v1alpha1

package

v1.18.0-kw9 Latest Latest Go to latest Published: Oct 25, 2023 License: Apache-2.0 Imports: 3 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/kubewarden/k8s-objects

Documentation ¶

Index ¶

Constants
Variables
func Resource(resource string) schema.GroupResource
type AuditSink
- func (v *AuditSink) GroupVersionKind() schema.GroupVersionKind
type AuditSinkList
- func (v *AuditSinkList) GroupVersionKind() schema.GroupVersionKind
type AuditSinkSpec
type Policy
type ServiceReference
type Webhook
type WebhookClientConfig
type WebhookThrottleConfig

Constants ¶

View Source

const GroupName = "auditregistration.k8s.io"

GroupName is the group name use in this package

Variables ¶

View Source

var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

Functions ¶

func Resource ¶

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types ¶

type AuditSink ¶

type AuditSink struct {

	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	APIVersion string `json:"apiVersion,omitempty"`

	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind string `json:"kind,omitempty"`

	// metadata
	Metadata *apimachinery_pkg_apis_meta_v1.ObjectMeta `json:"metadata,omitempty"`

	// Spec defines the audit configuration spec
	Spec *AuditSinkSpec `json:"spec,omitempty"`
}

AuditSink AuditSink represents a cluster level audit sink

swagger:model AuditSink

func (*AuditSink) GroupVersionKind ¶

func (v *AuditSink) GroupVersionKind() schema.GroupVersionKind

type AuditSinkList ¶

type AuditSinkList struct {

	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	APIVersion string `json:"apiVersion,omitempty"`

	// List of audit configurations.
	// Required: true
	Items []*AuditSink `json:"items"`

	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind string `json:"kind,omitempty"`

	// metadata
	Metadata *apimachinery_pkg_apis_meta_v1.ListMeta `json:"metadata,omitempty"`
}

AuditSinkList AuditSinkList is a list of AuditSink items.

swagger:model AuditSinkList

func (*AuditSinkList) GroupVersionKind ¶

func (v *AuditSinkList) GroupVersionKind() schema.GroupVersionKind

type AuditSinkSpec ¶

type AuditSinkSpec struct {

	// Policy defines the policy for selecting which events should be sent to the webhook required
	// Required: true
	Policy *Policy `json:"policy"`

	// Webhook to send events required
	// Required: true
	Webhook *Webhook `json:"webhook"`
}

AuditSinkSpec AuditSinkSpec holds the spec for the audit sink

swagger:model AuditSinkSpec

type Policy ¶

type Policy struct {

	// The Level that all requests are recorded at. available options: None, Metadata, Request, RequestResponse required
	// Required: true
	Level *string `json:"level"`

	// Stages is a list of stages for which events are created.
	Stages []string `json:"stages,omitempty"`
}

Policy Policy defines the configuration of how audit events are logged

swagger:model Policy

type ServiceReference ¶

type ServiceReference struct {

	// `name` is the name of the service. Required
	// Required: true
	Name *string `json:"name"`

	// `namespace` is the namespace of the service. Required
	// Required: true
	Namespace *string `json:"namespace"`

	// `path` is an optional URL path which will be sent in any request to this service.
	Path string `json:"path,omitempty"`

	// If specified, the port on the service that hosting webhook. Default to 443 for backward compatibility. `port` should be a valid port number (1-65535, inclusive).
	Port int32 `json:"port,omitempty"`
}

ServiceReference ServiceReference holds a reference to Service.legacy.k8s.io

swagger:model ServiceReference

type Webhook ¶

type Webhook struct {

	// ClientConfig holds the connection parameters for the webhook required
	// Required: true
	ClientConfig *WebhookClientConfig `json:"clientConfig"`

	// Throttle holds the options for throttling the webhook
	Throttle *WebhookThrottleConfig `json:"throttle,omitempty"`
}

Webhook Webhook holds the configuration of the webhook

swagger:model Webhook

type WebhookClientConfig ¶

type WebhookClientConfig struct {

	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. If unspecified, system trust roots on the apiserver are used.
	// Format: byte
	CaBundle strfmt.Base64 `json:"caBundle,omitempty"`

	// `service` is a reference to the service for this webhook. Either `service` or `url` must be specified.
	//
	// If the webhook is running within the cluster, then you should use `service`.
	Service *ServiceReference `json:"service,omitempty"`

	// `url` gives the location of the webhook, in standard URL form (`scheme://host:port/path`). Exactly one of `url` or `service` must be specified.
	//
	// The `host` should not refer to a service running in the cluster; use the `service` field instead. The host might be resolved via external DNS in some apiservers (e.g., `kube-apiserver` cannot resolve in-cluster DNS as that would be a layering violation). `host` may also be an IP address.
	//
	// Please note that using `localhost` or `127.0.0.1` as a `host` is risky unless you take great care to run this webhook on all hosts which run an apiserver which might need to make calls to this webhook. Such installs are likely to be non-portable, i.e., not easy to turn up in a new cluster.
	//
	// The scheme must be "https"; the URL must begin with "https://".
	//
	// A path is optional, and if present may be any string permissible in a URL. You may use the path to pass an arbitrary string to the webhook, for example, a cluster identifier.
	//
	// Attempting to use a user or basic auth e.g. "user:password@" is not allowed. Fragments ("#...") and query parameters ("?...") are not allowed, either.
	URL string `json:"url,omitempty"`
}

WebhookClientConfig WebhookClientConfig contains the information to make a connection with the webhook

swagger:model WebhookClientConfig

type WebhookThrottleConfig ¶

type WebhookThrottleConfig struct {

	// ThrottleBurst is the maximum number of events sent at the same moment default 15 QPS
	Burst int64 `json:"burst,omitempty"`

	// ThrottleQPS maximum number of batches per second default 10 QPS
	QPS int64 `json:"qps,omitempty"`
}

WebhookThrottleConfig WebhookThrottleConfig holds the configuration for throttling events

swagger:model WebhookThrottleConfig

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL