capabilities

package

v0.1.28 Latest Latest Go to latest Published: Oct 18, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/chainguard-dev/sdk

Links

Open Source Insights

Documentation ¶

Overview ¶

Package capabilities contains the proto enum with our IAM capabilities.

Index ¶

Variables
func Bitify(cap Capability) (uint32, error)
func Deprecated(cap Capability) bool
func Names() []string
func Stringify(cap Capability) (string, error)
func StringifyAll(caps []Capability) ([]string, error)
type Capability
- func Parse(name string) (Capability, error)
type Set

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	Capability_name = map[int32]string{
		0:     "UNKNOWN",
		101:   "CAP_IAM_GROUPS_CREATE",
		102:   "CAP_IAM_GROUPS_UPDATE",
		103:   "CAP_IAM_GROUPS_LIST",
		104:   "CAP_IAM_GROUPS_DELETE",
		201:   "CAP_IAM_GROUP_INVITES_CREATE",
		203:   "CAP_IAM_GROUP_INVITES_LIST",
		204:   "CAP_IAM_GROUP_INVITES_DELETE",
		301:   "CAP_IAM_ROLES_CREATE",
		302:   "CAP_IAM_ROLES_UPDATE",
		303:   "CAP_IAM_ROLES_LIST",
		304:   "CAP_IAM_ROLES_DELETE",
		401:   "CAP_IAM_ROLE_BINDINGS_CREATE",
		402:   "CAP_IAM_ROLE_BINDINGS_UPDATE",
		403:   "CAP_IAM_ROLE_BINDINGS_LIST",
		404:   "CAP_IAM_ROLE_BINDINGS_DELETE",
		501:   "CAP_TENANT_CLUSTERS_CREATE",
		502:   "CAP_TENANT_CLUSTERS_UPDATE",
		503:   "CAP_TENANT_CLUSTERS_LIST",
		504:   "CAP_TENANT_CLUSTERS_DELETE",
		505:   "CAP_TENANT_CLUSTERS_DISCOVER",
		603:   "CAP_TENANT_RECORDS_LIST",
		613:   "CAP_TENANT_RECORD_CONTEXTS_LIST",
		623:   "CAP_TENANT_RECORD_SIGNATURES_LIST",
		633:   "CAP_TENANT_RECORD_POLICY_RESULTS_LIST",
		640:   "CAP_TENANT_RISKS_LIST",
		650:   "CAP_TENANT_SBOMS_LIST",
		660:   "CAP_TENANT_VULN_REPORTS_LIST",
		670:   "CAP_TENANT_ATTESTATIONS_LIST",
		701:   "CAP_IAM_ACCOUNT_ASSOCIATIONS_CREATE",
		702:   "CAP_IAM_ACCOUNT_ASSOCIATIONS_UPDATE",
		703:   "CAP_IAM_ACCOUNT_ASSOCIATIONS_LIST",
		704:   "CAP_IAM_ACCOUNT_ASSOCIATIONS_DELETE",
		801:   "CAP_IAM_POLICY_CREATE",
		802:   "CAP_IAM_POLICY_UPDATE",
		803:   "CAP_IAM_POLICY_LIST",
		804:   "CAP_IAM_POLICY_DELETE",
		901:   "CAP_IAM_IDENTITY_CREATE",
		902:   "CAP_IAM_IDENTITY_UPDATE",
		903:   "CAP_IAM_IDENTITY_LIST",
		904:   "CAP_IAM_IDENTITY_DELETE",
		1003:  "CAP_TENANT_NODES_LIST",
		1103:  "CAP_TENANT_NAMESPACES_LIST",
		1203:  "CAP_TENANT_WORKLOADS_LIST",
		1301:  "CAP_IAM_IDENTITY_PROVIDERS_CREATE",
		1302:  "CAP_IAM_IDENTITY_PROVIDERS_UPDATE",
		1303:  "CAP_IAM_IDENTITY_PROVIDERS_LIST",
		1304:  "CAP_IAM_IDENTITY_PROVIDERS_DELETE",
		1501:  "CAP_EVENTS_SUBSCRIPTION_CREATE",
		1502:  "CAP_EVENTS_SUBSCRIPTION_UPDATE",
		1503:  "CAP_EVENTS_SUBSCRIPTION_LIST",
		1504:  "CAP_EVENTS_SUBSCRIPTION_DELETE",
		1601:  "CAP_REGISTRY_PULL",
		1602:  "CAP_REGISTRY_PUSH",
		1603:  "CAP_REPO_CREATE",
		1604:  "CAP_REPO_UPDATE",
		1605:  "CAP_REPO_LIST",
		1606:  "CAP_REPO_DELETE",
		1607:  "CAP_MANIFEST_CREATE",
		1608:  "CAP_MANIFEST_UPDATE",
		1609:  "CAP_MANIFEST_LIST",
		1610:  "CAP_MANIFEST_DELETE",
		1611:  "CAP_TAG_CREATE",
		1612:  "CAP_TAG_UPDATE",
		1613:  "CAP_TAG_LIST",
		1614:  "CAP_TAG_DELETE",
		1615:  "CAP_MANIFEST_METADATA_LIST",
		1650:  "CAP_APK_CREATE",
		1651:  "CAP_APK_UPDATE",
		1652:  "CAP_APK_LIST",
		1653:  "CAP_APK_DELETE",
		1654:  "CAP_VERSION_LIST",
		1660:  "CAP_VULN_REPORT_CREATE",
		1661:  "CAP_VULN_REPORT_LIST",
		1662:  "CAP_VULN_CREATE",
		1670:  "CAP_BUILD_REPORT_LIST",
		1701:  "CAP_SIGSTORE_CREATE",
		1702:  "CAP_SIGSTORE_UPDATE",
		1703:  "CAP_SIGSTORE_LIST",
		1704:  "CAP_SIGSTORE_DELETE",
		1705:  "CAP_SIGSTORE_CERTIFICATE_CREATE",
		10000: "CAP_GULFSTREAM",
	}
	Capability_value = map[string]int32{
		"UNKNOWN":                               0,
		"CAP_IAM_GROUPS_CREATE":                 101,
		"CAP_IAM_GROUPS_UPDATE":                 102,
		"CAP_IAM_GROUPS_LIST":                   103,
		"CAP_IAM_GROUPS_DELETE":                 104,
		"CAP_IAM_GROUP_INVITES_CREATE":          201,
		"CAP_IAM_GROUP_INVITES_LIST":            203,
		"CAP_IAM_GROUP_INVITES_DELETE":          204,
		"CAP_IAM_ROLES_CREATE":                  301,
		"CAP_IAM_ROLES_UPDATE":                  302,
		"CAP_IAM_ROLES_LIST":                    303,
		"CAP_IAM_ROLES_DELETE":                  304,
		"CAP_IAM_ROLE_BINDINGS_CREATE":          401,
		"CAP_IAM_ROLE_BINDINGS_UPDATE":          402,
		"CAP_IAM_ROLE_BINDINGS_LIST":            403,
		"CAP_IAM_ROLE_BINDINGS_DELETE":          404,
		"CAP_TENANT_CLUSTERS_CREATE":            501,
		"CAP_TENANT_CLUSTERS_UPDATE":            502,
		"CAP_TENANT_CLUSTERS_LIST":              503,
		"CAP_TENANT_CLUSTERS_DELETE":            504,
		"CAP_TENANT_CLUSTERS_DISCOVER":          505,
		"CAP_TENANT_RECORDS_LIST":               603,
		"CAP_TENANT_RECORD_CONTEXTS_LIST":       613,
		"CAP_TENANT_RECORD_SIGNATURES_LIST":     623,
		"CAP_TENANT_RECORD_POLICY_RESULTS_LIST": 633,
		"CAP_TENANT_RISKS_LIST":                 640,
		"CAP_TENANT_SBOMS_LIST":                 650,
		"CAP_TENANT_VULN_REPORTS_LIST":          660,
		"CAP_TENANT_ATTESTATIONS_LIST":          670,
		"CAP_IAM_ACCOUNT_ASSOCIATIONS_CREATE":   701,
		"CAP_IAM_ACCOUNT_ASSOCIATIONS_UPDATE":   702,
		"CAP_IAM_ACCOUNT_ASSOCIATIONS_LIST":     703,
		"CAP_IAM_ACCOUNT_ASSOCIATIONS_DELETE":   704,
		"CAP_IAM_POLICY_CREATE":                 801,
		"CAP_IAM_POLICY_UPDATE":                 802,
		"CAP_IAM_POLICY_LIST":                   803,
		"CAP_IAM_POLICY_DELETE":                 804,
		"CAP_IAM_IDENTITY_CREATE":               901,
		"CAP_IAM_IDENTITY_UPDATE":               902,
		"CAP_IAM_IDENTITY_LIST":                 903,
		"CAP_IAM_IDENTITY_DELETE":               904,
		"CAP_TENANT_NODES_LIST":                 1003,
		"CAP_TENANT_NAMESPACES_LIST":            1103,
		"CAP_TENANT_WORKLOADS_LIST":             1203,
		"CAP_IAM_IDENTITY_PROVIDERS_CREATE":     1301,
		"CAP_IAM_IDENTITY_PROVIDERS_UPDATE":     1302,
		"CAP_IAM_IDENTITY_PROVIDERS_LIST":       1303,
		"CAP_IAM_IDENTITY_PROVIDERS_DELETE":     1304,
		"CAP_EVENTS_SUBSCRIPTION_CREATE":        1501,
		"CAP_EVENTS_SUBSCRIPTION_UPDATE":        1502,
		"CAP_EVENTS_SUBSCRIPTION_LIST":          1503,
		"CAP_EVENTS_SUBSCRIPTION_DELETE":        1504,
		"CAP_REGISTRY_PULL":                     1601,
		"CAP_REGISTRY_PUSH":                     1602,
		"CAP_REPO_CREATE":                       1603,
		"CAP_REPO_UPDATE":                       1604,
		"CAP_REPO_LIST":                         1605,
		"CAP_REPO_DELETE":                       1606,
		"CAP_MANIFEST_CREATE":                   1607,
		"CAP_MANIFEST_UPDATE":                   1608,
		"CAP_MANIFEST_LIST":                     1609,
		"CAP_MANIFEST_DELETE":                   1610,
		"CAP_TAG_CREATE":                        1611,
		"CAP_TAG_UPDATE":                        1612,
		"CAP_TAG_LIST":                          1613,
		"CAP_TAG_DELETE":                        1614,
		"CAP_MANIFEST_METADATA_LIST":            1615,
		"CAP_APK_CREATE":                        1650,
		"CAP_APK_UPDATE":                        1651,
		"CAP_APK_LIST":                          1652,
		"CAP_APK_DELETE":                        1653,
		"CAP_VERSION_LIST":                      1654,
		"CAP_VULN_REPORT_CREATE":                1660,
		"CAP_VULN_REPORT_LIST":                  1661,
		"CAP_VULN_CREATE":                       1662,
		"CAP_BUILD_REPORT_LIST":                 1670,
		"CAP_SIGSTORE_CREATE":                   1701,
		"CAP_SIGSTORE_UPDATE":                   1702,
		"CAP_SIGSTORE_LIST":                     1703,
		"CAP_SIGSTORE_DELETE":                   1704,
		"CAP_SIGSTORE_CERTIFICATE_CREATE":       1705,
		"CAP_GULFSTREAM":                        10000,
	}
)

Enum value maps for Capability.

View Source

var (
	// This decorates our capability enumeration values with
	// the friendly name to show to humans.
	//
	// optional string name = 189350643;
	E_Name = &file_capabilities_proto_extTypes[0]
	// This decorates our capability enumeration values with
	// a bit index enabling compacted encodings.
	//
	// optional uint32 bit = 20221109;
	E_Bit = &file_capabilities_proto_extTypes[1]
)

Extension fields to descriptorpb.EnumValueOptions.

View Source

var (
	// viewerCaps are read-only capabilities that do not affect state.
	ViewerCaps = sortCaps(append(append([]Capability{
		Capability_CAP_EVENTS_SUBSCRIPTION_LIST,

		Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_LIST,
		Capability_CAP_IAM_GROUP_INVITES_LIST,
		Capability_CAP_IAM_GROUPS_LIST,
		Capability_CAP_IAM_ROLE_BINDINGS_LIST,
		Capability_CAP_IAM_ROLES_LIST,
		Capability_CAP_IAM_IDENTITY_LIST,
		Capability_CAP_IAM_IDENTITY_PROVIDERS_LIST,

		Capability_CAP_TENANT_RECORD_SIGNATURES_LIST,
		Capability_CAP_TENANT_SBOMS_LIST,
		Capability_CAP_TENANT_VULN_REPORTS_LIST,

		Capability_CAP_VERSION_LIST,

		Capability_CAP_VULN_REPORT_LIST,

		Capability_CAP_BUILD_REPORT_LIST,
	},

		RegistryPullCaps...), APKPullCaps...))

	// editorCaps can modify state, but not grant roles/permissions.
	EditorCaps = sortCaps(append([]Capability{
		Capability_CAP_EVENTS_SUBSCRIPTION_CREATE,
		Capability_CAP_EVENTS_SUBSCRIPTION_DELETE,
		Capability_CAP_EVENTS_SUBSCRIPTION_UPDATE,
	}, ViewerCaps...))

	// ownerCaps includes all capabilities possible by a user.
	OwnerCaps = sortCaps(append(append(append([]Capability{
		Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_CREATE,
		Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_DELETE,
		Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_UPDATE,

		Capability_CAP_IAM_GROUP_INVITES_CREATE,
		Capability_CAP_IAM_GROUP_INVITES_DELETE,

		Capability_CAP_IAM_GROUPS_CREATE,
		Capability_CAP_IAM_GROUPS_DELETE,
		Capability_CAP_IAM_GROUPS_UPDATE,

		Capability_CAP_IAM_IDENTITY_CREATE,
		Capability_CAP_IAM_IDENTITY_DELETE,
		Capability_CAP_IAM_IDENTITY_UPDATE,

		Capability_CAP_IAM_IDENTITY_PROVIDERS_CREATE,
		Capability_CAP_IAM_IDENTITY_PROVIDERS_DELETE,
		Capability_CAP_IAM_IDENTITY_PROVIDERS_UPDATE,

		Capability_CAP_IAM_ROLE_BINDINGS_CREATE,
		Capability_CAP_IAM_ROLE_BINDINGS_DELETE,
		Capability_CAP_IAM_ROLE_BINDINGS_UPDATE,

		Capability_CAP_IAM_ROLES_CREATE,
		Capability_CAP_IAM_ROLES_DELETE,
		Capability_CAP_IAM_ROLES_UPDATE,

		Capability_CAP_VULN_CREATE,
		Capability_CAP_VULN_REPORT_CREATE,

		Capability_CAP_GULFSTREAM,
	}, EditorCaps...),

		RegistryPushCaps...),
		APKPushCaps...))

	RegistryPullCaps = sortCaps([]Capability{
		Capability_CAP_IAM_GROUPS_LIST,

		Capability_CAP_REPO_LIST,
		Capability_CAP_MANIFEST_LIST,
		Capability_CAP_TAG_LIST,
		Capability_CAP_MANIFEST_METADATA_LIST,

		Capability_CAP_TENANT_RECORD_SIGNATURES_LIST,
		Capability_CAP_TENANT_SBOMS_LIST,
		Capability_CAP_TENANT_VULN_REPORTS_LIST,
	})

	RegistryPushCaps = sortCaps(append([]Capability{
		Capability_CAP_REPO_CREATE,
		Capability_CAP_REPO_UPDATE,
		Capability_CAP_REPO_DELETE,

		Capability_CAP_MANIFEST_CREATE,
		Capability_CAP_MANIFEST_UPDATE,
		Capability_CAP_MANIFEST_DELETE,

		Capability_CAP_TAG_CREATE,
		Capability_CAP_TAG_UPDATE,
		Capability_CAP_TAG_DELETE,

		Capability_CAP_IAM_GROUPS_CREATE,
	}, RegistryPullCaps...))

	RegistryPullTokenCreatorCaps = sortCaps(append(append([]Capability{

		Capability_CAP_IAM_ROLE_BINDINGS_CREATE,
		Capability_CAP_IAM_IDENTITY_CREATE,

		Capability_CAP_IAM_ROLES_LIST,
	}, RegistryPullCaps...), APKPullCaps...))

	APKPullCaps = sortCaps([]Capability{
		Capability_CAP_IAM_GROUPS_LIST,
		Capability_CAP_APK_LIST,
	})

	APKPushCaps = sortCaps(append([]Capability{
		Capability_CAP_IAM_GROUPS_LIST,
		Capability_CAP_APK_CREATE,
		Capability_CAP_APK_DELETE,
	}, APKPullCaps...))
)

View Source

var File_capabilities_proto protoreflect.FileDescriptor

Functions ¶

func Bitify ¶

func Bitify(cap Capability) (uint32, error)

func Deprecated ¶ added in v0.1.21

func Deprecated(cap Capability) bool

func Names ¶

func Names() []string

Names returns a slice of all capabilities Stringify'd, sans UNKNOWN.

func Stringify ¶

func Stringify(cap Capability) (string, error)

func StringifyAll ¶

func StringifyAll(caps []Capability) ([]string, error)

Types ¶

type Capability ¶

type Capability int32

Capability is an enumeration of the Chainguard IAM capabilities.

const (
	Capability_UNKNOWN                      Capability = 0
	Capability_CAP_IAM_GROUPS_CREATE        Capability = 101
	Capability_CAP_IAM_GROUPS_UPDATE        Capability = 102
	Capability_CAP_IAM_GROUPS_LIST          Capability = 103
	Capability_CAP_IAM_GROUPS_DELETE        Capability = 104
	Capability_CAP_IAM_GROUP_INVITES_CREATE Capability = 201
	Capability_CAP_IAM_GROUP_INVITES_LIST   Capability = 203
	Capability_CAP_IAM_GROUP_INVITES_DELETE Capability = 204
	Capability_CAP_IAM_ROLES_CREATE         Capability = 301
	Capability_CAP_IAM_ROLES_UPDATE         Capability = 302
	Capability_CAP_IAM_ROLES_LIST           Capability = 303
	Capability_CAP_IAM_ROLES_DELETE         Capability = 304
	Capability_CAP_IAM_ROLE_BINDINGS_CREATE Capability = 401
	Capability_CAP_IAM_ROLE_BINDINGS_UPDATE Capability = 402
	Capability_CAP_IAM_ROLE_BINDINGS_LIST   Capability = 403
	Capability_CAP_IAM_ROLE_BINDINGS_DELETE Capability = 404
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_CLUSTERS_CREATE Capability = 501
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_CLUSTERS_UPDATE Capability = 502
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_CLUSTERS_LIST Capability = 503
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_CLUSTERS_DELETE Capability = 504
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_CLUSTERS_DISCOVER Capability = 505
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_RECORDS_LIST Capability = 603
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_RECORD_CONTEXTS_LIST   Capability = 613
	Capability_CAP_TENANT_RECORD_SIGNATURES_LIST Capability = 623
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_RECORD_POLICY_RESULTS_LIST Capability = 633
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_RISKS_LIST Capability = 640
	Capability_CAP_TENANT_SBOMS_LIST Capability = 650
	// TODO(colin): deprecate this cap once the legacy endpoint is removed
	Capability_CAP_TENANT_VULN_REPORTS_LIST        Capability = 660
	Capability_CAP_TENANT_ATTESTATIONS_LIST        Capability = 670
	Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_CREATE Capability = 701
	Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_UPDATE Capability = 702
	Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_LIST   Capability = 703
	Capability_CAP_IAM_ACCOUNT_ASSOCIATIONS_DELETE Capability = 704
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_IAM_POLICY_CREATE Capability = 801
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_IAM_POLICY_UPDATE Capability = 802
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_IAM_POLICY_LIST Capability = 803
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_IAM_POLICY_DELETE   Capability = 804
	Capability_CAP_IAM_IDENTITY_CREATE Capability = 901
	Capability_CAP_IAM_IDENTITY_UPDATE Capability = 902
	Capability_CAP_IAM_IDENTITY_LIST   Capability = 903
	Capability_CAP_IAM_IDENTITY_DELETE Capability = 904
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_NODES_LIST Capability = 1003
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_NAMESPACES_LIST Capability = 1103
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_TENANT_WORKLOADS_LIST         Capability = 1203
	Capability_CAP_IAM_IDENTITY_PROVIDERS_CREATE Capability = 1301
	Capability_CAP_IAM_IDENTITY_PROVIDERS_UPDATE Capability = 1302
	Capability_CAP_IAM_IDENTITY_PROVIDERS_LIST   Capability = 1303
	Capability_CAP_IAM_IDENTITY_PROVIDERS_DELETE Capability = 1304
	Capability_CAP_EVENTS_SUBSCRIPTION_CREATE    Capability = 1501
	Capability_CAP_EVENTS_SUBSCRIPTION_UPDATE    Capability = 1502
	Capability_CAP_EVENTS_SUBSCRIPTION_LIST      Capability = 1503
	Capability_CAP_EVENTS_SUBSCRIPTION_DELETE    Capability = 1504
	// TODO(jason): Remove these coarse-grained capabilities after they're removed from the roles.
	//
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_REGISTRY_PULL Capability = 1601 // Can read tags, blobs, manifests.
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_REGISTRY_PUSH          Capability = 1602 // Can create and update tags, blobs, manifests.
	Capability_CAP_REPO_CREATE            Capability = 1603
	Capability_CAP_REPO_UPDATE            Capability = 1604
	Capability_CAP_REPO_LIST              Capability = 1605
	Capability_CAP_REPO_DELETE            Capability = 1606
	Capability_CAP_MANIFEST_CREATE        Capability = 1607
	Capability_CAP_MANIFEST_UPDATE        Capability = 1608
	Capability_CAP_MANIFEST_LIST          Capability = 1609
	Capability_CAP_MANIFEST_DELETE        Capability = 1610
	Capability_CAP_TAG_CREATE             Capability = 1611
	Capability_CAP_TAG_UPDATE             Capability = 1612
	Capability_CAP_TAG_LIST               Capability = 1613
	Capability_CAP_TAG_DELETE             Capability = 1614
	Capability_CAP_MANIFEST_METADATA_LIST Capability = 1615
	Capability_CAP_APK_CREATE             Capability = 1650
	Capability_CAP_APK_UPDATE             Capability = 1651
	Capability_CAP_APK_LIST               Capability = 1652
	Capability_CAP_APK_DELETE             Capability = 1653
	Capability_CAP_VERSION_LIST           Capability = 1654
	Capability_CAP_VULN_REPORT_CREATE     Capability = 1660
	Capability_CAP_VULN_REPORT_LIST       Capability = 1661
	Capability_CAP_VULN_CREATE            Capability = 1662
	// Custom Image Build
	Capability_CAP_BUILD_REPORT_LIST Capability = 1670
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_SIGSTORE_CREATE Capability = 1701
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_SIGSTORE_UPDATE Capability = 1702
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_SIGSTORE_LIST Capability = 1703
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_SIGSTORE_DELETE Capability = 1704
	// Deprecated: Marked as deprecated in capabilities.proto.
	Capability_CAP_SIGSTORE_CERTIFICATE_CREATE Capability = 1705
	// This is orthogonal enough that we should leave
	// it somewhat separate, so add new capabilities above.
	// TODO(mattmoor): Think about whether we can encode specific
	// controller capabilities into our access control here?
	// e.g. could each logical controller/webhook be its own
	// capability?
	Capability_CAP_GULFSTREAM Capability = 10000
)

func Parse ¶

func Parse(name string) (Capability, error)

func (Capability) Descriptor ¶

func (Capability) Descriptor() protoreflect.EnumDescriptor

func (Capability) Enum ¶

func (x Capability) Enum() *Capability

func (Capability) EnumDescriptor deprecated

func (Capability) EnumDescriptor() ([]byte, []int)

Deprecated: Use Capability.Descriptor instead.

func (Capability) Number ¶

func (x Capability) Number() protoreflect.EnumNumber

func (Capability) String ¶

func (x Capability) String() string

func (Capability) Type ¶

func (Capability) Type() protoreflect.EnumType

type Set ¶

type Set []Capability

Set performs efficient encoding of a list of capabilities.

func (Set) MarshalJSON ¶

func (s Set) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler

func (Set) String ¶

func (s Set) String() string

func (*Set) UnmarshalJSON ¶

func (s *Set) UnmarshalJSON(b []byte) error

UnmarshalJSON implements json.Unmarshaler

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL