r\n items:\r\n properties:\r\n dependsOn:\r\n items:\r\n type: string\r\n type: array\r\n ref:\r\n type: string\r\n type: object\r\n type: array\r\n metadata:\r\n properties:\r\n component:\r\n properties:\r\n bom-ref:\r\n type: string\r\n group:\r\n type: string\r\n hashes:\r\n items:\r\n properties:\r\n alg:\r\n type: string\r\n content:\r\n type: string\r\n type: object\r\n type: array\r\n licenses:\r\n items:\r\n properties:\r\n expression:\r\n type: string\r\n license:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n url:\r\n type: string\r\n type: object\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n properties:\r\n items:\r\n properties:\r\n name:\r\n type: string\r\n value:\r\n type: string\r\n type: object\r\n type: array\r\n purl:\r\n type: string\r\n supplier:\r\n properties:\r\n contact:\r\n items:\r\n properties:\r\n email:\r\n type: string\r\n name:\r\n type: string\r\n phone:\r\n type: string\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n url:\r\n items:\r\n type: string\r\n type: array\r\n type: object\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n timestamp:\r\n type: string\r\n tools:\r\n properties:\r\n components:\r\n items:\r\n properties:\r\n bom-ref:\r\n type: string\r\n group:\r\n type: string\r\n hashes:\r\n items:\r\n properties:\r\n alg:\r\n type: string\r\n content:\r\n type: string\r\n type: object\r\n type: array\r\n licenses:\r\n items:\r\n properties:\r\n expression:\r\n type: string\r\n license:\r\n properties:\r\n id:\r\n type: string\r\n name:\r\n type: string\r\n url:\r\n type: string\r\n type: object\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n properties:\r\n items:\r\n properties:\r\n name:\r\n type: string\r\n value:\r\n type: string\r\n type: object\r\n type: array\r\n purl:\r\n type: string\r\n supplier:\r\n properties:\r\n contact:\r\n items:\r\n properties:\r\n email:\r\n type: string\r\n name:\r\n type: string\r\n phone:\r\n type: string\r\n type: object\r\n type: array\r\n name:\r\n type: string\r\n url:\r\n items:\r\n type: string\r\n type: array\r\n type: object\r\n type:\r\n type: string\r\n version:\r\n type: string\r\n type: object\r\n type: array\r\n type: object\r\n type: object\r\n serialNumber:\r\n type: string\r\n specVersion:\r\n type: string\r\n version:\r\n type: integer\r\n required:\r\n - bomFormat\r\n - specVersion\r\n type: object\r\n registry:\r\n description: Registry is the registry the Artifact was pulled from.\r\n properties:\r\n server:\r\n description: Server the FQDN of registry server.\r\n type: string\r\n type: object\r\n scanner:\r\n description: Scanner is the scanner that generated this report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: Summary is a summary of sbom report.\r\n properties:\r\n componentsCount:\r\n description: ComponentsCount is the number of components in bom.\r\n minimum: 0\r\n type: integer\r\n dependenciesCount:\r\n description: DependenciesCount is the number of dependencies in\r\n bom.\r\n minimum: 0\r\n type: integer\r\n required:\r\n - componentsCount\r\n - dependenciesCount\r\n type: object\r\n updateTimestamp:\r\n description: UpdateTimestamp is a timestamp representing the server\r\n time in UTC when this report was updated.\r\n format: date-time\r\n type: string\r\n required:\r\n - artifact\r\n - components\r\n - scanner\r\n - summary\r\n - updateTimestamp\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: apiextensions.k8s.io/v1\r\nkind: CustomResourceDefinition\r\nmetadata:\r\n annotations:\r\n controller-gen.kubebuilder.io/version: v0.18.0\r\n name: vulnerabilityreports.aquasecurity.github.io\r\nspec:\r\n group: aquasecurity.github.io\r\n names:\r\n kind: VulnerabilityReport\r\n listKind: VulnerabilityReportList\r\n plural: vulnerabilityreports\r\n shortNames:\r\n - vuln\r\n - vulns\r\n singular: vulnerabilityreport\r\n scope: Namespaced\r\n versions:\r\n - additionalPrinterColumns:\r\n - description: The name of image repository\r\n jsonPath: .report.artifact.repository\r\n name: Repository\r\n type: string\r\n - description: The name of image tag\r\n jsonPath: .report.artifact.tag\r\n name: Tag\r\n type: string\r\n - description: The name of the vulnerability scanner\r\n jsonPath: .report.scanner.name\r\n name: Scanner\r\n type: string\r\n - description: The age of the report\r\n jsonPath: .metadata.creationTimestamp\r\n name: Age\r\n type: date\r\n - description: The number of critical vulnerabilities\r\n jsonPath: .report.summary.criticalCount\r\n name: Critical\r\n priority: 1\r\n type: integer\r\n - description: The number of high vulnerabilities\r\n jsonPath: .report.summary.highCount\r\n name: High\r\n priority: 1\r\n type: integer\r\n - description: The number of medium vulnerabilities\r\n jsonPath: .report.summary.mediumCount\r\n name: Medium\r\n priority: 1\r\n type: integer\r\n - description: The number of low vulnerabilities\r\n jsonPath: .report.summary.lowCount\r\n name: Low\r\n priority: 1\r\n type: integer\r\n - description: The number of unknown vulnerabilities\r\n jsonPath: .report.summary.unknownCount\r\n name: Unknown\r\n priority: 1\r\n type: integer\r\n name: v1alpha1\r\n schema:\r\n openAPIV3Schema:\r\n description: |-\r\n VulnerabilityReport summarizes vulnerabilities in application dependencies and operating system packages\r\n built into container images.\r\n properties:\r\n apiVersion:\r\n description: |-\r\n APIVersion defines the versioned schema of this representation of an object.\r\n Servers should convert recognized schemas to the latest internal value, and\r\n may reject unrecognized values.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources\r\n type: string\r\n kind:\r\n description: |-\r\n Kind is a string value representing the REST resource this object represents.\r\n Servers may infer this from the endpoint the client submits requests to.\r\n Cannot be updated.\r\n In CamelCase.\r\n More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\r\n type: string\r\n metadata:\r\n type: object\r\n report:\r\n description: Report is the actual vulnerability report data.\r\n properties:\r\n artifact:\r\n description: |-\r\n Artifact represents a standalone, executable package of software that includes everything needed to\r\n run an application.\r\n properties:\r\n digest:\r\n description: Digest is a unique and immutable identifier of an\r\n Artifact.\r\n type: string\r\n mimeType:\r\n description: MimeType represents a type and format of an Artifact.\r\n type: string\r\n repository:\r\n description: Repository is the name of the repository in the Artifact\r\n registry.\r\n type: string\r\n tag:\r\n description: Tag is a mutable, human-readable string used to identify\r\n an Artifact.\r\n type: string\r\n type: object\r\n os:\r\n description: OS information of the artifact\r\n properties:\r\n eosl:\r\n description: Eosl is true if OS version has reached end of service\r\n life\r\n type: boolean\r\n family:\r\n description: Operating System Family\r\n type: string\r\n name:\r\n description: Name or version of the OS\r\n type: string\r\n type: object\r\n registry:\r\n description: Registry is the registry the Artifact was pulled from.\r\n properties:\r\n server:\r\n description: Server the FQDN of registry server.\r\n type: string\r\n type: object\r\n scanner:\r\n description: Scanner is the scanner that generated this report.\r\n properties:\r\n name:\r\n description: Name the name of the scanner.\r\n type: string\r\n vendor:\r\n description: Vendor the name of the vendor providing the scanner.\r\n type: string\r\n version:\r\n description: Version the version of the scanner.\r\n type: string\r\n required:\r\n - name\r\n - vendor\r\n - version\r\n type: object\r\n summary:\r\n description: Summary is a summary of Vulnerability counts grouped\r\n by Severity.\r\n properties:\r\n criticalCount:\r\n description: CriticalCount is the number of vulnerabilities with\r\n Critical Severity.\r\n minimum: 0\r\n type: integer\r\n highCount:\r\n description: HighCount is the number of vulnerabilities with High\r\n Severity.\r\n minimum: 0\r\n type: integer\r\n lowCount:\r\n description: LowCount is the number of vulnerabilities with Low\r\n Severity.\r\n minimum: 0\r\n type: integer\r\n mediumCount:\r\n description: MediumCount is the number of vulnerabilities with\r\n Medium Severity.\r\n minimum: 0\r\n type: integer\r\n noneCount:\r\n description: NoneCount is the number of packages without any vulnerability.\r\n minimum: 0\r\n type: integer\r\n unknownCount:\r\n description: UnknownCount is the number of vulnerabilities with\r\n unknown severity.\r\n minimum: 0\r\n type: integer\r\n required:\r\n - criticalCount\r\n - highCount\r\n - lowCount\r\n - mediumCount\r\n - unknownCount\r\n type: object\r\n updateTimestamp:\r\n description: UpdateTimestamp is a timestamp representing the server\r\n time in UTC when this report was updated.\r\n format: date-time\r\n type: string\r\n vulnerabilities:\r\n description: Vulnerabilities is a list of operating system (OS) or\r\n application software Vulnerability items found in the Artifact.\r\n items:\r\n description: Vulnerability is the spec for a vulnerability record.\r\n properties:\r\n class:\r\n type: string\r\n cvss:\r\n additionalProperties:\r\n properties:\r\n V2Score:\r\n type: number\r\n V2Vector:\r\n type: string\r\n V3Score:\r\n type: number\r\n V3Vector:\r\n type: string\r\n V40Score:\r\n type: number\r\n V40Vector:\r\n type: string\r\n type: object\r\n type: object\r\n cvsssource:\r\n type: string\r\n description:\r\n type: string\r\n fixedVersion:\r\n description: FixedVersion indicates the version of the Resource\r\n in which this vulnerability has been fixed.\r\n type: string\r\n installedVersion:\r\n description: InstalledVersion indicates the installed version\r\n of the Resource.\r\n type: string\r\n lastModifiedDate:\r\n description: LastModifiedDate indicates the last date CVE has\r\n been modified.\r\n type: string\r\n links:\r\n items:\r\n type: string\r\n type: array\r\n packagePURL:\r\n type: string\r\n packagePath:\r\n type: string\r\n packageType:\r\n type: string\r\n primaryLink:\r\n type: string\r\n publishedDate:\r\n description: PublishedDate indicates the date of published CVE.\r\n type: string\r\n resource:\r\n description: Resource is a vulnerable package, application,\r\n or library.\r\n type: string\r\n score:\r\n type: number\r\n severity:\r\n description: Severity level of a vulnerability or a configuration\r\n audit check.\r\n enum:\r\n - CRITICAL\r\n - HIGH\r\n - MEDIUM\r\n - LOW\r\n - UNKNOWN\r\n type: string\r\n target:\r\n type: string\r\n title:\r\n type: string\r\n vulnerabilityID:\r\n description: VulnerabilityID the vulnerability identifier.\r\n type: string\r\n required:\r\n - fixedVersion\r\n - installedVersion\r\n - lastModifiedDate\r\n - publishedDate\r\n - resource\r\n - severity\r\n - title\r\n - vulnerabilityID\r\n type: object\r\n type: array\r\n required:\r\n - artifact\r\n - os\r\n - scanner\r\n - summary\r\n - updateTimestamp\r\n - vulnerabilities\r\n type: object\r\n required:\r\n - report\r\n type: object\r\n x-kubernetes-preserve-unknown-fields: true\r\n served: true\r\n storage: true\r\n subresources: {}\r\n---\r\napiVersion: v1\r\nkind: Namespace\r\nmetadata:\r\n name: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\n---\r\n# Source: trivy-operator/templates/configmaps/operator.yaml\r\napiVersion: v1\r\nkind: ConfigMap\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\ndata:\r\n nodeCollector.volumes: "[{\\"hostPath\\":{\\"path\\":\\"/var/lib/etcd\\"},\\"name\\":\\"var-lib-etcd\\"},{\\"hostPath\\":{\\"path\\":\\"/var/lib/kubelet\\"},\\"name\\":\\"var-lib-kubelet\\"},{\\"hostPath\\":{\\"path\\":\\"/var/lib/kube-scheduler\\"},\\"name\\":\\"var-lib-kube-scheduler\\"},{\\"hostPath\\":{\\"path\\":\\"/var/lib/kube-controller-manager\\"},\\"name\\":\\"var-lib-kube-controller-manager\\"},{\\"hostPath\\":{\\"path\\":\\"/etc/systemd\\"},\\"name\\":\\"etc-systemd\\"},{\\"hostPath\\":{\\"path\\":\\"/lib/systemd\\"},\\"name\\":\\"lib-systemd\\"},{\\"hostPath\\":{\\"path\\":\\"/etc/kubernetes\\"},\\"name\\":\\"etc-kubernetes\\"},{\\"hostPath\\":{\\"path\\":\\"/etc/cni/net.d/\\"},\\"name\\":\\"etc-cni-netd\\"}]"\r\n nodeCollector.volumeMounts: "[{\\"mountPath\\":\\"/var/lib/etcd\\",\\"name\\":\\"var-lib-etcd\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/var/lib/kubelet\\",\\"name\\":\\"var-lib-kubelet\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/var/lib/kube-scheduler\\",\\"name\\":\\"var-lib-kube-scheduler\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/var/lib/kube-controller-manager\\",\\"name\\":\\"var-lib-kube-controller-manager\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/etc/systemd\\",\\"name\\":\\"etc-systemd\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/lib/systemd/\\",\\"name\\":\\"lib-systemd\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/etc/kubernetes\\",\\"name\\":\\"etc-kubernetes\\",\\"readOnly\\":true},{\\"mountPath\\":\\"/etc/cni/net.d/\\",\\"name\\":\\"etc-cni-netd\\",\\"readOnly\\":true}]"\r\n scanJob.useGCRServiceAccount: "true"\r\n scanJob.podTemplateContainerSecurityContext: "{\\"allowPrivilegeEscalation\\":false,\\"capabilities\\":{\\"drop\\":[\\"ALL\\"]},\\"privileged\\":false,\\"readOnlyRootFilesystem\\":true,\\"runAsUser\\":0}"\r\n scanJob.compressLogs: "true"\r\n vulnerabilityReports.scanner: "Trivy"\r\n vulnerabilityReports.scanJobsInSameNamespace: "false"\r\n configAuditReports.scanner: "Trivy"\r\n compliance.failEntriesLimit: "10"\r\n report.recordFailedChecksOnly: "true"\r\n node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1"\r\n policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1"\r\n policies.bundle.insecure: "false"\r\n\r\n node.collector.nodeSelector: "true"\r\n---\r\n# Source: trivy-operator/templates/configmaps/trivy-operator-config.yaml\r\nkind: ConfigMap\r\napiVersion: v1\r\nmetadata:\r\n name: trivy-operator-config\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\ndata:\r\n OPERATOR_LOG_DEV_MODE: "false"\r\n OPERATOR_SCAN_JOB_TTL: ""\r\n OPERATOR_SCAN_JOB_TIMEOUT: "5m"\r\n OPERATOR_CONCURRENT_SCAN_JOBS_LIMIT: "5"\r\n OPERATOR_CONCURRENT_NODE_COLLECTOR_LIMIT: "1"\r\n OPERATOR_SCAN_JOB_RETRY_AFTER: "30s"\r\n OPERATOR_BATCH_DELETE_LIMIT: "10"\r\n OPERATOR_BATCH_DELETE_DELAY: "10s"\r\n OPERATOR_METRICS_BIND_ADDRESS: ":8080"\r\n OPERATOR_METRICS_FINDINGS_ENABLED: "true"\r\n OPERATOR_METRICS_VULN_ID_ENABLED: "false"\r\n OPERATOR_HEALTH_PROBE_BIND_ADDRESS: ":9090"\r\n OPERATOR_PPROF_BIND_ADDRESS: ""\r\n OPERATOR_VULNERABILITY_SCANNER_ENABLED: "true"\r\n OPERATOR_SBOM_GENERATION_ENABLED: "true"\r\n OPERATOR_CLUSTER_SBOM_CACHE_ENABLED: "false"\r\n OPERATOR_VULNERABILITY_SCANNER_SCAN_ONLY_CURRENT_REVISIONS: "true"\r\n OPERATOR_SCANNER_REPORT_TTL: "24h"\r\n OPERATOR_CACHE_REPORT_TTL: "120h"\r\n CONTROLLER_CACHE_SYNC_TIMEOUT: "5m"\r\n OPERATOR_CONFIG_AUDIT_SCANNER_ENABLED: "true"\r\n OPERATOR_RBAC_ASSESSMENT_SCANNER_ENABLED: "true"\r\n OPERATOR_INFRA_ASSESSMENT_SCANNER_ENABLED: "true"\r\n OPERATOR_CONFIG_AUDIT_SCANNER_SCAN_ONLY_CURRENT_REVISIONS: "true"\r\n OPERATOR_EXPOSED_SECRET_SCANNER_ENABLED: "true"\r\n OPERATOR_METRICS_EXPOSED_SECRET_INFO_ENABLED: "false"\r\n OPERATOR_METRICS_CONFIG_AUDIT_INFO_ENABLED: "false"\r\n OPERATOR_METRICS_RBAC_ASSESSMENT_INFO_ENABLED: "false"\r\n OPERATOR_METRICS_INFRA_ASSESSMENT_INFO_ENABLED: "false"\r\n OPERATOR_METRICS_IMAGE_INFO_ENABLED: "false"\r\n OPERATOR_METRICS_CLUSTER_COMPLIANCE_INFO_ENABLED: "false"\r\n OPERATOR_WEBHOOK_BROADCAST_URL: ""\r\n OPERATOR_WEBHOOK_BROADCAST_TIMEOUT: "30s"\r\n OPERATOR_WEBHOOK_BROADCAST_CUSTOM_HEADERS: ""\r\n OPERATOR_SEND_DELETED_REPORTS: "false"\r\n OPERATOR_PRIVATE_REGISTRY_SCAN_SECRETS_NAMES: "{}"\r\n OPERATOR_ACCESS_GLOBAL_SECRETS_SERVICE_ACCOUNTS: "true"\r\n OPERATOR_BUILT_IN_TRIVY_SERVER: "false"\r\n TRIVY_SERVER_HEALTH_CHECK_CACHE_EXPIRATION: "10h"\r\n OPERATOR_MERGE_RBAC_FINDING_WITH_CONFIG_AUDIT: "false"\r\n OPERATOR_CLUSTER_COMPLIANCE_ENABLED: "true"\r\n---\r\n# Source: trivy-operator/templates/configmaps/trivy.yaml\r\napiVersion: v1\r\nkind: ConfigMap\r\nmetadata:\r\n name: trivy-operator-trivy-config\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\ndata:\r\n trivy.repository: "mirror.gcr.io/aquasec/trivy"\r\n trivy.tag: "0.69.3"\r\n trivy.imagePullPolicy: "IfNotPresent"\r\n trivy.additionalVulnerabilityReportFields: ""\r\n trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"\r\n trivy.slow: "true"\r\n trivy.skipJavaDBUpdate: "false"\r\n trivy.includeDevDeps: "false"\r\n trivy.imageScanCacheDir: "/tmp/trivy/.cache"\r\n trivy.filesystemScanCacheDir: "/var/trivyoperator/trivy-db"\r\n trivy.dbRepository: "mirror.gcr.io/aquasec/trivy-db"\r\n trivy.javaDbRepository: "mirror.gcr.io/aquasec/trivy-java-db"\r\n trivy.command: "filesystem"\r\n trivy.ignoreUnfixed: "true"\r\n trivy.sbomSources: ""\r\n trivy.dbRepositoryInsecure: "false"\r\n trivy.useBuiltinRegoPolicies: "false"\r\n trivy.useEmbeddedRegoPolicies: "true"\r\n trivy.supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"\r\n trivy.timeout: "5m0s"\r\n trivy.mode: "Standalone"\r\n trivy.resources.requests.cpu: "100m"\r\n trivy.resources.requests.memory: "100M"\r\n trivy.resources.limits.cpu: "500m"\r\n trivy.resources.limits.memory: "500M"\r\n---\r\n# Source: trivy-operator/templates/secrets/operator.yaml\r\napiVersion: v1\r\nkind: Secret\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\ndata:\r\n---\r\n# Source: trivy-operator/templates/secrets/trivy.yaml\r\napiVersion: v1\r\nkind: Secret\r\nmetadata:\r\n name: trivy-operator-trivy-config\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\ndata:\r\n---\r\n# Source: trivy-operator/templates/deployment.yaml\r\napiVersion: apps/v1\r\nkind: Deployment\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nspec:\r\n replicas: 1\r\n strategy:\r\n type: Recreate\r\n selector:\r\n matchLabels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n template:\r\n metadata:\r\n annotations:\r\n checksum/config: 31d4af34c2224d1fca88bd22b862d4a01ff98f99897807ca53944b3115c34420\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n spec:\r\n serviceAccountName: trivy-operator\r\n automountServiceAccountToken: true\r\n containers:\r\n - name: "trivy-operator"\r\n image: "mirror.gcr.io/aquasec/trivy-operator:0.30.1"\r\n imagePullPolicy: IfNotPresent\r\n env:\r\n - name: OPERATOR_NAMESPACE\r\n value: trivy-system\r\n - name: OPERATOR_TARGET_NAMESPACES\r\n value: ""\r\n - name: OPERATOR_EXCLUDE_NAMESPACES\r\n value: ""\r\n - name: OPERATOR_TARGET_WORKLOADS\r\n value: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"\r\n - name: OPERATOR_SERVICE_ACCOUNT\r\n value: "trivy-operator"\r\n envFrom:\r\n - configMapRef:\r\n name: trivy-operator-config\r\n ports:\r\n - name: metrics\r\n containerPort: 8080\r\n - name: probes\r\n containerPort: 9090\r\n readinessProbe:\r\n httpGet:\r\n path: /readyz/\r\n port: probes\r\n initialDelaySeconds: 5\r\n periodSeconds: 10\r\n successThreshold: 1\r\n failureThreshold: 3\r\n livenessProbe:\r\n httpGet:\r\n path: /healthz/\r\n port: probes\r\n initialDelaySeconds: 5\r\n periodSeconds: 10\r\n successThreshold: 1\r\n failureThreshold: 10\r\n securityContext:\r\n allowPrivilegeEscalation: false\r\n capabilities:\r\n drop:\r\n - ALL\r\n privileged: false\r\n readOnlyRootFilesystem: true\r\n volumeMounts:\r\n - mountPath: /tmp\r\n name: cache-policies\r\n readOnly: false\r\n volumes:\r\n - emptyDir: {}\r\n name: cache-policies\r\n---\r\n# Source: trivy-operator/templates/monitor/service.yaml\r\napiVersion: v1\r\nkind: Service\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nspec:\r\n clusterIP: None\r\n ports:\r\n - name: metrics\r\n port: 80\r\n targetPort: metrics\r\n protocol: TCP\r\n appProtocol: TCP\r\n selector:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n type: ClusterIP\r\n---\r\n# Source: trivy-operator/templates/rbac/clusterrole.yaml\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: ClusterRole\r\nmetadata:\r\n name: trivy-operator\r\nrules:\r\n- apiGroups:\r\n - ""\r\n resources:\r\n - configmaps\r\n - limitranges\r\n - nodes\r\n - pods\r\n - replicationcontrollers\r\n - resourcequotas\r\n - services\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - ""\r\n resources:\r\n - namespaces\r\n verbs:\r\n - get\r\n- apiGroups:\r\n - ""\r\n resources:\r\n - pods/log\r\n verbs:\r\n - get\r\n - list\r\n- apiGroups:\r\n - apiextensions.k8s.io\r\n resources:\r\n - customresourcedefinitions\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - apps\r\n resources:\r\n - daemonsets\r\n - deployments\r\n - replicasets\r\n - statefulsets\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - apps.openshift.io\r\n resources:\r\n - deploymentconfigs\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - aquasecurity.github.io\r\n resources:\r\n - clustercompliancedetailreports\r\n - clustercompliancereports\r\n - clusterconfigauditreports\r\n - clusterinfraassessmentreports\r\n - clusterrbacassessmentreports\r\n - clustersbomreports\r\n - clustervulnerabilityreports\r\n - configauditreports\r\n - exposedsecretreports\r\n - infraassessmentreports\r\n - rbacassessmentreports\r\n - sbomreports\r\n - vulnerabilityreports\r\n verbs:\r\n - create\r\n - delete\r\n - get\r\n - list\r\n - patch\r\n - update\r\n - watch\r\n- apiGroups:\r\n - aquasecurity.github.io\r\n resources:\r\n - clustercompliancereports/status\r\n verbs:\r\n - get\r\n - patch\r\n - update\r\n- apiGroups:\r\n - batch\r\n resources:\r\n - cronjobs\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - batch\r\n resources:\r\n - jobs\r\n verbs:\r\n - create\r\n - delete\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - networking.k8s.io\r\n resources:\r\n - ingresses\r\n - networkpolicies\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - rbac.authorization.k8s.io\r\n resources:\r\n - clusterrolebindings\r\n - clusterroles\r\n - rolebindings\r\n - roles\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n- apiGroups:\r\n - ""\r\n resources:\r\n - secrets\r\n verbs:\r\n - create\r\n - get\r\n - update\r\n- apiGroups:\r\n - ""\r\n resources:\r\n - serviceaccounts\r\n verbs:\r\n - get\r\n- apiGroups:\r\n - ""\r\n resources:\r\n - nodes/proxy\r\n verbs:\r\n - get\r\n---\r\n# Source: trivy-operator/templates/rbac/clusterrolebinding.yaml\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: ClusterRoleBinding\r\nmetadata:\r\n name: trivy-operator\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nroleRef:\r\n apiGroup: rbac.authorization.k8s.io\r\n kind: ClusterRole\r\n name: trivy-operator\r\nsubjects:\r\n - kind: ServiceAccount\r\n name: trivy-operator\r\n namespace: trivy-system\r\n---\r\n# Source: trivy-operator/templates/rbac/leader-election-role.yaml\r\n# permissions to do leader election.\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: Role\r\nmetadata:\r\n name: trivy-operator-leader-election\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nrules:\r\n - apiGroups:\r\n - coordination.k8s.io\r\n resources:\r\n - leases\r\n verbs:\r\n - create\r\n - get\r\n - update\r\n - apiGroups:\r\n - ""\r\n resources:\r\n - events\r\n verbs:\r\n - create\r\n---\r\n# Source: trivy-operator/templates/rbac/leader-election-rolebinding.yaml\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: RoleBinding\r\nmetadata:\r\n name: trivy-operator-leader-election\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nroleRef:\r\n apiGroup: rbac.authorization.k8s.io\r\n kind: Role\r\n name: trivy-operator-leader-election\r\nsubjects:\r\n - kind: ServiceAccount\r\n name: trivy-operator\r\n namespace: trivy-system\r\n---\r\n# Source: trivy-operator/templates/rbac/role.yaml\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: Role\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nrules:\r\n - apiGroups:\r\n - ""\r\n resources:\r\n - configmaps\r\n verbs:\r\n - create\r\n - get\r\n - list\r\n - watch\r\n - apiGroups:\r\n - ""\r\n resources:\r\n - secrets\r\n verbs:\r\n - create\r\n - get\r\n - delete\r\n - update\r\n---\r\n# Source: trivy-operator/templates/rbac/rolebinding.yaml\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: RoleBinding\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\nroleRef:\r\n apiGroup: rbac.authorization.k8s.io\r\n kind: Role\r\n name: trivy-operator\r\nsubjects:\r\n - kind: ServiceAccount\r\n name: trivy-operator\r\n namespace: trivy-system\r\n---\r\n# Source: trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml\r\n# permissions for end users to view configauditreports\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: ClusterRole\r\nmetadata:\r\n name: aggregate-config-audit-reports-view\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\n rbac.authorization.k8s.io/aggregate-to-view: "true"\r\n rbac.authorization.k8s.io/aggregate-to-edit: "true"\r\n rbac.authorization.k8s.io/aggregate-to-admin: "true"\r\n rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true"\r\nrules:\r\n - apiGroups:\r\n - aquasecurity.github.io\r\n resources:\r\n - configauditreports\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n---\r\n# Source: trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml\r\n# permissions for end users to view exposedsecretreports\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: ClusterRole\r\nmetadata:\r\n name: aggregate-exposed-secret-reports-view\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\n rbac.authorization.k8s.io/aggregate-to-view: "true"\r\n rbac.authorization.k8s.io/aggregate-to-edit: "true"\r\n rbac.authorization.k8s.io/aggregate-to-admin: "true"\r\n rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true"\r\nrules:\r\n - apiGroups:\r\n - aquasecurity.github.io\r\n resources:\r\n - exposedsecretreports\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n---\r\n# Source: trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml\r\n# permissions for end users to view vulnerabilityreports\r\napiVersion: rbac.authorization.k8s.io/v1\r\nkind: ClusterRole\r\nmetadata:\r\n name: aggregate-vulnerability-reports-view\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl\r\n rbac.authorization.k8s.io/aggregate-to-view: "true"\r\n rbac.authorization.k8s.io/aggregate-to-edit: "true"\r\n rbac.authorization.k8s.io/aggregate-to-admin: "true"\r\n rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true"\r\nrules:\r\n - apiGroups:\r\n - aquasecurity.github.io\r\n resources:\r\n - vulnerabilityreports\r\n verbs:\r\n - get\r\n - list\r\n - watch\r\n---\r\n# Source: trivy-operator/templates/serviceaccount.yaml\r\napiVersion: v1\r\nkind: ServiceAccount\r\nmetadata:\r\n name: trivy-operator\r\n namespace: trivy-system\r\n labels:\r\n app.kubernetes.io/name: trivy-operator\r\n app.kubernetes.io/instance: trivy-operator\r\n app.kubernetes.io/version: "0.30.1"\r\n app.kubernetes.io/managed-by: kubectl';
|
|
1033
|
-
|
|
1034
|
-
// src/back/index.ts
|
|
59
|
+
var import_kwirth_common = __toESM(require_kwirth_common(), 1);
|
|
60
|
+
var import_kwirth_common_back = __toESM(require_kwirth_common_back(), 1);
|
|
61
|
+
var import_zlib = __toESM(require("zlib"), 1);
|
|
62
|
+
var import_trivy_operator_0_30_1 = __toESM(require_trivy_operator_0_30_1(), 1);
|
|
63
|
+
var trivyOperatorYaml = import_zlib.default.gunzipSync(Buffer.from(import_trivy_operator_0_30_1.default, "base64")).toString("utf-8");
|
|
1035
64
|
var TRIVY_API_VERSION = "v1alpha1";
|
|
1036
65
|
var TRIVY_API_GROUP = "aquasecurity.github.io";
|
|
1037
66
|
var TRIVY_API_VULN_PLURAL = "vulnerabilityreports";
|
|
@@ -1073,7 +102,7 @@ var TrivyChannel = class {
|
|
|
1073
102
|
switch (action) {
|
|
1074
103
|
case "install":
|
|
1075
104
|
try {
|
|
1076
|
-
await (0, import_kwirth_common_back.applyAllResources)(
|
|
105
|
+
await (0, import_kwirth_common_back.applyAllResources)(trivyOperatorYaml, this.clusterInfo);
|
|
1077
106
|
res.status(200).send("ok");
|
|
1078
107
|
} catch (err) {
|
|
1079
108
|
res.status(500).send(err);
|
|
@@ -1081,7 +110,7 @@ var TrivyChannel = class {
|
|
|
1081
110
|
break;
|
|
1082
111
|
case "remove":
|
|
1083
112
|
try {
|
|
1084
|
-
await (0, import_kwirth_common_back.deleteAllResources)(
|
|
113
|
+
await (0, import_kwirth_common_back.deleteAllResources)(trivyOperatorYaml, this.clusterInfo);
|
|
1085
114
|
res.status(200).send();
|
|
1086
115
|
} catch (err) {
|
|
1087
116
|
res.status(500).send(err);
|
|
@@ -1229,29 +258,26 @@ var TrivyChannel = class {
|
|
|
1229
258
|
return resources.some((r) => r.scopes.split(",").some((sc) => this.getChannelScopeLevel(sc) >= requiredLevel));
|
|
1230
259
|
};
|
|
1231
260
|
createInformer = (webSocket, instance, plural) => {
|
|
1232
|
-
const
|
|
1233
|
-
|
|
1234
|
-
|
|
1235
|
-
|
|
1236
|
-
|
|
1237
|
-
|
|
1238
|
-
|
|
1239
|
-
|
|
1240
|
-
|
|
1241
|
-
|
|
1242
|
-
|
|
1243
|
-
|
|
1244
|
-
|
|
1245
|
-
|
|
1246
|
-
|
|
1247
|
-
|
|
1248
|
-
|
|
1249
|
-
console.log("[trivy] Informer restarted");
|
|
1250
|
-
}, 5e3);
|
|
1251
|
-
} catch (e) {
|
|
1252
|
-
console.error("[trivy] Error managing informer error:", e);
|
|
261
|
+
const handlers = {
|
|
262
|
+
onAdd: (obj) => this.processInformerEvent(webSocket, instance, plural, "add", obj),
|
|
263
|
+
onUpdate: (obj) => this.processInformerEvent(webSocket, instance, plural, "update", obj),
|
|
264
|
+
onDelete: (obj) => this.processInformerEvent(webSocket, instance, plural, "delete", obj),
|
|
265
|
+
onError: (err) => {
|
|
266
|
+
try {
|
|
267
|
+
console.error("[trivy] Informer error:", err);
|
|
268
|
+
if (err["HTTP-Code"] === "404" || err.statusCode === 404)
|
|
269
|
+
console.log("[trivy] CRD not found, informer will not restart");
|
|
270
|
+
else
|
|
271
|
+
setTimeout(() => {
|
|
272
|
+
informer.start();
|
|
273
|
+
console.log("[trivy] Informer restarted");
|
|
274
|
+
}, 5e3);
|
|
275
|
+
} catch (e) {
|
|
276
|
+
console.error("[trivy] Error managing informer error:", e);
|
|
277
|
+
}
|
|
1253
278
|
}
|
|
1254
|
-
}
|
|
279
|
+
};
|
|
280
|
+
const informer = (0, import_kwirth_common_back.createCrdInformer)(this.clusterInfo, TRIVY_API_GROUP, TRIVY_API_VERSION, plural, handlers);
|
|
1255
281
|
return informer;
|
|
1256
282
|
};
|
|
1257
283
|
async getReport(plural, instance, asset, withContainer) {
|