policy

package
v0.15.20 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 11, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewMessage

func NewMessage(values map[string]interface{}) (string, error)

NewMessage constructs new message string based on raw values.

Types

type Metadata

type Metadata struct {
	ID          string
	Title       string
	Severity    v1alpha1.Severity
	Type        string
	Description string
}

Metadata describes policy metadata.

func NewMetadata

func NewMetadata(values map[string]interface{}) (Metadata, error)

NewMetadata constructs new Metadata based on raw values.

type Policies

type Policies struct {
	// contains filtered or unexported fields
}

func NewPolicies

func NewPolicies(data map[string]string) *Policies

func (*Policies) Applicable

func (p *Policies) Applicable(resource client.Object) (bool, string, error)

func (*Policies) Eval

func (p *Policies) Eval(ctx context.Context, resource client.Object) (Results, error)

Eval evaluates Rego policies with Kubernetes resource client.Object as input.

TODO(danielpacak) Compile and cache prepared queries to make Eval more efficient.

We can reuse prepared queries so long policies do not change.

func (*Policies) Hash

func (p *Policies) Hash(kind string) (string, error)

func (*Policies) Libraries

func (p *Policies) Libraries() map[string]string

func (*Policies) ModulesByKind

func (p *Policies) ModulesByKind(kind string) (map[string]string, error)

func (*Policies) PoliciesByKind

func (p *Policies) PoliciesByKind(kind string) (map[string]string, error)

type Result

type Result struct {
	// Metadata describes Rego policy metadata.
	Metadata Metadata

	// Success represents the status of evaluating Rego policy.
	Success bool

	// Messages deny or warning messages.
	Messages []string
}

Result describes result of evaluating a Rego policy that defines `deny` or `warn` rules.

type Results

type Results []Result

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL