Documentation ¶
Index ¶
- Constants
- func EmptyValidValidation(name, namespace, objectType, cluster string) (models.IstioValidationKey, *models.IstioValidation)
- func EmptyValidValidations(name, namespace, objectType, cluster string) models.IstioValidations
- type AuthorizationPolicyChecker
- type Checker
- type DestinationRulesChecker
- type GatewayChecker
- type GroupChecker
- type K8sGatewayChecker
- type K8sHTTPRouteChecker
- type K8sReferenceGrantChecker
- type NoServiceChecker
- type PeerAuthenticationChecker
- type RequestAuthenticationChecker
- type ServiceChecker
- type ServiceEntryChecker
- type SidecarChecker
- type TelemetryChecker
- type VirtualServiceChecker
- type WasmPluginChecker
- type WorkloadChecker
Constants ¶
const AuthorizationPolicyCheckerType = "authorizationpolicy"
const DestinationRuleCheckerType = "destinationrule"
const GatewayCheckerType = "gateway"
const K8sGatewayCheckerType = "k8sgateway"
const K8sHTTPRouteCheckerType = "k8shttproute"
const K8sReferenceGrantCheckerType = "k8sreferencegrant"
const PeerAuthenticationCheckerType = "peerauthentication"
const RequestAuthenticationCheckerType = "requestauthentication"
const ServiceCheckerType = "service"
const ServiceEntryCheckerType = "serviceentry"
const ServiceRoleCheckerType = "servicerole"
const SidecarCheckerType = "sidecar"
const TelemetryCheckerType = "telemetry"
const VirtualCheckerType = "virtualservice"
const WasmPluginCheckerType = "wasmplugin"
const WorkloadCheckerType = "workload"
Variables ¶
This section is empty.
Functions ¶
func EmptyValidValidation ¶ added in v0.17.0
func EmptyValidValidation(name, namespace, objectType, cluster string) (models.IstioValidationKey, *models.IstioValidation)
func EmptyValidValidations ¶ added in v0.17.0
func EmptyValidValidations(name, namespace, objectType, cluster string) models.IstioValidations
EmptyValidValidation returns a stub validation object which can be used by checkers
Types ¶
type AuthorizationPolicyChecker ¶ added in v1.14.0
type AuthorizationPolicyChecker struct { AuthorizationPolicies []*security_v1beta.AuthorizationPolicy Namespaces models.Namespaces ServiceEntries []*networking_v1beta1.ServiceEntry WorkloadsPerNamespace map[string]models.WorkloadList MtlsDetails kubernetes.MTLSDetails VirtualServices []*networking_v1beta1.VirtualService RegistryServices []*kubernetes.RegistryService PolicyAllowAny bool Cluster string }
func (AuthorizationPolicyChecker) Check ¶ added in v1.14.0
func (a AuthorizationPolicyChecker) Check() models.IstioValidations
func (AuthorizationPolicyChecker) ServiceAccountNames ¶ added in v1.51.1
func (a AuthorizationPolicyChecker) ServiceAccountNames(clusterName string) []string
ServiceAccountNames returns a list of names of the ServiceAccounts retrieved from Registry Services.
type Checker ¶
type Checker interface {
Check() ([]*models.IstioCheck, bool)
}
type DestinationRulesChecker ¶
type DestinationRulesChecker struct { DestinationRules []*networking_v1beta1.DestinationRule MTLSDetails kubernetes.MTLSDetails ServiceEntries []*networking_v1beta1.ServiceEntry Namespaces models.Namespaces Cluster string }
func (DestinationRulesChecker) Check ¶
func (in DestinationRulesChecker) Check() models.IstioValidations
type GatewayChecker ¶ added in v0.11.0
type GatewayChecker struct { Gateways []*networking_v1beta1.Gateway WorkloadsPerNamespace map[string]models.WorkloadList IsGatewayToNamespace bool Cluster string }
func (GatewayChecker) Check ¶ added in v0.11.0
func (g GatewayChecker) Check() models.IstioValidations
Check runs checks for the all namespaces actions as well as for the single namespace validations
type GroupChecker ¶
type GroupChecker interface {
Check() models.IstioValidations
}
type K8sGatewayChecker ¶ added in v1.63.0
type K8sGatewayChecker struct { K8sGateways []*k8s_networking_v1.Gateway GatewayClasses []config.GatewayAPIClass Cluster string }
func (K8sGatewayChecker) Check ¶ added in v1.63.0
func (g K8sGatewayChecker) Check() models.IstioValidations
Check runs checks for the all namespaces actions as well as for the single namespace validations
type K8sHTTPRouteChecker ¶ added in v1.63.0
type K8sHTTPRouteChecker struct { Cluster string K8sGateways []*k8s_networking_v1.Gateway K8sHTTPRoutes []*k8s_networking_v1.HTTPRoute K8sReferenceGrants []*k8s_networking_v1beta1.ReferenceGrant Namespaces models.Namespaces RegistryServices []*kubernetes.RegistryService }
func (K8sHTTPRouteChecker) Check ¶ added in v1.63.0
func (in K8sHTTPRouteChecker) Check() models.IstioValidations
Check runs checks for the all namespaces actions as well as for the single namespace validations
type K8sReferenceGrantChecker ¶ added in v1.79.0
type K8sReferenceGrantChecker struct { Cluster string K8sReferenceGrants []*k8s_networking_v1beta1.ReferenceGrant Namespaces models.Namespaces }
func (K8sReferenceGrantChecker) Check ¶ added in v1.79.0
func (in K8sReferenceGrantChecker) Check() models.IstioValidations
Check runs checks for the all namespaces actions as well as for the single namespace validations
type NoServiceChecker ¶
type NoServiceChecker struct { Namespaces models.Namespaces IstioConfigList *models.IstioConfigList WorkloadsPerNamespace map[string]models.WorkloadList AuthorizationDetails *kubernetes.RBACDetails RegistryServices []*kubernetes.RegistryService PolicyAllowAny bool Cluster string }
func (NoServiceChecker) Check ¶
func (in NoServiceChecker) Check() models.IstioValidations
type PeerAuthenticationChecker ¶ added in v1.18.1
type PeerAuthenticationChecker struct { PeerAuthentications []*security_v1beta.PeerAuthentication MTLSDetails kubernetes.MTLSDetails WorkloadsPerNamespace map[string]models.WorkloadList Cluster string }
func (PeerAuthenticationChecker) Check ¶ added in v1.18.1
func (m PeerAuthenticationChecker) Check() models.IstioValidations
type RequestAuthenticationChecker ¶ added in v1.22.1
type RequestAuthenticationChecker struct { RequestAuthentications []*security_v1beta.RequestAuthentication WorkloadsPerNamespace map[string]models.WorkloadList Cluster string }
func (RequestAuthenticationChecker) Check ¶ added in v1.22.1
func (m RequestAuthenticationChecker) Check() models.IstioValidations
type ServiceChecker ¶ added in v0.19.0
type ServiceChecker struct { Services []v1.Service Deployments []apps_v1.Deployment Pods []core_v1.Pod Cluster string }
func (ServiceChecker) Check ¶ added in v0.19.0
func (sc ServiceChecker) Check() models.IstioValidations
type ServiceEntryChecker ¶ added in v0.16.0
type ServiceEntryChecker struct { ServiceEntries []*networking_v1beta1.ServiceEntry Namespaces models.Namespaces WorkloadEntries []*networking_v1beta1.WorkloadEntry Cluster string }
func (ServiceEntryChecker) Check ¶ added in v0.16.0
func (s ServiceEntryChecker) Check() models.IstioValidations
type SidecarChecker ¶ added in v1.15.0
type SidecarChecker struct { Sidecars []*networking_v1beta1.Sidecar ServiceEntries []*networking_v1beta1.ServiceEntry Namespaces models.Namespaces WorkloadsPerNamespace map[string]models.WorkloadList RegistryServices []*kubernetes.RegistryService Cluster string }
func (SidecarChecker) Check ¶ added in v1.15.0
func (s SidecarChecker) Check() models.IstioValidations
type TelemetryChecker ¶ added in v1.56.0
type TelemetryChecker struct { Namespaces models.Namespaces Telemetries []*v1alpha1.Telemetry }
func (TelemetryChecker) Check ¶ added in v1.56.0
func (in TelemetryChecker) Check() models.IstioValidations
An Object Checker runs all checkers for an specific object type (i.e.: pod, route rule,...) It run two kinds of checkers: 1. Individual checks: validating individual objects. 2. Group checks: validating behaviour between configurations.
type VirtualServiceChecker ¶
type VirtualServiceChecker struct { Namespaces models.Namespaces Cluster string VirtualServices []*networking_v1beta1.VirtualService DestinationRules []*networking_v1beta1.DestinationRule }
func (VirtualServiceChecker) Check ¶
func (in VirtualServiceChecker) Check() models.IstioValidations
An Object Checker runs all checkers for an specific object type (i.e.: pod, route rule,...) It run two kinds of checkers: 1. Individual checks: validating individual objects. 2. Group checks: validating behaviour between configurations.
type WasmPluginChecker ¶ added in v1.56.0
type WasmPluginChecker struct { Namespaces models.Namespaces WasmPlugins []*extentions_v1alpha1.WasmPlugin }
func (WasmPluginChecker) Check ¶ added in v1.56.0
func (in WasmPluginChecker) Check() models.IstioValidations
An Object Checker runs all checkers for an specific object type (i.e.: pod, route rule,...) It run two kinds of checkers: 1. Individual checks: validating individual objects. 2. Group checks: validating behaviour between configurations.
type WorkloadChecker ¶ added in v1.47.0
type WorkloadChecker struct { AuthorizationPolicies []*security_v1beta1.AuthorizationPolicy WorkloadsPerNamespace map[string]models.WorkloadList Cluster string }
func (WorkloadChecker) Check ¶ added in v1.47.0
func (w WorkloadChecker) Check() models.IstioValidations
Source Files ¶
- authorization_policies_checker.go
- checker.go
- destination_rules_checker.go
- gateway_checker.go
- k8sgateway_checker.go
- k8shttproute_checker.go
- k8sreferencegrants_checker.go
- no_service_checker.go
- peer_authentication_checker.go
- request_authentication_checker.go
- service_checker.go
- service_entry_checker.go
- sidecars_checker.go
- telemetries_checker.go
- virtual_service_checker.go
- wasm_plugin_checker.go
- workloads_checker.go