Documentation ¶
Index ¶
- Constants
- Variables
- type MatchCondition
- type Source
- func (in *Source) GetFailurePolicy() (*admissionv1.FailurePolicyType, error)
- func (in *Source) GetMatchConditions() ([]cel.ExpressionAccessor, error)
- func (in *Source) GetMessageExpressions() ([]cel.ExpressionAccessor, error)
- func (in *Source) GetV1Beta1FailurePolicy() (*admissionv1beta1.FailurePolicyType, error)
- func (in *Source) GetV1Beta1MatchConditions() ([]admissionv1beta1.MatchCondition, error)
- func (in *Source) GetV1Beta1Validatons() ([]admissionv1beta1.Validation, error)
- func (in *Source) GetV1Beta1Variables() ([]admissionv1beta1.Variable, error)
- func (in *Source) GetValidations() ([]cel.ExpressionAccessor, error)
- func (in *Source) GetVariables() ([]cel.NamedExpressionAccessor, error)
- func (in *Source) MustToUnstructured() map[string]interface{}
- func (in *Source) Validate() error
- type Validation
- type Variable
Constants ¶
View Source
const ( // Name is the name of the driver. Name = "K8sNativeValidation" // ReservedPrefix signifies a prefix that no user-defined value (variable, matcher, etc.) is allowed to have. // This gives us the ability to add new variables in the future without worrying about breaking pre-existing templates. ReservedPrefix = "gatekeeper_internal_" // ParamsName is the VAP variable constraint parameters will be bound to. ParamsName = "params" // ObjectName is the VAP variable that describes either an object or (on DELETE requests) oldObject. ObjectName = "anyObject" )
Variables ¶
View Source
var ( ErrBadMatchCondition = errors.New("invalid match condition") ErrBadVariable = errors.New("invalid variable definition") ErrBadFailurePolicy = errors.New("invalid failure policy") ErrCodeNotDefined = errors.New("K8sNativeValidation code not defined") ErrOneTargetAllowed = errors.New("wrong number of targets defined, only 1 target allowed") ErrBadType = errors.New("Could not recognize the type") ErrMissingField = errors.New("K8sNativeValidation source missing required field") )
Functions ¶
This section is empty.
Types ¶
type MatchCondition ¶
type Source ¶
type Source struct { // Validations maps to ValidatingAdmissionPolicy's `spec.validations`. Validations []Validation `json:"validations,omitempty"` // FailurePolicy maps to ValidatingAdmissionPolicy's `spec.failurePolicy`. FailurePolicy *string `json:"failurePolicy,omitempty"` // MatchConditions maps to ValidatingAdmissionPolicy's `spec.matchConditions`. MatchConditions []MatchCondition `json:"matchCondition,omitempty"` // Variables maps to ValidatingAdmissionPolicy's `spec.variables`. Variables []Variable `json:"variables,omitempty"` // GenerateVAP enables/disables VAP generation and enforcement for policy. GenerateVAP *bool `json:"generateVAP,omitempty"` }
func GetSourceFromTemplate ¶
func GetSourceFromTemplate(ct *templates.ConstraintTemplate) (*Source, error)
func (*Source) GetFailurePolicy ¶
func (in *Source) GetFailurePolicy() (*admissionv1.FailurePolicyType, error)
func (*Source) GetMatchConditions ¶
func (in *Source) GetMatchConditions() ([]cel.ExpressionAccessor, error)
func (*Source) GetMessageExpressions ¶
func (in *Source) GetMessageExpressions() ([]cel.ExpressionAccessor, error)
func (*Source) GetV1Beta1FailurePolicy ¶
func (in *Source) GetV1Beta1FailurePolicy() (*admissionv1beta1.FailurePolicyType, error)
func (*Source) GetV1Beta1MatchConditions ¶
func (in *Source) GetV1Beta1MatchConditions() ([]admissionv1beta1.MatchCondition, error)
func (*Source) GetV1Beta1Validatons ¶
func (in *Source) GetV1Beta1Validatons() ([]admissionv1beta1.Validation, error)
func (*Source) GetV1Beta1Variables ¶
func (in *Source) GetV1Beta1Variables() ([]admissionv1beta1.Variable, error)
func (*Source) GetValidations ¶
func (in *Source) GetValidations() ([]cel.ExpressionAccessor, error)
func (*Source) GetVariables ¶
func (in *Source) GetVariables() ([]cel.NamedExpressionAccessor, error)
func (*Source) MustToUnstructured ¶
ToUnstructured() is a convenience method for converting to unstructured. Intended for testing. It will panic on error.
type Validation ¶
Click to show internal directories.
Click to hide internal directories.