Documentation
¶
Index ¶
- Variables
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type CloneFrom
- type ExcludeResources
- type FailedRule
- type Generation
- type MatchResources
- type Mutation
- type Patch
- type Policy
- type PolicyList
- type ResourceDescription
- type Rule
- type Spec
- type Status
- type Validation
- type Violation
Constants ¶
This section is empty.
Variables ¶
var ( SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) AddToScheme = SchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: policy.GroupName, Version: "v1alpha1"}
SchemeGroupVersion is group version used to register these objects
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type CloneFrom ¶
CloneFrom - location of a Secret or a ConfigMap which will be used as source when applying 'generate'
func (*CloneFrom) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloneFrom.
func (*CloneFrom) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ExcludeResources ¶ added in v0.7.0
type ExcludeResources struct {
ResourceDescription `json:"resources"`
}
ExcludeResources container resource description of the resources that are to be excluded from the applying the policy rule
func (*ExcludeResources) DeepCopy ¶ added in v0.7.0
func (in *ExcludeResources) DeepCopy() *ExcludeResources
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeResources.
func (*ExcludeResources) DeepCopyInto ¶ added in v0.7.0
func (in *ExcludeResources) DeepCopyInto(out *ExcludeResources)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FailedRule ¶ added in v0.6.0
type FailedRule struct {
Name string `json:"name"`
Type string `json:"type"` //Mutation, Validation, Genertaion
Error string `json:"error"`
}
FailedRule stored info and type of failed rules
func (*FailedRule) DeepCopy ¶ added in v0.6.0
func (in *FailedRule) DeepCopy() *FailedRule
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FailedRule.
func (*FailedRule) DeepCopyInto ¶ added in v0.6.0
func (in *FailedRule) DeepCopyInto(out *FailedRule)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Generation ¶
type Generation struct {
Kind string `json:"kind"`
Name string `json:"name"`
Data interface{} `json:"data"`
Clone *CloneFrom `json:"clone"`
}
Generation describes which resources will be created when other resource is created
func (*Generation) DeepCopy ¶
func (in *Generation) DeepCopy() *Generation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Generation.
func (*Generation) DeepCopyInto ¶
func (in *Generation) DeepCopyInto(out *Generation)
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
func (*Generation) Validate ¶
func (pcg *Generation) Validate() error
Validate returns error if generator is configured incompletely
type MatchResources ¶ added in v0.7.0
type MatchResources struct {
ResourceDescription `json:"resources"`
}
MatchResources contains resource description of the resources that the rule is to apply on
func (*MatchResources) DeepCopy ¶ added in v0.7.0
func (in *MatchResources) DeepCopy() *MatchResources
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResources.
func (*MatchResources) DeepCopyInto ¶ added in v0.7.0
func (in *MatchResources) DeepCopyInto(out *MatchResources)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Mutation ¶
type Mutation struct {
Overlay *interface{} `json:"overlay"`
Patches []Patch `json:"patches"`
}
Mutation describes the way how Mutating Webhook will react on resource creation
func (*Mutation) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Mutation.
func (*Mutation) DeepCopyInto ¶
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type Patch ¶
type Patch struct {
Path string `json:"path"`
Operation string `json:"op"`
Value interface{} `json:"value"`
}
Patch declares patch operation for created object according to RFC 6902
func (*Patch) DeepCopyInto ¶
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type Policy ¶
type Policy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec Spec `json:"spec"`
Status Status `json:"status"`
}
Policy contains rules to be applied to created resources
func (*Policy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
func (*Policy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Policy) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyList ¶
type PolicyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata"`
Items []Policy `json:"items"`
}
PolicyList is a list of Policy resources
func (*PolicyList) DeepCopy ¶
func (in *PolicyList) DeepCopy() *PolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.
func (*PolicyList) DeepCopyInto ¶
func (in *PolicyList) DeepCopyInto(out *PolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyList) DeepCopyObject ¶
func (in *PolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ResourceDescription ¶
type ResourceDescription struct {
Kinds []string `json:"kinds"`
Name *string `json:"name"`
Namespace *string `json:"namespace,omitempty"`
Selector *metav1.LabelSelector `json:"selector"`
}
ResourceDescription describes the resource to which the PolicyRule will be applied.
func (*ResourceDescription) DeepCopy ¶
func (in *ResourceDescription) DeepCopy() *ResourceDescription
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceDescription.
func (*ResourceDescription) DeepCopyInto ¶
func (in *ResourceDescription) DeepCopyInto(out *ResourceDescription)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ResourceDescription) Validate ¶
func (pr *ResourceDescription) Validate() error
Validate checks if all necesarry fields are present and have values. Also checks a Selector. Returns error if - kinds is not defined
type Rule ¶
type Rule struct {
Name string `json:"name"`
MatchResources MatchResources `json:"match"`
ExcludeResources ExcludeResources `json:"exclude,omitempty"`
Mutation *Mutation `json:"mutate"`
Validation *Validation `json:"validate"`
Generation *Generation `json:"generate"`
}
Rule is set of mutation, validation and generation actions for the single resource description
func (*Rule) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule.
func (*Rule) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Spec ¶
type Spec struct {
Rules []Rule `json:"rules"`
ValidationFailureAction string `json:"validationFailureAction"`
}
Spec describes policy behavior by its rules
func (*Spec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Spec.
func (*Spec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Status ¶
type Status struct {
// Violations map[kind/namespace/resource]Violation
Violations map[string]Violation `json:"violations,omitempty"`
}
Status contains violations for existing resources
func (*Status) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Status.
func (*Status) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Validation ¶
type Validation struct {
Message *string `json:"message"`
Pattern interface{} `json:"pattern"`
}
Validation describes the way how Validating Webhook will check the resource on creation
func (*Validation) DeepCopy ¶
func (in *Validation) DeepCopy() *Validation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Validation.
func (*Validation) DeepCopyInto ¶
func (in *Validation) DeepCopyInto(out *Validation)
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type Violation ¶
type Violation struct {
Kind string `json:"kind,omitempty"`
Name string `json:"name,omitempty"`
Namespace string `json:"namespace,omitempty"`
Rules []FailedRule `json:"rules"`
Reason string `json:"reason,omitempty"`
}
Violation for the policy
func (*Violation) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Violation.
func (*Violation) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Violation) RemoveRulesOfType ¶ added in v0.6.0
return true -> if there were any removals return false -> if it looks the same
Source Files