common

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 9, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	//  The actual ingress controller pod is usually unknown and not available in the input resources for the analysis.
	// IngressPodName and IngressPodNamespace are used to represent that pod with those placeholder values for name and namespace.
	IngressPodName      = "ingress-controller"
	IngressPodNamespace = "ingress-controller-ns"
)

Ingress Controller const - the name and namespace of an ingress-controller pod

View Source 
const K8sNsNameLabelKey = "kubernetes.io/metadata.name"

The Kubernetes API server sets this label on all namespaces

View Source 
const (
	NoPort = -1
)

Variables

This section is empty.

Functions

func ConnStrFromConnProperties 

func ConnStrFromConnProperties(allProtocolsAndPorts bool, protocolsAndPorts map[v1.Protocol][]PortRange) string

Types

type Connection 

type Connection interface {
	// ProtocolsAndPortsMap returns the set of allowed connections
	ProtocolsAndPortsMap() map[v1.Protocol][]PortRange
	// AllConnections returns true if all ports are allowed for all protocols
	AllConnections() bool
	// IsEmpty returns true if no connection is allowed
	IsEmpty() bool
}

Connection represents a set of allowed connections between two peers

type ConnectionSet 

type ConnectionSet struct {
	AllowAll         bool
	AllowedProtocols map[v1.Protocol]*PortSet // map from protocol name to set of allowed ports
}

ConnectionSet represents a set of allowed connections between two peers on a k8s env and implements Connection interface

func GetAllTCPConnections added in v1.2.0 

func GetAllTCPConnections() *ConnectionSet

GetAllTCPConnections returns a pointer to ConnectionSet object with all TCP protocol connections

func MakeConnectionSet 

func MakeConnectionSet(all bool) *ConnectionSet

MakeConnectionSet returns a pointer to ConnectionSet object with all connections or no connections

func (*ConnectionSet) AddConnection 

func (conn *ConnectionSet) AddConnection(protocol v1.Protocol, ports *PortSet)

AddConnection updates current ConnectionSet object with new allowed connection

func (*ConnectionSet) AllConnections 

func (conn *ConnectionSet) AllConnections() bool

AllConnections returns true if all ports are allowed for all protocols

func (*ConnectionSet) ContainedIn 

func (conn *ConnectionSet) ContainedIn(other *ConnectionSet) bool

ContainedIn returns true if current ConnectionSet is contained in the input ConnectionSet object

func (*ConnectionSet) Contains 

func (conn *ConnectionSet) Contains(port, protocol string) bool

Contains returns true if the input port+protocol is an allowed connection

func (*ConnectionSet) Copy added in v1.2.0 

func (conn *ConnectionSet) Copy() *ConnectionSet

Copy returns a new copy of ConnectionSet object

func (*ConnectionSet) Equal 

func (conn *ConnectionSet) Equal(other *ConnectionSet) bool

Equal returns true if the current ConnectionSet object is equal to the input object

func (*ConnectionSet) GetNamedPorts added in v1.2.0 

func (conn *ConnectionSet) GetNamedPorts() map[v1.Protocol][]string

GetNamedPorts returns map from protocol to list of its allowed named ports

func (*ConnectionSet) Intersection 

func (conn *ConnectionSet) Intersection(other *ConnectionSet)

Intersection updates ConnectionSet object to be the intersection result with other ConnectionSet

func (*ConnectionSet) IsEmpty 

func (conn *ConnectionSet) IsEmpty() bool

IsEmpty returns true if the ConnectionSet has no allowed connections

func (*ConnectionSet) ProtocolsAndPortsMap 

func (conn *ConnectionSet) ProtocolsAndPortsMap() map[v1.Protocol][]PortRange

ProtocolsAndPortsMap() returns a map from allowed protocol to list of allowed ports ranges.

func (*ConnectionSet) ReplaceNamedPortWithMatchingPortNum added in v1.2.0 

func (conn *ConnectionSet) ReplaceNamedPortWithMatchingPortNum(protocol v1.Protocol, namedPort string, portNum int32)

ReplaceNamedPortWithMatchingPortNum : replacing given namedPort with the matching given port num in the connection if port num is -1; just deletes the named port from the protocol's list

func (*ConnectionSet) String 

func (conn *ConnectionSet) String() string

String returns a string representation of the ConnectionSet object

func (*ConnectionSet) Union 

func (conn *ConnectionSet) Union(other *ConnectionSet)

Union updates ConnectionSet object to be the union result with other ConnectionSet

type NetpolError 

type NetpolError interface {
	IsFatal() bool
	IsSevere() bool
	Error() error
	Location() string
}

NetpolError holds information about a single error/warning that occurred during running connectivity analysis command (list or diff)

type PortRange 

type PortRange interface {
	// Start is the start port
	Start() int64
	// End is the end port
	End() int64
	// String returns a string representation of the PortRange object
	String() string
}

PortRange describes a port or a range of ports for allowed traffic If start port equals end port, it represents a single port

type PortSet 

type PortSet struct {
	Ports              *interval.CanonicalSet
	NamedPorts         map[string]bool
	ExcludedNamedPorts map[string]bool
}

PortSet: represents set of allowed ports in a connection

func MakePortSet 

func MakePortSet(all bool) *PortSet

MakePortSet: return a new PortSet object, with all ports or no ports allowed

func (*PortSet) AddPort 

func (p *PortSet) AddPort(port intstr.IntOrString)

AddPort: update current PortSet object with new added port as allowed

func (*PortSet) AddPortRange 

func (p *PortSet) AddPortRange(minPort, maxPort int64)

AddPortRange: update current PortSet object with new added port range as allowed

func (*PortSet) ContainedIn 

func (p *PortSet) ContainedIn(other *PortSet) bool

ContainedIn: return true if current PortSet object is contained in input PortSet object

func (*PortSet) Contains 

func (p *PortSet) Contains(port int64) bool

Contains: return true if current PortSet contains a specific input port

func (*PortSet) Copy 

func (p *PortSet) Copy() *PortSet

Copy: return a new copy of a PortSet object

func (*PortSet) Equal 

func (p *PortSet) Equal(other *PortSet) bool

Equal: return true if current object equals another PortSet object

func (*PortSet) GetNamedPortsKeys added in v1.2.0 

func (p *PortSet) GetNamedPortsKeys() []string

GetNamedPortsKeys returns the named ports of current portSet

func (*PortSet) Intersection 

func (p *PortSet) Intersection(other *PortSet)

Intersection: update current PortSet object as intersection with input PortSet object

func (*PortSet) IsAll 

func (p *PortSet) IsAll() bool

IsAll: return true if current PortSet object contains all ports

func (*PortSet) IsEmpty 

func (p *PortSet) IsEmpty() bool

IsEmpty: return true if current object is empty (no ports allowed)

func (*PortSet) RemovePort 

func (p *PortSet) RemovePort(port intstr.IntOrString)

RemovePort: update current PortSet object with removing input port from allowed ports

func (*PortSet) String 

func (p *PortSet) String() string

String: return string representation of current PortSet

func (*PortSet) Union 

func (p *PortSet) Union(other *PortSet)

Union: update current PortSet object with union of input PortSet object

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.