Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the audit v1alpha1 API group +groupName=auditing.kubesphere.io
Package v1alpha1 contains API Schema definitions for the audit v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=auditing.kubesphere.io
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: "auditing.kubesphere.io", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Types ¶
type AuditSinkPolicy ¶
type AuditSinkPolicy struct {
ArchivingRuleSelector *metav1.LabelSelector `json:"archivingRuleSelector,omitempty" protobuf:"bytes,8,opt,name=archivingRuleSelector"`
AlertingRuleSelector *metav1.LabelSelector `json:"alertingRuleSelector,omitempty" protobuf:"bytes,8,opt,name=alertingRuleSelector"`
}
func (*AuditSinkPolicy) DeepCopy ¶
func (in *AuditSinkPolicy) DeepCopy() *AuditSinkPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditSinkPolicy.
func (*AuditSinkPolicy) DeepCopyInto ¶
func (in *AuditSinkPolicy) DeepCopyInto(out *AuditSinkPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type DynamicAuditConfig ¶
type DynamicAuditConfig struct {
// Throttle holds the options for throttling the webhook
// +optional
Throttle *v1alpha1.WebhookThrottleConfig `json:"throttle,omitempty" protobuf:"bytes,18,opt,name=throttle"`
// Policy defines the policy for selecting which events should be sent to the webhook
// +optional
Policy *v1alpha1.Policy `json:"policy,omitempty" protobuf:"bytes,18,opt,name=policy"`
}
func (*DynamicAuditConfig) DeepCopy ¶
func (in *DynamicAuditConfig) DeepCopy() *DynamicAuditConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DynamicAuditConfig.
func (*DynamicAuditConfig) DeepCopyInto ¶
func (in *DynamicAuditConfig) DeepCopyInto(out *DynamicAuditConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyRule ¶
type PolicyRule struct {
// Rule name
Name string `json:"name,omitempty" protobuf:"bytes,8,opt,name=name"`
// Rule type, rule, macro,list,alias
Type string `json:"type,omitempty" protobuf:"bytes,8,opt,name=type"`
// Rule describe
Desc string `json:"desc,omitempty" protobuf:"bytes,8,opt,name=desc"`
// Rule condition
// This effective When the rule type is rule
Condition string `json:"condition,omitempty" protobuf:"bytes,8,opt,name=condition"`
// This effective When the rule type is macro
Macro string `json:"macro,omitempty" protobuf:"bytes,8,opt,name=macro"`
// This effective When the rule type is alias
Alias string `json:"alias,omitempty" protobuf:"bytes,8,opt,name=alias"`
// This effective When the rule type is list
List []string `json:"list,omitempty" protobuf:"bytes,8,opt,name=list"`
// Is the rule enable
Enable bool `json:"enable" protobuf:"bytes,8,opt,name=enable"`
// The output formater of message which send to user
Output string `json:"output,omitempty" protobuf:"bytes,8,opt,name=output"`
// Rule priority, DEBUG, INFO, WARNING
Priority string `json:"priority,omitempty" protobuf:"bytes,8,opt,name=priority"`
}
func (*PolicyRule) DeepCopy ¶
func (in *PolicyRule) DeepCopy() *PolicyRule
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRule.
func (*PolicyRule) DeepCopyInto ¶
func (in *PolicyRule) DeepCopyInto(out *PolicyRule)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Receiver ¶
type Receiver struct {
// Receiver name
// +optional
ReceicerName string `json:"name,omitempty" protobuf:"bytes,8,opt,name=name"`
// Receiver type, alertmanager or webhook
// +optional
ReceiverType string `json:"type,omitempty" protobuf:"bytes,8,opt,name=type"`
// ClientConfig holds the connection parameters for the webhook
// +optional
ReceiverConfig v1alpha1.WebhookClientConfig `json:"config,omitempty" protobuf:"bytes,8,opt,name=config"`
}
Receiver config which received the audit alert
func (*Receiver) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Receiver.
func (*Receiver) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Rule ¶
type Rule struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec RuleSpec `json:"spec,omitempty"`
Status RuleStatus `json:"status,omitempty"`
}
Rule is the Schema for the rules API
func (*Rule) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule.
func (*Rule) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Rule) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RuleList ¶
type RuleList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Rule `json:"items"`
}
AuditRuleList contains a list of Rule
func (*RuleList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleList.
func (*RuleList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RuleList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RuleSpec ¶
type RuleSpec struct {
PolicyRules []PolicyRule `json:"rules,omitempty" protobuf:"bytes,8,opt,name=rules"`
}
AuditRuleSpec defines the desired state of Rule
func (*RuleSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec.
func (*RuleSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RuleStatus ¶
type RuleStatus struct {
}
AuditRuleStatus defines the observed state of Rule
func (*RuleStatus) DeepCopy ¶
func (in *RuleStatus) DeepCopy() *RuleStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleStatus.
func (*RuleStatus) DeepCopyInto ¶
func (in *RuleStatus) DeepCopyInto(out *RuleStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Webhook ¶
type Webhook struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec WebhookSpec `json:"spec,omitempty"`
Status WebhookStatus `json:"status,omitempty"`
}
Webhook is the Schema for the webhooks API
func (*Webhook) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Webhook.
func (*Webhook) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Webhook) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type WebhookList ¶
type WebhookList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Webhook `json:"items"`
}
WebhookList contains a list of Webhook
func (*WebhookList) DeepCopy ¶
func (in *WebhookList) DeepCopy() *WebhookList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookList.
func (*WebhookList) DeepCopyInto ¶
func (in *WebhookList) DeepCopyInto(out *WebhookList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*WebhookList) DeepCopyObject ¶
func (in *WebhookList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type WebhookSpec ¶
type WebhookSpec struct {
// Number of desired pods. This is a pointer to distinguish between explicit
// zero and not specified. Defaults to 1.
// +optional
Replicas *int32 `json:"replicas,omitempty" protobuf:"varint,1,opt,name=replicas"`
// The webhook docker image name.
// +optional
Image string `json:"image,omitempty" protobuf:"bytes,2,opt,name=image"`
// Image pull policy.
// One of Always, Never, IfNotPresent.
// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
// Cannot be updated.
// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
// +optional
ImagePullPolicy corev1.PullPolicy `json:"imagePullPolicy,omitempty" protobuf:"bytes,14,opt,name=imagePullPolicy,casttype=PullPolicy"`
// ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.
// If specified, these secrets will be passed to individual puller implementations for them to use. For example,
// in the case of docker, only DockerConfig type secrets are honored.
// More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod
// +optional
// +patchMergeKey=name
// +patchStrategy=merge
ImagePullSecrets []corev1.LocalObjectReference `json:"imagePullSecrets,omitempty" patchStrategy:"merge" patchMergeKey:"name" protobuf:"bytes,15,rep,name=imagePullSecrets"`
// Arguments to the entrypoint..
// It will be appended to the args and replace the default value.
// +optional
Args []string `json:"args,omitempty" protobuf:"bytes,3,rep,name=args"`
// NodeSelector is a selector which must be true for the pod to fit on a node.
// Selector which must match a node's labels for the pod to be scheduled on that node.
// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
// +optional
NodeSelector map[string]string `json:"nodeSelector,omitempty" protobuf:"bytes,7,rep,name=nodeSelector"`
// If specified, the pod's scheduling constraints
// +optional
Affinity *corev1.Affinity `json:"affinity,omitempty" protobuf:"bytes,18,opt,name=affinity"`
// If specified, the pod's tolerations.
// +optional
Tolerations []corev1.Toleration `json:"tolerations,omitempty" protobuf:"bytes,22,opt,name=tolerations"`
// Compute Resources required by this container.
// Cannot be updated.
// More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
// +optional
Resources *corev1.ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,8,opt,name=resources"`
// Receiver contains the information to make a connection with the alertmanager
// +optional
Receivers []Receiver `json:"receivers,omitempty" protobuf:"bytes,8,opt,name=receivers"`
// AuditSinkPolicy is a rule selector, only the rule matched this selector will be taked effect.
// +optional
*AuditSinkPolicy `json:"auditSinkPolicy,omitempty" protobuf:"bytes,8,opt,name=auditSinkPolicy"`
// Rule priority, DEBUG < INFO < WARNING
//Audit events will be stored only when the priority of the audit rule
// matching the audit event is greater than this.
Priority string `json:"priority,omitempty" protobuf:"bytes,8,opt,name=priority"`
// Audit type, static or dynamic.
AuditType string `json:"auditType,omitempty" protobuf:"bytes,8,opt,name=auditType"`
// The Level that all requests are recorded at.
// available options: None, Metadata, Request, RequestResponse
// default: Metadata
// +optional
AuditLevel v1alpha1.Level `json:"auditLevel" protobuf:"bytes,1,opt,name=auditLevel"`
// K8s auditing is enabled or not.
K8sAuditingEnabled bool `json:"k8sAuditingEnabled,omitempty" protobuf:"bytes,8,opt,name=priority"`
}
WebhookSpec defines the desired state of Webhook
func (*WebhookSpec) DeepCopy ¶
func (in *WebhookSpec) DeepCopy() *WebhookSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookSpec.
func (*WebhookSpec) DeepCopyInto ¶
func (in *WebhookSpec) DeepCopyInto(out *WebhookSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WebhookStatus ¶
type WebhookStatus struct {
}
WebhookStatus defines the observed state of Webhook
func (*WebhookStatus) DeepCopy ¶
func (in *WebhookStatus) DeepCopy() *WebhookStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebhookStatus.
func (*WebhookStatus) DeepCopyInto ¶
func (in *WebhookStatus) DeepCopyInto(out *WebhookStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files