Merge remote-tracking branch 'origin/master' into jd/out-of-control

.github/workflows/build-site.yml

@@ -35,13 +35,6 @@ jobs:
         username="GitHub Actions"
         git config user.email "opensource@fairwinds.com"
         git config user.name $username
-        HAS_CHANGE=$(git diff .)
-        if [ -n "${HAS_CHANGE}" ]; then
-          if [ "$(git log -1 --pretty=format:'%an')" == $username ]; then
-            echo "Build created a diff, but the last commit was a build."
-            exit 1
-          fi
-          git add docs/
-          git commit -m "[CI] rebuild website"
-          git push
-        fi
+        git add ../docs/
+        git commit -m "[CI] rebuild website"
+        git push -u origin +master:website

README.md

@@ -3,7 +3,7 @@
   <br>
   <h3>Best Practices for Kubernetes Workload Configuration</h3>
   <a href="https://github.com/FairwindsOps/polaris">
-    <img src="https://img.shields.io/static/v1.svg?label=Version&message=1.2.0&color=239922">
+    <img src="https://img.shields.io/static/v1.svg?label=Version&message=3.0.0&color=239922">
   </a>
   <a href="https://goreportcard.com/report/github.com/FairwindsOps/polaris">
     <img src="https://goreportcard.com/badge/github.com/FairwindsOps/polaris">
@@ -22,13 +22,21 @@ Polaris can be run in three different modes:
 * As an [admission controller](https://polaris.docs.fairwinds.com/admission-controller), so you can automatically reject workloads that don't adhere to your organization's policies.
 * As a [command-line tool](https://polaris.docs.fairwinds.com/infrastructure-as-code), so you can test local YAML files, e.g. as part of a CI/CD process.
 
+<p align="center">
+  <img src="https://polaris.docs.fairwinds.com/img/architecture.svg" alt="Polaris Architecture" width="550"/>
+</p>
+
 **Want to learn more?** Reach out on [the Slack channel](https://fairwindscommunity.slack.com/messages/polaris) ([request invite](https://join.slack.com/t/fairwindscommunity/shared_invite/zt-e3c6vj4l-3lIH6dvKqzWII5fSSFDi1g)), send an email to `opensource@fairwinds.com`, or join us for [office hours on Zoom](https://fairwindscommunity.slack.com/messages/office-hours)
 
 
 ## Documentation
 Check out the [documentation at docs.fairwinds.com](https://polaris.docs.fairwinds.com)
 
 ## Integration with Fairwinds Insights
+<p align="center">
+  <img src="https://polaris.docs.fairwinds.com/img/FW_Insights_Polaris.svg" alt="Fairwinds Insights" width="550"/>
+</p>
+
 [Fairwinds Insights](https://www.fairwinds.com/insights?utm_campaign=Hosted%20Polaris%20&utm_source=polaris&utm_term=polaris&utm_content=polaris)
 is a platform for auditing Kubernetes clusters and enforcing policy. If you'd like to:
 * manage Polaris across a fleet of clusters

checks/multipleReplicasForDeployment.yaml

@@ -8,19 +8,14 @@ controllers:
 schema:
   '$schema': http://json-schema.org/draft-07/schema
   type: object
-  required: 
-  - Object
+  required:
+  - spec
   properties:
-    Object:
+    spec:
       type: object
       required:
-      - spec
+      - replicas
       properties:
-        spec:
-          type: object
-          required:
-          - replicas
-          properties:
-            replicas:
-              type: integer
-              minimum: 2
+        replicas:
+          type: integer
+          minimum: 2

cmd/polaris/audit.go

@@ -80,7 +80,8 @@ func runAndReportAudit(ctx context.Context, c conf.Configuration, auditPath, wor
 		logrus.Errorf("Error fetching Kubernetes resources %v", err)
 		os.Exit(1)
 	}
-	auditData, err := validator.RunAudit(ctx, c, k)
+	var auditData validator.AuditData
+	auditData, err = validator.RunAudit(c, k)
 
 	if err != nil {
 		logrus.Errorf("Error while running audit on resources: %v", err)

deploy/dashboard.yaml

@@ -109,7 +109,7 @@ spec:
       - command:
         - polaris
         - dashboard
-        image: 'quay.io/fairwinds/polaris:2.0'
+        image: 'quay.io/fairwinds/polaris:3.0'
         imagePullPolicy: 'Always'
         name: dashboard
         ports:

deploy/webhook.yaml

@@ -109,7 +109,7 @@ spec:
           command:
             - polaris
             - webhook
-          image: 'quay.io/fairwinds/polaris:2.0'
+          image: 'quay.io/fairwinds/polaris:3.0'
           imagePullPolicy: 'Always'
           ports:
             - containerPort: 9876

docs-md/README.md

@@ -3,7 +3,7 @@
   <br>
   <h3>Best Practices for Kubernetes Workload Configuration</h3>
   <a href="https://github.com/FairwindsOps/polaris">
-    <img src="https://img.shields.io/static/v1.svg?label=Version&message=1.2.0&color=239922">
+    <img src="https://img.shields.io/static/v1.svg?label=Version&message=3.0.0&color=239922">
   </a>
   <a href="https://goreportcard.com/report/github.com/FairwindsOps/polaris">
     <img src="https://goreportcard.com/badge/github.com/FairwindsOps/polaris">
@@ -22,11 +22,19 @@ Polaris can be run in three different modes:
 * As an [admission controller](/admission-controller), so you can automatically reject workloads that don't adhere to your organization's policies.
 * As a [command-line tool](/infrastructure-as-code), so you can test local YAML files, e.g. as part of a CI/CD process.
 
+<p align="center">
+  <img src="/img/architecture.svg" alt="Polaris Architecture" width="550"/>
+</p>
+
 **Want to learn more?** Reach out on [the Slack channel](https://fairwindscommunity.slack.com/messages/polaris) ([request invite](https://join.slack.com/t/fairwindscommunity/shared_invite/zt-e3c6vj4l-3lIH6dvKqzWII5fSSFDi1g)), send an email to `opensource@fairwinds.com`, or join us for [office hours on Zoom](https://fairwindscommunity.slack.com/messages/office-hours)
 
 
 
 ## Integration with Fairwinds Insights
+<p align="center">
+  <img src="/img/FW_Insights_Polaris.svg" alt="Fairwinds Insights" width="550"/>
+</p>
+
 [Fairwinds Insights](https://www.fairwinds.com/insights?utm_campaign=Hosted%20Polaris%20&utm_source=polaris&utm_term=polaris&utm_content=polaris)
 is a platform for auditing Kubernetes clusters and enforcing policy. If you'd like to:
 * manage Polaris across a fleet of clusters

docs-md/admission-controller.md

@@ -9,15 +9,23 @@ configuration through dashboard visibility, but to actually enforce it with this
 Note that Polaris will not alter your workloads, only block workloads that don't conform to the configured policies.
 
 ## Installation
+A valid TLS certificate is required for the Polaris Validating Webhook. If you have cert-manager installed in your cluster then the install methods below will work.
+
+If you don't use cert-manager, you'll need to:
+
+* Supply a CA Bundle with the `webhook.caBundle`
+* Create a TLS secret in your cluster with a valid certificate that uses that CA
+* Pass the name of that secret with the webhook.secretName parameter.
+
 ### kubectl
 ```bash
 kubectl apply -f https://github.com/fairwindsops/polaris/releases/latest/download/webhook.yaml
 ```
 
 ### Helm
 ```bash
-helm repo add fairwindsops-stable https://charts.fairwindsops.com/stable
-helm upgrade --install polaris fairwindsops-stable/polaris --namespace polaris \
+helm repo add fairwinds-stable https://charts.fairwinds.com/stable
+helm upgrade --install polaris fairwinds-stable/polaris --namespace polaris \
   --set webhook.enable=true --set dashboard.enable=false
 ```
 
@@ -34,4 +42,3 @@ output unless we are rejecting a workload altogether.
 This means that any checks with a severity of `warning` will still pass webhook validation,
 and the only evidence of that warning will either be in the Polaris dashboard or the
 Polaris webhook logs. This will change in a future version of Kubernetes.
-

docs-md/changelog.md

@@ -1,8 +1,18 @@
 ---
 sidebarDepth: 0
 ---
-## Upcoming
+## 3.0.0
+* **Breaking** - fixed inconsistency in how controller-level checks are handled
+Custom checks with `target: Controller` should remove `Object` from the top-level of the
+JSON schema (see changes to `./checks/multipleReplicasForDeployment.yaml`)
+
+## 2.0.1
+* Fixed Polaris deployment process
+
+## 2.0.0
 * Standardize categories of checks into Security, Reliability, and Efficiency
+* Changes to the dashboard UI
+* Update controller-runtime
 
 ## 1.2.1
 * Update date on dashboard footer

docs-md/contributing.md

@@ -50,7 +50,7 @@ Each new pull request should:
 - Reference any related issues
 - Add tests that show the issues have been solved
 - Pass existing tests and linting
-- Contain a clear indication of if they're ready for review or a work in progress
+- Contain a clear indication of if they're ready for review, or a work in progress
 - Be up to date and/or rebased on the master branch
 
 ## Creating a new release
@@ -83,10 +83,7 @@ The steps are:
     1. Clone the helm charts repo
         1. `git clone https://github.com/FairwindsOps/charts`
         2. `git checkout -b yourname/update-polaris`
-    1. Bump the version number in:
-        1. stable/polaris/README.md
-        2. stable/polaris/Chart.yaml
-        3. stable/polaris/values.yaml
+    1. Bump the version number in `stable/polaris/Chart.yaml`
     2. Make any necessary changes to the chart to support the new version of Polaris (e.g. new RBAC permissions)
     3. **Don't merge yet!**
 2. Create a PR for this repo
@@ -104,4 +101,3 @@ The steps are:
     3. Make sure CircleCI runs successfully for the new tag - this will push images to quay.io and create a release in GitHub
         1. If CircleCI fails, check with Codeowners ASAP
 4. Create and merge a PR for your changes to the Helm chart
-

docs-md/customization/exemptions.md

@@ -3,7 +3,10 @@ Sometimes a workload really does need to do things that Polaris considers insecu
 many of the `kube-system` workloads need to run as root, or need access to the host network. In these
 cases, we can add **exemptions** to allow the workload to pass Polaris checks.
 
-Exemptions can be added two ways: by annotating a controller, or editing the Polaris config.
+Exemptions can be added in a few different ways: 
+ - Namespace: By editing the Polaris config.
+ - Controller: By annotating a controller, or editing the Polaris config.
+ - Container: By editing the Polaris config.
 
 ## Annotations
 To exempt a controller from all checks via annotations, use the annotation `polaris.fairwinds.com/exempt=true`, e.g.
@@ -18,19 +21,36 @@ kubectl annotate deployment my-deployment polaris.fairwinds.com/cpuRequestsMissi
 
 ## Config
 
-To exempt a controller via the config, you have to specify a namespace (optional), a list of controller names and a list of rules, e.g.
+To add exemptions via the config, you have to specify at least one or more of the following: 
+- A namespace
+- A list of controller names
+- A list of container names
+
+You can also specify a list of particular rules. If no rules are specified then every rule is exempted. 
+
+Controller names and container names are matched as a prefix, so an empty string will match every controller or container respectively.
+
+For example:
 ```yaml
 exemptions:
-  # exemption valid for kube-system namespace
+  # exemption valid for all rules on all containers in all controllers in default namespace
+  - namespace: default
+  # exemption valid for hostNetworkSet rule on all containers in dns-controller controller in kube-system namespace
   - namespace: kube-system
     controllerNames:
       - dns-controller
     rules:
       - hostNetworkSet
-  # exemption valid in all namespaces
+  # exemption valid for hostNetworkSet rule on all containers in dns-controller controller in all namespaces
   - controllerNames:
       - dns-controller
     rules:
       - hostNetworkSet
+  # exemption valid for hostNetworkSet rule on coredns container in all controllers in kube-system namespace
+  - namespace: kube-system
+  - containerNames:
+      - coredns
+    rules:
+      - hostNetworkSet
 ```
 

go.sum

@@ -231,8 +231,6 @@ github.com/gobuffalo/logger v1.0.3 h1:YaXOTHNPCvkqqA7w05A4v0k2tCdpr+sgFlgINbQ6gq
 github.com/gobuffalo/logger v1.0.3/go.mod h1:SoeejUwldiS7ZsyCBphOGURmWdwUFXs0J7TCjEhjKxM=
 github.com/gobuffalo/packd v1.0.0 h1:6ERZvJHfe24rfFmA9OaoKBdC7+c9sydrytMg8SdFGBM=
 github.com/gobuffalo/packd v1.0.0/go.mod h1:6VTc4htmJRFB7u1m/4LeMTWjFoYrUiBkU9Fdec9hrhI=
-github.com/gobuffalo/packr/v2 v2.8.0 h1:IULGd15bQL59ijXLxEvA5wlMxsmx/ZkQv9T282zNVIY=
-github.com/gobuffalo/packr/v2 v2.8.0/go.mod h1:PDk2k3vGevNE3SwVyVRgQCCXETC9SaONCNSXT1Q8M1g=
 github.com/gobuffalo/packr/v2 v2.8.1 h1:tkQpju6i3EtMXJ9uoF5GT6kB+LMTimDWD8Xvbz6zDVA=
 github.com/gobuffalo/packr/v2 v2.8.1/go.mod h1:c/PLlOuTU+p3SybaJATW3H6lX/iK7xEz5OeMf+NnJpg=
 github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
@@ -372,7 +370,6 @@ github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/X
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
 github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
-github.com/karrick/godirwalk v1.15.3/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
 github.com/karrick/godirwalk v1.15.8/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
 github.com/karrick/godirwalk v1.16.1 h1:DynhcF+bztK8gooS0+NDJFrdNZjJ3gzVzC545UNA9iw=
 github.com/karrick/godirwalk v1.16.1/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk=
@@ -555,8 +552,6 @@ github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU
 github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
 github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
 github.com/spf13/cobra v0.0.6/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
-github.com/spf13/cobra v1.0.0 h1:6m/oheQuQ13N9ks4hubMG6BnvwOeaJrqSPLahSnczz8=
-github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
 github.com/spf13/cobra v1.1.1 h1:KfztREH0tPxJJ+geloSLaAkaPkr4ki2Er5quFV1TDo4=
 github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI=
 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
@@ -994,27 +989,18 @@ honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4 h1:UoveltGrhghAA7ePc+e+QYDHXrBps2PqFZiHkGR/xK8=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/api v0.18.4/go.mod h1:lOIQAKYgai1+vz9J7YcDZwC26Z0zQewYOGWdyIPUUQ4=
 k8s.io/api v0.18.6/go.mod h1:eeyxr+cwCjMdLAmr2W3RyDI0VvTawSg/3RFFBEnmZGI=
 k8s.io/api v0.18.8 h1:aIKUzJPb96f3fKec2lxtY7acZC9gQNDLVhfSGpxBAC4=
 k8s.io/api v0.18.8/go.mod h1:d/CXqwWv+Z2XEG1LgceeDmHQwpUJhROPx16SlxJgERY=
-k8s.io/apiextensions-apiserver v0.18.4 h1:Y3HGERmS8t9u12YNUFoOISqefaoGRuTc43AYCLzWmWE=
-k8s.io/apiextensions-apiserver v0.18.4/go.mod h1:NYeyeYq4SIpFlPxSAB6jHPIdvu3hL0pc36wuRChybio=
 k8s.io/apiextensions-apiserver v0.18.6 h1:vDlk7cyFsDyfwn2rNAO2DbmUbvXy5yT5GE3rrqOzaMo=
 k8s.io/apiextensions-apiserver v0.18.6/go.mod h1:lv89S7fUysXjLZO7ke783xOwVTm6lKizADfvUM/SS/M=
-k8s.io/apimachinery v0.18.4/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
 k8s.io/apimachinery v0.18.6/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
 k8s.io/apimachinery v0.18.8 h1:jimPrycCqgx2QPearX3to1JePz7wSbVLq+7PdBTTwQ0=
 k8s.io/apimachinery v0.18.8/go.mod h1:6sQd+iHEqmOtALqOFjSWp2KZ9F0wlU/nWm0ZgsYWMig=
-k8s.io/apiserver v0.18.4/go.mod h1:q+zoFct5ABNnYkGIaGQ3bcbUNdmPyOCoEBcg51LChY8=
 k8s.io/apiserver v0.18.6/go.mod h1:Zt2XvTHuaZjBz6EFYzpp+X4hTmgWGy8AthNVnTdm3Wg=
-k8s.io/client-go v0.18.4 h1:un55V1Q/B3JO3A76eS0kUSywgGK/WR3BQ8fHQjNa6Zc=
-k8s.io/client-go v0.18.4/go.mod h1:f5sXwL4yAZRkAtzOxRWUhA/N8XzGCb+nPZI8PfobZ9g=
 k8s.io/client-go v0.18.6 h1:I+oWqJbibLSGsZj8Xs8F0aWVXJVIoUHWaaJV3kUN/Zw=
 k8s.io/client-go v0.18.6/go.mod h1:/fwtGLjYMS1MaM5oi+eXhKwG+1UHidUEXRh6cNsdO0Q=
-k8s.io/code-generator v0.18.4/go.mod h1:TgNEVx9hCyPGpdtCWA34olQYLkh3ok9ar7XfSsr8b6c=
 k8s.io/code-generator v0.18.6/go.mod h1:TgNEVx9hCyPGpdtCWA34olQYLkh3ok9ar7XfSsr8b6c=
-k8s.io/component-base v0.18.4/go.mod h1:7jr/Ef5PGmKwQhyAz/pjByxJbC58mhKAhiaDu0vXfPk=
 k8s.io/component-base v0.18.6/go.mod h1:knSVsibPR5K6EW2XOjEHik6sdU5nCvKMrzMt2D4In14=
 k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
 k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
@@ -1035,12 +1021,6 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
 sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.7/go.mod h1:PHgbrJT7lCHcxMU+mDHEm+nx46H4zuuHZkDP6icnhu0=
-sigs.k8s.io/controller-runtime v0.6.1 h1:LcK2+nk0kmaOnKGN+vBcWHqY5WDJNJNB/c5pW+sU8fc=
-sigs.k8s.io/controller-runtime v0.6.1/go.mod h1:XRYBPdbf5XJu9kpS84VJiZ7h/u1hF3gEORz0efEja7A=
-sigs.k8s.io/controller-runtime v0.6.2 h1:jkAnfdTYBpFwlmBn3pS5HFO06SfxvnTZ1p5PeEF/zAA=
-sigs.k8s.io/controller-runtime v0.6.2/go.mod h1:vhcq/rlnENJ09SIRp3EveTaZ0yqH526hjf9iJdbUJ/E=
-sigs.k8s.io/controller-runtime v0.6.3 h1:SBbr+inLPEKhvlJtrvDcwIpm+uhDvp63Bl72xYJtoOE=
-sigs.k8s.io/controller-runtime v0.6.3/go.mod h1:WlZNXcM0++oyaQt4B7C2lEE5JYRs8vJUzRP4N4JpdAY=
 sigs.k8s.io/controller-runtime v0.6.4 h1:4013CKsBs5bEqo+LevzDett+LLxag/FjQWG94nVZ/9g=
 sigs.k8s.io/controller-runtime v0.6.4/go.mod h1:WlZNXcM0++oyaQt4B7C2lEE5JYRs8vJUzRP4N4JpdAY=
 sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=

main.go

@@ -20,7 +20,7 @@ import (
 
 const (
 	// Version represents the current release version of Polaris
-	Version = "1.2.1"
+	Version = "3.0.0"
 )
 
 func main() {

pkg/config/config.go

@@ -23,7 +23,7 @@ import (
 	"net/http"
 	"strings"
 
-	packr "github.com/gobuffalo/packr/v2"
+	"github.com/gobuffalo/packr/v2"
 	"k8s.io/apimachinery/pkg/util/yaml"
 )
 
@@ -40,7 +40,8 @@ type Configuration struct {
 type Exemption struct {
 	Rules           []string `json:"rules"`
 	ControllerNames []string `json:"controllerNames"`
-	Namespace       string `json:"namespace"`
+	ContainerNames  []string `json:"containerNames"`
+	Namespace       string   `json:"namespace"`
 }
 
 var configBox = (*packr.Box)(nil)
@@ -59,14 +60,14 @@ func ParseFile(path string) (Configuration, error) {
 	if path == "" {
 		rawBytes, err = getConfigBox().Find("config.yaml")
 	} else if strings.HasPrefix(path, "https://") || strings.HasPrefix(path, "http://") {
-		//path is a url
+		// path is a url
 		response, err2 := http.Get(path)
 		if err2 != nil {
 			return Configuration{}, err2
 		}
 		rawBytes, err = ioutil.ReadAll(response.Body)
 	} else {
-		//path is local
+		// path is local
 		rawBytes, err = ioutil.ReadFile(path)
 	}
 	if err != nil {
@@ -102,8 +103,8 @@ func Parse(rawBytes []byte) (Configuration, error) {
 }
 
 // Validate checks if a config is valid
-func (c Configuration) Validate() error {
-	if len(c.Checks) == 0 {
+func (conf Configuration) Validate() error {
+	if len(conf.Checks) == 0 {
 		return errors.New("No checks were enabled")
 	}
 	return nil