v1alpha2

package
v1.12.4-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 11, 2024 License: Apache-2.0 Imports: 5 Imported by: 4

Documentation

Index

Constants

View Source
const GroupName = "wgpolicyk8s.io"

GroupName specifies the group name used to register the objects.

Variables

View Source
var (
	// localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
	SchemeBuilder runtime.SchemeBuilder

	// Depreciated: use Install instead
	AddToScheme = localSchemeBuilder.AddToScheme
	Install     = localSchemeBuilder.AddToScheme
)
View Source
var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha2"}

GroupVersion specifies the group and the version used to register the objects.

View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha2"}

SchemeGroupVersion is group version used to register these objects Deprecated: use GroupVersion instead.

Functions

func RegisterDefaults added in v1.10.5

func RegisterDefaults(scheme *runtime.Scheme) error

RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type ClusterPolicyReport

type ClusterPolicyReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
	// +optional
	Scope *corev1.ObjectReference `json:"scope,omitempty"`

	// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
	// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
	// +optional
	ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`

	// PolicyReportSummary provides a summary of results
	// +optional
	Summary PolicyReportSummary `json:"summary,omitempty"`

	// PolicyReportResult provides result details
	// +optional
	Results []PolicyReportResult `json:"results,omitempty"`
}

ClusterPolicyReport is the Schema for the clusterpolicyreports API

func (*ClusterPolicyReport) DeepCopy

func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReport.

func (*ClusterPolicyReport) DeepCopyInto

func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyReport) DeepCopyObject

func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClusterPolicyReport) GetResults added in v1.8.0

func (r *ClusterPolicyReport) GetResults() []PolicyReportResult

func (*ClusterPolicyReport) SetResults added in v1.8.0

func (r *ClusterPolicyReport) SetResults(results []PolicyReportResult)

func (*ClusterPolicyReport) SetSummary added in v1.8.0

func (r *ClusterPolicyReport) SetSummary(summary PolicyReportSummary)

type ClusterPolicyReportList

type ClusterPolicyReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClusterPolicyReport `json:"items"`
}

ClusterPolicyReportList contains a list of ClusterPolicyReport

func (*ClusterPolicyReportList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReportList.

func (*ClusterPolicyReportList) DeepCopyInto

func (in *ClusterPolicyReportList) DeepCopyInto(out *ClusterPolicyReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyReportList) DeepCopyObject

func (in *ClusterPolicyReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyReport

type PolicyReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
	// +optional
	Scope *corev1.ObjectReference `json:"scope,omitempty"`

	// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
	// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
	// +optional
	ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`

	// PolicyReportSummary provides a summary of results
	// +optional
	Summary PolicyReportSummary `json:"summary,omitempty"`

	// PolicyReportResult provides result details
	// +optional
	Results []PolicyReportResult `json:"results,omitempty"`
}

PolicyReport is the Schema for the policyreports API

func (*PolicyReport) DeepCopy

func (in *PolicyReport) DeepCopy() *PolicyReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReport.

func (*PolicyReport) DeepCopyInto

func (in *PolicyReport) DeepCopyInto(out *PolicyReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyReport) DeepCopyObject

func (in *PolicyReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PolicyReport) GetResults added in v1.8.0

func (r *PolicyReport) GetResults() []PolicyReportResult

func (*PolicyReport) SetResults added in v1.8.0

func (r *PolicyReport) SetResults(results []PolicyReportResult)

func (*PolicyReport) SetSummary added in v1.8.0

func (r *PolicyReport) SetSummary(summary PolicyReportSummary)

type PolicyReportList

type PolicyReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []PolicyReport `json:"items"`
}

PolicyReportList contains a list of PolicyReport

func (*PolicyReportList) DeepCopy

func (in *PolicyReportList) DeepCopy() *PolicyReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportList.

func (*PolicyReportList) DeepCopyInto

func (in *PolicyReportList) DeepCopyInto(out *PolicyReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyReportList) DeepCopyObject

func (in *PolicyReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyReportResult

type PolicyReportResult struct {
	// Source is an identifier for the policy engine that manages this report
	// +optional
	Source string `json:"source"`

	// Policy is the name or identifier of the policy
	Policy string `json:"policy"`

	// Rule is the name or identifier of the rule within the policy
	// +optional
	Rule string `json:"rule,omitempty"`

	// Subjects is an optional reference to the checked Kubernetes resources
	// +optional
	Resources []corev1.ObjectReference `json:"resources,omitempty"`

	// SubjectSelector is an optional label selector for checked Kubernetes resources.
	// For example, a policy result may apply to all pods that match a label.
	// Either a Subject or a SubjectSelector can be specified.
	// If neither are provided, the result is assumed to be for the policy report scope.
	// +optional
	ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`

	// Description is a short user friendly message for the policy rule
	Message string `json:"message,omitempty"`

	// Result indicates the outcome of the policy rule execution
	Result PolicyResult `json:"result,omitempty"`

	// Scored indicates if this result is scored
	Scored bool `json:"scored,omitempty"`

	// Properties provides additional information for the policy rule
	Properties map[string]string `json:"properties,omitempty"`

	// Timestamp indicates the time the result was found
	Timestamp metav1.Timestamp `json:"timestamp,omitempty"`

	// Category indicates policy category
	// +optional
	Category string `json:"category,omitempty"`

	// Severity indicates policy check result criticality
	// +optional
	Severity PolicySeverity `json:"severity,omitempty"`
}

PolicyReportResult provides the result for an individual policy

func (*PolicyReportResult) DeepCopy

func (in *PolicyReportResult) DeepCopy() *PolicyReportResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportResult.

func (*PolicyReportResult) DeepCopyInto

func (in *PolicyReportResult) DeepCopyInto(out *PolicyReportResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyReportSummary

type PolicyReportSummary struct {
	// Pass provides the count of policies whose requirements were met
	// +optional
	Pass int `json:"pass"`

	// Fail provides the count of policies whose requirements were not met
	// +optional
	Fail int `json:"fail"`

	// Warn provides the count of non-scored policies whose requirements were not met
	// +optional
	Warn int `json:"warn"`

	// Error provides the count of policies that could not be evaluated
	// +optional
	Error int `json:"error"`

	// Skip indicates the count of policies that were not selected for evaluation
	// +optional
	Skip int `json:"skip"`
}

PolicyReportSummary provides a status count summary

func (*PolicyReportSummary) DeepCopy

func (in *PolicyReportSummary) DeepCopy() *PolicyReportSummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportSummary.

func (*PolicyReportSummary) DeepCopyInto

func (in *PolicyReportSummary) DeepCopyInto(out *PolicyReportSummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (PolicyReportSummary) ToMap

func (prs PolicyReportSummary) ToMap() map[string]interface{}

type PolicyResult

type PolicyResult string

PolicyResult has one of the following values:

  • pass: indicates that the policy requirements are met
  • fail: indicates that the policy requirements are not met
  • warn: indicates that the policy requirements and not met, and the policy is not scored
  • error: indicates that the policy could not be evaluated
  • skip: indicates that the policy was not selected based on user inputs or applicability
const (
	StatusPass  PolicyResult = "pass"
	StatusFail  PolicyResult = "fail"
	StatusWarn  PolicyResult = "warn"
	StatusError PolicyResult = "error"
	StatusSkip  PolicyResult = "skip"
)

Status specifies state of a policy result

type PolicySeverity

type PolicySeverity string

PolicySeverity has one of the following values: - critical - high - low - medium - info

const (
	SeverityCritical PolicySeverity = "critical"
	SeverityHigh     PolicySeverity = "high"
	SeverityMedium   PolicySeverity = "medium"
	SeverityLow      PolicySeverity = "low"
	SeverityInfo     PolicySeverity = "info"
)

Severity specifies priority of a policy result

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL