Documentation
¶
Index ¶
- func BuildACConfigForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ConfigMap
- func BuildAPIServiceForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Service
- func BuildAPITlsSecretForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Secret
- func BuildClusterRoleBindingForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRoleBinding
- func BuildClusterRoleBindingForObserver(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRoleBinding
- func BuildClusterRoleForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRole
- func BuildClusterRoleForObserver(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRole
- func BuildConstraintConfigForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ConfigMap
- func BuildConstraintTemplateForIShield(cr *apiv1alpha1.IntegrityShield) *v1beta1.ConstraintTemplate
- func BuildDeploymentForAdmissionController(cr *apiv1alpha1.IntegrityShield) *appsv1.Deployment
- func BuildDeploymentForIShieldServer(cr *apiv1alpha1.IntegrityShield) *appsv1.Deployment
- func BuildDeploymentForObserver(cr *apiv1alpha1.IntegrityShield) *appsv1.Deployment
- func BuildManifestIntegrityProfileCRD(cr *apiv1alpha1.IntegrityShield) *extv1.CustomResourceDefinition
- func BuildPodSecurityPolicy(cr *apiv1alpha1.IntegrityShield) *policyv1.PodSecurityPolicy
- func BuildReqConfigForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ConfigMap
- func BuildRoleBindingForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.RoleBinding
- func BuildRoleForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.Role
- func BuildServiceAccountForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ServiceAccount
- func BuildServiceAccountForObserver(cr *apiv1alpha1.IntegrityShield) *corev1.ServiceAccount
- func BuildServiceForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Service
- func BuildTlsSecretForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Secret
- func BuildValidatingWebhookConfigurationForIShield(cr *apiv1alpha1.IntegrityShield) *admregv1.ValidatingWebhookConfiguration
- func BuildVerifyResourceResultCRD(cr *apiv1alpha1.IntegrityShield) *extv1.CustomResourceDefinition
- func EmptyDirVolume(name string) v1.Volume
- func EqualAnnotations(found map[string]string, expected map[string]string) bool
- func EqualContainers(expected v1.Container, found v1.Container) bool
- func EqualDeployments(expected *appsv1.Deployment, found *appsv1.Deployment) bool
- func EqualLabels(found map[string]string, expected map[string]string) bool
- func EqualPods(expected v1.PodTemplateSpec, found v1.PodTemplateSpec) bool
- func SecretVolume(name, secretName string) v1.Volume
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func BuildACConfigForIShield ¶
func BuildACConfigForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ConfigMap
request handler config
func BuildAPIServiceForIShield ¶
func BuildAPIServiceForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Service
api service
func BuildAPITlsSecretForIShield ¶
func BuildAPITlsSecretForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Secret
ishield-webhook-tls
func BuildClusterRoleBindingForIShield ¶
func BuildClusterRoleBindingForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRoleBinding
cluster role-binding
func BuildClusterRoleBindingForObserver ¶
func BuildClusterRoleBindingForObserver(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRoleBinding
func BuildClusterRoleForIShield ¶
func BuildClusterRoleForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRole
cluster role - server
func BuildClusterRoleForObserver ¶
func BuildClusterRoleForObserver(cr *apiv1alpha1.IntegrityShield) *rbacv1.ClusterRole
TODO: should be minimum privilege
func BuildConstraintConfigForIShield ¶
func BuildConstraintConfigForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ConfigMap
request handler config
func BuildConstraintTemplateForIShield ¶
func BuildConstraintTemplateForIShield(cr *apiv1alpha1.IntegrityShield) *v1beta1.ConstraintTemplate
request handler config
func BuildDeploymentForAdmissionController ¶
func BuildDeploymentForAdmissionController(cr *apiv1alpha1.IntegrityShield) *appsv1.Deployment
admission controller
func BuildDeploymentForIShieldServer ¶
func BuildDeploymentForIShieldServer(cr *apiv1alpha1.IntegrityShield) *appsv1.Deployment
shield api
func BuildDeploymentForObserver ¶
func BuildDeploymentForObserver(cr *apiv1alpha1.IntegrityShield) *appsv1.Deployment
Observer
func BuildManifestIntegrityProfileCRD ¶
func BuildManifestIntegrityProfileCRD(cr *apiv1alpha1.IntegrityShield) *extv1.CustomResourceDefinition
shield config crd
func BuildPodSecurityPolicy ¶
func BuildPodSecurityPolicy(cr *apiv1alpha1.IntegrityShield) *policyv1.PodSecurityPolicy
pod security policy
func BuildReqConfigForIShield ¶
func BuildReqConfigForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ConfigMap
request handler config
func BuildRoleBindingForIShield ¶
func BuildRoleBindingForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.RoleBinding
role-binding
func BuildRoleForIShield ¶
func BuildRoleForIShield(cr *apiv1alpha1.IntegrityShield) *rbacv1.Role
role dry-run
func BuildServiceAccountForIShield ¶
func BuildServiceAccountForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.ServiceAccount
sa
func BuildServiceAccountForObserver ¶
func BuildServiceAccountForObserver(cr *apiv1alpha1.IntegrityShield) *corev1.ServiceAccount
func BuildServiceForIShield ¶
func BuildServiceForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Service
webhook service
func BuildTlsSecretForIShield ¶
func BuildTlsSecretForIShield(cr *apiv1alpha1.IntegrityShield) *corev1.Secret
ishield-server-tls
func BuildValidatingWebhookConfigurationForIShield ¶
func BuildValidatingWebhookConfigurationForIShield(cr *apiv1alpha1.IntegrityShield) *admregv1.ValidatingWebhookConfiguration
webhook configuration
func BuildVerifyResourceResultCRD ¶
func BuildVerifyResourceResultCRD(cr *apiv1alpha1.IntegrityShield) *extv1.CustomResourceDefinition
shield config crd
func EmptyDirVolume ¶
func EqualAnnotations ¶
func EqualContainers ¶
EqualContainers returns a Boolean
func EqualDeployments ¶
func EqualDeployments(expected *appsv1.Deployment, found *appsv1.Deployment) bool
EqualDeployments returns a Boolean
func EqualPods ¶
func EqualPods(expected v1.PodTemplateSpec, found v1.PodTemplateSpec) bool
EqualPods returns a Boolean
func SecretVolume ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.