deployments

package

v0.0.0-...-a187cdb Latest Latest Go to latest Published: Feb 20, 2025 License: Apache-2.0 Imports: 9 Imported by: 3

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubearmor/KubeArmor

Documentation ¶

Index ¶

Variables
func GenerateDaemonSet(env, namespace string) *appsv1.DaemonSet
func GetClusterRole() *rbacv1.ClusterRole
func GetClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding
func GetKubeArmorControllerClusterRole() *rbacv1.ClusterRole
func GetKubeArmorControllerClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding
func GetKubeArmorControllerDeployment(namespace string) *appsv1.Deployment
func GetKubeArmorControllerLeaderElectionRole(namespace string) *rbacv1.Role
func GetKubeArmorControllerLeaderElectionRoleBinding(namespace string) *rbacv1.RoleBinding
func GetKubeArmorControllerMutationAdmissionConfiguration(namespace string, caCert []byte) *admissionregistrationv1.MutatingWebhookConfiguration
func GetKubeArmorControllerServiceAccount(namespace string) *corev1.ServiceAccount
func GetKubeArmorControllerTLSSecret(namespace string, caCert string, tlsCrt string, tlsKey string) *corev1.Secret
func GetKubeArmorControllerWebhookService(namespace string) *corev1.Service
func GetKubearmorConfigMap(namespace, name string) *corev1.ConfigMap
func GetRelayClusterRole() *rbacv1.ClusterRole
func GetRelayClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding
func GetRelayDeployment(namespace string) *appsv1.Deployment
func GetRelayService(namespace string) *corev1.Service
func GetRelayServiceAccount(namespace string) *corev1.ServiceAccount
func GetServiceAccount(namespace string) *corev1.ServiceAccount
type DaemonSetConfig

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	KubeArmorServiceAccountName                      = kubearmor
	KubeArmorClusterRoleBindingName                  = "kubearmor-clusterrolebinding"
	KubeArmorClusterRoleName                         = "kubearmor-clusterrole"
	RelayServiceName                                 = kubearmor
	RelayServiceAccountName                          = "kubearmor-relay"
	RelayClusterRoleName                             = "kubearmor-relay-clusterrole"
	RelayClusterRoleBindingName                      = "kubearmor-relay-clusterrolebinding"
	RelayDeploymentName                              = "kubearmor-relay"
	KubeArmorConfigMapName                           = "kubearmor-config"
	KubeArmorControllerDeploymentName                = "kubearmor-controller"
	KubeArmorControllerServiceAccountName            = KubeArmorControllerDeploymentName
	KubeArmorControllerClusterRoleName               = "kubearmor-controller-clusterrole"
	KubeArmorControllerClusterRoleBindingName        = "kubearmor-controller-clusterrolebinding"
	KubeArmorControllerLeaderElectionRoleName        = "kubearmor-controller-leader-election-role"
	KubeArmorControllerLeaderElectionRoleBindingName = "kubearmor-controller-leader-election-rolebinding"
	KubeArmorControllerWebhookServiceName            = "kubearmor-controller-webhook-service"
	KubeArmorControllerSecretName                    = "kubearmor-controller-webhook-server-cert"
	KubeArmorControllerMutatingWebhookConfiguration  = "kubearmor-controller-mutating-webhook-configuration"
)

K8s Object Name Defaults

View Source

var KubeArmorControllerAllowPrivilegeEscalation = false

View Source

var KubeArmorControllerCertVolume = corev1.Volume{
	Name: "cert",
	VolumeSource: corev1.VolumeSource{
		Secret: &corev1.SecretVolumeSource{
			SecretName:  KubeArmorControllerSecretName,
			DefaultMode: &KubeArmorControllerCertVolumeDefaultMode,
		},
	},
}

View Source

var KubeArmorControllerCertVolumeDefaultMode = int32(420)

View Source

var KubeArmorControllerLabels = map[string]string{
	"kubearmor-app": "kubearmor-controller",
}

View Source

var KubeArmorControllerMutationFullName = "annotation.kubearmor.com"

View Source

var KubeArmorControllerMutationSideEffect = admissionregistrationv1.SideEffectClassNoneOnDryRun

View Source

var KubeArmorControllerPodMutationFailurePolicy = admissionregistrationv1.Ignore

View Source

var KubeArmorControllerPodMutationPath = "/mutate-pods"

Functions ¶

func GenerateDaemonSet ¶

func GenerateDaemonSet(env, namespace string) *appsv1.DaemonSet

GenerateDaemonSet Function

func GetClusterRole ¶

func GetClusterRole() *rbacv1.ClusterRole

GetClusterRole Function

func GetClusterRoleBinding ¶

func GetClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding

GetClusterRoleBinding Function

func GetKubeArmorControllerClusterRole ¶

func GetKubeArmorControllerClusterRole() *rbacv1.ClusterRole

GetKubeArmorControllerClusterRole Function

func GetKubeArmorControllerClusterRoleBinding ¶

func GetKubeArmorControllerClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding

GetKubeArmorControllerClusterRoleBinding Function

func GetKubeArmorControllerDeployment ¶

func GetKubeArmorControllerDeployment(namespace string) *appsv1.Deployment

GetKubeArmorControllerDeployment Function

func GetKubeArmorControllerLeaderElectionRole ¶

func GetKubeArmorControllerLeaderElectionRole(namespace string) *rbacv1.Role

GetKubeArmorControllerLeaderElectionRole Function

func GetKubeArmorControllerLeaderElectionRoleBinding ¶

func GetKubeArmorControllerLeaderElectionRoleBinding(namespace string) *rbacv1.RoleBinding

GetKubeArmorControllerLeaderElectionRoleBinding Function

func GetKubeArmorControllerMutationAdmissionConfiguration ¶

func GetKubeArmorControllerMutationAdmissionConfiguration(namespace string, caCert []byte) *admissionregistrationv1.MutatingWebhookConfiguration

GetKubeArmorControllerMutationAdmissionConfiguration Function

func GetKubeArmorControllerServiceAccount ¶

func GetKubeArmorControllerServiceAccount(namespace string) *corev1.ServiceAccount

GetKubeArmorControllerServiceAccount Function

func GetKubeArmorControllerTLSSecret ¶

func GetKubeArmorControllerTLSSecret(namespace string, caCert string, tlsCrt string, tlsKey string) *corev1.Secret

GetKubeArmorControllerTLSSecret Functionn

func GetKubeArmorControllerWebhookService ¶

func GetKubeArmorControllerWebhookService(namespace string) *corev1.Service

GetKubeArmorControllerWebhookService Function

func GetKubearmorConfigMap ¶

func GetKubearmorConfigMap(namespace, name string) *corev1.ConfigMap

func GetRelayClusterRole ¶

func GetRelayClusterRole() *rbacv1.ClusterRole

GetRelayClusterRole Function

func GetRelayClusterRoleBinding ¶

func GetRelayClusterRoleBinding(namespace string) *rbacv1.ClusterRoleBinding

GetRelayClusterRoleBinding Function

func GetRelayDeployment ¶

func GetRelayDeployment(namespace string) *appsv1.Deployment

GetRelayDeployment Function

func GetRelayService ¶

func GetRelayService(namespace string) *corev1.Service

GetRelayService Function

func GetRelayServiceAccount ¶

func GetRelayServiceAccount(namespace string) *corev1.ServiceAccount

GetRelayServiceAccount Function

func GetServiceAccount ¶

func GetServiceAccount(namespace string) *corev1.ServiceAccount

GetServiceAccount Function

Types ¶

type DaemonSetConfig ¶

type DaemonSetConfig struct {
	Args         []string
	Envs         []corev1.EnvVar
	VolumeMounts []corev1.VolumeMount
	Volumes      []corev1.Volume
}

DaemonSetConfig Structure

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL