v1alpha1

package
v0.1.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 25, 2024 License: MIT Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source
const (
	SeedAuditResourceName  = "extension-audit"
	ShootAuditResourceName = "extension-audit-shoot"

	ShootAudittailerNamespace = "audit"

	AuditWebhookModeBatch          AuditWebhookMode = "batch"
	AuditWebhookModeBlocking       AuditWebhookMode = "blocking"
	AuditWebhookModeBlockingStrict AuditWebhookMode = "blocking-strict"

	SplunkSecretTokenKey  = "token"
	SplunkSecretCaFileKey = "ca"
)
View Source
const GroupName = "audit.metal.extensions.gardener.cloud"

GroupName is the group name use in this package

Variables

View Source
var (
	// SchemeBuilder used to register the Shoot resource.
	SchemeBuilder runtime.SchemeBuilder

	// AddToScheme is a pointer to SchemeBuilder.AddToScheme.
	AddToScheme = localSchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

Functions

func Convert_audit_AuditBackendClusterForwarding_To_v1alpha1_AuditBackendClusterForwarding

func Convert_audit_AuditBackendClusterForwarding_To_v1alpha1_AuditBackendClusterForwarding(in *audit.AuditBackendClusterForwarding, out *AuditBackendClusterForwarding, s conversion.Scope) error

Convert_audit_AuditBackendClusterForwarding_To_v1alpha1_AuditBackendClusterForwarding is an autogenerated conversion function.

func Convert_audit_AuditBackendLog_To_v1alpha1_AuditBackendLog

func Convert_audit_AuditBackendLog_To_v1alpha1_AuditBackendLog(in *audit.AuditBackendLog, out *AuditBackendLog, s conversion.Scope) error

Convert_audit_AuditBackendLog_To_v1alpha1_AuditBackendLog is an autogenerated conversion function.

func Convert_audit_AuditBackendSplunk_To_v1alpha1_AuditBackendSplunk

func Convert_audit_AuditBackendSplunk_To_v1alpha1_AuditBackendSplunk(in *audit.AuditBackendSplunk, out *AuditBackendSplunk, s conversion.Scope) error

Convert_audit_AuditBackendSplunk_To_v1alpha1_AuditBackendSplunk is an autogenerated conversion function.

func Convert_audit_AuditBackends_To_v1alpha1_AuditBackends

func Convert_audit_AuditBackends_To_v1alpha1_AuditBackends(in *audit.AuditBackends, out *AuditBackends, s conversion.Scope) error

Convert_audit_AuditBackends_To_v1alpha1_AuditBackends is an autogenerated conversion function.

func Convert_audit_AuditConfig_To_v1alpha1_AuditConfig

func Convert_audit_AuditConfig_To_v1alpha1_AuditConfig(in *audit.AuditConfig, out *AuditConfig, s conversion.Scope) error

Convert_audit_AuditConfig_To_v1alpha1_AuditConfig is an autogenerated conversion function.

func Convert_audit_AuditPersistence_To_v1alpha1_AuditPersistence

func Convert_audit_AuditPersistence_To_v1alpha1_AuditPersistence(in *audit.AuditPersistence, out *AuditPersistence, s conversion.Scope) error

Convert_audit_AuditPersistence_To_v1alpha1_AuditPersistence is an autogenerated conversion function.

func Convert_v1alpha1_AuditBackendClusterForwarding_To_audit_AuditBackendClusterForwarding

func Convert_v1alpha1_AuditBackendClusterForwarding_To_audit_AuditBackendClusterForwarding(in *AuditBackendClusterForwarding, out *audit.AuditBackendClusterForwarding, s conversion.Scope) error

Convert_v1alpha1_AuditBackendClusterForwarding_To_audit_AuditBackendClusterForwarding is an autogenerated conversion function.

func Convert_v1alpha1_AuditBackendLog_To_audit_AuditBackendLog

func Convert_v1alpha1_AuditBackendLog_To_audit_AuditBackendLog(in *AuditBackendLog, out *audit.AuditBackendLog, s conversion.Scope) error

Convert_v1alpha1_AuditBackendLog_To_audit_AuditBackendLog is an autogenerated conversion function.

func Convert_v1alpha1_AuditBackendSplunk_To_audit_AuditBackendSplunk

func Convert_v1alpha1_AuditBackendSplunk_To_audit_AuditBackendSplunk(in *AuditBackendSplunk, out *audit.AuditBackendSplunk, s conversion.Scope) error

Convert_v1alpha1_AuditBackendSplunk_To_audit_AuditBackendSplunk is an autogenerated conversion function.

func Convert_v1alpha1_AuditBackends_To_audit_AuditBackends

func Convert_v1alpha1_AuditBackends_To_audit_AuditBackends(in *AuditBackends, out *audit.AuditBackends, s conversion.Scope) error

Convert_v1alpha1_AuditBackends_To_audit_AuditBackends is an autogenerated conversion function.

func Convert_v1alpha1_AuditConfig_To_audit_AuditConfig

func Convert_v1alpha1_AuditConfig_To_audit_AuditConfig(in *AuditConfig, out *audit.AuditConfig, s conversion.Scope) error

Convert_v1alpha1_AuditConfig_To_audit_AuditConfig is an autogenerated conversion function.

func Convert_v1alpha1_AuditPersistence_To_audit_AuditPersistence

func Convert_v1alpha1_AuditPersistence_To_audit_AuditPersistence(in *AuditPersistence, out *audit.AuditPersistence, s conversion.Scope) error

Convert_v1alpha1_AuditPersistence_To_audit_AuditPersistence is an autogenerated conversion function.

func DefaultBackends added in v0.1.1

func DefaultBackends(backends *AuditBackends)

func RegisterConversions

func RegisterConversions(s *runtime.Scheme) error

RegisterConversions adds conversion functions to the given scheme. Public to allow building arbitrary schemes.

func RegisterDefaults

func RegisterDefaults(scheme *runtime.Scheme) error

RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

func SetDefaults_AuditConfig

func SetDefaults_AuditConfig(a *AuditConfig)

SetDefaults_AuditConfig sets the defaults for the AuditConfig configuration

func SetDefaults_AuditPersistence

func SetDefaults_AuditPersistence(persistence *AuditPersistence)

SetDefaults_AuditPersistence sets the defaults for the AuditPersistence configuration

func SetObjectDefaults_AuditConfig

func SetObjectDefaults_AuditConfig(in *AuditConfig)

Types

type AuditBackendClusterForwarding

type AuditBackendClusterForwarding struct {
	// Enabled allows to turn this backend on.
	Enabled bool `json:"enabled"`

	// FilesystemBufferSize is the maximum disk space for the fluent-bit file sytem buffer.
	FilesystemBufferSize *string `json:"bufferSize,omitempty"`
}

func (*AuditBackendClusterForwarding) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditBackendClusterForwarding.

func (*AuditBackendClusterForwarding) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditBackendLog

type AuditBackendLog struct {
	// Enabled allows to turn this backend on.
	Enabled bool `json:"enabled"`
}

func (*AuditBackendLog) DeepCopy

func (in *AuditBackendLog) DeepCopy() *AuditBackendLog

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditBackendLog.

func (*AuditBackendLog) DeepCopyInto

func (in *AuditBackendLog) DeepCopyInto(out *AuditBackendLog)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditBackendSplunk

type AuditBackendSplunk struct {
	// Enabled allows to turn this backend on.
	Enabled bool `json:"enabled"`

	// FilesystemBufferSize is the maximum disk space for the fluent-bit file sytem buffer.
	FilesystemBufferSize *string `json:"bufferSize,omitempty"`

	// Index is the splunk index that should be used.
	Index string `json:"index"`

	// Host is the hostname or IP of the splunk HEC endpoint.
	Host string `json:"host"`

	// Port ist the port on which the HEC endpoint is listening.
	Port string `json:"port"`

	// SecretResourceName is a reference under Shoot.spec.resources to the secret used to authenticate against the splunk backend.
	//
	// The referenced secret may contain the following keys:
	//
	// - token: Required, hec token to authenticate against this host/index
	// - ca: Optional, the CA (bundle) that signed the HEC endpoint's server certificate as an unencoded string.
	SecretResourceName string `json:"secretResourceName"`

	// TlsEnabled determines whether TLS should be used to communicate to the HEC endpoint.
	TlsEnabled bool `json:"tls"`

	// TlsHost is the hostname that fluent-bit should request through SNI when connecting to a site that serves different hostnames under one IP.
	TlsHost string `json:"tlshost,omitempty"`

	// CustomData contains a map of custom key/value pairs. The custom data is added to each audit log entry using fluentbit's modify filter.
	// The keys and the values may only contain letters, numbers, '_' or '.'. Empty keys or values are also not accepted.
	CustomData map[string]string `json:"customData,omitempty"`
}

func (*AuditBackendSplunk) DeepCopy

func (in *AuditBackendSplunk) DeepCopy() *AuditBackendSplunk

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditBackendSplunk.

func (*AuditBackendSplunk) DeepCopyInto

func (in *AuditBackendSplunk) DeepCopyInto(out *AuditBackendSplunk)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditBackends

type AuditBackends struct {
	// Log outputs the log data on stdout of the webhook pod. It is mainly intended for debugging / testing purposes.
	// +optional
	Log *AuditBackendLog `json:"log,omitempty"`

	// ClusterForwarding will forward the audit data to a pod in the shoot where they are printed to stdout and can be
	// picked up by the log collecting solution of the cluster operator's choice.
	// +optional
	ClusterForwarding *AuditBackendClusterForwarding `json:"clusterForwarding,omitempty"`

	// Splunk will forward the audit data to a splunk HEC endpoint.
	// +optional
	Splunk *AuditBackendSplunk `json:"splunk,omitempty"`
}

func (*AuditBackends) DeepCopy

func (in *AuditBackends) DeepCopy() *AuditBackends

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditBackends.

func (*AuditBackends) DeepCopyInto

func (in *AuditBackends) DeepCopyInto(out *AuditBackends)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditConfig

type AuditConfig struct {
	metav1.TypeMeta `json:",inline"`

	// Persistence contains options about the persistent volume used for buffering the audit data
	// on the filesystem.
	Persistence AuditPersistence `json:"persistence"`

	// Replicas are the amount of replicas used for the buffering audit pods.
	// +optional
	Replicas *int32 `json:"replicas,omitempty"`

	// WebhookMode allows to select which auditing mode - batching or blocking - should be used.
	WebhookMode AuditWebhookMode `json:"webhookMode"`

	// Backends contains the settings for the various backends.
	// +optional
	Backends *AuditBackends `json:"backends,omitempty"`
}

AuditConfig configuration resource

func (*AuditConfig) DeepCopy

func (in *AuditConfig) DeepCopy() *AuditConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditConfig.

func (*AuditConfig) DeepCopyInto

func (in *AuditConfig) DeepCopyInto(out *AuditConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuditConfig) DeepCopyObject

func (in *AuditConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AuditPersistence

type AuditPersistence struct {
	// Size is the size of the PVC to be used for each replica of the statefulset.
	// +optional
	Size *resource.Quantity `json:"size,omitempty"`

	// StorageClassName is the name of the storage class to be used for the PVC. If empty, the default
	// storage class is used.
	// +optional
	StorageClassName *string `json:"storageClassName,omitempty"`
}

func (*AuditPersistence) DeepCopy

func (in *AuditPersistence) DeepCopy() *AuditPersistence

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditPersistence.

func (*AuditPersistence) DeepCopyInto

func (in *AuditPersistence) DeepCopyInto(out *AuditPersistence)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditWebhookMode

type AuditWebhookMode string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL