constraints

package
v0.0.0-...-9e57a57 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 15, 2025 License: Apache-2.0 Imports: 4 Imported by: 4

Documentation

Index

Constants

View Source 
const (
	// Group is the API Group of Constraints.
	Group = "constraints.gatekeeper.sh"

	// AllEnforcementPoints is a wildcard to indicate all enforcement points.
	AllEnforcementPoints = "*"
)

Variables

View Source 
var (
	// ErrInvalidConstraint is a generic error that a Constraint is invalid for
	// some reason.
	ErrInvalidConstraint = errors.New("invalid Constraint")

	// ErrSchema is a specific error that a Constraint failed schema validation.
	ErrSchema = errors.New("schema validation failed")

	// ErrMissingRequiredField is a specific error that a field is missing from a Constraint.
	ErrMissingRequiredField = errors.New("missing required field")

	ErrInvalidSpecEnforcementAction = errors.New("scopedEnforcementActions value must be a [{action: string, enforcementPoints: [{name: string}]}]")
)

Functions

func GetEnforcementAction 

func GetEnforcementAction(constraint *unstructured.Unstructured) (string, error)

GetEnforcementAction returns a Constraint's enforcementAction, which indicates what should be done if a review violates a Constraint, or the Constraint fails to run.

Returns an error if spec.enforcementAction is defined and is not a string.

func GetEnforcementActionsForEP 

func GetEnforcementActionsForEP(constraint *unstructured.Unstructured, eps []string) (map[string][]string, error)

GetEnforcementActionsForEP returns a map of enforcement actions for enforcement points passed in.

func IsEnforcementActionScoped 

func IsEnforcementActionScoped(action string) bool

Types

type EnforcementAction 

type EnforcementAction string
const (
	// Deny indicates that if a review fails validation for a
	// Constraint, that it should be rejected. Errors encountered running
	// validation are treated as failing validation.
	//
	// This is the default EnforcementAction.
	Deny   EnforcementAction = "deny"
	Warn   EnforcementAction = "warn"
	Scoped EnforcementAction = "scoped"
)

type EnforcementPoint 

type EnforcementPoint struct {
	Name string `json:"name"`
}

type ScopedEnforcementAction 

type ScopedEnforcementAction struct {
	Action            string             `json:"action"`
	EnforcementPoints []EnforcementPoint `json:"enforcementPoints"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.