Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type EngineResponse ¶
type EngineResponse struct { // Resource patched with the engine action changes PatchedResource unstructured.Unstructured // Policy Response PolicyResponse PolicyResponse }
EngineResponse engine response to the action
func (EngineResponse) GetFailedRules ¶
func (er EngineResponse) GetFailedRules() []string
GetFailedRules returns failed rules
func (EngineResponse) GetPatches ¶
func (er EngineResponse) GetPatches() [][]byte
GetPatches returns all the patches joined
func (EngineResponse) GetResourceSpec ¶ added in v1.3.0
func (er EngineResponse) GetResourceSpec() ResourceSpec
GetResourceSpec returns resourceSpec of er
func (EngineResponse) GetSuccessRules ¶
func (er EngineResponse) GetSuccessRules() []string
GetSuccessRules returns success rules
func (EngineResponse) IsFailed ¶ added in v1.4.2
func (er EngineResponse) IsFailed() bool
IsFailed checks if any rule has succeeded or not
func (EngineResponse) IsSuccessful ¶ added in v1.2.0
func (er EngineResponse) IsSuccessful() bool
IsSuccessful checks if any rule has failed or not
type PolicyResponse ¶
type PolicyResponse struct { // policy details Policy PolicySpec `json:"policy"` // resource details Resource ResourceSpec `json:"resource"` // policy statistics PolicyStats `json:",inline"` // rule response Rules []RuleResponse `json:"rules"` // ValidationFailureAction: audit (default) or enforce ValidationFailureAction string }
PolicyResponse policy application response
type PolicySpec ¶ added in v1.4.2
PolicySpec policy
type PolicyStats ¶
type PolicyStats struct { // time required to process the policy rules on a resource ProcessingTime time.Duration `json:"processingTime"` // Count of rules that were applied successfully RulesAppliedCount int `json:"rulesAppliedCount"` // Count of rules that with execution errors RulesErrorCount int `json:"rulesErrorCount"` // Timestamp of the instant the Policy was triggered PolicyExecutionTimestamp int64 `json:"policyExecutionTimestamp"` }
PolicyStats stores statistics for the single policy application
type ResourceSpec ¶
type ResourceSpec struct { Kind string `json:"kind"` APIVersion string `json:"apiVersion"` Namespace string `json:"namespace"` Name string `json:"name"` // UID is not used to build the unique identifier // optional UID string `json:"uid"` }
ResourceSpec resource action applied on
type RuleResponse ¶
type RuleResponse struct { // rule name specified in policy Name string `json:"name"` // rule type (Mutation,Generation,Validation) for Kyverno Policy Type string `json:"type"` // message response from the rule application Message string `json:"message"` // JSON patches, for mutation rules Patches [][]byte `json:"patches,omitempty"` // rule status Status RuleStatus `json:"status"` // statistics RuleStats `json:",inline"` }
RuleResponse details for each rule application
type RuleStats ¶
type RuleStats struct { // time required to apply the rule on the resource ProcessingTime time.Duration `json:"processingTime"` // Timestamp of the instant the rule got triggered RuleExecutionTimestamp int64 `json:"ruleExecutionTimestamp"` }
RuleStats stores the statistics for the single rule application
type RuleStatus ¶ added in v1.5.0
type RuleStatus int
RuleStatus represents the status of rule execution
const ( // RuleStatusPass indicates that the resources meets the policy rule requirements RuleStatusPass RuleStatus = iota // Fail indicates that the resource does not meet the policy rule requirements RuleStatusFail // Warn indicates that the the resource does not meet the policy rule requirements, but the policy is not scored RuleStatusWarn // Error indicates that the policy rule could not be evaluated due to a processing error, for // example when a variable cannot be resolved in the policy rule definition. Note that variables // that cannot be resolved in preconditions are replaced with empty values to allow existence // checks. RuleStatusError // Skip indicates that the policy rule was not selected based on user inputs or applicability, for example // when preconditions are not met, or when conditional or global anchors are not satistied. RuleStatusSkip )
RuleStatusPass is used to report the result of processing a rule.
func (*RuleStatus) MarshalJSON ¶ added in v1.5.0
func (s *RuleStatus) MarshalJSON() ([]byte, error)
MarshalJSON marshals the enum as a quoted json string
func (*RuleStatus) String ¶ added in v1.5.0
func (s *RuleStatus) String() string
func (*RuleStatus) UnmarshalJSON ¶ added in v1.5.0
func (s *RuleStatus) UnmarshalJSON(b []byte) error
UnmarshalJSON unmarshals a quoted json string to the enum value
func (*RuleStatus) UnmarshalYAML ¶ added in v1.5.0
func (v *RuleStatus) UnmarshalYAML(unmarshal func(interface{}) error) error