util

package

v1.7.0-beta.1 Latest Latest Go to latest Published: Jun 8, 2017 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/lujinda/kubernetes

Documentation ¶

Overview ¶

Package util contains utility code shared amongst different parts of the pod security policy apparatus.

Index ¶

Constants
func FSTypeToStringSet(fsTypes []extensions.FSType) sets.String
func GetAllFSTypesAsSet() sets.String
func GetAllFSTypesExcept(exceptions ...string) sets.String
func GetVolumeFSType(v api.Volume) (extensions.FSType, error)
func GroupFallsInRange(id types.UnixGroupID, rng extensions.GroupIDRange) bool
func PSPAllowsAllVolumes(psp *extensions.PodSecurityPolicy) bool
func PSPAllowsFSType(psp *extensions.PodSecurityPolicy, fsType extensions.FSType) bool
func PSPAllowsHostVolumePath(psp *extensions.PodSecurityPolicy, hostPath string) bool
func UserFallsInRange(id types.UnixUserID, rng extensions.UserIDRange) bool

Constants ¶

View Source

const (
	ValidatedPSPAnnotation = "kubernetes.io/psp"
)

Variables ¶

This section is empty.

Functions ¶

func FSTypeToStringSet ¶

func FSTypeToStringSet(fsTypes []extensions.FSType) sets.String

FSTypeToStringSet converts an FSType slice to a string set.

func GetAllFSTypesAsSet ¶

func GetAllFSTypesAsSet() sets.String

func GetAllFSTypesExcept ¶

func GetAllFSTypesExcept(exceptions ...string) sets.String

func GetVolumeFSType ¶

func GetVolumeFSType(v api.Volume) (extensions.FSType, error)

getVolumeFSType gets the FSType for a volume.

func GroupFallsInRange ¶ added in v1.7.0

func GroupFallsInRange(id types.UnixGroupID, rng extensions.GroupIDRange) bool

GroupFallsInRange is a utility to determine it the id falls in the valid range.

func PSPAllowsAllVolumes ¶

func PSPAllowsAllVolumes(psp *extensions.PodSecurityPolicy) bool

PSPAllowsAllVolumes checks for FSTypeAll in the psp's allowed volumes.

func PSPAllowsFSType ¶

func PSPAllowsFSType(psp *extensions.PodSecurityPolicy, fsType extensions.FSType) bool

PSPAllowsFSType is a utility for checking if a PSP allows a particular FSType. If all volumes are allowed then this will return true for any FSType passed.

func PSPAllowsHostVolumePath ¶

func PSPAllowsHostVolumePath(psp *extensions.PodSecurityPolicy, hostPath string) bool

PSPAllowsHostVolumePath is a utility for checking if a PSP allows the host volume path. This only checks the path. You should still check to make sure the host volume fs type is allowed.

func UserFallsInRange ¶ added in v1.7.0

func UserFallsInRange(id types.UnixUserID, rng extensions.UserIDRange) bool

UserFallsInRange is a utility to determine it the id falls in the valid range.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL