securitycontext

package

v1.6.12-beta.0 Latest Latest Go to latest Published: Sep 28, 2017 License: Apache-2.0 Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mlavacca/kubernetes

Documentation ¶

Overview ¶

Package securitycontext contains security context api implementations

Index ¶

func DetermineEffectiveSecurityContext(pod *v1.Pod, container *v1.Container) *v1.SecurityContext
func HasCapabilitiesRequest(container *v1.Container) bool
func HasPrivilegedRequest(container *v1.Container) bool
func HasRootRunAsUser(container *v1.Container) bool
func HasRootUID(container *v1.Container) bool
func HasRunAsUser(container *v1.Container) bool
func InternalDetermineEffectiveSecurityContext(pod *api.Pod, container *api.Container) *api.SecurityContext
func ParseSELinuxOptions(context string) (*v1.SELinuxOptions, error)
func ValidInternalSecurityContextWithContainerDefaults() *api.SecurityContext
func ValidSecurityContextWithContainerDefaults() *v1.SecurityContext

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DetermineEffectiveSecurityContext ¶ added in v1.3.0

func DetermineEffectiveSecurityContext(pod *v1.Pod, container *v1.Container) *v1.SecurityContext

func HasCapabilitiesRequest ¶

func HasCapabilitiesRequest(container *v1.Container) bool

HasCapabilitiesRequest returns true if Adds or Drops are defined in the security context capabilities, taking into account nils

func HasPrivilegedRequest ¶

func HasPrivilegedRequest(container *v1.Container) bool

HasPrivilegedRequest returns the value of SecurityContext.Privileged, taking into account the possibility of nils

func HasRootRunAsUser ¶ added in v1.3.0

func HasRootRunAsUser(container *v1.Container) bool

HasRootRunAsUser returns true if the run as user is set and it is set to 0.

func HasRootUID ¶ added in v1.3.0

func HasRootUID(container *v1.Container) bool

HasNonRootUID returns true if the runAsUser is set and is greater than 0.

func HasRunAsUser ¶ added in v1.3.0

func HasRunAsUser(container *v1.Container) bool

HasRunAsUser determines if the sc's runAsUser field is set.

func InternalDetermineEffectiveSecurityContext ¶ added in v1.7.0

func InternalDetermineEffectiveSecurityContext(pod *api.Pod, container *api.Container) *api.SecurityContext

TODO: remove the duplicate code

func ParseSELinuxOptions ¶ added in v1.3.0

func ParseSELinuxOptions(context string) (*v1.SELinuxOptions, error)

ParseSELinuxOptions parses a string containing a full SELinux context (user, role, type, and level) into an SELinuxOptions object. If the context is malformed, an error is returned.

func ValidInternalSecurityContextWithContainerDefaults ¶ added in v1.7.0

func ValidInternalSecurityContextWithContainerDefaults() *api.SecurityContext

ValidInternalSecurityContextWithContainerDefaults creates a valid security context provider based on empty container defaults. Used for testing.

func ValidSecurityContextWithContainerDefaults ¶

func ValidSecurityContextWithContainerDefaults() *v1.SecurityContext

ValidSecurityContextWithContainerDefaults creates a valid security context provider based on empty container defaults. Used for testing.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL