policy

package
v0.0.0-...-9b5a78d Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2020 License: Apache-2.0 Imports: 4 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BreakGlassCondition

type BreakGlassCondition struct {
	Scope      ScopeType `json:"scope,omitempty"`
	Namespaces []string  `json:"namespaces,omitempty"`
}

type IntegrityVerifierMode

type IntegrityVerifierMode string
const (
	UnknownMode IntegrityVerifierMode = ""
	EnforceMode IntegrityVerifierMode = "enforce"
	DetectMode  IntegrityVerifierMode = "detect"
)

type ScopeType

type ScopeType string
const (
	ScopeUndefined  ScopeType = ""
	ScopeNamespaced ScopeType = "Namespaced"
	ScopeCluster    ScopeType = "Cluster"
)

type SignPolicy

type SignPolicy struct {
	Policies    []SignPolicyCondition `json:"policies,omitempty"`
	Signers     []SignerCondition     `json:"signers,omitempty"`
	BreakGlass  []BreakGlassCondition `json:"breakGlass,omitempty"`
	Description string                `json:"description,omitempty"`
}

func (*SignPolicy) DeepCopy

func (p *SignPolicy) DeepCopy() *SignPolicy

func (*SignPolicy) DeepCopyInto

func (p *SignPolicy) DeepCopyInto(p2 *SignPolicy)

func (*SignPolicy) GetCandidatePubkeys

func (self *SignPolicy) GetCandidatePubkeys(keyPathList []string, namespace string) []string

func (*SignPolicy) GetSignerMap

func (self *SignPolicy) GetSignerMap() map[string][]SubjectCondition

func (*SignPolicy) Match

func (self *SignPolicy) Match(namespace string, signer *common.SignerInfo) (bool, *SignPolicyCondition)

func (*SignPolicy) Merge

func (self *SignPolicy) Merge(data *SignPolicy) *SignPolicy

type SignPolicyCondition

type SignPolicyCondition struct {
	Scope             ScopeType `json:"scope,omitempty"`
	Namespaces        []string  `json:"namespaces,omitempty"`
	ExcludeNamespaces []string  `json:"excludeNamespaces,omitempty"`
	Signers           []string  `json:"signers,omitempty"`
}

type SignerCondition

type SignerCondition struct {
	Name     string                `json:"name,omitempty"`
	Secret   string                `json:"secret,omitempty"`
	Subjects []SubjectMatchPattern `json:"subjects,omitempty"`
}

type SubjectCondition

type SubjectCondition struct {
	Name    string              `json:"name"`
	Subject SubjectMatchPattern `json:"subject"`
}

func (*SubjectCondition) Match

func (self *SubjectCondition) Match(signer *common.SignerInfo) bool

type SubjectMatchPattern

type SubjectMatchPattern struct {
	Email              string `json:"email,omitempty"`
	Uid                string `json:"uid,omitempty"`
	Country            string `json:"country,omitempty"`
	Organization       string `json:"organization,omitempty"`
	OrganizationalUnit string `json:"organizationalUnit,omitempty"`
	Locality           string `json:"locality,omitempty"`
	Province           string `json:"province,omitempty"`
	StreetAddress      string `json:"streetAddress,omitempty"`
	PostalCode         string `json:"postalCode,omitempty"`
	CommonName         string `json:"commonName,omitempty"`
	SerialNumber       string `json:"serialNumber,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL