Documentation
¶
Index ¶
Constants ¶
View Source
const (
Version1_11 = "v1.11"
)
Variables ¶
View Source
var (
DefaultCaps = []string{
"SETPCAP",
"MKNOD",
"AUDIT_WRITE",
"CHOWN",
"NET_RAW",
"DAC_OVERRIDE",
"FOWNER",
"FSETID",
"KILL",
"SETGID",
"SETUID",
"NET_BIND_SERVICE",
"SYS_CHROOT",
"SETFCAP",
}
)
Functions ¶
This section is empty.
Types ¶
type ContainerSecuritySpec ¶
type ContainerSecuritySpec struct {
Metadata Metadata `json:"parentMetadata"`
ContainerID string `json:"containerID"`
ContainerName string `json:"containerName"`
PodName string `json:"podName"`
Namespace string `json:"namespace"`
ImageName string `json:"imageName"`
ImageSHA string `json:"imageSHA"`
HostName string `json:"hostName"`
Capabilities []string `json:"effectiveCapabilities,omitempty"`
DroppedCap []string `json:"droppedCapabilities,omitempty"`
AddedCap []string `json:"addedCapabilities,omitempty"`
Privileged bool `json:"privileged,omitempty"`
ReadOnlyRootFS bool `json:"readOnlyRootFileSystem,omitempty"`
RunAsNonRoot *bool `json:"runAsNonRoot,omitempty"`
AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty"`
RunAsUser *int64 `json:"runAsUser,omitempty"`
RunAsGroup *int64 `json:"runAsGroup,omitempty"`
HostPorts []int32 `json:"hostPorts,omitempty"`
}
type PodSecuritySpec ¶
type PodSecuritySpec struct {
Metadata Metadata `json:"metadata"`
Namespace string `json:"namespace"`
HostPID bool `json:"hostPID,omitempty"`
HostNetwork bool `json:"hostNetwork,omitempty"`
HostIPC bool `json:"hostIPC,omitempty"`
VolumeTypes []string `json:"volumeTypes,omitempty"`
MountHostPaths map[string]bool `json:"mountedHostPath,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.