policyviolation

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2019 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetOwner added in v1.0.0 

func GetOwner(dclient *client.Client, ownerMap map[kyverno.ResourceSpec]interface{}, resource unstructured.Unstructured)

GetOwner of a resource by iterating over ownerReferences

func NewDataStore added in v1.0.0 

func NewDataStore() *dataStore

Types

type Generator added in v1.0.0 

type Generator struct {
	// contains filtered or unexported fields
}

Generator creates PV

func NewPVGenerator added in v1.0.0 

func NewPVGenerator(client *kyvernoclient.Clientset, dclient *client.Client,
	pvLister kyvernolister.ClusterPolicyViolationLister,
	nspvLister kyvernolister.NamespacedPolicyViolationLister) *Generator

NewPVGenerator returns a new instance of policy violation generator

func (*Generator) Add added in v1.0.0 

func (gen *Generator) Add(infos ...Info)

Add queues a policy violation create request

func (*Generator) Run added in v1.0.0 

func (gen *Generator) Run(workers int, stopCh <-chan struct{})

Run starts the workers

type GeneratorInterface added in v1.0.0 

type GeneratorInterface interface {
	Add(infos ...Info)
}

GeneratorInterface provides API to create PVs

type Info added in v1.0.0 

type Info struct {
	Blocked    bool
	PolicyName string
	Resource   unstructured.Unstructured
	Rules      []kyverno.ViolatedRule
}

Info is a request to create PV

type NamespacedPVControlInterface added in v1.0.0 

type NamespacedPVControlInterface interface {
	UpdateStatusPolicyViolation(newPv *kyverno.NamespacedPolicyViolation) error
	RemovePolicyViolation(ns, name string) error
}

type NamespacedPolicyViolationController added in v1.0.0 

type NamespacedPolicyViolationController struct {
	// contains filtered or unexported fields
}

PolicyViolationController manages the policy violation resource - sync the lastupdate time - check if the resource is active

func NewNamespacedPolicyViolationController added in v1.0.0 

func NewNamespacedPolicyViolationController(client *client.Client, kyvernoClient *kyvernoclient.Clientset, pInformer kyvernoinformer.ClusterPolicyInformer, pvInformer kyvernoinformer.NamespacedPolicyViolationInformer) (*NamespacedPolicyViolationController, error)

NewPolicyViolationController creates a new NewPolicyViolationController

func (*NamespacedPolicyViolationController) Run added in v1.0.0 

func (pvc *NamespacedPolicyViolationController) Run(workers int, stopCh <-chan struct{})

Run begins watching and syncing.

type PVControlInterface 

type PVControlInterface interface {
	UpdateStatusPolicyViolation(newPv *kyverno.ClusterPolicyViolation) error
	RemovePolicyViolation(name string) error
}

type PolicyViolationController 

type PolicyViolationController struct {
	// contains filtered or unexported fields
}

PolicyViolationController manages the policy violation resource - sync the lastupdate time - check if the resource is active

func NewPolicyViolationController 

func NewPolicyViolationController(client *client.Client, kyvernoClient *kyvernoclient.Clientset, pInformer kyvernoinformer.ClusterPolicyInformer, pvInformer kyvernoinformer.ClusterPolicyViolationInformer) (*PolicyViolationController, error)

NewPolicyViolationController creates a new NewPolicyViolationController

func (*PolicyViolationController) Run 

func (pvc *PolicyViolationController) Run(workers int, stopCh <-chan struct{})

Run begins watching and syncing.

type RealNamespacedPVControl added in v1.0.0 

type RealNamespacedPVControl struct {
	Client   kyvernoclient.Interface
	Recorder record.EventRecorder
}

RealNamespacedPVControl is the default implementation of NamespacedPVControlInterface.

func (RealNamespacedPVControl) RemovePolicyViolation added in v1.0.0 

func (r RealNamespacedPVControl) RemovePolicyViolation(ns, name string) error

RemovePolicyViolation removes the policy violation

func (RealNamespacedPVControl) UpdateStatusPolicyViolation added in v1.0.0 

func (r RealNamespacedPVControl) UpdateStatusPolicyViolation(newPv *kyverno.NamespacedPolicyViolation) error

UpdateStatusPolicyViolation updates the status for policy violation

type RealPVControl 

type RealPVControl struct {
	Client   kyvernoclient.Interface
	Recorder record.EventRecorder
}

RealPVControl is the default implementation of PVControlInterface.

func (RealPVControl) RemovePolicyViolation 

func (r RealPVControl) RemovePolicyViolation(name string) error

RemovePolicyViolation removes the policy violation

func (RealPVControl) UpdateStatusPolicyViolation 

func (r RealPVControl) UpdateStatusPolicyViolation(newPv *kyverno.ClusterPolicyViolation) error

UpdateStatusPolicyViolation updates the status for policy violation

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.