v1

package
v1.3.0-alpha.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 21, 2016 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

View Source 
const GroupName = ""

Variables

View Source 
var SchemeGroupVersion = unversioned.GroupVersion{Group: GroupName, Version: "v1"}

SchemeGroupVersion is group version used to register these objects

Functions

func AddToScheme 

func AddToScheme(scheme *runtime.Scheme)

func Convert_api_PodSecurityPolicyReviewSpec_To_v1_PodSecurityPolicyReviewSpec 

func Convert_api_PodSecurityPolicyReviewSpec_To_v1_PodSecurityPolicyReviewSpec(in *security_api.PodSecurityPolicyReviewSpec, out *PodSecurityPolicyReviewSpec, s conversion.Scope) error

func Convert_api_PodSecurityPolicyReviewStatus_To_v1_PodSecurityPolicyReviewStatus 

func Convert_api_PodSecurityPolicyReviewStatus_To_v1_PodSecurityPolicyReviewStatus(in *security_api.PodSecurityPolicyReviewStatus, out *PodSecurityPolicyReviewStatus, s conversion.Scope) error

func Convert_api_PodSecurityPolicyReview_To_v1_PodSecurityPolicyReview 

func Convert_api_PodSecurityPolicyReview_To_v1_PodSecurityPolicyReview(in *security_api.PodSecurityPolicyReview, out *PodSecurityPolicyReview, s conversion.Scope) error

func Convert_api_PodSecurityPolicySelfSubjectReviewSpec_To_v1_PodSecurityPolicySelfSubjectReviewSpec 

func Convert_api_PodSecurityPolicySelfSubjectReviewSpec_To_v1_PodSecurityPolicySelfSubjectReviewSpec(in *security_api.PodSecurityPolicySelfSubjectReviewSpec, out *PodSecurityPolicySelfSubjectReviewSpec, s conversion.Scope) error

func Convert_api_PodSecurityPolicySelfSubjectReview_To_v1_PodSecurityPolicySelfSubjectReview 

func Convert_api_PodSecurityPolicySelfSubjectReview_To_v1_PodSecurityPolicySelfSubjectReview(in *security_api.PodSecurityPolicySelfSubjectReview, out *PodSecurityPolicySelfSubjectReview, s conversion.Scope) error

func Convert_api_PodSecurityPolicySubjectReviewSpec_To_v1_PodSecurityPolicySubjectReviewSpec 

func Convert_api_PodSecurityPolicySubjectReviewSpec_To_v1_PodSecurityPolicySubjectReviewSpec(in *security_api.PodSecurityPolicySubjectReviewSpec, out *PodSecurityPolicySubjectReviewSpec, s conversion.Scope) error

func Convert_api_PodSecurityPolicySubjectReviewStatus_To_v1_PodSecurityPolicySubjectReviewStatus 

func Convert_api_PodSecurityPolicySubjectReviewStatus_To_v1_PodSecurityPolicySubjectReviewStatus(in *security_api.PodSecurityPolicySubjectReviewStatus, out *PodSecurityPolicySubjectReviewStatus, s conversion.Scope) error

func Convert_api_PodSecurityPolicySubjectReview_To_v1_PodSecurityPolicySubjectReview 

func Convert_api_PodSecurityPolicySubjectReview_To_v1_PodSecurityPolicySubjectReview(in *security_api.PodSecurityPolicySubjectReview, out *PodSecurityPolicySubjectReview, s conversion.Scope) error

func Convert_api_ServiceAccountPodSecurityPolicyReviewStatus_To_v1_ServiceAccountPodSecurityPolicyReviewStatus 

func Convert_api_ServiceAccountPodSecurityPolicyReviewStatus_To_v1_ServiceAccountPodSecurityPolicyReviewStatus(in *security_api.ServiceAccountPodSecurityPolicyReviewStatus, out *ServiceAccountPodSecurityPolicyReviewStatus, s conversion.Scope) error

func Convert_v1_PodSecurityPolicyReviewSpec_To_api_PodSecurityPolicyReviewSpec 

func Convert_v1_PodSecurityPolicyReviewSpec_To_api_PodSecurityPolicyReviewSpec(in *PodSecurityPolicyReviewSpec, out *security_api.PodSecurityPolicyReviewSpec, s conversion.Scope) error

func Convert_v1_PodSecurityPolicyReviewStatus_To_api_PodSecurityPolicyReviewStatus 

func Convert_v1_PodSecurityPolicyReviewStatus_To_api_PodSecurityPolicyReviewStatus(in *PodSecurityPolicyReviewStatus, out *security_api.PodSecurityPolicyReviewStatus, s conversion.Scope) error

func Convert_v1_PodSecurityPolicyReview_To_api_PodSecurityPolicyReview 

func Convert_v1_PodSecurityPolicyReview_To_api_PodSecurityPolicyReview(in *PodSecurityPolicyReview, out *security_api.PodSecurityPolicyReview, s conversion.Scope) error

func Convert_v1_PodSecurityPolicySelfSubjectReviewSpec_To_api_PodSecurityPolicySelfSubjectReviewSpec 

func Convert_v1_PodSecurityPolicySelfSubjectReviewSpec_To_api_PodSecurityPolicySelfSubjectReviewSpec(in *PodSecurityPolicySelfSubjectReviewSpec, out *security_api.PodSecurityPolicySelfSubjectReviewSpec, s conversion.Scope) error

func Convert_v1_PodSecurityPolicySelfSubjectReview_To_api_PodSecurityPolicySelfSubjectReview 

func Convert_v1_PodSecurityPolicySelfSubjectReview_To_api_PodSecurityPolicySelfSubjectReview(in *PodSecurityPolicySelfSubjectReview, out *security_api.PodSecurityPolicySelfSubjectReview, s conversion.Scope) error

func Convert_v1_PodSecurityPolicySubjectReviewSpec_To_api_PodSecurityPolicySubjectReviewSpec 

func Convert_v1_PodSecurityPolicySubjectReviewSpec_To_api_PodSecurityPolicySubjectReviewSpec(in *PodSecurityPolicySubjectReviewSpec, out *security_api.PodSecurityPolicySubjectReviewSpec, s conversion.Scope) error

func Convert_v1_PodSecurityPolicySubjectReviewStatus_To_api_PodSecurityPolicySubjectReviewStatus 

func Convert_v1_PodSecurityPolicySubjectReviewStatus_To_api_PodSecurityPolicySubjectReviewStatus(in *PodSecurityPolicySubjectReviewStatus, out *security_api.PodSecurityPolicySubjectReviewStatus, s conversion.Scope) error

func Convert_v1_PodSecurityPolicySubjectReview_To_api_PodSecurityPolicySubjectReview 

func Convert_v1_PodSecurityPolicySubjectReview_To_api_PodSecurityPolicySubjectReview(in *PodSecurityPolicySubjectReview, out *security_api.PodSecurityPolicySubjectReview, s conversion.Scope) error

func Convert_v1_ServiceAccountPodSecurityPolicyReviewStatus_To_api_ServiceAccountPodSecurityPolicyReviewStatus 

func Convert_v1_ServiceAccountPodSecurityPolicyReviewStatus_To_api_ServiceAccountPodSecurityPolicyReviewStatus(in *ServiceAccountPodSecurityPolicyReviewStatus, out *security_api.ServiceAccountPodSecurityPolicyReviewStatus, s conversion.Scope) error

func DeepCopy_v1_PodSecurityPolicyReview 

func DeepCopy_v1_PodSecurityPolicyReview(in PodSecurityPolicyReview, out *PodSecurityPolicyReview, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicyReviewSpec 

func DeepCopy_v1_PodSecurityPolicyReviewSpec(in PodSecurityPolicyReviewSpec, out *PodSecurityPolicyReviewSpec, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicyReviewStatus 

func DeepCopy_v1_PodSecurityPolicyReviewStatus(in PodSecurityPolicyReviewStatus, out *PodSecurityPolicyReviewStatus, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicySelfSubjectReview 

func DeepCopy_v1_PodSecurityPolicySelfSubjectReview(in PodSecurityPolicySelfSubjectReview, out *PodSecurityPolicySelfSubjectReview, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicySelfSubjectReviewSpec 

func DeepCopy_v1_PodSecurityPolicySelfSubjectReviewSpec(in PodSecurityPolicySelfSubjectReviewSpec, out *PodSecurityPolicySelfSubjectReviewSpec, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicySubjectReview 

func DeepCopy_v1_PodSecurityPolicySubjectReview(in PodSecurityPolicySubjectReview, out *PodSecurityPolicySubjectReview, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicySubjectReviewSpec 

func DeepCopy_v1_PodSecurityPolicySubjectReviewSpec(in PodSecurityPolicySubjectReviewSpec, out *PodSecurityPolicySubjectReviewSpec, c *conversion.Cloner) error

func DeepCopy_v1_PodSecurityPolicySubjectReviewStatus 

func DeepCopy_v1_PodSecurityPolicySubjectReviewStatus(in PodSecurityPolicySubjectReviewStatus, out *PodSecurityPolicySubjectReviewStatus, c *conversion.Cloner) error

func DeepCopy_v1_ServiceAccountPodSecurityPolicyReviewStatus 

func DeepCopy_v1_ServiceAccountPodSecurityPolicyReviewStatus(in ServiceAccountPodSecurityPolicyReviewStatus, out *ServiceAccountPodSecurityPolicyReviewStatus, c *conversion.Cloner) error

func Kind 

func Kind(kind string) unversioned.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) unversioned.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

Types

type PodSecurityPolicyReview 

type PodSecurityPolicyReview struct {
	unversioned.TypeMeta `json:",inline"`

	// spec is the PodSecurityPolicy to check.
	Spec PodSecurityPolicyReviewSpec `json:"spec"`

	// status represents the current information/status for the PodSecurityPolicyReview.
	Status PodSecurityPolicyReviewStatus `json:"status,omitempty"`
}

PodSecurityPolicyReview checks which service accounts (not users, since that would be cluster-wide) can create the `PodSpec` in question.

func (*PodSecurityPolicyReview) GetObjectKind 

func (obj *PodSecurityPolicyReview) GetObjectKind() unversioned.ObjectKind

func (PodSecurityPolicyReview) SwaggerDoc 

func (PodSecurityPolicyReview) SwaggerDoc() map[string]string

type PodSecurityPolicyReviewSpec 

type PodSecurityPolicyReviewSpec struct {
	// podSpec is the PodSpec to check. The podSpec.serviceAccountName field is used
	// if serviceAccountNames is empty, unless the podSpec.serviceAccountName is empty,
	// in which case "default" is used.
	// If serviceAccountNames is specified, podSpec.serviceAccountName is ignored.
	PodSpec kapi.PodSpec `json:"podSpec"`

	// serviceAccountNames is an optional set of ServiceAccounts to run the check with.
	// If serviceAccountNames is empty, the podSpec serviceAccountName is used,
	// unless it's empty, in which case "default" is used instead.
	// If serviceAccountNames is specified, podSpec serviceAccountName is ignored.
	ServiceAccountNames []string `json:"serviceAccountNames,omitempty"` // TODO: find a way to express 'all service accounts'
}

PodSecurityPolicyReviewSpec defines specification for PodSecurityPolicyReview

func (PodSecurityPolicyReviewSpec) SwaggerDoc 

func (PodSecurityPolicyReviewSpec) SwaggerDoc() map[string]string

type PodSecurityPolicyReviewStatus 

type PodSecurityPolicyReviewStatus struct {
	// allowedServiceAccounts returns the list of service accounts in *this* namespace that have the power to create the PodSpec.
	AllowedServiceAccounts []ServiceAccountPodSecurityPolicyReviewStatus `json:"allowedServiceAccounts"`
}

PodSecurityPolicyReviewStatus represents the status of PodSecurityPolicyReview.

func (PodSecurityPolicyReviewStatus) SwaggerDoc 

func (PodSecurityPolicyReviewStatus) SwaggerDoc() map[string]string

type PodSecurityPolicySelfSubjectReview 

type PodSecurityPolicySelfSubjectReview struct {
	unversioned.TypeMeta `json:",inline"`

	// spec defines specification the PodSecurityPolicySelfSubjectReview.
	Spec PodSecurityPolicySelfSubjectReviewSpec `json:"spec"`

	// status represents the current information/status for the PodSecurityPolicySelfSubjectReview.
	Status PodSecurityPolicySubjectReviewStatus `json:"status,omitempty"`
}

PodSecurityPolicySelfSubjectReview checks whether this user/SA tuple can create the PodSpec

func (*PodSecurityPolicySelfSubjectReview) GetObjectKind 

func (obj *PodSecurityPolicySelfSubjectReview) GetObjectKind() unversioned.ObjectKind

func (PodSecurityPolicySelfSubjectReview) SwaggerDoc 

func (PodSecurityPolicySelfSubjectReview) SwaggerDoc() map[string]string

type PodSecurityPolicySelfSubjectReviewSpec 

type PodSecurityPolicySelfSubjectReviewSpec struct {
	// podSpec is the PodSpec to check.
	PodSpec kapi.PodSpec `json:"podSpec"`
}

PodSecurityPolicySelfSubjectReviewSpec contains specification for PodSecurityPolicySelfSubjectReview.

func (PodSecurityPolicySelfSubjectReviewSpec) SwaggerDoc 

func (PodSecurityPolicySelfSubjectReviewSpec) SwaggerDoc() map[string]string

type PodSecurityPolicySubjectReview 

type PodSecurityPolicySubjectReview struct {
	unversioned.TypeMeta `json:",inline"`

	// spec defines specification for the PodSecurityPolicySubjectReview.
	Spec PodSecurityPolicySubjectReviewSpec `json:"spec"`

	// status represents the current information/status for the PodSecurityPolicySubjectReview.
	Status PodSecurityPolicySubjectReviewStatus `json:"status,omitempty"`
}

PodSecurityPolicySubjectReview checks whether a particular user/SA tuple can create the PodSpec.

func (*PodSecurityPolicySubjectReview) GetObjectKind 

func (obj *PodSecurityPolicySubjectReview) GetObjectKind() unversioned.ObjectKind

func (PodSecurityPolicySubjectReview) SwaggerDoc 

func (PodSecurityPolicySubjectReview) SwaggerDoc() map[string]string

type PodSecurityPolicySubjectReviewSpec 

type PodSecurityPolicySubjectReviewSpec struct {
	// podSpec is the PodSpec to check. If podSpec.serviceAccountName is empty it will not be defaulted.
	// If its non-empty, it will be checked.
	PodSpec kapi.PodSpec `json:"podSpec"`

	// user is the user you're testing for.
	// If you specify "user" but not "group", then is it interpreted as "What if user were not a member of any groups.
	// If user and groups are empty, then the check is performed using *only* the serviceAccountName in the podSpec.
	User string `json:"user,omitempty"`

	// groups is the groups you're testing for.
	Groups []string `json:"groups,omitempty"`
}

PodSecurityPolicySubjectReviewSpec defines specification for PodSecurityPolicySubjectReview

func (PodSecurityPolicySubjectReviewSpec) SwaggerDoc 

func (PodSecurityPolicySubjectReviewSpec) SwaggerDoc() map[string]string

type PodSecurityPolicySubjectReviewStatus 

type PodSecurityPolicySubjectReviewStatus struct {
	// allowedBy is a reference to the rule that allows the PodSpec.
	// A rule can be a SecurityContextConstraint or a PodSecurityPolicy
	// A `nil`, indicates that it was denied.
	AllowedBy *kapi.ObjectReference `json:"allowedBy,omitempty"`

	// A machine-readable description of why this operation is in the
	// "Failure" status. If this value is empty there
	// is no information available.
	Reason string `json:"reason,omitempty"`

	// podSpec is the PodSpec after the defaulting is applied.
	PodSpec kapi.PodSpec `json:"podSpec,omitempty"`
}

PodSecurityPolicySubjectReviewStatus contains information/status for PodSecurityPolicySubjectReview.

func (PodSecurityPolicySubjectReviewStatus) SwaggerDoc 

func (PodSecurityPolicySubjectReviewStatus) SwaggerDoc() map[string]string

type ServiceAccountPodSecurityPolicyReviewStatus 

type ServiceAccountPodSecurityPolicyReviewStatus struct {
	PodSecurityPolicySubjectReviewStatus `json:",inline"`

	// name contains the allowed and the denied ServiceAccount name
	Name string `json:"name"`
}

ServiceAccountPodSecurityPolicyReviewStatus represents ServiceAccount name and related review status

func (ServiceAccountPodSecurityPolicyReviewStatus) SwaggerDoc 

func (ServiceAccountPodSecurityPolicyReviewStatus) SwaggerDoc() map[string]string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.