Affected by 
Documentation
¶
Index ¶
- func ApplyPatches(resource []byte, patches []PatchBytes) ([]byte, error)
- func Generate(client *client.Client, policy kubepolicy.Policy, rawResource []byte, ...)
- func ParseNameFromObject(bytes []byte) string
- func ParseNamespaceFromObject(bytes []byte) string
- func ParseRegexPolicyResourceName(policyResourceName string) (string, bool)
- func ProcessExisting(policy types.Policy, rawResource []byte) ([]violation.Info, []event.Info, error)
- func ResourceMeetsDescription(resourceRaw []byte, description kubepolicy.ResourceDescription, ...) bool
- func Validate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind) result.Result
- func ValidateValueWithPattern(value, pattern interface{}) bool
- type Operator
- type PatchBytes
- func JoinPatches(patches []PatchBytes) PatchBytes
- func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind) ([]PatchBytes, result.Result)
- func ProcessOverlay(rule kubepolicy.Rule, rawResource []byte, gvk metav1.GroupVersionKind) ([]PatchBytes, result.RuleApplicationResult)
- func ProcessPatches(rule kubepolicy.Rule, resource []byte) ([]PatchBytes, result.RuleApplicationResult)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ApplyPatches ¶
func ApplyPatches(resource []byte, patches []PatchBytes) ([]byte, error)
ApplyPatches patches given resource with given patches and returns patched document
func Generate ¶
func Generate(client *client.Client, policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind)
Generate should be called to process generate rules on the resource
func ParseNameFromObject ¶
ParseNameFromObject extracts resource name from JSON obj
func ParseNamespaceFromObject ¶
ParseNamespaceFromObject extracts the namespace from the JSON obj
func ParseRegexPolicyResourceName ¶
returns true if policyResourceName is a regexp
func ProcessExisting ¶
func ProcessExisting(policy types.Policy, rawResource []byte) ([]violation.Info, []event.Info, error)
ProcessExisting checks for mutation and validation violations of existing resources
func ResourceMeetsDescription ¶
func ResourceMeetsDescription(resourceRaw []byte, description kubepolicy.ResourceDescription, gvk metav1.GroupVersionKind) bool
ResourceMeetsDescription checks requests kind, name and labels to fit the policy rule
func Validate ¶
func Validate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind) result.Result
Validate handles validating admission request Checks the target resources for rules defined in the policy
func ValidateValueWithPattern ¶
func ValidateValueWithPattern(value, pattern interface{}) bool
ValidateValueWithPattern validates value with operators and wildcards
Types ¶
type Operator ¶
type Operator string
Operator is string alias that represents selection operators enum
type PatchBytes ¶
type PatchBytes []byte
PatchBytes stands for []byte
func JoinPatches ¶
func JoinPatches(patches []PatchBytes) PatchBytes
JoinPatches joins array of serialized JSON patches to the single JSONPatch array
func Mutate ¶
func Mutate(policy kubepolicy.Policy, rawResource []byte, gvk metav1.GroupVersionKind) ([]PatchBytes, result.Result)
Mutate performs mutation. Overlay first and then mutation patches
func ProcessOverlay ¶
func ProcessOverlay(rule kubepolicy.Rule, rawResource []byte, gvk metav1.GroupVersionKind) ([]PatchBytes, result.RuleApplicationResult)
ProcessOverlay handles validating admission request Checks the target resources for rules defined in the policy
func ProcessPatches ¶
func ProcessPatches(rule kubepolicy.Rule, resource []byte) ([]PatchBytes, result.RuleApplicationResult)
ProcessPatches Returns array from separate patches that can be applied to the document Returns error ONLY in case when creation of resource should be denied.
Source Files