policyviolation

package
v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 31, 2019 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BuildPolicyViolation

func BuildPolicyViolation(policy string, resource kyverno.ResourceSpec, fRules []kyverno.ViolatedRule) kyverno.ClusterPolicyViolation

BuildPolicyViolation returns an value of type PolicyViolation

func CreatePV added in v0.9.0

func CreatePV(pvLister kyvernolister.ClusterPolicyViolationLister, client *kyvernoclient.Clientset, engineResponses []engine.EngineResponse)

CreatePV creates policy violation resource based on the engine responses

func CreatePVWhenBlocked added in v0.10.0

func CreatePVWhenBlocked(pvLister kyvernolister.ClusterPolicyViolationLister, client *kyvernoclient.Clientset,
	dclient *dclient.Client, engineResponses []engine.EngineResponse)

CreatePVWhenBlocked creates pv on resource owner only when admission request is denied

Types

type PVControlInterface

type PVControlInterface interface {
	UpdateStatusPolicyViolation(newPv *kyverno.ClusterPolicyViolation) error
	RemovePolicyViolation(name string) error
}

type PolicyViolationController

type PolicyViolationController struct {
	// contains filtered or unexported fields
}

PolicyViolationController manages the policy violation resource - sync the lastupdate time - check if the resource is active

func NewPolicyViolationController

func NewPolicyViolationController(client *client.Client, kyvernoClient *kyvernoclient.Clientset, pInformer kyvernoinformer.ClusterPolicyInformer, pvInformer kyvernoinformer.ClusterPolicyViolationInformer) (*PolicyViolationController, error)

NewPolicyViolationController creates a new NewPolicyViolationController

func (*PolicyViolationController) Run

func (pvc *PolicyViolationController) Run(workers int, stopCh <-chan struct{})

Run begins watching and syncing.

type RealPVControl

type RealPVControl struct {
	Client   kyvernoclient.Interface
	Recorder record.EventRecorder
}

RealPVControl is the default implementation of PVControlInterface.

func (RealPVControl) RemovePolicyViolation

func (r RealPVControl) RemovePolicyViolation(name string) error

RemovePolicyViolation removes the policy violation

func (RealPVControl) UpdateStatusPolicyViolation

func (r RealPVControl) UpdateStatusPolicyViolation(newPv *kyverno.ClusterPolicyViolation) error

UpdateStatusPolicyViolation updates the status for policy violation

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL