Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +groupName=wgpolicyk8s.io
Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group +kubebuilder:object:generate=true +groupName=wgpolicyk8s.io
Index ¶
Constants ¶
const ( StatusPass = "pass" StatusFail = "fail" StatusWarn = "warn" StatusError = "error" StatusSkip = "skip" )
Status specifies state of a policy result
const ( SeverityHigh = "high" SeverityMedium = "medium" SeverityLow = "low" )
Severity specifies priority of a policy result
Variables ¶
var ( // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: "wgpolicyk8s.io", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group +kubebuilder:object:generate=true +groupName=wgpolicyk8s.io
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type ClusterPolicyReport ¶
type ClusterPolicyReport struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []*PolicyReportResult `json:"results,omitempty"`
}
ClusterPolicyReport is the Schema for the clusterpolicyreports API
func (*ClusterPolicyReport) DeepCopy ¶
func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReport.
func (*ClusterPolicyReport) DeepCopyInto ¶
func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicyReport) DeepCopyObject ¶
func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterPolicyReportList ¶
type ClusterPolicyReportList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ClusterPolicyReport `json:"items"`
}
ClusterPolicyReportList contains a list of ClusterPolicyReport +kubebuilder:object:root=true +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
func (*ClusterPolicyReportList) DeepCopy ¶
func (in *ClusterPolicyReportList) DeepCopy() *ClusterPolicyReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReportList.
func (*ClusterPolicyReportList) DeepCopyInto ¶
func (in *ClusterPolicyReportList) DeepCopyInto(out *ClusterPolicyReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicyReportList) DeepCopyObject ¶
func (in *ClusterPolicyReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyReport ¶
type PolicyReport struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []*PolicyReportResult `json:"results,omitempty"`
}
PolicyReport is the Schema for the policyreports API
func (*PolicyReport) DeepCopy ¶
func (in *PolicyReport) DeepCopy() *PolicyReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReport.
func (*PolicyReport) DeepCopyInto ¶
func (in *PolicyReport) DeepCopyInto(out *PolicyReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyReport) DeepCopyObject ¶
func (in *PolicyReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyReportList ¶
type PolicyReportList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []PolicyReport `json:"items"`
}
PolicyReportList contains a list of PolicyReport +kubebuilder:object:root=true +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
func (*PolicyReportList) DeepCopy ¶
func (in *PolicyReportList) DeepCopy() *PolicyReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportList.
func (*PolicyReportList) DeepCopyInto ¶
func (in *PolicyReportList) DeepCopyInto(out *PolicyReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyReportList) DeepCopyObject ¶
func (in *PolicyReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyReportResult ¶
type PolicyReportResult struct {
// Policy is the name of the policy
Policy string `json:"policy"`
// Rule is the name of the policy rule
// +optional
Rule string `json:"rule,omitempty"`
// Resources is an optional reference to the resource checked by the policy and rule
// +optional
Resources []*corev1.ObjectReference `json:"resources,omitempty"`
// ResourceSelector is an optional selector for policy results that apply to multiple resources.
// For example, a policy result may apply to all pods that match a label.
// Either a Resource or a ResourceSelector can be specified. If neither are provided, the
// result is assumed to be for the policy report scope.
// +optional
ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`
// Message is a short user friendly description of the policy rule
Message string `json:"message,omitempty"`
// Status indicates the result of the policy rule check
Status PolicyStatus `json:"status,omitempty"`
// Scored indicates if this policy rule is scored
Scored bool `json:"scored,omitempty"`
// Data provides additional information for the policy rule
Data map[string]string `json:"data,omitempty"`
// Category indicates policy category
// +optional
Category string `json:"category,omitempty"`
// Severity indicates policy severity
// +optional
Severity PolicySeverity `json:"severity,omitempty"`
}
PolicyReportResult provides the result for an individual policy
func (*PolicyReportResult) DeepCopy ¶
func (in *PolicyReportResult) DeepCopy() *PolicyReportResult
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportResult.
func (*PolicyReportResult) DeepCopyInto ¶
func (in *PolicyReportResult) DeepCopyInto(out *PolicyReportResult)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyReportSummary ¶
type PolicyReportSummary struct {
// Pass provides the count of policies whose requirements were met
// +optional
Pass int `json:"pass"`
// Fail provides the count of policies whose requirements were not met
// +optional
Fail int `json:"fail"`
// Warn provides the count of unscored policies whose requirements were not met
// +optional
Warn int `json:"warn"`
// Error provides the count of policies that could not be evaluated
// +optional
Error int `json:"error"`
// Skip indicates the count of policies that were not selected for evaluation
// +optional
Skip int `json:"skip"`
}
PolicyReportSummary provides a status count summary
func (*PolicyReportSummary) DeepCopy ¶
func (in *PolicyReportSummary) DeepCopy() *PolicyReportSummary
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportSummary.
func (*PolicyReportSummary) DeepCopyInto ¶
func (in *PolicyReportSummary) DeepCopyInto(out *PolicyReportSummary)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicySeverity ¶
type PolicySeverity string
PolicySeverity has one of the following values:
- high
- low
- medium
+kubebuilder:validation:Enum=high;low;medium
type PolicyStatus ¶
type PolicyStatus string
PolicyStatus has one of the following values:
- pass: indicates that the policy requirements are met
- fail: indicates that the policy requirements are not met
- warn: indicates that the policy requirements and not met, and the policy is not scored
- error: indicates that the policy could not be evaluated
- skip: indicates that the policy was not selected based on user inputs or applicability
+kubebuilder:validation:Enum=pass;fail;warn;error;skip
Source Files