Documentation ¶
Index ¶
- func MergeResources(a, b map[string]unstructured.Unstructured)
- func ParseNamespacedPolicy(key string) (string, string, bool)
- func UpdateSourceResource(client dclient.Interface, kind, namespace string, policyName string, ...) error
- func Validate(policy kyvernov1.PolicyInterface, client dclient.Interface, mock bool, ...) ([]string, error)
- func ValidateOnPolicyUpdate(p kyvernov1.PolicyInterface, onPolicyUpdate bool) error
- func ValidateVariables(p kyvernov1.PolicyInterface, backgroundMode bool) error
- type Condition
- type PolicyController
- type ResourceManager
- func (rm *ResourceManager) Drop()
- func (rm *ResourceManager) GetScope(kind string) (bool, error)
- func (rm *ResourceManager) ProcessResource(policy, pv, kind, ns, name, rv string) bool
- func (rm *ResourceManager) RegisterResource(policy, pv, kind, ns, name, rv string)
- func (rm *ResourceManager) RegisterScope(kind string, namespaced bool)
- type Validation
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func MergeResources ¶ added in v1.3.0
func MergeResources(a, b map[string]unstructured.Unstructured)
MergeResources merges b into a map
func ParseNamespacedPolicy ¶ added in v1.3.6
func UpdateSourceResource ¶ added in v1.8.2
func UpdateSourceResource(client dclient.Interface, kind, namespace string, policyName string, obj *unstructured.Unstructured) error
func Validate ¶ added in v1.2.0
func Validate(policy kyvernov1.PolicyInterface, client dclient.Interface, mock bool, openApiManager openapi.Manager) ([]string, error)
Validate checks the policy and rules declarations for required configurations
func ValidateOnPolicyUpdate ¶ added in v1.7.0
func ValidateOnPolicyUpdate(p kyvernov1.PolicyInterface, onPolicyUpdate bool) error
func ValidateVariables ¶ added in v1.5.2
func ValidateVariables(p kyvernov1.PolicyInterface, backgroundMode bool) error
Types ¶
type PolicyController ¶
type PolicyController struct {
// contains filtered or unexported fields
}
PolicyController is responsible for synchronizing Policy objects stored in the system with the corresponding policy violations
func NewPolicyController ¶
func NewPolicyController( kyvernoClient versioned.Interface, client dclient.Interface, pInformer kyvernov1informers.ClusterPolicyInformer, npInformer kyvernov1informers.PolicyInformer, urInformer kyvernov1beta1informers.UpdateRequestInformer, configHandler config.Configuration, eventGen event.Interface, namespaces corev1informers.NamespaceInformer, log logr.Logger, reconcilePeriod time.Duration, metricsConfig *metrics.MetricsConfig, ) (*PolicyController, error)
NewPolicyController create a new PolicyController
type ResourceManager ¶
type ResourceManager struct {
// contains filtered or unexported fields
}
ResourceManager stores the details on already processed resources for caching
func NewResourceManager ¶
func NewResourceManager(rebuildTime int64) *ResourceManager
NewResourceManager returns a new ResourceManager
func (*ResourceManager) Drop ¶
func (rm *ResourceManager) Drop()
Drop drop the cache after every rebuild interval mins
func (*ResourceManager) GetScope ¶ added in v1.3.0
func (rm *ResourceManager) GetScope(kind string) (bool, error)
GetScope gets the scope of the given kind return error if kind is not registered
func (*ResourceManager) ProcessResource ¶
func (rm *ResourceManager) ProcessResource(policy, pv, kind, ns, name, rv string) bool
ProcessResource returns true if the policy was not applied on the resource
func (*ResourceManager) RegisterResource ¶
func (rm *ResourceManager) RegisterResource(policy, pv, kind, ns, name, rv string)
RegisterResource stores if the policy is processed on this resource version
func (*ResourceManager) RegisterScope ¶ added in v1.3.0
func (rm *ResourceManager) RegisterScope(kind string, namespaced bool)
RegisterScope stores the scope of the given kind
type Validation ¶ added in v1.2.0
Validation provides methods to validate a rule