psa

package

v0.0.0-...-4e2c4ca Latest Latest Go to latest Published: Nov 19, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/openshift/cluster-debug-tools

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func NewCmdPSA(parentName string, streams genericclioptions.IOStreams) *cobra.Command
func Resource(resource string) schema.GroupResource
type PSAOptions
type PodSecurityViolation
- func (v *PodSecurityViolation) DeepCopyObject() runtime.Object
type PodSecurityViolationList
- func (l *PodSecurityViolationList) DeepCopyObject() runtime.Object

Constants ¶

View Source

const GroupName = "psa.openshift.io"

Variables ¶

View Source

var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)

View Source

var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

Functions ¶

func NewCmdPSA ¶

func NewCmdPSA(parentName string, streams genericclioptions.IOStreams) *cobra.Command

NewCmdPSA creates a new cobra.Command instance that enables checking namespaces for their compatibility with a specified PodSecurity level.

func Resource ¶

func Resource(resource string) schema.GroupResource

Types ¶

type PSAOptions ¶

type PSAOptions struct {
	genericclioptions.IOStreams
	// contains filtered or unexported fields
}

PSAOptions contains all the options and configsi for running the PSA command.

func (*PSAOptions) Complete ¶

func (o *PSAOptions) Complete() error

Complete sets all information required for processing the command.

func (*PSAOptions) Run ¶

func (o *PSAOptions) Run() error

Run attempts to update the namespace psa enforce label to the psa audit value.

func (*PSAOptions) Validate ¶

func (o *PSAOptions) Validate() error

Validate ensures that all required arguments and flag values are set properly.

type PodSecurityViolation ¶

type PodSecurityViolation struct {
	metav1.TypeMeta `json:",inline"`

	// Namespace where the violation happened.
	Namespace string `json:"namespace"`
	// Level is the pod security level that was violated.
	Level string `json:"level"`
	// PodName is the name of the pod with the shortest name that violates the
	// PodSecurity level.
	PodName string `json:"podName"`

	// Violations lists the violations that all the pods in the namespace made.
	Violations []string `json:"violations"`
	// Pod is the pod with the shortest name that violates the PodSecurity level.
	Pod *corev1.Pod `json:"pod,omitempty"`
	// PodControllers are the controllers that manage the referenced pod.
	PodControllers []any `json:"podControllers,omitempty"`

	// Labels contain the pod security labels, present in the namespace.
	Labels map[string]psapi.Level `json:"labels,omitempty"`
	// SyncControlLabel signals that the label syncer is turned on for this namespace.
	SyncControlLabel string `json:"syncControlLabel,omitempty"`
}

PodSecurityViolation is a violation of the PodSecurity level set.

func (*PodSecurityViolation) DeepCopyObject ¶

func (v *PodSecurityViolation) DeepCopyObject() runtime.Object

DeepCopyObject complements the runtime.Object interface.

type PodSecurityViolationList ¶

type PodSecurityViolationList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard list metadata.
	metav1.ListMeta `json:"metadata,omitempty"`

	// Items is a list of PodSecurityViolation objects.
	Items []PodSecurityViolation `json:"items"`
}

PodSecurityViolationList is a list of PodSecurityViolation objects.

func (*PodSecurityViolationList) DeepCopyObject ¶

func (l *PodSecurityViolationList) DeepCopyObject() runtime.Object

DeepCopyObject complements the runtime.Object interface.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL