Documentation ¶
Index ¶
- Variables
- func StartSecurityPolicyController(mgr ctrl.Manager, commonService servicecommon.Service, ...)
- type EnqueueRequestForNamespace
- func (e *EnqueueRequestForNamespace) Create(_ context.Context, _ event.CreateEvent, _ workqueue.RateLimitingInterface)
- func (e *EnqueueRequestForNamespace) Delete(_ context.Context, _ event.DeleteEvent, _ workqueue.RateLimitingInterface)
- func (e *EnqueueRequestForNamespace) Generic(_ context.Context, _ event.GenericEvent, _ workqueue.RateLimitingInterface)
- func (e *EnqueueRequestForNamespace) Update(_ context.Context, updateEvent event.UpdateEvent, ...)
- type EnqueueRequestForPod
- func (e *EnqueueRequestForPod) Create(_ context.Context, createEvent event.CreateEvent, ...)
- func (e *EnqueueRequestForPod) Delete(_ context.Context, deleteEvent event.DeleteEvent, ...)
- func (e *EnqueueRequestForPod) Generic(_ context.Context, genericEvent event.GenericEvent, ...)
- func (e *EnqueueRequestForPod) Raw(evt interface{}, q workqueue.RateLimitingInterface)
- func (e *EnqueueRequestForPod) Update(_ context.Context, updateEvent event.UpdateEvent, ...)
- type SecurityPolicyReconciler
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ResultNormal = common.ResultNormal ResultRequeue = common.ResultRequeue ResultRequeueAfter5mins = common.ResultRequeueAfter5mins MetricResType = common.MetricResTypeSecurityPolicy )
View Source
var PredicateFuncsNs = predicate.Funcs{ CreateFunc: func(e event.CreateEvent) bool { return false }, UpdateFunc: func(e event.UpdateEvent) bool { oldObj := e.ObjectOld.(*v1.Namespace) newObj := e.ObjectNew.(*v1.Namespace) log.V(1).Info("receive namespace update event", "name", oldObj.Name) if reflect.DeepEqual(oldObj.ObjectMeta.Labels, newObj.ObjectMeta.Labels) { log.Info("label of namespace is not changed, ignore it", "name", oldObj.Name) return false } return true }, DeleteFunc: func(e event.DeleteEvent) bool { return false }, }
View Source
var PredicateFuncsPod = predicate.Funcs{ CreateFunc: func(e event.CreateEvent) bool { if p, ok := e.Object.(*v1.Pod); ok { log.V(1).Info("receive pod create event", "namespace", p.Namespace, "name", p.Name) return util.CheckPodHasNamedPort(*p, "create") } return false }, UpdateFunc: func(e event.UpdateEvent) bool { oldObj := e.ObjectOld.(*v1.Pod) newObj := e.ObjectNew.(*v1.Pod) log.V(1).Info("receive pod update event", "namespace", oldObj.Namespace, "name", oldObj.Name) if reflect.DeepEqual(oldObj.ObjectMeta.Labels, newObj.ObjectMeta.Labels) { log.V(1).Info("label of pod is not changed, ignore it", "name", oldObj.Name) return false } if util.CheckPodHasNamedPort(*newObj, "update") { return true } return false }, DeleteFunc: func(e event.DeleteEvent) bool { if p, ok := e.Object.(*v1.Pod); ok { log.V(1).Info("receive pod delete event", "namespace", p.Namespace, "name", p.Name) return util.CheckPodHasNamedPort(*p, "delete") } return false }, }
Functions ¶
func StartSecurityPolicyController ¶
func StartSecurityPolicyController(mgr ctrl.Manager, commonService servicecommon.Service, vpcService servicecommon.VPCServiceProvider)
Types ¶
type EnqueueRequestForNamespace ¶
func (*EnqueueRequestForNamespace) Create ¶
func (e *EnqueueRequestForNamespace) Create(_ context.Context, _ event.CreateEvent, _ workqueue.RateLimitingInterface)
func (*EnqueueRequestForNamespace) Delete ¶
func (e *EnqueueRequestForNamespace) Delete(_ context.Context, _ event.DeleteEvent, _ workqueue.RateLimitingInterface)
func (*EnqueueRequestForNamespace) Generic ¶
func (e *EnqueueRequestForNamespace) Generic(_ context.Context, _ event.GenericEvent, _ workqueue.RateLimitingInterface)
func (*EnqueueRequestForNamespace) Update ¶
func (e *EnqueueRequestForNamespace) Update(_ context.Context, updateEvent event.UpdateEvent, l workqueue.RateLimitingInterface)
type EnqueueRequestForPod ¶
func (*EnqueueRequestForPod) Create ¶
func (e *EnqueueRequestForPod) Create(_ context.Context, createEvent event.CreateEvent, q workqueue.RateLimitingInterface)
func (*EnqueueRequestForPod) Delete ¶
func (e *EnqueueRequestForPod) Delete(_ context.Context, deleteEvent event.DeleteEvent, q workqueue.RateLimitingInterface)
func (*EnqueueRequestForPod) Generic ¶
func (e *EnqueueRequestForPod) Generic(_ context.Context, genericEvent event.GenericEvent, q workqueue.RateLimitingInterface)
func (*EnqueueRequestForPod) Raw ¶
func (e *EnqueueRequestForPod) Raw(evt interface{}, q workqueue.RateLimitingInterface)
func (*EnqueueRequestForPod) Update ¶
func (e *EnqueueRequestForPod) Update(_ context.Context, updateEvent event.UpdateEvent, q workqueue.RateLimitingInterface)
type SecurityPolicyReconciler ¶
type SecurityPolicyReconciler struct { Client client.Client Scheme *apimachineryruntime.Scheme Service *securitypolicy.SecurityPolicyService Recorder record.EventRecorder }
SecurityPolicyReconciler SecurityPolicyReconcile reconciles a SecurityPolicy object
func (*SecurityPolicyReconciler) GarbageCollector ¶
func (r *SecurityPolicyReconciler) GarbageCollector(cancel chan bool, timeout time.Duration)
GarbageCollector collect securitypolicy which has been removed from k8s. cancel is used to break the loop during UT
Click to show internal directories.
Click to hide internal directories.