Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ConstraintAppliesTo ¶
func ConstraintAppliesTo(constraint *kapi.SecurityContextConstraints, userInfo user.Info) bool
constraintAppliesTo inspects the constraint's users and groups against the userInfo to determine if it is usable by the userInfo.
func NewConstraint ¶
NewConstraint creates a new SCC constraint admission plugin.
func NewSCCExecRestrictions ¶
NewSCCExecRestrictions creates a new admission controller that denies an exec operation on a privileged pod
Types ¶
type ByPriority ¶
type ByPriority []*kapi.SecurityContextConstraints
ByRestrictions is a helper to sort SCCs based on priority. If priorities are equal a string compare of the name is used.
func (ByPriority) Len ¶
func (s ByPriority) Len() int
func (ByPriority) Less ¶
func (s ByPriority) Less(i, j int) bool
func (ByPriority) Swap ¶
func (s ByPriority) Swap(i, j int)
type ByRestrictions ¶
type ByRestrictions []*kapi.SecurityContextConstraints
ByRestrictions is a helper to sort SCCs in order of most restrictive to least restrictive.
func (ByRestrictions) Len ¶
func (s ByRestrictions) Len() int
func (ByRestrictions) Less ¶
func (s ByRestrictions) Less(i, j int) bool
func (ByRestrictions) Swap ¶
func (s ByRestrictions) Swap(i, j int)
Click to show internal directories.
Click to hide internal directories.