Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the falcon v1alpha1 API group +kubebuilder:object:generate=true +groupName=falcon.crowdstrike.com
Index ¶
- Constants
- Variables
- type AutoPilot
- type FalconAPI
- type FalconAdmission
- type FalconAdmissionConfigSpec
- type FalconAdmissionList
- type FalconAdmissionNamespace
- type FalconAdmissionRQSpec
- type FalconAdmissionServiceAccount
- type FalconAdmissionSpec
- type FalconAdmissionStatus
- type FalconAdmissionTLS
- type FalconAdmissionUpdateStrategy
- type FalconCRStatus
- type FalconContainer
- type FalconContainerInjectorSpec
- type FalconContainerInjectorTLS
- type FalconContainerList
- type FalconContainerServiceAccount
- type FalconContainerSpec
- type FalconContainerStatus
- type FalconNodeSensor
- type FalconNodeSensorConfig
- type FalconNodeSensorList
- type FalconNodeSensorSpec
- type FalconNodeSensorStatus
- type FalconNodeServiceAccount
- type FalconNodeUpdateStrategy
- type FalconSensor
- type PriorityClassConfig
- type RegistrySpec
- type RegistryTLSSpec
- type RegistryTypeSpec
- type ResourceList
- type Resources
Constants ¶
View Source
const ( ConditionUnknown string = "Unknown" ConditionSuccess string = "Success" ConditionFailed string = "Failed" ConditionPending string = "Pending" ConditionImageReady string = "ImageReady" ConditionConfigMapReady string = "ConfigMapReady" ConditionDaemonSetReady string = "DaemonSetReady" ConditionDeploymentReady string = "DeploymentReady" ConditionServiceReady string = "ServiceReady" ConditionRouteReady string = "RouteReady" ConditionSecretReady string = "SecretReady" ConditionWebhookReady string = "WebhookReady" ReasonReqNotMet string = "RequirementsNotMet" ReasonReqMet string = "RequirementsMet" ReasonInstallSucceeded string = "InstallSucceeded" ReasonInstallFailed string = "InstallFailed" ReasonSucceeded string = "Succeeded" ReasonUpdateSucceeded string = "UpdateSucceeded" ReasonUpdateFailed string = "UpdateFailed" ReasonDeleteSucceeded string = "DeleteSucceeded" ReasonDeleteFailed string = "DeleteFailed" ReasonFailed string = "Failed" ReasonDiscovered string = "Discovered" )
Variables ¶
View Source
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "falcon.crowdstrike.com", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type AutoPilot ¶
type AutoPilot struct {
// Enables the use of GKE Autopilot.
// +operator-sdk:csv:customresourcedefinitions:type=spec
Enabled *bool `json:"autopilot,omitempty"`
}
func (*AutoPilot) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AutoPilot.
func (*AutoPilot) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAPI ¶
type FalconAPI struct {
// Cloud Region defines CrowdStrike Falcon Cloud Region to which the operator will connect and register.
// +kubebuilder:validation:Enum=autodiscover;us-1;us-2;eu-1;us-gov-1
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="CrowdStrike Falcon Cloud Region",order=3
CloudRegion string `json:"cloud_region"`
// Falcon OAuth2 API Client ID
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Client ID",order=1,xDescriptors="urn:alm:descriptor:com.tectonic.ui:password"
ClientId string `json:"client_id"`
// Falcon OAuth2 API Client Secret
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Client Secret",order=2,xDescriptors="urn:alm:descriptor:com.tectonic.ui:password"
ClientSecret string `json:"client_secret"`
// Falcon Customer ID (CID) Override (optional, default is derived from the API Key pair)
// +kubebuilder:validation:Pattern="^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Customer ID (CID)",order=4
CID *string `json:"cid,omitempty"`
}
FalconAPI configures connection from your local Falcon operator to CrowdStrike Falcon platform.
func (*FalconAPI) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAPI.
func (*FalconAPI) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmission ¶
type FalconAdmission struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec FalconAdmissionSpec `json:"spec,omitempty"`
Status FalconCRStatus `json:"status,omitempty"`
}
FalconAdmission is the Schema for the falconadmissions API
func (*FalconAdmission) DeepCopy ¶
func (in *FalconAdmission) DeepCopy() *FalconAdmission
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmission.
func (*FalconAdmission) DeepCopyInto ¶
func (in *FalconAdmission) DeepCopyInto(out *FalconAdmission)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FalconAdmission) DeepCopyObject ¶
func (in *FalconAdmission) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type FalconAdmissionConfigSpec ¶
type FalconAdmissionConfigSpec struct {
// Define annotations that will be passed down to admision controller service account. This is useful for passing along AWS IAM Role or GCP Workload Identity.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Service Account Configuration",order=7
ServiceAccount FalconAdmissionServiceAccount `json:"serviceAccount,omitempty"`
// Port on which the Falcon Admission Controller service will listen for requests from the cluster.
// +kubebuilder:default:=443
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Service Port",order=3,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
Port *int32 `json:"servicePort,omitempty"`
// Port on which the Falcon Admission Controller container will listen for requests.
// +kubebuilder:default:=4443
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Container Port",order=4,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
ContainerPort *int32 `json:"containerPort,omitempty"`
// Configure TLS setings for the Falcon Admission Controller
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller TLS Configuration",order=8
TLS FalconAdmissionTLS `json:"tls,omitempty"`
// Configure the failure policy for the Falcon Admission Controller.
// +kubebuilder:default:=Ignore
// +kubebuilder:validation:Enum=Ignore;Fail
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Failure Policy",order=6
FailurePolicy arv1.FailurePolicyType `json:"failurePolicy,omitempty"`
// Ignore admission control for a specific set of namespaces.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore Namespace List",order=12
DisabledNamespaces FalconAdmissionNamespace `json:"disabledNamespaces,omitempty"`
// Number of replicas for the Falcon Admission Controller deployment.
// +kubebuilder:default:=2
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Admission Controller Replica Count",order=5,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
Replicas *int32 `json:"replicas,omitempty"`
// +kubebuilder:default:=Always
// +kubebuilder:validation:Enum=Always;IfNotPresent;Never
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Image Pull Policy",order=2,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:imagePullPolicy"}
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
// ImagePullSecrets is an optional list of references to secrets to use for pulling image from the image location.
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=1,displayName="Falcon Admission Controller Image Pull Secrets",xDescriptors={"urn:alm:descriptor:io.kubernetes:Secret"}
ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Client Resources",order=9,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:resourceRequirements"}
//+kubebuilder:default:={"limits":{"cpu":"750m","memory":"256Mi"},"requests":{"cpu":"500m","memory":"256Mi"}}
ResourcesClient *corev1.ResourceRequirements `json:"resourcesClient,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Resources",order=10,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:resourceRequirements"}
//+kubebuilder:default:={"limits":{"cpu":"300m","memory":"512Mi"},"requests":{"cpu":"300m","memory":"512Mi"}}
ResourcesAC *corev1.ResourceRequirements `json:"resources,omitempty"`
// Type of Deployment update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate.
// +kubebuilder:default:={"rollingUpdate":{"maxUnavailable":0,"maxSurge":1}}
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Deployment Update Strategy",order=11
DepUpdateStrategy FalconAdmissionUpdateStrategy `json:"updateStrategy,omitempty"`
}
func (*FalconAdmissionConfigSpec) DeepCopy ¶
func (in *FalconAdmissionConfigSpec) DeepCopy() *FalconAdmissionConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionConfigSpec.
func (*FalconAdmissionConfigSpec) DeepCopyInto ¶
func (in *FalconAdmissionConfigSpec) DeepCopyInto(out *FalconAdmissionConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionList ¶
type FalconAdmissionList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []FalconAdmission `json:"items"`
}
FalconAdmissionList contains a list of FalconAdmission
func (*FalconAdmissionList) DeepCopy ¶
func (in *FalconAdmissionList) DeepCopy() *FalconAdmissionList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionList.
func (*FalconAdmissionList) DeepCopyInto ¶
func (in *FalconAdmissionList) DeepCopyInto(out *FalconAdmissionList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FalconAdmissionList) DeepCopyObject ¶
func (in *FalconAdmissionList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type FalconAdmissionNamespace ¶
type FalconAdmissionNamespace struct {
// Configure a list of namespaces to ignore admission control.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore Namespace List",order=1
Namespaces []string `json:"namespaces,omitempty"`
// For OpenShift clusters, ignore openshift-specific namespaces for admission control.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Ignore OpenShift Namespaces",order=2,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:booleanSwitch"}
IgnoreOpenShiftNamespaces bool `json:"ignoreOpenShiftNamespaces,omitempty"`
}
func (*FalconAdmissionNamespace) DeepCopy ¶
func (in *FalconAdmissionNamespace) DeepCopy() *FalconAdmissionNamespace
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionNamespace.
func (*FalconAdmissionNamespace) DeepCopyInto ¶
func (in *FalconAdmissionNamespace) DeepCopyInto(out *FalconAdmissionNamespace)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionRQSpec ¶
type FalconAdmissionRQSpec struct {
// Limits the number of admission controller pods that can be created in the namespace.
// +kubebuilder:default:="2"
// +kubebuilder:validation:String
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Resource Quota Pod Limit",order=1,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:podCount"}
PodLimit string `json:"pods,omitempty"`
}
func (*FalconAdmissionRQSpec) DeepCopy ¶
func (in *FalconAdmissionRQSpec) DeepCopy() *FalconAdmissionRQSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionRQSpec.
func (*FalconAdmissionRQSpec) DeepCopyInto ¶
func (in *FalconAdmissionRQSpec) DeepCopyInto(out *FalconAdmissionRQSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionServiceAccount ¶
type FalconAdmissionServiceAccount struct {
// Define annotations that will be passed down to the Service Account. This is useful for passing along AWS IAM Role or GCP Workload Identity.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Service Account Annotations",order=1
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*FalconAdmissionServiceAccount) DeepCopy ¶
func (in *FalconAdmissionServiceAccount) DeepCopy() *FalconAdmissionServiceAccount
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionServiceAccount.
func (*FalconAdmissionServiceAccount) DeepCopyInto ¶
func (in *FalconAdmissionServiceAccount) DeepCopyInto(out *FalconAdmissionServiceAccount)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionSpec ¶
type FalconAdmissionSpec struct {
// Namespace where the Falcon Admission Controller should be installed.
// For best security practices, this should be a dedicated namespace that is not used for any other purpose.
// It also should not be the same namespace where the Falcon Operator or the Falcon Sensor is installed.
// +kubebuilder:default:=falcon-kac
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=1,xDescriptors={"urn:alm:descriptor:io.kubernetes:Namespace"}
InstallNamespace string `json:"installNamespace,omitempty"`
// CrowdStrike Falcon sensor configuration
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Sensor Configuration",order=3
Falcon FalconSensor `json:"falcon,omitempty"`
// FalconAPI configures connection from your local Falcon operator to CrowdStrike Falcon platform.
//
// When configured, it will pull the sensor from registry.crowdstrike.com and deploy the appropriate sensor to the cluster.
//
// If using the API is not desired, the sensor can be manually configured by setting the Image and Version fields.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Platform API Configuration",order=2
FalconAPI *FalconAPI `json:"falcon_api,omitempty"`
// ResourceQuota configures the ResourceQuota for the Falcon Admission Controller. This is useful for limiting the number of pods that can be created in the namespace.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Resource Quota",order=4
ResQuota FalconAdmissionRQSpec `json:"resourcequota,omitempty"`
// Registry configures container image registry to which the Admission Controller image will be pushed.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Registry Configuration",order=6
Registry RegistrySpec `json:"registry,omitempty"`
// Additional configuration for Falcon Admission Controller deployment.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Configuration",order=5
AdmissionConfig FalconAdmissionConfigSpec `json:"admissionConfig,omitempty"`
// Location of the Falcon Sensor image. Use only in cases when you mirror the original image to your repository/name:tag, and CrowdStrike OAuth2 API is not used.
// +kubebuilder:validation:Pattern="^.*:.*$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Image URI",order=7
Image string `json:"image,omitempty"`
// Falcon Admission Controller Version. The latest version will be selected when version specifier is missing. Example: 6.31, 6.31.0, 6.31.0-1409, etc.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admission Controller Version",order=8
Version *string `json:"version,omitempty"`
}
FalconAdmissionSpec defines the desired state of FalconAdmission
func (*FalconAdmissionSpec) DeepCopy ¶
func (in *FalconAdmissionSpec) DeepCopy() *FalconAdmissionSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionSpec.
func (*FalconAdmissionSpec) DeepCopyInto ¶
func (in *FalconAdmissionSpec) DeepCopyInto(out *FalconAdmissionSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionStatus ¶
type FalconAdmissionStatus struct {
// Version of the CrowdStrike Falcon Sensor
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Falcon Sensor Version",xDescriptors={"urn:alm:descriptor:text"}
Sensor *string `json:"sensor,omitempty"`
// Version of the CrowdStrike Falcon Operator
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Falcon Operator Version",xDescriptors={"urn:alm:descriptor:text"}
Version string `json:"version,omitempty"`
// +optional
// +operator-sdk:csv:customresourcedefinitions:type=status,displayName="Falcon Admission Conditions",xDescriptors={"urn:alm:descriptor:io.kubernetes.conditions"}
Conditions []metav1.Condition `json:"conditions,omitempty"`
}
FalconAdmissionStatus defines the observed state of FalconAdmission
func (*FalconAdmissionStatus) DeepCopy ¶
func (in *FalconAdmissionStatus) DeepCopy() *FalconAdmissionStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionStatus.
func (*FalconAdmissionStatus) DeepCopyInto ¶
func (in *FalconAdmissionStatus) DeepCopyInto(out *FalconAdmissionStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionTLS ¶
type FalconAdmissionTLS struct {
// Validity of the TLS certificate in days. Default is 3650 days.
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Pattern="^[0-9]{1-4}$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Injector TLS Validity Length (days)",order=1,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
Validity *int `json:"validity,omitempty"`
}
func (*FalconAdmissionTLS) DeepCopy ¶
func (in *FalconAdmissionTLS) DeepCopy() *FalconAdmissionTLS
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionTLS.
func (*FalconAdmissionTLS) DeepCopyInto ¶
func (in *FalconAdmissionTLS) DeepCopyInto(out *FalconAdmissionTLS)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconAdmissionUpdateStrategy ¶
type FalconAdmissionUpdateStrategy struct {
// RollingUpdate is used to specify the strategy used to roll out a deployment
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Admisison Controller deployment update configuration",order=1,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:updateStrategy"}
RollingUpdate appsv1.RollingUpdateDeployment `json:"rollingUpdate,omitempty"`
}
func (*FalconAdmissionUpdateStrategy) DeepCopy ¶
func (in *FalconAdmissionUpdateStrategy) DeepCopy() *FalconAdmissionUpdateStrategy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconAdmissionUpdateStrategy.
func (*FalconAdmissionUpdateStrategy) DeepCopyInto ¶
func (in *FalconAdmissionUpdateStrategy) DeepCopyInto(out *FalconAdmissionUpdateStrategy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconCRStatus ¶
type FalconCRStatus struct {
// Version of the CrowdStrike Falcon Sensor
Sensor *string `json:"sensor,omitempty"`
// Version of the CrowdStrike Falcon Operator
Version string `json:"version,omitempty"`
// +optional
Conditions []metav1.Condition `json:"conditions,omitempty"`
}
FalconAdmissionStatus defines the observed state of FalconAdmission
func (*FalconCRStatus) DeepCopy ¶
func (in *FalconCRStatus) DeepCopy() *FalconCRStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconCRStatus.
func (*FalconCRStatus) DeepCopyInto ¶
func (in *FalconCRStatus) DeepCopyInto(out *FalconCRStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconContainer ¶
type FalconContainer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec FalconContainerSpec `json:"spec,omitempty"`
Status FalconContainerStatus `json:"status,omitempty"`
}
FalconContainer is the Schema for the falconcontainers API
func (*FalconContainer) DeepCopy ¶
func (in *FalconContainer) DeepCopy() *FalconContainer
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainer.
func (*FalconContainer) DeepCopyInto ¶
func (in *FalconContainer) DeepCopyInto(out *FalconContainer)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FalconContainer) DeepCopyObject ¶
func (in *FalconContainer) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type FalconContainerInjectorSpec ¶
type FalconContainerInjectorSpec struct {
// Define annotations that will be passed down to injector service account. This is useful for passing along AWS IAM Role or GCP Workload Identity.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Service Account Configuration",order=1
ServiceAccount FalconContainerServiceAccount `json:"serviceAccount,omitempty"`
// +kubebuilder:default:=4433
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Injector Listen Port",order=2
ListenPort *int32 `json:"listenPort,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Injector TLS Configuration",order=3
TLS FalconContainerInjectorTLS `json:"tls,omitempty"`
// +kubebuilder:default:=Always
// +kubebuilder:validation:Enum=Always;IfNotPresent;Never
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Image Pull Policy",order=4
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
// +kubebuilder:default=crowdstrike-falcon-pull-secret
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Image Pull Secret Name",order=5
ImagePullSecretName string `json:"imagePullSecret,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Shared Log Volume",order=6
LogVolume *corev1.Volume `json:"logVolume,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Injector Resources",order=7
Resources *corev1.ResourceRequirements `json:"resources,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Sensor Resources",order=8
SensorResources *corev1.ResourceRequirements `json:"sensorResources,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Additional Environment Variables",order=9
AdditionalEnvironmentVariables *map[string]string `json:"additionalEnvironmentVariables,omitempty"`
// +kubebuilder:default=false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Disable Default Namespace Injection",order=10
DisableDefaultNSInjection bool `json:"disableDefaultNamespaceInjection,omitempty"`
// +kubebuilder:default=false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Disable Default Pod Injection",order=11
DisableDefaultPodInjection bool `json:"disableDefaultPodInjection,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure Config file path",order=12
AzureConfigPath string `json:"azureConfigPath,omitempty"`
// +kubebuilder:default:=2
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Injector replica count",order=13
Replicas *int32 `json:"replicas,omitempty"`
}
func (*FalconContainerInjectorSpec) DeepCopy ¶
func (in *FalconContainerInjectorSpec) DeepCopy() *FalconContainerInjectorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerInjectorSpec.
func (*FalconContainerInjectorSpec) DeepCopyInto ¶
func (in *FalconContainerInjectorSpec) DeepCopyInto(out *FalconContainerInjectorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconContainerInjectorTLS ¶
type FalconContainerInjectorTLS struct {
// +kubebuilder:validation:XIntOrString
// +kubebuilder:validation:Pattern="^[0-9]{1-4}$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Injector TLS Validity Length (days)",order=1
Validity *int `json:"validity,omitempty"`
}
func (*FalconContainerInjectorTLS) DeepCopy ¶
func (in *FalconContainerInjectorTLS) DeepCopy() *FalconContainerInjectorTLS
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerInjectorTLS.
func (*FalconContainerInjectorTLS) DeepCopyInto ¶
func (in *FalconContainerInjectorTLS) DeepCopyInto(out *FalconContainerInjectorTLS)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconContainerList ¶
type FalconContainerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []FalconContainer `json:"items"`
}
FalconContainerList contains a list of FalconContainer
func (*FalconContainerList) DeepCopy ¶
func (in *FalconContainerList) DeepCopy() *FalconContainerList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerList.
func (*FalconContainerList) DeepCopyInto ¶
func (in *FalconContainerList) DeepCopyInto(out *FalconContainerList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FalconContainerList) DeepCopyObject ¶
func (in *FalconContainerList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type FalconContainerServiceAccount ¶
type FalconContainerServiceAccount struct {
// Define annotations that will be passed down to the Service Account. This is useful for passing along AWS IAM Role or GCP Workload Identity.
// +operator-sdk:csv:customresourcedefinitions:type=spec
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*FalconContainerServiceAccount) DeepCopy ¶
func (in *FalconContainerServiceAccount) DeepCopy() *FalconContainerServiceAccount
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerServiceAccount.
func (*FalconContainerServiceAccount) DeepCopyInto ¶
func (in *FalconContainerServiceAccount) DeepCopyInto(out *FalconContainerServiceAccount)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconContainerSpec ¶
type FalconContainerSpec struct {
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Sensor Configuration",order=1
Falcon FalconSensor `json:"falcon,omitempty"`
// FalconAPI configures connection from your local Falcon operator to CrowdStrike Falcon platform.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Platform API Configuration",order=2
FalconAPI *FalconAPI `json:"falcon_api,omitempty"`
// Registry configures container image registry to which the Falcon Container image will be pushed
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Image Registry Configuration",order=3
Registry RegistrySpec `json:"registry,omitempty"`
// Injector represents additional configuration for Falcon Container Injector
// +kubebuilder:default:={imagePullPolicy:Always}
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Injector Configuration",order=4
Injector FalconContainerInjectorSpec `json:"injector,omitempty"`
// +kubebuilder:validation:Pattern="^.*:.*$"
// +operator-sdk:cv:customresourcedefinitions:type=spec,displayName="Falcon Container Image URI",order=5
Image *string `json:"image,omitempty"`
// Falcon Container Version. The latest version will be selected when version specifier is missing; ignored when Image is set.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Container Image Version",order=6
Version *string `json:"version,omitempty"`
}
FalconContainerSpec defines the desired state of FalconContainer +k8s:openapi-gen=true
func (*FalconContainerSpec) DeepCopy ¶
func (in *FalconContainerSpec) DeepCopy() *FalconContainerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerSpec.
func (*FalconContainerSpec) DeepCopyInto ¶
func (in *FalconContainerSpec) DeepCopyInto(out *FalconContainerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconContainerStatus ¶
type FalconContainerStatus struct {
// Version of the CrowdStrike Falcon Sensor
Sensor *string `json:"sensor,omitempty"`
// Version of the CrowdStrike Falcon Operator
Version string `json:"version,omitempty"`
// +optional
Conditions []metav1.Condition `json:"conditions,omitempty"`
}
FalconContainerStatus defines the observed state of FalconContainer +k8s:openapi-gen=true
func (*FalconContainerStatus) DeepCopy ¶
func (in *FalconContainerStatus) DeepCopy() *FalconContainerStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconContainerStatus.
func (*FalconContainerStatus) DeepCopyInto ¶
func (in *FalconContainerStatus) DeepCopyInto(out *FalconContainerStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconNodeSensor ¶
type FalconNodeSensor struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec FalconNodeSensorSpec `json:"spec,omitempty"`
Status FalconNodeSensorStatus `json:"status,omitempty"`
}
FalconNodeSensor is the Schema for the falconnodesensors API +k8s:openapi-gen=true
func (*FalconNodeSensor) DeepCopy ¶
func (in *FalconNodeSensor) DeepCopy() *FalconNodeSensor
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeSensor.
func (*FalconNodeSensor) DeepCopyInto ¶
func (in *FalconNodeSensor) DeepCopyInto(out *FalconNodeSensor)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FalconNodeSensor) DeepCopyObject ¶
func (in *FalconNodeSensor) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*FalconNodeSensor) TargetNs ¶
func (n *FalconNodeSensor) TargetNs() string
TargetNs returns a namespace to which the node sensor should be installed to
type FalconNodeSensorConfig ¶
type FalconNodeSensorConfig struct {
// Specifies tolerations for custom taints. Defaults to allowing scheduling on all nodes.
// +kubebuilder:default:={{key: "node-role.kubernetes.io/master", operator: "Exists", effect: "NoSchedule"}, {key: "node-role.kubernetes.io/control-plane", operator: "Exists", effect: "NoSchedule"}, {key: "node-role.kubernetes.io/infra", operator: "Exists", effect: "NoSchedule"}}
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=4
Tolerations []corev1.Toleration `json:"tolerations,omitempty"`
// Specifies node affinity for scheduling the DaemonSet. Defaults to allowing scheduling on all nodes.
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=5
NodeAffinity corev1.NodeAffinity `json:"nodeAffinity,omitempty"`
// +kubebuilder:default=Always
// +kubebuilder:validation:Enum=Always;IfNotPresent;Never
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=3
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty"`
// Location of the Falcon Sensor image. Use only in cases when you mirror the original image to your repository/name:tag
// +kubebuilder:validation:Pattern="^.*:.*$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=2
Image string `json:"image,omitempty"`
// ImagePullSecrets is an optional list of references to secrets in the falcon-system namespace to use for pulling image from image_override location.
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=1
ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty"`
// Type of DaemonSet update. Can be "RollingUpdate" or "OnDelete". Default is RollingUpdate.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="DaemonSet Update Strategy",order=6
DSUpdateStrategy FalconNodeUpdateStrategy `json:"updateStrategy,omitempty"`
// Kills pod after a specificed amount of time (in seconds). Default is 30 seconds.
// +kubebuilder:default:=30
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=7
TerminationGracePeriod int64 `json:"terminationGracePeriod,omitempty"`
// Add metadata to the DaemonSet Service Account for IAM roles.
// +operator-sdk:csv:customresourcedefinitions:type=spec
ServiceAccount FalconNodeServiceAccount `json:"serviceAccount,omitempty"`
// Disables the cleanup of the sensor through DaemonSet on the nodes.
// Disabling might have unintended consequences for certain operations such as sensor downgrading.
// +kubebuilder:default=false
// +operator-sdk:csv:customresourcedefinitions:type=spec,order=8
NodeCleanup *bool `json:"disableCleanup,omitempty"`
// Configure resource requests and limits for the DaemonSet Sensor. Only applies when using the eBPF backend.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon eBPF Sensor Resources",order=9
SensorResources Resources `json:"resources,omitempty"`
// Sets the backend to be used by the DaemonSet Sensor.
// +kubebuilder:default=kernel
// +kubebuilder:validation:Enum=kernel;bpf
// +operator-sdk-csv:customresourcedefinitions:type=spec,order=10
Backend string `json:"backend,omitempty"`
// Enables the use of GKE Autopilot.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="GKE Autopilot Settings",order=11
GKE AutoPilot `json:"gke,omitempty"`
// Enable priority class for the DaemonSet. This is useful for GKE Autopilot clusters, but can be set for any cluster.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Priority Class",order=12
PriorityClass PriorityClassConfig `json:"priorityClass,omitempty"`
// Version of the sensor to be installed. The latest version will be selected when this version specifier is missing.
Version *string `json:"version,omitempty"`
}
FalconNodeSensorConfig defines aspects about how the daemonset works. +k8s:openapi-gen=true
func (*FalconNodeSensorConfig) DeepCopy ¶
func (in *FalconNodeSensorConfig) DeepCopy() *FalconNodeSensorConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeSensorConfig.
func (*FalconNodeSensorConfig) DeepCopyInto ¶
func (in *FalconNodeSensorConfig) DeepCopyInto(out *FalconNodeSensorConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconNodeSensorList ¶
type FalconNodeSensorList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []FalconNodeSensor `json:"items"`
}
FalconNodeSensorList contains a list of FalconNodeSensor
func (*FalconNodeSensorList) DeepCopy ¶
func (in *FalconNodeSensorList) DeepCopy() *FalconNodeSensorList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeSensorList.
func (*FalconNodeSensorList) DeepCopyInto ¶
func (in *FalconNodeSensorList) DeepCopyInto(out *FalconNodeSensorList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*FalconNodeSensorList) DeepCopyObject ¶
func (in *FalconNodeSensorList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type FalconNodeSensorSpec ¶
type FalconNodeSensorSpec struct {
// Various configuration for DaemonSet Deployment
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="DaemonSet Configuration",order=3
Node FalconNodeSensorConfig `json:"node,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Sensor Configuration",order=2
Falcon FalconSensor `json:"falcon,omitempty"`
// FalconAPI configures connection from your local Falcon operator to CrowdStrike Falcon platform.
//
// When configured, it will pull the sensor from registry.crowdstrike.com and deploy the appropriate sensor to the cluster.
//
// If using the API is not desired, the sensor can be manually configured.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Platform API Configuration",order=1
FalconAPI *FalconAPI `json:"falcon_api,omitempty"`
}
FalconNodeSensorSpec defines the desired state of FalconNodeSensor +k8s:openapi-gen=true
func (*FalconNodeSensorSpec) DeepCopy ¶
func (in *FalconNodeSensorSpec) DeepCopy() *FalconNodeSensorSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeSensorSpec.
func (*FalconNodeSensorSpec) DeepCopyInto ¶
func (in *FalconNodeSensorSpec) DeepCopyInto(out *FalconNodeSensorSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconNodeSensorStatus ¶
type FalconNodeSensorStatus struct {
// Version of the CrowdStrike Falcon Sensor
Sensor *string `json:"sensor,omitempty"`
// Version of the CrowdStrike Falcon Operator
Version string `json:"version,omitempty"`
// Conditions represent the latest available observations of an object's state
Conditions []metav1.Condition `json:"conditions,omitempty"`
}
FalconNodeSensorStatus defines the observed state of FalconNodeSensor +k8s:openapi-gen=true
func (*FalconNodeSensorStatus) DeepCopy ¶
func (in *FalconNodeSensorStatus) DeepCopy() *FalconNodeSensorStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeSensorStatus.
func (*FalconNodeSensorStatus) DeepCopyInto ¶
func (in *FalconNodeSensorStatus) DeepCopyInto(out *FalconNodeSensorStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconNodeServiceAccount ¶
type FalconNodeServiceAccount struct {
// Define annotations that will be passed down to the Service Account. This is useful for passing along AWS IAM Role or GCP Workload Identity.
// +operator-sdk:csv:customresourcedefinitions:type=spec
Annotations map[string]string `json:"annotations,omitempty"`
}
func (*FalconNodeServiceAccount) DeepCopy ¶
func (in *FalconNodeServiceAccount) DeepCopy() *FalconNodeServiceAccount
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeServiceAccount.
func (*FalconNodeServiceAccount) DeepCopyInto ¶
func (in *FalconNodeServiceAccount) DeepCopyInto(out *FalconNodeServiceAccount)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconNodeUpdateStrategy ¶
type FalconNodeUpdateStrategy struct {
// +kubebuilder:default=RollingUpdate
// +kubebuilder:validation:Enum=RollingUpdate;OnDelete
// +operator-sdk:csv:customresourcedefinitions:type=spec
Type appsv1.DaemonSetUpdateStrategyType `json:"type,omitempty"`
RollingUpdate appsv1.RollingUpdateDaemonSet `json:"rollingUpdate,omitempty"`
}
func (*FalconNodeUpdateStrategy) DeepCopy ¶
func (in *FalconNodeUpdateStrategy) DeepCopy() *FalconNodeUpdateStrategy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconNodeUpdateStrategy.
func (*FalconNodeUpdateStrategy) DeepCopyInto ¶
func (in *FalconNodeUpdateStrategy) DeepCopyInto(out *FalconNodeUpdateStrategy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FalconSensor ¶
type FalconSensor struct {
// Falcon Customer ID (CID)
// +kubebuilder:validation:Pattern:="^[0-9a-fA-F]{32}-[0-9a-fA-F]{2}$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Customer ID (CID)",order=1
CID *string `json:"cid,omitempty"`
// Disable the Falcon Sensor's use of a proxy.
// +kubebuilder:default:=false
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Disable Falcon Proxy",order=3,xDescriptors="urn:alm:descriptor:com.tectonic.ui:booleanSwitch"
APD *bool `json:"apd,omitempty"`
// The application proxy host to use for Falcon sensor proxy configuration.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Proxy Host",order=4
APH string `json:"aph,omitempty"`
// The application proxy port to use for Falcon sensor proxy configuration.
// +kubebuilder:validation:Minimum:=0
// +kubebuilder:validation:Maximum:=65535
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Falcon Proxy Port",order=5,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:number"}
APP *int `json:"app,omitempty"`
// Utilize default or Pay-As-You-Go billing.
// +kubebuilder:validation:Enum:=default;metered
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Billing",order=8
Billing string `json:"billing,omitempty"`
// Installation token that prevents unauthorized hosts from being accidentally or maliciously added to your customer ID (CID).
// +kubebuilder:validation:Pattern:="^[0-9a-fA-F]{8}$"
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Provisioning Token",order=2
PToken string `json:"provisioning_token,omitempty"`
// Sensor grouping tags are optional, user-defined identifiers that can used to group and filter hosts. Allowed characters: all alphanumerics, '/', '-', and '_'.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Sensor Grouping Tags",order=6
Tags []string `json:"tags,omitempty"`
// Set sensor trace level.
// +kubebuilder:validation:Enum:=none;err;warn;info;debug
// +kubebuilder:default:=none
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Trace Level",order=7
Trace string `json:"trace,omitempty"`
}
CrowdStrike Falcon Sensor configuration settings. +k8s:openapi-gen=true
func (*FalconSensor) DeepCopy ¶
func (in *FalconSensor) DeepCopy() *FalconSensor
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FalconSensor.
func (*FalconSensor) DeepCopyInto ¶
func (in *FalconSensor) DeepCopyInto(out *FalconSensor)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PriorityClassConfig ¶
type PriorityClassConfig struct {
// Enables the operator to deploy a PriorityClass instead of rolling your own. Default is false.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Deploy Priority Class to cluster",order=2
Deploy *bool `json:"deploy,omitempty"`
// Name of the priority class to use for the DaemonSet.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Name of the Priority Class to use",order=2
Name string `json:"name,omitempty"`
// Value of the priority class to use for the DaemonSet. Requires the Deploy field to be set to true.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Priority Class Value",order=3
Value *int32 `json:"value,omitempty"`
}
func (*PriorityClassConfig) DeepCopy ¶
func (in *PriorityClassConfig) DeepCopy() *PriorityClassConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PriorityClassConfig.
func (*PriorityClassConfig) DeepCopyInto ¶
func (in *PriorityClassConfig) DeepCopyInto(out *PriorityClassConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RegistrySpec ¶
type RegistrySpec struct {
// Type of container registry to be used
// +kubebuilder:validation:Enum=acr;ecr;gcr;crowdstrike;openshift
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Registry Type",order=1
Type RegistryTypeSpec `json:"type"`
// TLS configures TLS connection for push of Falcon Container image to the registry
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Registry TLS Configuration",order=2
TLS RegistryTLSSpec `json:"tls,omitempty"`
// Azure Container Registry Name represents the name of the ACR for the Falcon Container push. Only applicable to Azure cloud.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Azure Container Registry Name",order=3
AcrName *string `json:"acr_name,omitempty"`
}
RegistrySpec configures container image registry to which the Falcon Container image will be pushed
func (*RegistrySpec) DeepCopy ¶
func (in *RegistrySpec) DeepCopy() *RegistrySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistrySpec.
func (*RegistrySpec) DeepCopyInto ¶
func (in *RegistrySpec) DeepCopyInto(out *RegistrySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RegistryTLSSpec ¶
type RegistryTLSSpec struct {
// Allow pushing to docker registries over HTTPS with failed TLS verification. Note that this does not affect other TLS connections.
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Skip Registry TLS Verification",order=1,xDescriptors="urn:alm:descriptor:com.tectonic.ui:booleanSwitch"
InsecureSkipVerify bool `json:"insecure_skip_verify,omitempty"`
// Allow for users to provide a CA Cert Bundle, as either a string or base64 encoded string
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="Registry CA Certificate Bundle; optionally (double) base64 encoded",order=2
CACertificate string `json:"caCertificate,omitempty"`
// Allow for users to provide a ConfigMap containing a CA Cert Bundle under a key ending in .crt
// +operator-sdk:csv:customresourcedefinitions:type=spec,displayName="ConfigMap containing Registry CA Certificate Bundle",order=3,xDescriptors={"urn:alm:descriptor:com.tectonic.ui:selector:core:v1:ConfigMap"}
CACertificateConfigMap string `json:"caCertificateConfigMap,omitempty"`
}
RegistryTLSSpec configures TLS for registry pushing
func (*RegistryTLSSpec) DeepCopy ¶
func (in *RegistryTLSSpec) DeepCopy() *RegistryTLSSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistryTLSSpec.
func (*RegistryTLSSpec) DeepCopyInto ¶
func (in *RegistryTLSSpec) DeepCopyInto(out *RegistryTLSSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RegistryTypeSpec ¶
type RegistryTypeSpec string
const ( // RegistryTypeOpenshift represents OpenShift Image Stream RegistryTypeOpenshift RegistryTypeSpec = "openshift" // RegistryTypeGCR represents Google Container Registry RegistryTypeGCR RegistryTypeSpec = "gcr" // RegistryTypeECR represents AWS Elastic Container Registry RegistryTypeECR RegistryTypeSpec = "ecr" // RegistryTypeACR represents Azure Container Registry RegistryTypeACR RegistryTypeSpec = "acr" // RegistryTypeCrowdStrike represents deployment that won't push Falcon Container to local registry, instead CrowdStrike registry will be used. RegistryTypeCrowdStrike RegistryTypeSpec = "crowdstrike" )
type ResourceList ¶
type ResourceList struct {
// Minimum allowed is 250m.
// +operator-sdk:csv:customresourcedefinitions:type=spec
// +kubebuilder:validation:Pattern="^(([0-9]{4,}|[2-9][5-9][0-9])m$)|[0-9]+$"
CPU string `json:"cpu,omitempty"`
// Minimum allowed is 500Mi.
// +operator-sdk:csv:customresourcedefinitions:type=spec
// +kubebuilder:validation:Pattern="^(([5-9][0-9]{2}[Mi]+)|([0-9.]+[iEGTP]+))|(([5-9][0-9]{8})|([0-9]{10,}))$"
Memory string `json:"memory,omitempty"`
// +operator-sdk:csv:customresourcedefinitions:type=spec
EphemeralStorage string `json:"ephemeral-storage,omitempty"`
}
func (*ResourceList) DeepCopy ¶
func (in *ResourceList) DeepCopy() *ResourceList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceList.
func (*ResourceList) DeepCopyInto ¶
func (in *ResourceList) DeepCopyInto(out *ResourceList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Resources ¶
type Resources struct {
// Sets the resource limits for the DaemonSet Sensor. Only applies when using the eBPF backend.
// +operator-sdk:csv:customresourcedefinitions:type=spec
Limits ResourceList `json:"limits,omitempty"`
// Sets the resource requests for the DaemonSet Sensor. Only applies when using the eBPF backend.
// +operator-sdk:csv:customresourcedefinitions:type=spec
Requests ResourceList `json:"requests,omitempty"`
}
func (*Resources) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Resources.
func (*Resources) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files
Click to show internal directories.
Click to hide internal directories.