Documentation ¶
Index ¶
- func EvaluatePod(rule *kyvernov1.PodSecurity, pod *corev1.Pod) (bool, []pssutils.PSSCheckResult, error)
- func FormatChecksPrint(checks []pssutils.PSSCheckResult) string
- func GetPodWithMatchingContainers(exclude kyvernov1.PodSecurityStandard, pod *corev1.Pod) (podSpec, matching *corev1.Pod)
- func GetRestrictedFields(check policy.Check) []pssutils.RestrictedField
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EvaluatePod ¶
func EvaluatePod(rule *kyvernov1.PodSecurity, pod *corev1.Pod) (bool, []pssutils.PSSCheckResult, error)
EvaluatePod applies PSS checks to the pod and exempts controls specified in the rule
func FormatChecksPrint ¶
func FormatChecksPrint(checks []pssutils.PSSCheckResult) string
func GetPodWithMatchingContainers ¶
func GetPodWithMatchingContainers(exclude kyvernov1.PodSecurityStandard, pod *corev1.Pod) (podSpec, matching *corev1.Pod)
GetPodWithMatchingContainers extracts matching container/pod info by the given exclude rule and returns pod manifests containing spec and container info respectively
func GetRestrictedFields ¶
func GetRestrictedFields(check policy.Check) []pssutils.RestrictedField
Get restrictedFields from Check.ID
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.