checkers

package
v1.65.11 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 6, 2023 License: Apache-2.0 Imports: 24 Imported by: 11

Documentation

Index

Constants

View Source
const AuthorizationPolicyCheckerType = "authorizationpolicy"
View Source
const DestinationRuleCheckerType = "destinationrule"
View Source
const GatewayCheckerType = "gateway"
View Source
const K8sGatewayCheckerType = "k8sgateway"
View Source
const K8sHTTPRouteCheckerType = "k8shttproute"
View Source
const PeerAuthenticationCheckerType = "peerauthentication"
View Source
const RequestAuthenticationCheckerType = "requestauthentication"
View Source
const ServiceCheckerType = "service"
View Source
const ServiceEntryCheckerType = "serviceentry"
View Source
const ServiceRoleCheckerType = "servicerole"
View Source
const SidecarCheckerType = "sidecar"
View Source
const TelemetryCheckerType = "telemetry"
View Source
const VirtualCheckerType = "virtualservice"
View Source
const WasmPluginCheckerType = "wasmplugin"
View Source
const WorkloadCheckerType = "workload"

Variables

This section is empty.

Functions

func EmptyValidValidation added in v0.17.0

func EmptyValidValidation(name, namespace, objectType string) (models.IstioValidationKey, *models.IstioValidation)

func EmptyValidValidations added in v0.17.0

func EmptyValidValidations(name, namespace, objectType string) models.IstioValidations

EmptyValidValidation returns a stub validation object which can be used by checkers

Types

type AuthorizationPolicyChecker added in v1.14.0

type AuthorizationPolicyChecker struct {
	AuthorizationPolicies []*security_v1beta.AuthorizationPolicy
	Namespaces            models.Namespaces
	ServiceEntries        []*networking_v1beta1.ServiceEntry
	WorkloadsPerNamespace map[string]models.WorkloadList
	MtlsDetails           kubernetes.MTLSDetails
	VirtualServices       []*networking_v1beta1.VirtualService
	RegistryServices      []*kubernetes.RegistryService
	PolicyAllowAny        bool
}

func (AuthorizationPolicyChecker) Check added in v1.14.0

func (AuthorizationPolicyChecker) ServiceAccountNames added in v1.51.1

func (a AuthorizationPolicyChecker) ServiceAccountNames(clusterName string) []string

ServiceAccountNames returns a list of names of the ServiceAccounts retrieved from Registry Services.

type Checker

type Checker interface {
	Check() ([]*models.IstioCheck, bool)
}

type DestinationRulesChecker

type DestinationRulesChecker struct {
	DestinationRules []*networking_v1beta1.DestinationRule
	MTLSDetails      kubernetes.MTLSDetails
	ServiceEntries   []*networking_v1beta1.ServiceEntry
	Namespaces       []models.Namespace
}

func (DestinationRulesChecker) Check

type GatewayChecker added in v0.11.0

type GatewayChecker struct {
	Gateways              []*networking_v1beta1.Gateway
	WorkloadsPerNamespace map[string]models.WorkloadList
	IsGatewayToNamespace  bool
}

func (GatewayChecker) Check added in v0.11.0

Check runs checks for the all namespaces actions as well as for the single namespace validations

type GroupChecker

type GroupChecker interface {
	Check() models.IstioValidations
}

type K8sGatewayChecker added in v1.63.0

type K8sGatewayChecker struct {
	K8sGateways []*k8s_networking_v1beta1.Gateway
}

func (K8sGatewayChecker) Check added in v1.63.0

Check runs checks for the all namespaces actions as well as for the single namespace validations

type K8sHTTPRouteChecker added in v1.63.0

type K8sHTTPRouteChecker struct {
	K8sHTTPRoutes    []*k8s_networking_v1beta1.HTTPRoute
	K8sGateways      []*k8s_networking_v1beta1.Gateway
	Namespaces       models.Namespaces
	RegistryServices []*kubernetes.RegistryService
}

func (K8sHTTPRouteChecker) Check added in v1.63.0

Check runs checks for the all namespaces actions as well as for the single namespace validations

type NoServiceChecker

type NoServiceChecker struct {
	Namespaces            models.Namespaces
	IstioConfigList       *models.IstioConfigList
	WorkloadsPerNamespace map[string]models.WorkloadList
	AuthorizationDetails  *kubernetes.RBACDetails
	RegistryServices      []*kubernetes.RegistryService
	PolicyAllowAny        bool
}

func (NoServiceChecker) Check

type PeerAuthenticationChecker added in v1.18.1

type PeerAuthenticationChecker struct {
	PeerAuthentications   []*security_v1beta.PeerAuthentication
	MTLSDetails           kubernetes.MTLSDetails
	WorkloadsPerNamespace map[string]models.WorkloadList
}

func (PeerAuthenticationChecker) Check added in v1.18.1

type RequestAuthenticationChecker added in v1.22.1

type RequestAuthenticationChecker struct {
	RequestAuthentications []*security_v1beta.RequestAuthentication
	WorkloadsPerNamespace  map[string]models.WorkloadList
}

func (RequestAuthenticationChecker) Check added in v1.22.1

type ServiceChecker added in v0.19.0

type ServiceChecker struct {
	Services    []v1.Service
	Deployments []apps_v1.Deployment
	Pods        []core_v1.Pod
}

func (ServiceChecker) Check added in v0.19.0

type ServiceEntryChecker added in v0.16.0

type ServiceEntryChecker struct {
	ServiceEntries  []*networking_v1beta1.ServiceEntry
	Namespaces      models.Namespaces
	WorkloadEntries []*networking_v1beta1.WorkloadEntry
}

func (ServiceEntryChecker) Check added in v0.16.0

type SidecarChecker added in v1.15.0

type SidecarChecker struct {
	Sidecars              []*networking_v1beta1.Sidecar
	ServiceEntries        []*networking_v1beta1.ServiceEntry
	Namespaces            models.Namespaces
	WorkloadsPerNamespace map[string]models.WorkloadList
	RegistryServices      []*kubernetes.RegistryService
}

func (SidecarChecker) Check added in v1.15.0

type TelemetryChecker added in v1.56.0

type TelemetryChecker struct {
	Namespaces  models.Namespaces
	Telemetries []*v1alpha1.Telemetry
}

func (TelemetryChecker) Check added in v1.56.0

An Object Checker runs all checkers for an specific object type (i.e.: pod, route rule,...) It run two kinds of checkers: 1. Individual checks: validating individual objects. 2. Group checks: validating behaviour between configurations.

type VirtualServiceChecker

type VirtualServiceChecker struct {
	Namespaces       models.Namespaces
	VirtualServices  []*networking_v1beta1.VirtualService
	DestinationRules []*networking_v1beta1.DestinationRule
}

func (VirtualServiceChecker) Check

An Object Checker runs all checkers for an specific object type (i.e.: pod, route rule,...) It run two kinds of checkers: 1. Individual checks: validating individual objects. 2. Group checks: validating behaviour between configurations.

type WasmPluginChecker added in v1.56.0

type WasmPluginChecker struct {
	Namespaces  models.Namespaces
	WasmPlugins []*extentions_v1alpha1.WasmPlugin
}

func (WasmPluginChecker) Check added in v1.56.0

An Object Checker runs all checkers for an specific object type (i.e.: pod, route rule,...) It run two kinds of checkers: 1. Individual checks: validating individual objects. 2. Group checks: validating behaviour between configurations.

type WorkloadChecker added in v1.47.0

type WorkloadChecker struct {
	AuthorizationPolicies []*security_v1beta1.AuthorizationPolicy
	WorkloadsPerNamespace map[string]models.WorkloadList
}

func (WorkloadChecker) Check added in v1.47.0

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL