util

package
v3.16.0-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 7, 2024 License: Apache-2.0 Imports: 14 Imported by: 1

Documentation

Index

Constants

View Source
const (
	// ValidCABundle is a valid CA bundle used for testing.
	ValidCABundle = "" /* 924-byte string literal not displayed */
)

Variables

View Source
var ErrEnforcementAction = errors.New("unrecognized enforcementAction")

ErrEnforcementAction indicates the passed EnforcementAction is not valid.

View Source
var ErrInvalidPackedName = errors.New("invalid packed name, want request.Name to match 'gvk:[Kind].[Version].[Group]:[Name]'")

ErrInvalidPackedName indicates that the packed name of the request to be unpacked was invalid.

View Source
var ErrInvalidSpecEnforcementAction = errors.New("spec.enforcementAction must be a string")

ErrInvalidSpecEnforcementAction indicates that we were unable to parse the spec.enforcementAction field as it was not a string.

View Source
var ErrOldObjectIsNil = errors.New("oldObject cannot be nil for DELETE operations")

nolint: revive // Moved error out of pkg/webhook/admission; needs capitalization for backwards compat.

View Source
var KnownEnforcementActions = []EnforcementAction{Deny, Dryrun, Warn, Unrecognized}

KnownEnforcementActions are all defined EnforcementActions.

Functions

func EventPackerMapFunc

func EventPackerMapFunc() handler.MapFunc

EventPackerMapFunc maps an event into a reconcile.Request with embedded GVK information. Must be unpacked with UnpackRequest() before use.

func EventPackerMapFuncHardcodeGVK

func EventPackerMapFuncHardcodeGVK(gvk schema.GroupVersionKind) handler.MapFunc

EventPackerMapFuncHardcodeGVK accounts for the fact that typed K8s objects have no GVK associated with them by allowing the caller to set the expected GVK.

func GetID

func GetID() string

GetID returns a unique name for the Gatekeeper pod.

func GetNamespace

func GetNamespace() string

func GetPodName

func GetPodName() string

GetPodName returns the name of the Gatekeeper pod.

func SetObjectOnDelete

func SetObjectOnDelete(req *admission.Request) error

SetObjectOnDelete enforces that we use at least K8s API v1.15.0+ on DELETE operations and copies over the oldObject into the Object field for the given AdmissionRequest.

func UnpackRequest

UnpackRequest unpacks the GVK from a reconcile.Request and returns the separated components. GVK is encoded as "Kind.Version.Group". Requests are expected to be in the format: {Name: "gvk:EncodedGVK:Name", Namespace: Namespace}.

func ValidateEnforcementAction

func ValidateEnforcementAction(input EnforcementAction) error

Types

type EnforcementAction

type EnforcementAction string

EnforcementAction is the response we take to violations.

const (
	Deny         EnforcementAction = "deny"
	Dryrun       EnforcementAction = "dryrun"
	Warn         EnforcementAction = "warn"
	Unrecognized EnforcementAction = "unrecognized"
)

The set of possible responses to policy violations.

func GetEnforcementAction

func GetEnforcementAction(item map[string]interface{}) (EnforcementAction, error)

type Error

type Error string

func (Error) Error

func (e Error) Error() string

type FlagSet

type FlagSet map[string]bool

func NewFlagSet

func NewFlagSet() FlagSet

func (FlagSet) Set

func (l FlagSet) Set(s string) error

func (FlagSet) String

func (l FlagSet) String() string

func (FlagSet) ToSlice

func (l FlagSet) ToSlice() []string

type KindVersionName

type KindVersionName struct {
	Group     string
	Kind      string
	Version   string
	Namespace string
	Name      string
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL