Documentation ¶
Index ¶
- Variables
- func Kind(kind string) schema.GroupKind
- func Resource(resource string) schema.GroupResource
- type CloneFrom
- type ClusterPolicy
- func (p *ClusterPolicy) BackgroundProcessingEnabled() bool
- func (in *ClusterPolicy) DeepCopy() *ClusterPolicy
- func (in *ClusterPolicy) DeepCopyInto(out *ClusterPolicy)
- func (in *ClusterPolicy) DeepCopyObject() runtime.Object
- func (p *ClusterPolicy) HasAutoGenAnnotation() bool
- func (p *ClusterPolicy) HasMutateOrValidateOrGenerate() bool
- type ClusterPolicyList
- type ClusterPolicyViolation
- type ClusterPolicyViolationList
- type Condition
- type ConditionOperator
- type Deny
- type ExcludeResources
- type GenerateRequest
- type GenerateRequestContext
- type GenerateRequestList
- type GenerateRequestSpec
- type GenerateRequestState
- type GenerateRequestStatus
- type Generation
- type MatchResources
- type Mutation
- type Patch
- type Policy
- type PolicyStatus
- type PolicyViolation
- type PolicyViolationList
- type PolicyViolationSpec
- type PolicyViolationStatus
- type PolicyViolationTemplate
- type RequestInfo
- type ResourceDescription
- type ResourceSpec
- type Rule
- type RuleStats
- type Spec
- type UserInfo
- type Validation
- type ViolatedRule
Constants ¶
This section is empty.
Variables ¶
var ( // SchemeBuilder builds the scheme SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme adds all types of this clientset into the given scheme AddToScheme = SchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: kyverno.GroupName, Version: "v1"}
SchemeGroupVersion is group version used to register these objects
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type CloneFrom ¶
type CloneFrom struct { Namespace string `json:"namespace,omitempty"` Name string `json:"name,omitempty"` }
CloneFrom - location of the resource which will be used as source when applying 'generate'
func (*CloneFrom) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloneFrom.
func (*CloneFrom) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ClusterPolicy ¶
type ClusterPolicy Policy
ClusterPolicy ...
func (*ClusterPolicy) BackgroundProcessingEnabled ¶ added in v1.1.6
func (p *ClusterPolicy) BackgroundProcessingEnabled() bool
func (*ClusterPolicy) DeepCopy ¶
func (in *ClusterPolicy) DeepCopy() *ClusterPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicy.
func (*ClusterPolicy) DeepCopyInto ¶
func (in *ClusterPolicy) DeepCopyInto(out *ClusterPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicy) DeepCopyObject ¶
func (in *ClusterPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ClusterPolicy) HasAutoGenAnnotation ¶ added in v1.1.7
func (p *ClusterPolicy) HasAutoGenAnnotation() bool
func (*ClusterPolicy) HasMutateOrValidateOrGenerate ¶ added in v1.1.0
func (p *ClusterPolicy) HasMutateOrValidateOrGenerate() bool
HasMutateOrValidateOrGenerate checks for rule types
type ClusterPolicyList ¶
type ClusterPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []ClusterPolicy `json:"items"` }
ClusterPolicyList ...
func (*ClusterPolicyList) DeepCopy ¶
func (in *ClusterPolicyList) DeepCopy() *ClusterPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyList.
func (*ClusterPolicyList) DeepCopyInto ¶
func (in *ClusterPolicyList) DeepCopyInto(out *ClusterPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicyList) DeepCopyObject ¶
func (in *ClusterPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterPolicyViolation ¶
type ClusterPolicyViolation PolicyViolationTemplate
ClusterPolicyViolation represents cluster-wide violations
func (*ClusterPolicyViolation) DeepCopy ¶
func (in *ClusterPolicyViolation) DeepCopy() *ClusterPolicyViolation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyViolation.
func (*ClusterPolicyViolation) DeepCopyInto ¶
func (in *ClusterPolicyViolation) DeepCopyInto(out *ClusterPolicyViolation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicyViolation) DeepCopyObject ¶
func (in *ClusterPolicyViolation) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterPolicyViolationList ¶
type ClusterPolicyViolationList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []ClusterPolicyViolation `json:"items"` }
ClusterPolicyViolationList ...
func (*ClusterPolicyViolationList) DeepCopy ¶
func (in *ClusterPolicyViolationList) DeepCopy() *ClusterPolicyViolationList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyViolationList.
func (*ClusterPolicyViolationList) DeepCopyInto ¶
func (in *ClusterPolicyViolationList) DeepCopyInto(out *ClusterPolicyViolationList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicyViolationList) DeepCopyObject ¶
func (in *ClusterPolicyViolationList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type Condition ¶ added in v1.1.0
type Condition struct { Key interface{} `json:"key"` Operator ConditionOperator `json:"operator"` Value interface{} `json:"value"` }
Condition defines the evaluation condition
func (*Condition) DeepCopy ¶ added in v1.1.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.
func (*Condition) DeepCopyInto ¶ added in v1.1.0
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type ConditionOperator ¶ added in v1.1.0
type ConditionOperator string
ConditionOperator defines the type for condition operator
const ( //Equal for Equal operator Equal ConditionOperator = "Equal" Equals ConditionOperator = "Equals" //NotEqual for NotEqual operator NotEqual ConditionOperator = "NotEqual" NotEquals ConditionOperator = "NotEquals" //In for In operator In ConditionOperator = "In" //NotIn for NotIn operator NotIn ConditionOperator = "NotIn" )
type Deny ¶ added in v1.1.6
type Deny struct {
Conditions []Condition `json:"conditions,omitempty"`
}
type ExcludeResources ¶
type ExcludeResources struct { UserInfo ResourceDescription `json:"resources"` }
ExcludeResources container resource description of the resources that are to be excluded from the applying the policy rule
func (*ExcludeResources) DeepCopy ¶
func (in *ExcludeResources) DeepCopy() *ExcludeResources
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeResources.
func (*ExcludeResources) DeepCopyInto ¶
func (in *ExcludeResources) DeepCopyInto(out *ExcludeResources)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GenerateRequest ¶ added in v1.1.0
type GenerateRequest struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec GenerateRequestSpec `json:"spec"` Status GenerateRequestStatus `json:"status"` }
GenerateRequest is a request to process generate rule
func (*GenerateRequest) DeepCopy ¶ added in v1.1.0
func (in *GenerateRequest) DeepCopy() *GenerateRequest
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequest.
func (*GenerateRequest) DeepCopyInto ¶ added in v1.1.0
func (in *GenerateRequest) DeepCopyInto(out *GenerateRequest)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GenerateRequest) DeepCopyObject ¶ added in v1.1.0
func (in *GenerateRequest) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GenerateRequestContext ¶ added in v1.1.0
type GenerateRequestContext struct {
UserRequestInfo RequestInfo `json:"userInfo,omitempty"`
}
GenerateRequestContext stores the context to be shared
func (*GenerateRequestContext) DeepCopy ¶ added in v1.1.0
func (in *GenerateRequestContext) DeepCopy() *GenerateRequestContext
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestContext.
func (*GenerateRequestContext) DeepCopyInto ¶ added in v1.1.0
func (in *GenerateRequestContext) DeepCopyInto(out *GenerateRequestContext)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GenerateRequestList ¶ added in v1.1.0
type GenerateRequestList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []GenerateRequest `json:"items"` }
GenerateRequestList stores the list of generate requests
func (*GenerateRequestList) DeepCopy ¶ added in v1.1.0
func (in *GenerateRequestList) DeepCopy() *GenerateRequestList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestList.
func (*GenerateRequestList) DeepCopyInto ¶ added in v1.1.0
func (in *GenerateRequestList) DeepCopyInto(out *GenerateRequestList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*GenerateRequestList) DeepCopyObject ¶ added in v1.1.0
func (in *GenerateRequestList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type GenerateRequestSpec ¶ added in v1.1.0
type GenerateRequestSpec struct { Policy string `json:"policy"` Resource ResourceSpec `json:"resource"` Context GenerateRequestContext `json:"context"` }
GenerateRequestSpec stores the request specification
func (*GenerateRequestSpec) DeepCopy ¶ added in v1.1.0
func (in *GenerateRequestSpec) DeepCopy() *GenerateRequestSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestSpec.
func (*GenerateRequestSpec) DeepCopyInto ¶ added in v1.1.0
func (in *GenerateRequestSpec) DeepCopyInto(out *GenerateRequestSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GenerateRequestState ¶ added in v1.1.0
type GenerateRequestState string
GenerateRequestState defines the state of
const ( //Pending - the Request is yet to be processed or resource has not been created Pending GenerateRequestState = "Pending" //Failed - the Generate Request Controller failed to process the rules Failed GenerateRequestState = "Failed" //Completed - the Generate Request Controller created resources defined in the policy Completed GenerateRequestState = "Completed" )
type GenerateRequestStatus ¶ added in v1.1.0
type GenerateRequestStatus struct { State GenerateRequestState `json:"state"` Message string `json:"message,omitempty"` // This will track the resources that are generated by the generate Policy // Will be used during clean up resources GeneratedResources []ResourceSpec `json:"generatedResources,omitempty"` }
GenerateRequestStatus stores the status of generated request
func (*GenerateRequestStatus) DeepCopy ¶ added in v1.1.0
func (in *GenerateRequestStatus) DeepCopy() *GenerateRequestStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GenerateRequestStatus.
func (*GenerateRequestStatus) DeepCopyInto ¶ added in v1.1.0
func (in *GenerateRequestStatus) DeepCopyInto(out *GenerateRequestStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Generation ¶
type Generation struct { ResourceSpec Synchronize bool `json:"synchronize,omitempty"` Data interface{} `json:"data,omitempty"` Clone CloneFrom `json:"clone,omitempty"` }
Generation describes which resources will be created when other resource is created
func (*Generation) DeepCopy ¶
func (in *Generation) DeepCopy() *Generation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Generation.
func (*Generation) DeepCopyInto ¶
func (gen *Generation) DeepCopyInto(out *Generation)
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type MatchResources ¶
type MatchResources struct { UserInfo ResourceDescription `json:"resources"` }
MatchResources contains resource description of the resources that the rule is to apply on
func (*MatchResources) DeepCopy ¶
func (in *MatchResources) DeepCopy() *MatchResources
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchResources.
func (*MatchResources) DeepCopyInto ¶
func (in *MatchResources) DeepCopyInto(out *MatchResources)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Mutation ¶
type Mutation struct { Overlay interface{} `json:"overlay,omitempty"` Patches []Patch `json:"patches,omitempty"` }
Mutation describes the way how Mutating Webhook will react on resource creation
func (*Mutation) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Mutation.
func (*Mutation) DeepCopyInto ¶
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type Patch ¶
type Patch struct { Path string `json:"path"` Operation string `json:"op"` Value interface{} `json:"value"` }
Patch declares patch operation for created object according to RFC 6902
func (*Patch) DeepCopyInto ¶
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type Policy ¶
type Policy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec Spec `json:"spec"` Status PolicyStatus `json:"status,omitempty"` }
Policy contains rules to be applied to created resources
func (*Policy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
func (*Policy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyStatus ¶
type PolicyStatus struct { // average time required to process the policy rules on a resource AvgExecutionTime string `json:"averageExecutionTime,omitempty"` // number of violations created by this policy ViolationCount int `json:"violationCount,omitempty"` // Count of rules that failed RulesFailedCount int `json:"rulesFailedCount,omitempty"` // Count of rules that were applied RulesAppliedCount int `json:"rulesAppliedCount,omitempty"` // Count of resources that were blocked for failing a validate, across all rules ResourcesBlockedCount int `json:"resourcesBlockedCount,omitempty"` // Count of resources that were successfully mutated, across all rules ResourcesMutatedCount int `json:"resourcesMutatedCount,omitempty"` // Count of resources that were successfully generated, across all rules ResourcesGeneratedCount int `json:"resourcesGeneratedCount,omitempty"` Rules []RuleStats `json:"ruleStatus,omitempty"` }
PolicyStatus mostly contains statistics related to policy
func (*PolicyStatus) DeepCopy ¶
func (in *PolicyStatus) DeepCopy() *PolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.
func (*PolicyStatus) DeepCopyInto ¶
func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyViolation ¶
type PolicyViolation PolicyViolationTemplate
PolicyViolation represents namespaced violations
func (*PolicyViolation) DeepCopy ¶
func (in *PolicyViolation) DeepCopy() *PolicyViolation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolation.
func (*PolicyViolation) DeepCopyInto ¶
func (in *PolicyViolation) DeepCopyInto(out *PolicyViolation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyViolation) DeepCopyObject ¶ added in v1.1.0
func (in *PolicyViolation) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyViolationList ¶ added in v1.1.0
type PolicyViolationList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata"` Items []PolicyViolation `json:"items"` }
PolicyViolationList ...
func (*PolicyViolationList) DeepCopy ¶ added in v1.1.0
func (in *PolicyViolationList) DeepCopy() *PolicyViolationList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationList.
func (*PolicyViolationList) DeepCopyInto ¶ added in v1.1.0
func (in *PolicyViolationList) DeepCopyInto(out *PolicyViolationList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyViolationList) DeepCopyObject ¶ added in v1.1.0
func (in *PolicyViolationList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyViolationSpec ¶
type PolicyViolationSpec struct { Policy string `json:"policy"` ResourceSpec `json:"resource"` ViolatedRules []ViolatedRule `json:"rules"` }
PolicyViolationSpec describes policy behavior by its rules
func (*PolicyViolationSpec) DeepCopy ¶
func (in *PolicyViolationSpec) DeepCopy() *PolicyViolationSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationSpec.
func (*PolicyViolationSpec) DeepCopyInto ¶
func (in *PolicyViolationSpec) DeepCopyInto(out *PolicyViolationSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyViolationStatus ¶
PolicyViolationStatus provides information regarding policyviolation status status:
LastUpdateTime : the time the polivy violation was updated
func (*PolicyViolationStatus) DeepCopy ¶
func (in *PolicyViolationStatus) DeepCopy() *PolicyViolationStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationStatus.
func (*PolicyViolationStatus) DeepCopyInto ¶
func (in *PolicyViolationStatus) DeepCopyInto(out *PolicyViolationStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyViolationTemplate ¶ added in v1.1.0
type PolicyViolationTemplate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec PolicyViolationSpec `json:"spec"` Status PolicyViolationStatus `json:"status"` }
PolicyViolationTemplate stores the information regarinding the resources for which a policy failed to apply
func (*PolicyViolationTemplate) DeepCopy ¶ added in v1.1.0
func (in *PolicyViolationTemplate) DeepCopy() *PolicyViolationTemplate
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyViolationTemplate.
func (*PolicyViolationTemplate) DeepCopyInto ¶ added in v1.1.0
func (in *PolicyViolationTemplate) DeepCopyInto(out *PolicyViolationTemplate)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RequestInfo ¶ added in v1.1.0
type RequestInfo struct { // Roles is a list of possible role send the request Roles []string `json:"roles"` // ClusterRoles is a list of possible clusterRoles send the request ClusterRoles []string `json:"clusterRoles"` // UserInfo is the userInfo carried in the admission request AdmissionUserInfo authenticationv1.UserInfo `json:"userInfo"` }
RequestInfo contains permission info carried in an admission request
func (*RequestInfo) DeepCopy ¶ added in v1.1.0
func (in *RequestInfo) DeepCopy() *RequestInfo
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestInfo.
func (*RequestInfo) DeepCopyInto ¶ added in v1.1.0
func (in *RequestInfo) DeepCopyInto(out *RequestInfo)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceDescription ¶
type ResourceDescription struct { Kinds []string `json:"kinds,omitempty"` Name string `json:"name,omitempty"` Namespaces []string `json:"namespaces,omitempty"` Selector *metav1.LabelSelector `json:"selector,omitempty"` }
ResourceDescription describes the resource to which the PolicyRule will be applied.
func (*ResourceDescription) DeepCopy ¶
func (in *ResourceDescription) DeepCopy() *ResourceDescription
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceDescription.
func (*ResourceDescription) DeepCopyInto ¶
func (in *ResourceDescription) DeepCopyInto(out *ResourceDescription)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceSpec ¶
type ResourceSpec struct { Kind string `json:"kind"` Namespace string `json:"namespace,omitempty"` Name string `json:"name"` }
ResourceSpec information to identify the resource
func (*ResourceSpec) DeepCopy ¶
func (in *ResourceSpec) DeepCopy() *ResourceSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceSpec.
func (*ResourceSpec) DeepCopyInto ¶
func (in *ResourceSpec) DeepCopyInto(out *ResourceSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (ResourceSpec) ToKey ¶
func (rs ResourceSpec) ToKey() string
ToKey generates the key string used for adding label to polivy violation
type Rule ¶
type Rule struct { Name string `json:"name"` MatchResources MatchResources `json:"match"` ExcludeResources ExcludeResources `json:"exclude,omitempty"` Conditions []Condition `json:"preconditions,omitempty"` Mutation Mutation `json:"mutate,omitempty"` Validation Validation `json:"validate,omitempty"` Generation Generation `json:"generate,omitempty"` }
Rule is set of mutation, validation and generation actions for the single resource description
func (*Rule) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule.
func (*Rule) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RuleStats ¶
type RuleStats struct { // Rule name Name string `json:"ruleName"` // average time require to process the rule ExecutionTime string `json:"averageExecutionTime,omitempty"` // number of violations created by this rule ViolationCount int `json:"violationCount,omitempty"` // Count of rules that failed FailedCount int `json:"failedCount,omitempty"` // Count of rules that were applied AppliedCount int `json:"appliedCount,omitempty"` // Count of resources for whom update/create api requests were blocked as the resource did not satisfy the policy rules ResourcesBlockedCount int `json:"resourcesBlockedCount,omitempty"` // Count of resources that were successfully mutated ResourcesMutatedCount int `json:"resourcesMutatedCount,omitempty"` // Count of resources that were successfully generated ResourcesGeneratedCount int `json:"resourcesGeneratedCount,omitempty"` }
RuleStats provides status per rule
func (*RuleStats) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleStats.
func (*RuleStats) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Spec ¶
type Spec struct { Rules []Rule `json:"rules"` ValidationFailureAction string `json:"validationFailureAction"` Background *bool `json:"background"` }
Spec describes policy behavior by its rules
func (*Spec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Spec.
func (*Spec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type UserInfo ¶ added in v1.1.0
type UserInfo struct { Roles []string `json:"roles,omitempty"` ClusterRoles []string `json:"clusterRoles,omitempty"` Subjects []rbacv1.Subject `json:"subjects,omitempty"` }
UserInfo filter based on users
func (*UserInfo) DeepCopy ¶ added in v1.1.0
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserInfo.
func (*UserInfo) DeepCopyInto ¶ added in v1.1.0
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Validation ¶
type Validation struct { Message string `json:"message,omitempty"` Pattern interface{} `json:"pattern,omitempty"` AnyPattern []interface{} `json:"anyPattern,omitempty"` Deny *Deny `json:"deny,omitempty"` }
Validation describes the way how Validating Webhook will check the resource on creation
func (*Validation) DeepCopy ¶
func (in *Validation) DeepCopy() *Validation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Validation.
func (*Validation) DeepCopyInto ¶
func (in *Validation) DeepCopyInto(out *Validation)
DeepCopyInto is declared because k8s:deepcopy-gen is not able to generate this method for interface{} member
type ViolatedRule ¶
type ViolatedRule struct { Name string `json:"name"` Type string `json:"type"` Message string `json:"message"` }
ViolatedRule stores the information regarding the rule
func (*ViolatedRule) DeepCopy ¶
func (in *ViolatedRule) DeepCopy() *ViolatedRule
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ViolatedRule.
func (*ViolatedRule) DeepCopyInto ¶
func (in *ViolatedRule) DeepCopyInto(out *ViolatedRule)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.