v1

package
v1.1.11 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 8, 2020 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	// SchemeBuilder builds the scheme
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)

	// AddToScheme adds all types of this clientset into the given scheme
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: kyverno.GroupName, Version: "v1"}

SchemeGroupVersion is group version used to register these objects

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type CloneFrom 

type CloneFrom struct {
	// Specifies resource namespace
	Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"`
	// Specifies name of the resource
	Name string `json:"name,omitempty" yaml:"name,omitempty"`
}

CloneFrom - location of the resource which will be used as source when applying 'generate'

func (*CloneFrom) DeepCopy 

func (in *CloneFrom) DeepCopy() *CloneFrom

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloneFrom.

func (*CloneFrom) DeepCopyInto 

func (in *CloneFrom) DeepCopyInto(out *CloneFrom)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClusterPolicy 

type ClusterPolicy Policy

ClusterPolicy ...

func (*ClusterPolicy) BackgroundProcessingEnabled added in v1.1.6 

func (p *ClusterPolicy) BackgroundProcessingEnabled() bool

func (*ClusterPolicy) DeepCopy 

func (in *ClusterPolicy) DeepCopy() *ClusterPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicy.

func (*ClusterPolicy) DeepCopyInto 

func (in *ClusterPolicy) DeepCopyInto(out *ClusterPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicy) DeepCopyObject 

func (in *ClusterPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClusterPolicy) HasAutoGenAnnotation added in v1.1.7 

func (p *ClusterPolicy) HasAutoGenAnnotation() bool

func (*ClusterPolicy) HasMutateOrValidateOrGenerate added in v1.1.0 

func (p *ClusterPolicy) HasMutateOrValidateOrGenerate() bool

HasMutateOrValidateOrGenerate checks for rule types

type ClusterPolicyList 

type ClusterPolicyList struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	metav1.ListMeta `json:"metadata" yaml:"metadata"`
	Items           []ClusterPolicy `json:"items" yaml:"items"`
}

ClusterPolicyList ...

func (*ClusterPolicyList) DeepCopy 

func (in *ClusterPolicyList) DeepCopy() *ClusterPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyList.

func (*ClusterPolicyList) DeepCopyInto 

func (in *ClusterPolicyList) DeepCopyInto(out *ClusterPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyList) DeepCopyObject 

func (in *ClusterPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterPolicyViolation 

type ClusterPolicyViolation PolicyViolationTemplate

ClusterPolicyViolation represents cluster-wide violations

func (*ClusterPolicyViolation) DeepCopy 

func (in *ClusterPolicyViolation) DeepCopy() *ClusterPolicyViolation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyViolation.

func (*ClusterPolicyViolation) DeepCopyInto 

func (in *ClusterPolicyViolation) DeepCopyInto(out *ClusterPolicyViolation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyViolation) DeepCopyObject 

func (in *ClusterPolicyViolation) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterPolicyViolationList 

type ClusterPolicyViolationList struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	metav1.ListMeta `json:"metadata" yaml:"metadata"`
	Items           []ClusterPolicyViolation `json:"items" yaml:"items"`
}

ClusterPolicyViolationList ...

func (*ClusterPolicyViolationList) DeepCopy 

func (in *ClusterPolicyViolationList) DeepCopy() *ClusterPolicyViolationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyViolationList.

func (*ClusterPolicyViolationList) DeepCopyInto 

func (in *ClusterPolicyViolationList) DeepCopyInto(out *ClusterPolicyViolationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyViolationList) DeepCopyObject 

func (in *ClusterPolicyViolationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type Condition added in v1.1.0 

type Condition struct {
	// Key contains key to compare
	Key interface{} `json:"key,omitempty" yaml:"key,omitempty"`
	// Operator to compare against value
	Operator ConditionOperator `json:"operator,omitempty" yaml:"operator,omitempty"`
	// Value to be compared
	Value interface{} `json:"value,omitempty" yaml:"value,omitempty"`
}

Condition defines the evaluation condition

func (*Condition) DeepCopy added in v1.1.0 

func (in *Condition) DeepCopy() *Condition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.

func (*Condition) DeepCopyInto added in v1.1.0 

func (cond *Condition) DeepCopyInto(out *Condition)

DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member

type ConditionOperator added in v1.1.0 

type ConditionOperator string

ConditionOperator defines the type for condition operator 

const (
	//Equal for Equal operator
	Equal  ConditionOperator = "Equal"
	Equals ConditionOperator = "Equals"
	//NotEqual for NotEqual operator
	NotEqual  ConditionOperator = "NotEqual"
	NotEquals ConditionOperator = "NotEquals"
	//In for In operator
	In ConditionOperator = "In"
	//NotIn for NotIn operator
	NotIn ConditionOperator = "NotIn"
)

type Deny added in v1.1.6 

type Deny struct {
	// Specifies set of condition to deny validation
	Conditions []Condition `json:"conditions,omitempty" yaml:"conditions,omitempty"`
}

func (*Deny) DeepCopy added in v1.1.10 

func (in *Deny) DeepCopy() *Deny

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Deny.

func (*Deny) DeepCopyInto added in v1.1.10 

func (in *Deny) DeepCopyInto(out *Deny)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExcludeResources 

type ExcludeResources struct {
	// Specifies user information
	UserInfo `json:",omitempty" yaml:",omitempty"`
	// Specifies resources to which rule is excluded
	ResourceDescription `json:"resources,omitempty" yaml:"resources,omitempty"`
}

ExcludeResources container resource description of the resources that are to be excluded from the applying the policy rule

func (*ExcludeResources) DeepCopy 

func (in *ExcludeResources) DeepCopy() *ExcludeResources

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeResources.

func (*ExcludeResources) DeepCopyInto 

func (in *ExcludeResources) DeepCopyInto(out *ExcludeResources)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GenerateRequest added in v1.1.0 

type GenerateRequest struct {
	metav1.TypeMeta   `json:",inline" yaml:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`
	// Spec is the information to identify the generate request
	Spec GenerateRequestSpec `json:"spec" yaml:"spec"`
	// Status contains statistics related to generate request
	Status GenerateRequestStatus `json:"status" yaml:"status"`
}

GenerateRequest is a request to process generate rule

func (*GenerateRequest) DeepCopy added in v1.1.0 

func (in *GenerateRequest) DeepCopy() *GenerateRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequest.

func (*GenerateRequest) DeepCopyInto added in v1.1.0 

func (in *GenerateRequest) DeepCopyInto(out *GenerateRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GenerateRequest) DeepCopyObject added in v1.1.0 

func (in *GenerateRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GenerateRequestContext added in v1.1.0 

type GenerateRequestContext struct {
	UserRequestInfo RequestInfo `json:"userInfo,omitempty" yaml:"userInfo,omitempty"`
}

GenerateRequestContext stores the context to be shared

func (*GenerateRequestContext) DeepCopy added in v1.1.0 

func (in *GenerateRequestContext) DeepCopy() *GenerateRequestContext

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestContext.

func (*GenerateRequestContext) DeepCopyInto added in v1.1.0 

func (in *GenerateRequestContext) DeepCopyInto(out *GenerateRequestContext)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GenerateRequestList added in v1.1.0 

type GenerateRequestList struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	metav1.ListMeta `json:"metadata" yaml:"metadata"`
	Items           []GenerateRequest `json:"items" yaml:"items"`
}

GenerateRequestList stores the list of generate requests

func (*GenerateRequestList) DeepCopy added in v1.1.0 

func (in *GenerateRequestList) DeepCopy() *GenerateRequestList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestList.

func (*GenerateRequestList) DeepCopyInto added in v1.1.0 

func (in *GenerateRequestList) DeepCopyInto(out *GenerateRequestList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GenerateRequestList) DeepCopyObject added in v1.1.0 

func (in *GenerateRequestList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GenerateRequestSpec added in v1.1.0 

type GenerateRequestSpec struct {
	// Specifies the name of the policy
	Policy string `json:"policy" yaml:"policy"`
	// ResourceSpec is the information to identify the generate request
	Resource ResourceSpec `json:"resource" yaml:"resource"`
	// Context ...
	Context GenerateRequestContext `json:"context" yaml:"context"`
}

GenerateRequestSpec stores the request specification

func (*GenerateRequestSpec) DeepCopy added in v1.1.0 

func (in *GenerateRequestSpec) DeepCopy() *GenerateRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestSpec.

func (*GenerateRequestSpec) DeepCopyInto added in v1.1.0 

func (in *GenerateRequestSpec) DeepCopyInto(out *GenerateRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GenerateRequestState added in v1.1.0 

type GenerateRequestState string

GenerateRequestState defines the state of 

const (
	//Pending - the Request is yet to be processed or resource has not been created
	Pending GenerateRequestState = "Pending"
	//Failed - the Generate Request Controller failed to process the rules
	Failed GenerateRequestState = "Failed"
	//Completed - the Generate Request Controller created resources defined in the policy
	Completed GenerateRequestState = "Completed"
)

type GenerateRequestStatus added in v1.1.0 

type GenerateRequestStatus struct {
	// State represents state of the generate request
	State GenerateRequestState `json:"state" yaml:"state"`
	// Specifies request status message
	// +optional
	Message string `json:"message,omitempty" yaml:"message,omitempty"`
	// This will track the resources that are generated by the generate Policy
	// Will be used during clean up resources
	GeneratedResources []ResourceSpec `json:"generatedResources,omitempty" yaml:"generatedResources,omitempty"`
}

GenerateRequestStatus stores the status of generated request

func (*GenerateRequestStatus) DeepCopy added in v1.1.0 

func (in *GenerateRequestStatus) DeepCopy() *GenerateRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestStatus.

func (*GenerateRequestStatus) DeepCopyInto added in v1.1.0 

func (in *GenerateRequestStatus) DeepCopyInto(out *GenerateRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Generation 

type Generation struct {
	ResourceSpec
	// To keep resources synchronized with source resource
	Synchronize bool `json:"synchronize,omitempty" yaml:"synchronize,omitempty"`
	// Data ...
	Data interface{} `json:"data,omitempty" yaml:"data,omitempty"`
	// To clone resource from other resource
	Clone CloneFrom `json:"clone,omitempty" yaml:"clone,omitempty"`
}

Generation describes which resources will be created when other resource is created

func (*Generation) DeepCopy 

func (in *Generation) DeepCopy() *Generation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Generation.

func (*Generation) DeepCopyInto 

func (gen *Generation) DeepCopyInto(out *Generation)

DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member

type MatchResources 

type MatchResources struct {
	// Specifies user information
	UserInfo `json:",omitempty" yaml:",omitempty"`
	// Specifies resources to which rule is applied
	ResourceDescription `json:"resources,omitempty" yaml:"resources,omitempty"`
}

MatchResources contains resource description of the resources that the rule is to apply on

func (*MatchResources) DeepCopy 

func (in *MatchResources) DeepCopy() *MatchResources

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResources.

func (*MatchResources) DeepCopyInto 

func (in *MatchResources) DeepCopyInto(out *MatchResources)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Mutation 

type Mutation struct {
	// Specifies overlay patterns
	// Overlay is preserved for backwards compatibility and will be removed in Kyverno 1.5+
	Overlay interface{} `json:"overlay,omitempty"`

	// Specifies JSON Patch
	// Patches is preserved for backwards compatibility and will be removed in Kyverno 1.5+
	Patches []Patch `json:"patches,omitempty" yaml:"patches,omitempty"`

	PatchStrategicMerge interface{} `json:"patchStrategicMerge,omitempty" yaml:"patchesStrategicMerge,omitempty"`
	PatchesJSON6902     string      `json:"patchesJson6902,omitempty" yaml:"patchesJson6902,omitempty"`
}

Mutation describes the way how Mutating Webhook will react on resource creation

func (*Mutation) DeepCopy 

func (in *Mutation) DeepCopy() *Mutation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Mutation.

func (*Mutation) DeepCopyInto 

func (in *Mutation) DeepCopyInto(out *Mutation)

DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member

type Patch 

type Patch struct {
	// Specifies path of the resource
	Path string `json:"path,omitempty" yaml:"path,omitempty"`
	// Specifies operations supported by JSON Patch.
	// i.e:- add, replace and delete
	Operation string `json:"op,omitempty" yaml:"op,omitempty"`
	// Specifies the value to be applied
	Value interface{} `json:"value,omitempty" yaml:"value,omitempty"`
}

Patch declares patch operation for created object according to RFC 6902

func (*Patch) DeepCopyInto 

func (pp *Patch) DeepCopyInto(out *Patch)

DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member

type Policy 

type Policy struct {
	metav1.TypeMeta   `json:",inline,omitempty" yaml:",inline,omitempty"`
	metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty"`
	// Spec is the information to identify the policy
	Spec Spec `json:"spec" yaml:"spec"`
	// Status contains statistics related to policy
	Status PolicyStatus `json:"status,omitempty" yaml:"status,omitempty"`
}

+genclient +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object Policy contains rules to be applied to created resources

func (*Policy) DeepCopy 

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto 

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject added in v1.1.10 

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyList added in v1.1.10 

type PolicyList struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	metav1.ListMeta `json:"metadata" yaml:"metadata"`
	Items           []Policy `json:"items" yaml:"items"`
}

+k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object PolicyList ...

func (*PolicyList) DeepCopy added in v1.1.10 

func (in *PolicyList) DeepCopy() *PolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.

func (*PolicyList) DeepCopyInto added in v1.1.10 

func (in *PolicyList) DeepCopyInto(out *PolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyList) DeepCopyObject added in v1.1.10 

func (in *PolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyStatus 

type PolicyStatus struct {
	// average time required to process the policy rules on a resource
	AvgExecutionTime string `json:"averageExecutionTime,omitempty" yaml:"averageExecutionTime,omitempty"`
	// number of violations created by this policy
	ViolationCount int `json:"violationCount,omitempty" yaml:"violationCount,omitempty"`
	// Count of rules that failed
	RulesFailedCount int `json:"rulesFailedCount,omitempty" yaml:"rulesFailedCount,omitempty"`
	// Count of rules that were applied
	RulesAppliedCount int `json:"rulesAppliedCount,omitempty" yaml:"rulesAppliedCount,omitempty"`
	// Count of resources that were blocked for failing a validate, across all rules
	ResourcesBlockedCount int `json:"resourcesBlockedCount,omitempty" yaml:"resourcesBlockedCount,omitempty"`
	// Count of resources that were successfully mutated, across all rules
	ResourcesMutatedCount int `json:"resourcesMutatedCount,omitempty" yaml:"resourcesMutatedCount,omitempty"`
	// Count of resources that were successfully generated, across all rules
	ResourcesGeneratedCount int `json:"resourcesGeneratedCount,omitempty" yaml:"resourcesGeneratedCount,omitempty"`

	Rules []RuleStats `json:"ruleStatus,omitempty" yaml:"ruleStatus,omitempty"`
}

PolicyStatus mostly contains statistics related to policy

func (*PolicyStatus) DeepCopy 

func (in *PolicyStatus) DeepCopy() *PolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.

func (*PolicyStatus) DeepCopyInto 

func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyViolation 

type PolicyViolation PolicyViolationTemplate

PolicyViolation represents namespaced violations

func (*PolicyViolation) DeepCopy 

func (in *PolicyViolation) DeepCopy() *PolicyViolation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolation.

func (*PolicyViolation) DeepCopyInto 

func (in *PolicyViolation) DeepCopyInto(out *PolicyViolation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyViolation) DeepCopyObject added in v1.1.0 

func (in *PolicyViolation) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyViolationList added in v1.1.0 

type PolicyViolationList struct {
	metav1.TypeMeta `json:",inline" yaml:",inline"`
	metav1.ListMeta `json:"metadata" yaml:"metadata"`
	Items           []PolicyViolation `json:"items" yaml:"items"`
}

PolicyViolationList ...

func (*PolicyViolationList) DeepCopy added in v1.1.0 

func (in *PolicyViolationList) DeepCopy() *PolicyViolationList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationList.

func (*PolicyViolationList) DeepCopyInto added in v1.1.0 

func (in *PolicyViolationList) DeepCopyInto(out *PolicyViolationList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyViolationList) DeepCopyObject added in v1.1.0 

func (in *PolicyViolationList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyViolationSpec 

type PolicyViolationSpec struct {
	// Specifies name of the policy
	Policy       string `json:"policy" yaml:"policy"`
	ResourceSpec `json:"resource" yaml:"resource"`
	// Specifies list of violated rule
	ViolatedRules []ViolatedRule `json:"rules" yaml:"rules"`
}

PolicyViolationSpec describes policy behavior by its rules

func (*PolicyViolationSpec) DeepCopy 

func (in *PolicyViolationSpec) DeepCopy() *PolicyViolationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationSpec.

func (*PolicyViolationSpec) DeepCopyInto 

func (in *PolicyViolationSpec) DeepCopyInto(out *PolicyViolationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyViolationStatus 

type PolicyViolationStatus struct {
	// LastUpdateTime : the time the policy violation was updated
	LastUpdateTime metav1.Time `json:"lastUpdateTime,omitempty" yaml:"lastUpdateTime,omitempty"`
}

PolicyViolationStatus provides information regarding policyviolation status status: 

LastUpdateTime : the time the policy violation was updated

func (*PolicyViolationStatus) DeepCopy 

func (in *PolicyViolationStatus) DeepCopy() *PolicyViolationStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationStatus.

func (*PolicyViolationStatus) DeepCopyInto 

func (in *PolicyViolationStatus) DeepCopyInto(out *PolicyViolationStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyViolationTemplate added in v1.1.0 

type PolicyViolationTemplate struct {
	metav1.TypeMeta   `json:",inline" yaml:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty" yaml:"metadata,omitempty" `
	Spec              PolicyViolationSpec   `json:"spec" yaml:"spec"`
	Status            PolicyViolationStatus `json:"status" yaml:"status"`
}

PolicyViolationTemplate stores the information regarinding the resources for which a policy failed to apply

func (*PolicyViolationTemplate) DeepCopy added in v1.1.0 

func (in *PolicyViolationTemplate) DeepCopy() *PolicyViolationTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationTemplate.

func (*PolicyViolationTemplate) DeepCopyInto added in v1.1.0 

func (in *PolicyViolationTemplate) DeepCopyInto(out *PolicyViolationTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RequestInfo added in v1.1.0 

type RequestInfo struct {
	// Roles is a list of possible role send the request
	Roles []string `json:"roles" yaml:"roles"`
	// ClusterRoles is a list of possible clusterRoles send the request
	ClusterRoles []string `json:"clusterRoles" yaml:"clusterRoles"`
	// UserInfo is the userInfo carried in the admission request
	AdmissionUserInfo authenticationv1.UserInfo `json:"userInfo" yaml:"userInfo"`
}

RequestInfo contains permission info carried in an admission request

func (*RequestInfo) DeepCopy added in v1.1.0 

func (in *RequestInfo) DeepCopy() *RequestInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestInfo.

func (*RequestInfo) DeepCopyInto added in v1.1.0 

func (in *RequestInfo) DeepCopyInto(out *RequestInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceDescription 

type ResourceDescription struct {
	// Specifies list of resource kind
	Kinds []string `json:"kinds,omitempty" yaml:"kinds,omitempty"`
	// Specifies name of the resource
	Name string `json:"name,omitempty" yaml:"name,omitempty"`
	// Specifies list of namespaces
	Namespaces []string `json:"namespaces,omitempty" yaml:"namespaces,omitempty"`
	// Specifies map of annotations
	Annotations map[string]string `json:"annotations,omitempty" yaml:"namespaces,omitempty"`
	// Specifies the set of selectors
	Selector *metav1.LabelSelector `json:"selector,omitempty" yaml:"selector,omitempty"`
}

ResourceDescription describes the resource to which the PolicyRule will be applied.

func (*ResourceDescription) DeepCopy 

func (in *ResourceDescription) DeepCopy() *ResourceDescription

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceDescription.

func (*ResourceDescription) DeepCopyInto 

func (in *ResourceDescription) DeepCopyInto(out *ResourceDescription)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceSpec 

type ResourceSpec struct {
	// Specifies resource apiVersionm
	// +optional
	APIVersion string `json:"apiVersion,omitempty" yaml:"apiVersion,omitempty"`
	// Specifies resource kind
	// +optional
	Kind string `json:"kind,omitempty" yaml:"kind,omitempty"`
	// Specifies resource namespace
	// +optional
	Namespace string `json:"namespace,omitempty" yaml:"namespace,omitempty"`
	// Specifies resource name
	Name string `json:"name,omitempty" yaml:"name,omitempty"`
}

ResourceSpec information to identify the resource

func (*ResourceSpec) DeepCopy 

func (in *ResourceSpec) DeepCopy() *ResourceSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceSpec.

func (*ResourceSpec) DeepCopyInto 

func (in *ResourceSpec) DeepCopyInto(out *ResourceSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ResourceSpec) ToKey 

func (rs ResourceSpec) ToKey() string

ToKey generates the key string used for adding label to polivy violation

type Rule 

type Rule struct {
	// Specifies rule name
	Name string `json:"name,omitempty" yaml:"name,omitempty"`
	// Specifies resources for which the rule has to be applied.
	// If it's defined, "kind" inside MatchResources block is required.
	// +optional
	MatchResources MatchResources `json:"match,omitempty" yaml:"match,omitempty"`
	// Specifies resources for which rule can be excluded
	// +optional
	ExcludeResources ExcludeResources `json:"exclude,omitempty" yaml:"exclude,omitempty"`
	// Allows controlling policy rule execution
	// +optional
	Conditions []Condition `json:"preconditions,omitempty" yaml:"preconditions,omitempty"`
	// Specifies patterns to mutate resources
	// +optional
	Mutation Mutation `json:"mutate,omitempty" yaml:"mutate,omitempty"`
	// Specifies patterns to validate resources
	// +optional
	Validation Validation `json:"validate,omitempty" yaml:"validate,omitempty"`
	// Specifies patterns to create additional resources
	// +optional
	Generation Generation `json:"generate,omitempty" yaml:"generate,omitempty"`
}

Rule is set of mutation, validation and generation actions for the single resource description

func (*Rule) DeepCopy 

func (in *Rule) DeepCopy() *Rule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule.

func (*Rule) DeepCopyInto 

func (in *Rule) DeepCopyInto(out *Rule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Rule) HasGenerate 

func (r Rule) HasGenerate() bool

HasGenerate checks for generate rule

func (Rule) HasMutate 

func (r Rule) HasMutate() bool

HasMutate checks for mutate rule

func (Rule) HasValidate 

func (r Rule) HasValidate() bool

HasValidate checks for validate rule

type RuleStats 

type RuleStats struct {
	// Rule name
	Name string `json:"ruleName" yaml:"ruleName"`
	// average time require to process the rule
	ExecutionTime string `json:"averageExecutionTime,omitempty" yaml:"averageExecutionTime,omitempty"`
	// number of violations created by this rule
	ViolationCount int `json:"violationCount,omitempty" yaml:"violationCount,omitempty"`
	// Count of rules that failed
	FailedCount int `json:"failedCount,omitempty" yaml:"failedCount,omitempty"`
	// Count of rules that were applied
	AppliedCount int `json:"appliedCount,omitempty" yaml:"appliedCount,omitempty"`
	// Count of resources for whom update/create api requests were blocked as the resource did not satisfy the policy rules
	ResourcesBlockedCount int `json:"resourcesBlockedCount,omitempty" yaml:"resourcesBlockedCount,omitempty"`
	// Count of resources that were successfully mutated
	ResourcesMutatedCount int `json:"resourcesMutatedCount,omitempty" yaml:"resourcesMutatedCount,omitempty"`
	// Count of resources that were successfully generated
	ResourcesGeneratedCount int `json:"resourcesGeneratedCount,omitempty" yaml:"resourcesGeneratedCount,omitempty"`
}

RuleStats provides status per rule

func (*RuleStats) DeepCopy 

func (in *RuleStats) DeepCopy() *RuleStats

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleStats.

func (*RuleStats) DeepCopyInto 

func (in *RuleStats) DeepCopyInto(out *RuleStats)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Spec 

type Spec struct {
	// Rules contains the list of rules to be applied to resources
	Rules []Rule `json:"rules,omitempty" yaml:"rules,omitempty"`
	// ValidationFailureAction provides choice to enforce rules to resources during policy violations.
	// Default value is "audit".
	ValidationFailureAction string `json:"validationFailureAction,omitempty" yaml:"validationFailureAction,omitempty"`
	// Background provides choice for applying rules to existing resources.
	// Default value is "true".
	Background *bool `json:"background,omitempty" yaml:"background,omitempty"`
}

Spec describes policy behavior by its rules

func (*Spec) DeepCopy 

func (in *Spec) DeepCopy() *Spec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Spec.

func (*Spec) DeepCopyInto 

func (in *Spec) DeepCopyInto(out *Spec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type UserInfo added in v1.1.0 

type UserInfo struct {
	// Specifies list of namespaced role names
	Roles []string `json:"roles,omitempty" yaml:"roles,omitempty"`
	// Specifies list of cluster wide role names
	ClusterRoles []string `json:"clusterRoles,omitempty" yaml:"clusterRoles,omitempty"`
	// Specifies list of subject names like users, user groups, and service accounts
	Subjects []rbacv1.Subject `json:"subjects,omitempty" yaml:"subjects,omitempty"`
}

UserInfo filter based on users

func (*UserInfo) DeepCopy added in v1.1.0 

func (in *UserInfo) DeepCopy() *UserInfo

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo.

func (*UserInfo) DeepCopyInto added in v1.1.0 

func (in *UserInfo) DeepCopyInto(out *UserInfo)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Validation 

type Validation struct {
	// Specifies message to be displayed on validation policy violation
	Message string `json:"message,omitempty" yaml:"message,omitempty"`
	// Specifies validation pattern
	Pattern interface{} `json:"pattern,omitempty" yaml:"pattern,omitempty"`
	// Specifies list of validation patterns
	AnyPattern []interface{} `json:"anyPattern,omitempty" yaml:"anyPattern,omitempty"`
	// Specifies conditions to deny validation
	Deny *Deny `json:"deny,omitempty" yaml:"deny,omitempty"`
}

Validation describes the way how Validating Webhook will check the resource on creation

func (*Validation) DeepCopy 

func (in *Validation) DeepCopy() *Validation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Validation.

func (*Validation) DeepCopyInto 

func (in *Validation) DeepCopyInto(out *Validation)

DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member

type ViolatedRule 

type ViolatedRule struct {
	// Specifies violated rule name
	Name string `json:"name" yaml:"name"`
	// Specifies violated rule type
	Type string `json:"type" yaml:"type"`
	// Specifies violation message
	Message string `json:"message" yaml:"message"`
}

ViolatedRule stores the information regarding the rule

func (*ViolatedRule) DeepCopy 

func (in *ViolatedRule) DeepCopy() *ViolatedRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ViolatedRule.

func (*ViolatedRule) DeepCopyInto 

func (in *ViolatedRule) DeepCopyInto(out *ViolatedRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.