Documentation
¶
Index ¶
- func CreateOrUpdate(ctx context.Context, c client.Client, ...) error
- func Equal(current, desired *securityv1.SecurityContextConstraints) bool
- func Mutate(current, desired *securityv1.SecurityContextConstraints)
- type Builder
- func (b *Builder) Build() *securityv1.SecurityContextConstraints
- func (b *Builder) WithAllowPrivilegeEscalation(value bool) *Builder
- func (b *Builder) WithDefaultAllowPrivilegeEscalation(value bool) *Builder
- func (b *Builder) WithForbiddenSysctls(forbiddenSysctls []string) *Builder
- func (b *Builder) WithRequiredDropCapabilities(capabilities []corev1.Capability) *Builder
- func (b *Builder) WithRunAsUserOptions(options securityv1.RunAsUserStrategyOptions) *Builder
- func (b *Builder) WithSELinuxContextOptions(options securityv1.SELinuxContextStrategyOptions) *Builder
- func (b *Builder) WithVolumes(volumes []securityv1.FSType) *Builder
- type EqualityFunc
- type MutateFunc
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateOrUpdate ¶
func CreateOrUpdate(ctx context.Context, c client.Client, scc *securityv1.SecurityContextConstraints, equal EqualityFunc, mutate MutateFunc) error
CreateOrUpdate attempts first to get the given securitycontextconstraints. If the securitycontextconstraints does not exist, the securitycontextconstraints will be created. Otherwise, if the securitycontextconstraints exists and the provided comparison func detects any changes an update is attempted. Updates are retried with backoff (See retry.DefaultRetry). Returns on failure an non-nil error.
func Equal ¶
func Equal(current, desired *securityv1.SecurityContextConstraints) bool
Equal return only true if the securitycontextconstraints are equal
func Mutate ¶
func Mutate(current, desired *securityv1.SecurityContextConstraints)
Mutate is a default mutate functions for securitycontextconstraints. It overrides the values used by the cluster to maintain security.
Types ¶
type Builder ¶
type Builder struct {
// contains filtered or unexported fields
}
Builder represents the struct to build security context constraints
func New ¶
func New(name string, allowPrivelegeContainer, allowHostDirVolumePlugin, readOnlyRootFilesystem bool) *Builder
New returns a new Builder for security context constraints
func (*Builder) Build ¶
func (b *Builder) Build() *securityv1.SecurityContextConstraints
Build returns the final security context constraints
func (*Builder) WithAllowPrivilegeEscalation ¶
Sets the constraints privelege escalation
func (*Builder) WithDefaultAllowPrivilegeEscalation ¶
Sets the constraints default privelege escalation
func (*Builder) WithForbiddenSysctls ¶
Sets the constraints forbidden sysctls
func (*Builder) WithRequiredDropCapabilities ¶
func (b *Builder) WithRequiredDropCapabilities(capabilities []corev1.Capability) *Builder
Sets the constraints drop capabilities
func (*Builder) WithRunAsUserOptions ¶
func (b *Builder) WithRunAsUserOptions(options securityv1.RunAsUserStrategyOptions) *Builder
Sets the constraints user options
func (*Builder) WithSELinuxContextOptions ¶
func (b *Builder) WithSELinuxContextOptions(options securityv1.SELinuxContextStrategyOptions) *Builder
Sets the constraints selinuxcontext options
func (*Builder) WithVolumes ¶
func (b *Builder) WithVolumes(volumes []securityv1.FSType) *Builder
Sets the constraints volumes
type EqualityFunc ¶
type EqualityFunc func(current, desired *securityv1.SecurityContextConstraints) bool
EqualityFunc is the type for functions that compare two ecuritycontextconstraints. Return true if two ecuritycontextconstraints are equal.
type MutateFunc ¶
type MutateFunc func(current, desired *securityv1.SecurityContextConstraints)
MutateFunc is the type for functions that mutate the current securitycontextconstraints by applying the values from the desired route.
Source Files