Documentation ¶
Overview ¶
Package user contains code for validating and defaulting the UID of a pod or container according to a security policy.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type RunAsUserStrategy ¶
type RunAsUserStrategy interface { // Generate creates the uid based on policy rules. Generate(pod *api.Pod, container *api.Container) (*types.UnixUserID, error) // Validate ensures that the specified values fall within the range of the strategy. Validate(pod *api.Pod, container *api.Container) field.ErrorList }
RunAsUserStrategy defines the interface for all uid constraint strategies.
func NewMustRunAs ¶
func NewMustRunAs(options *extensions.RunAsUserStrategyOptions) (RunAsUserStrategy, error)
NewMustRunAs provides a strategy that requires the container to run as a specific UID in a range.
func NewRunAsAny ¶
func NewRunAsAny(options *extensions.RunAsUserStrategyOptions) (RunAsUserStrategy, error)
NewRunAsAny provides a strategy that will return nil.
func NewRunAsNonRoot ¶
func NewRunAsNonRoot(options *extensions.RunAsUserStrategyOptions) (RunAsUserStrategy, error)
Click to show internal directories.
Click to hide internal directories.