tracingpolicy

package

v1.3.0 Latest Latest Go to latest Published: Dec 13, 2024 License: Apache-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/cilium/tetragon

Documentation ¶

Index ¶

func ApplyCRDDefault(rawPolicy []byte) (rawPolicyWithDefault []byte, namespaced bool, err error)
func ValidateCRD(policy K8sTracingPolicyObject) (*validate.Result, error)
func ValidateCRDMeta(policy K8sTracingPolicyObject) []error
func ValidateCRDSpec(policy K8sTracingPolicyObject) (*validate.Result, error)
type GenericTracingPolicy
type GenericTracingPolicyNamespaced
type K8sTracingPolicyObject
type PolicyEvent
type PolicyInfo
type TracingPolicy
- func FromFile(path string) (TracingPolicy, error)
- func FromYAML(data string) (TracingPolicy, error)
type TracingPolicyNamespaced

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ApplyCRDDefault ¶ added in v1.0.0

func ApplyCRDDefault(rawPolicy []byte) (rawPolicyWithDefault []byte, namespaced bool, err error)

ApplyCRDDefault uses internal k8s api server machinery and can only process unustructured objects (unfortunately, since it requires to unmarshal and marshal). This first reading step is also used to return if the resource is namespaced or not (second return value).

func ValidateCRD ¶ added in v1.0.0

func ValidateCRD(policy K8sTracingPolicyObject) (*validate.Result, error)

ValidateCRD validates the metadata of the objects (name, labels, annotations...) and the specification using the custom CRD schemas.

func ValidateCRDMeta ¶ added in v1.0.0

func ValidateCRDMeta(policy K8sTracingPolicyObject) []error

func ValidateCRDSpec ¶ added in v1.0.0

func ValidateCRDSpec(policy K8sTracingPolicyObject) (*validate.Result, error)

Types ¶

type GenericTracingPolicy ¶ added in v0.10.0

type GenericTracingPolicy struct {
	k8sv1.TypeMeta
	Metadata k8sv1.ObjectMeta           `json:"metadata"`
	Spec     v1alpha1.TracingPolicySpec `json:"spec"`
}

func (GenericTracingPolicy) GetGroupVersionKind ¶ added in v1.0.0

func (gtp GenericTracingPolicy) GetGroupVersionKind() schema.GroupVersionKind

func (GenericTracingPolicy) GetKind ¶ added in v1.0.0

func (gtp GenericTracingPolicy) GetKind() string

func (GenericTracingPolicy) GetMetadata ¶ added in v1.0.0

func (gtp GenericTracingPolicy) GetMetadata() k8sv1.ObjectMeta

func (*GenericTracingPolicy) TpInfo ¶ added in v0.10.0

func (gtp *GenericTracingPolicy) TpInfo() string

func (*GenericTracingPolicy) TpName ¶ added in v0.10.0

func (gtp *GenericTracingPolicy) TpName() string

func (*GenericTracingPolicy) TpSpec ¶ added in v0.10.0

func (gtp *GenericTracingPolicy) TpSpec() *v1alpha1.TracingPolicySpec

type GenericTracingPolicyNamespaced ¶ added in v0.10.0

type GenericTracingPolicyNamespaced struct {
	k8sv1.TypeMeta
	Metadata k8sv1.ObjectMeta           `json:"metadata"`
	Spec     v1alpha1.TracingPolicySpec `json:"spec"`
}

func (GenericTracingPolicyNamespaced) GetGroupVersionKind ¶ added in v1.0.0

func (gtp GenericTracingPolicyNamespaced) GetGroupVersionKind() schema.GroupVersionKind

func (GenericTracingPolicyNamespaced) GetKind ¶ added in v1.0.0

func (gtp GenericTracingPolicyNamespaced) GetKind() string

func (GenericTracingPolicyNamespaced) GetMetadata ¶ added in v1.0.0

func (gtp GenericTracingPolicyNamespaced) GetMetadata() k8sv1.ObjectMeta

func (*GenericTracingPolicyNamespaced) TpInfo ¶ added in v0.10.0

func (gtp *GenericTracingPolicyNamespaced) TpInfo() string

func (*GenericTracingPolicyNamespaced) TpName ¶ added in v0.10.0

func (gtp *GenericTracingPolicyNamespaced) TpName() string

func (*GenericTracingPolicyNamespaced) TpNamespace ¶ added in v0.10.0

func (gtp *GenericTracingPolicyNamespaced) TpNamespace() string

func (*GenericTracingPolicyNamespaced) TpSpec ¶ added in v0.10.0

func (gtp *GenericTracingPolicyNamespaced) TpSpec() *v1alpha1.TracingPolicySpec

type K8sTracingPolicyObject ¶ added in v1.0.0

type K8sTracingPolicyObject interface {
	TracingPolicy
	GetKind() string
	GetGroupVersionKind() schema.GroupVersionKind
	GetMetadata() k8sv1.ObjectMeta
}

K8sTracingPolicyObject is necessary to have a common type for GenericTracingPolicy and GenericTracingPolicyNamespaced for the validation functions.

NB: we could get rid of one type as they represent the same object internally, just keep GenericTracingPolicy and remove that interface. We can then distinguish between Namespaced or not by reading the Kind of the resource. That's a matter of preference between type casting and calling a method to distinguish which kind is it really.

type PolicyEvent ¶ added in v0.10.0

type PolicyEvent interface {
	PolicyInfo() PolicyInfo
}

type PolicyInfo ¶ added in v0.10.0

type PolicyInfo struct {
	Name string
	Hook string
}

type TracingPolicy ¶

type TracingPolicy interface {
	// TpName returns the name of the policy.
	TpName() string
	// TpSpec  returns the specification of the policy
	TpSpec() *v1alpha1.TracingPolicySpec
	// TpInfo returns a description of the policy
	TpInfo() string
}

TracingPolicy is a tracing policy interface. It is implemented by v1alpha1.types.TracingPolicy and config.GenericTracingConf. The former is what is the k8s API server uses, and the latter is used when we load files directly (e.g., via the cli).

func FromFile ¶ added in v1.0.0

func FromFile(path string) (TracingPolicy, error)

func FromYAML ¶ added in v1.0.0

func FromYAML(data string) (TracingPolicy, error)

type TracingPolicyNamespaced ¶

type TracingPolicyNamespaced interface {
	TracingPolicy
	// TpNamespace returns the namespace of the policy
	TpNamespace() string
}

TracingPolicyNamespaced is an interface for tracing policy applied on a specific namespace

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
generate

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL