policy

package
v1.8.0-rc6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 7, 2022 License: Apache-2.0 Imports: 73 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func MergeResources added in v1.3.0 

func MergeResources(a, b map[string]unstructured.Unstructured)

MergeResources merges b into a map

func ParseNamespacedPolicy added in v1.3.6 

func ParseNamespacedPolicy(key string) (string, string, bool)

func Validate added in v1.2.0 

func Validate(policy kyvernov1.PolicyInterface, client dclient.Interface, mock bool, openAPIController *openapi.Controller) (*admissionv1.AdmissionResponse, error)

Validate checks the policy and rules declarations for required configurations

func ValidateOnPolicyUpdate added in v1.7.0 

func ValidateOnPolicyUpdate(p kyvernov1.PolicyInterface, onPolicyUpdate bool) error

func ValidateVariables added in v1.5.2 

func ValidateVariables(p kyvernov1.PolicyInterface, backgroundMode bool) error

Types

type Condition added in v0.9.1 

type Condition int

Condition defines condition type 

const (
	// NotEvaluate to not evaluate condition
	NotEvaluate Condition = 0
	// Process to evaluate condition
	Process Condition = 1
	// Skip to ignore/skip the condition
	Skip Condition = 2
)

type PolicyController 

type PolicyController struct {
	// contains filtered or unexported fields
}

PolicyController is responsible for synchronizing Policy objects stored in the system with the corresponding policy violations

func NewPolicyController 

func NewPolicyController(
	kyvernoClient versioned.Interface,
	client dclient.Interface,
	pInformer kyvernov1informers.ClusterPolicyInformer,
	npInformer kyvernov1informers.PolicyInformer,
	urInformer kyvernov1beta1informers.UpdateRequestInformer,
	configHandler config.Configuration,
	eventGen event.Interface,
	namespaces corev1informers.NamespaceInformer,
	log logr.Logger,
	reconcilePeriod time.Duration,
	metricsConfig *metrics.MetricsConfig,
) (*PolicyController, error)

NewPolicyController create a new PolicyController

func (*PolicyController) Run 

func (pc *PolicyController) Run(workers int, stopCh <-chan struct{})

Run begins watching and syncing.

type ResourceManager 

type ResourceManager struct {
	// contains filtered or unexported fields
}

ResourceManager stores the details on already processed resources for caching

func NewResourceManager 

func NewResourceManager(rebuildTime int64) *ResourceManager

NewResourceManager returns a new ResourceManager

func (*ResourceManager) Drop 

func (rm *ResourceManager) Drop()

Drop drop the cache after every rebuild interval mins

func (*ResourceManager) GetScope added in v1.3.0 

func (rm *ResourceManager) GetScope(kind string) (bool, error)

GetScope gets the scope of the given kind return error if kind is not registered

func (*ResourceManager) ProcessResource 

func (rm *ResourceManager) ProcessResource(policy, pv, kind, ns, name, rv string) bool

ProcessResource returns true if the policy was not applied on the resource

func (*ResourceManager) RegisterResource 

func (rm *ResourceManager) RegisterResource(policy, pv, kind, ns, name, rv string)

RegisterResource stores if the policy is processed on this resource version

func (*ResourceManager) RegisterScope added in v1.3.0 

func (rm *ResourceManager) RegisterScope(kind string, namespaced bool)

RegisterScope stores the scope of the given kind

type Validation added in v1.2.0 

type Validation interface {
	Validate() (string, error)
}

Validation provides methods to validate a rule

Source Files

View all Source files

Directories

Path Synopsis
fake

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.