v1alpha1

package
v0.0.0-...-9b5a78d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 10, 2020 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the apis.integrityverifier.io v1alpha1 API group +kubebuilder:object:generate=true +groupName=apis.integrityverifier.io

Index

Constants

View Source 
const (
	DefaultIntegrityVerifierCRDName       = "integrityverifiers.apis.integrityverifier.io"
	DefaultVerifierConfigCRDName          = "verifierconfigs.apis.integrityverifier.io"
	DefaultSignPolicyCRDName              = "signpolicies.apis.integrityverifier.io"
	DefaultResourceSignatureCRDName       = "resourcesignatures.apis.integrityverifier.io"
	DefaultResourceSigningProfileCRDName  = "resourcesigningprofiles.apis.integrityverifier.io"
	DefaultHelmReleaseMetadataCRDName     = "helmreleasemetadatas.apis.integrityverifier.io"
	DefaultSignPolicyCRName               = "sign-policy"
	DefaultIVAdminClusterRoleName         = "iv-admin-clusterrole"
	DefaultIVAdminClusterRoleBindingName  = "iv-admin-clusterrolebinding"
	DefaultIVAdminRoleName                = "iv-admin-role"
	DefaultIVAdminRoleBindingName         = "iv-admin-rolebinding"
	DefaultIVCRYamlPath                   = "./resources/default-iv-cr.yaml"
	DefaultResourceSigningProfileYamlPath = "./resources/default-rsp.yaml"
	DefaultKeyringFilename                = "pubring.gpg"
	DefaultIVWebhookTimeout               = 10
	SATokenPath                           = "/var/run/secrets/kubernetes.io/serviceaccount/token"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "apis.integrityverifier.io", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type CertPoolConfig 

type CertPoolConfig struct {
	Name             string `json:"name,omitempty"`
	CreateIfNotExist bool   `json:"createIfNotExist,omitempty"`
	KeyValue         []byte `json:"keyValue,omitempty"`
}

func (*CertPoolConfig) DeepCopy 

func (in *CertPoolConfig) DeepCopy() *CertPoolConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertPoolConfig.

func (*CertPoolConfig) DeepCopyInto 

func (in *CertPoolConfig) DeepCopyInto(out *CertPoolConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EsConfig 

type EsConfig struct {
	Enabled     bool   `json:"enabled,omitempty"`
	Scheme      string `json:"scheme,omitempty"`
	Host        string `json:"host,omitempty"`
	Port        int32  `json:"port,omitempty"`
	SslVerify   bool   `json:"sslVerify,omitempty"`
	IndexPrefix string `json:"indexPrefix,omitempty"`
	ClientKey   string `json:"clientKey,omitempty"`
	ClientCert  string `json:"clientCert,omitempty"`
	CaFile      string `json:"caFile,omitempty"`
}

func (*EsConfig) DeepCopy 

func (in *EsConfig) DeepCopy() *EsConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EsConfig.

func (*EsConfig) DeepCopyInto 

func (in *EsConfig) DeepCopyInto(out *EsConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HttpConfig 

type HttpConfig struct {
	Enabled  bool   `json:"enabled,omitempty"`
	Endpoint string `json:"endpoint,omitempty"`
}

func (*HttpConfig) DeepCopy 

func (in *HttpConfig) DeepCopy() *HttpConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HttpConfig.

func (*HttpConfig) DeepCopyInto 

func (in *HttpConfig) DeepCopyInto(out *HttpConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IntegrityVerifier 

type IntegrityVerifier struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IntegrityVerifierSpec   `json:"spec,omitempty"`
	Status IntegrityVerifierStatus `json:"status,omitempty"`
}

IntegrityVerifier is the Schema for the integrityverifiers API

func (*IntegrityVerifier) DeepCopy 

func (in *IntegrityVerifier) DeepCopy() *IntegrityVerifier

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntegrityVerifier.

func (*IntegrityVerifier) DeepCopyInto 

func (in *IntegrityVerifier) DeepCopyInto(out *IntegrityVerifier)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IntegrityVerifier) DeepCopyObject 

func (in *IntegrityVerifier) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*IntegrityVerifier) GetClusterRoleBindingName 

func (self *IntegrityVerifier) GetClusterRoleBindingName() string

func (*IntegrityVerifier) GetClusterRoleName 

func (self *IntegrityVerifier) GetClusterRoleName() string

func (*IntegrityVerifier) GetDryRunRoleBindingName 

func (self *IntegrityVerifier) GetDryRunRoleBindingName() string

func (*IntegrityVerifier) GetDryRunRoleName 

func (self *IntegrityVerifier) GetDryRunRoleName() string

func (*IntegrityVerifier) GetHelmReleaseMetadataCRDName 

func (self *IntegrityVerifier) GetHelmReleaseMetadataCRDName() string

func (*IntegrityVerifier) GetIVAdminClusterRoleBindingName 

func (self *IntegrityVerifier) GetIVAdminClusterRoleBindingName() string

func (*IntegrityVerifier) GetIVAdminClusterRoleName 

func (self *IntegrityVerifier) GetIVAdminClusterRoleName() string

func (*IntegrityVerifier) GetIVAdminRoleBindingName 

func (self *IntegrityVerifier) GetIVAdminRoleBindingName() string

func (*IntegrityVerifier) GetIVAdminRoleName 

func (self *IntegrityVerifier) GetIVAdminRoleName() string

func (*IntegrityVerifier) GetIVResourceList 

func (self *IntegrityVerifier) GetIVResourceList(scheme *runtime.Scheme) ([]*common.ResourceRef, []*common.ResourceRef)

func (*IntegrityVerifier) GetIVServerDeploymentName 

func (self *IntegrityVerifier) GetIVServerDeploymentName() string

func (*IntegrityVerifier) GetIntegrityVerifierCRDName 

func (self *IntegrityVerifier) GetIntegrityVerifierCRDName() string

func (*IntegrityVerifier) GetPodSecurityPolicyName 

func (self *IntegrityVerifier) GetPodSecurityPolicyName() string

func (*IntegrityVerifier) GetRegKeySecretName 

func (self *IntegrityVerifier) GetRegKeySecretName() string

func (*IntegrityVerifier) GetResourceSignatureCRDName 

func (self *IntegrityVerifier) GetResourceSignatureCRDName() string

func (*IntegrityVerifier) GetResourceSigningProfileCRDName 

func (self *IntegrityVerifier) GetResourceSigningProfileCRDName() string

func (*IntegrityVerifier) GetSecurityContextConstraintsName 

func (self *IntegrityVerifier) GetSecurityContextConstraintsName() string

func (*IntegrityVerifier) GetServiceAccountName 

func (self *IntegrityVerifier) GetServiceAccountName() string

func (*IntegrityVerifier) GetSignPolicyCRDName 

func (self *IntegrityVerifier) GetSignPolicyCRDName() string

func (*IntegrityVerifier) GetSignPolicyCRName 

func (self *IntegrityVerifier) GetSignPolicyCRName() string

func (*IntegrityVerifier) GetVerifierConfigCRDName 

func (self *IntegrityVerifier) GetVerifierConfigCRDName() string

func (*IntegrityVerifier) GetVerifierConfigCRName 

func (self *IntegrityVerifier) GetVerifierConfigCRName() string

func (*IntegrityVerifier) GetWebhookConfigName 

func (self *IntegrityVerifier) GetWebhookConfigName() string

func (*IntegrityVerifier) GetWebhookServerTlsSecretName 

func (self *IntegrityVerifier) GetWebhookServerTlsSecretName() string

func (*IntegrityVerifier) GetWebhookServiceName 

func (self *IntegrityVerifier) GetWebhookServiceName() string

type IntegrityVerifierList 

type IntegrityVerifierList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IntegrityVerifier `json:"items"`
}

IntegrityVerifierList contains a list of IntegrityVerifier

func (*IntegrityVerifierList) DeepCopy 

func (in *IntegrityVerifierList) DeepCopy() *IntegrityVerifierList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntegrityVerifierList.

func (*IntegrityVerifierList) DeepCopyInto 

func (in *IntegrityVerifierList) DeepCopyInto(out *IntegrityVerifierList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IntegrityVerifierList) DeepCopyObject 

func (in *IntegrityVerifierList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IntegrityVerifierSpec 

type IntegrityVerifierSpec struct {
	MaxSurge         *intstr.IntOrString       `json:"maxSurge,omitempty"`
	MaxUnavailable   *intstr.IntOrString       `json:"maxUnavailable,omitempty"`
	ReplicaCount     *int32                    `json:"replicaCount,omitempty"`
	MetaLabels       map[string]string         `json:"labels,omitempty"`
	SelectorLabels   map[string]string         `json:"selector,omitempty"`
	NodeSelector     map[string]string         `json:"nodeSelector,omitempty"`
	Affinity         *v1.Affinity              `json:"affinity,omitempty"`
	Tolerations      []v1.Toleration           `json:"tolerations,omitempty"`
	ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"`

	IgnoreDefaultIVCR bool            `json:"ignoreDefaultIVCR,omitempty"`
	Security          SecurityConfig  `json:"security,omitempty"`
	KeyRings          []KeyRingConfig `json:"keyRingConfigs,omitempty"`
	Server            ServerContainer `json:"server,omitempty"`
	Logger            LoggerContainer `json:"logger,omitempty"`
	RegKeySecret      RegKeySecret    `json:"regKeySecret,omitempty"`

	VerifierConfigCrName    string              `json:"verifierConfigCrName,omitempty"`
	VerifierConfig          *iec.VerifierConfig `json:"verifierConfig,omitempty"`
	SignPolicy              *policy.SignPolicy  `json:"signPolicy,omitempty"`
	ResourceSigningProfiles []*ProfileConfig    `json:"resourceSigningProfiles,omitempty"`

	WebhookServerTlsSecretName string     `json:"webhookServerTlsSecretName,omitempty"`
	WebhookServiceName         string     `json:"webhookServiceName,omitempty"`
	WebhookConfigName          string     `json:"webhookConfigName,omitempty"`
	WebhookNamespacedResource  admv1.Rule `json:"webhookNamespacedResource,omitempty"`
	WebhookClusterResource     admv1.Rule `json:"webhookClusterResource,omitempty"`
}

IntegrityVerifierSpec defines the desired state of IntegrityVerifier

func (*IntegrityVerifierSpec) DeepCopy 

func (in *IntegrityVerifierSpec) DeepCopy() *IntegrityVerifierSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntegrityVerifierSpec.

func (*IntegrityVerifierSpec) DeepCopyInto 

func (in *IntegrityVerifierSpec) DeepCopyInto(out *IntegrityVerifierSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IntegrityVerifierStatus 

type IntegrityVerifierStatus struct {
}

IntegrityVerifierStatus defines the observed state of IntegrityVerifier

func (*IntegrityVerifierStatus) DeepCopy 

func (in *IntegrityVerifierStatus) DeepCopy() *IntegrityVerifierStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IntegrityVerifierStatus.

func (*IntegrityVerifierStatus) DeepCopyInto 

func (in *IntegrityVerifierStatus) DeepCopyInto(out *IntegrityVerifierStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyRingConfig 

type KeyRingConfig struct {
	Name             string `json:"name,omitempty"`
	CreateIfNotExist bool   `json:"createIfNotExist,omitempty"`
	KeyValue         []byte `json:"keyValue,omitempty"`
}

func (*KeyRingConfig) DeepCopy 

func (in *KeyRingConfig) DeepCopy() *KeyRingConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRingConfig.

func (*KeyRingConfig) DeepCopyInto 

func (in *KeyRingConfig) DeepCopyInto(out *KeyRingConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LoggerContainer 

type LoggerContainer struct {
	Enabled         bool                    `json:"enabled,omitempty"`
	Name            string                  `json:"name,omitempty"`
	SecurityContext *v1.SecurityContext     `json:"securityContext,omitempty"`
	ImagePullPolicy v1.PullPolicy           `json:"imagePullPolicy,omitempty"`
	Image           string                  `json:"image,omitempty"`
	StdOutput       bool                    `json:"stdOutput,omitempty"`
	HttpConfig      *HttpConfig             `json:"http,omitempty"`
	Resources       v1.ResourceRequirements `json:"resources,omitempty"`
	EsConfig        *EsConfig               `json:"es,omitempty"`
	EsSecretName    string                  `json:"esSecretName,omitempty"`
}

func (*LoggerContainer) DeepCopy 

func (in *LoggerContainer) DeepCopy() *LoggerContainer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoggerContainer.

func (*LoggerContainer) DeepCopyInto 

func (in *LoggerContainer) DeepCopyInto(out *LoggerContainer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProfileConfig 

type ProfileConfig struct {
	*rsp.ResourceSigningProfileSpec `json:",omitempty"`
	Name                            string `json:"name,omitempty"`
}

func (*ProfileConfig) DeepCopy 

func (in *ProfileConfig) DeepCopy() *ProfileConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProfileConfig.

func (*ProfileConfig) DeepCopyInto 

func (in *ProfileConfig) DeepCopyInto(out *ProfileConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RegKeySecret 

type RegKeySecret struct {
	Name  string `json:"name,omitempty"`
	Value []byte `json:"value,omitempty"`
}

func (*RegKeySecret) DeepCopy 

func (in *RegKeySecret) DeepCopy() *RegKeySecret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegKeySecret.

func (*RegKeySecret) DeepCopyInto 

func (in *RegKeySecret) DeepCopyInto(out *RegKeySecret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecurityConfig 

type SecurityConfig struct {
	ServiceAccountName             string                 `json:"serviceAccountName,omitempty"`
	SecurityContextConstraintsName string                 `json:"securityContextConstraintsName,omitempty"`
	ClusterRole                    string                 `json:"clusterRole,omitempty"`
	ClusterRoleBinding             string                 `json:"clusterRoleBinding,omitempty"`
	PodSecurityPolicyName          string                 `json:"podSecurityPolicyName,omitempty"`
	PodSecurityContext             *v1.PodSecurityContext `json:"securityContext,omitempty"`
	IVAdminSubjects                []rbacv1.Subject       `json:"ivAdminSubjects,omitempty"`
	AutoIVAdminCreationDisabled    bool                   `json:"autoIVAdminRoleCreationDisabled,omitempty"`
}

func (*SecurityConfig) DeepCopy 

func (in *SecurityConfig) DeepCopy() *SecurityConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityConfig.

func (*SecurityConfig) DeepCopyInto 

func (in *SecurityConfig) DeepCopyInto(out *SecurityConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServerContainer 

type ServerContainer struct {
	Name                   string                  `json:"name,omitempty"`
	SecurityContext        *v1.SecurityContext     `json:"securityContext,omitempty"`
	ImagePullPolicy        v1.PullPolicy           `json:"imagePullPolicy,omitempty"`
	Image                  string                  `json:"image,omitempty"`
	Port                   int32                   `json:"port,omitempty"`
	Resources              v1.ResourceRequirements `json:"resources,omitempty"`
	ChartBaseUrl           string                  `json:"chartBaseUrl,omitempty"`
	ContextLogEnabled      bool                    `json:"contextLogEnabled,omitempty"`
	VerifierCmReloadSec    int32                   `json:"verifierCmReloadSec,omitempty"`
	EnforcePolicyReloadSec int32                   `json:"verifierPolicyReloadSec,omitempty"`
}

func (*ServerContainer) DeepCopy 

func (in *ServerContainer) DeepCopy() *ServerContainer

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServerContainer.

func (*ServerContainer) DeepCopyInto 

func (in *ServerContainer) DeepCopyInto(out *ServerContainer)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.