v1alpha1

package
v0.0.0-...-e8903d3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2023 License: Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	StatusPass  = "pass"
	StatusFail  = "fail"
	StatusWarn  = "warn"
	StatusError = "error"
	StatusSkip  = "skip"
)

Status specifies state of a policy result

View Source 
const (
	SeverityCritical = "critical"
	SeverityHigh     = "high"
	SeverityMedium   = "medium"
	SeverityLow      = "low"
	SeverityInfo     = "info"
)

Severity specifies priority of a policy result

Variables

View Source 
var (
	GroupVersion   = schema.GroupVersion{Group: "prext.demo", Version: "v1alpha1"}
	Scheme         *runtime.Scheme
	ParameterCodec runtime.ParameterCodec
)

Functions

This section is empty.

Types

type ClusterPolicyReport 

type ClusterPolicyReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
	// +optional
	Scope *corev1.ObjectReference `json:"scope,omitempty"`

	// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
	// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
	// +optional
	ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`

	// PolicyReportSummary provides a summary of results
	// +optional
	Summary PolicyReportSummary `json:"summary,omitempty"`

	// PolicyReportResult provides result details
	// +optional
	Results []PolicyReportResult `json:"results,omitempty"`
}

func (*ClusterPolicyReport) DeepCopy 

func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReport.

func (*ClusterPolicyReport) DeepCopyInto 

func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport)

func (*ClusterPolicyReport) DeepCopyObject 

func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ClusterPolicyReport) GetResults 

func (r *ClusterPolicyReport) GetResults() []PolicyReportResult

func (*ClusterPolicyReport) SetResults 

func (r *ClusterPolicyReport) SetResults(results []PolicyReportResult)

func (*ClusterPolicyReport) SetSummary 

func (r *ClusterPolicyReport) SetSummary(summary PolicyReportSummary)

type ClusterPolicyReportInterface 

type ClusterPolicyReportInterface interface {
	Create(ctx context.Context, obj *unstructured.Unstructured, opts v1.CreateOptions) (*unstructured.Unstructured, error)
	Update(ctx context.Context, obj *unstructured.Unstructured, opts v1.UpdateOptions) (*unstructured.Unstructured, error)
	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
	Get(ctx context.Context, name string, opts v1.GetOptions) (*unstructured.Unstructured, error)
	List(ctx context.Context, opts v1.ListOptions) (*unstructured.UnstructuredList, error)
	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *unstructured.Unstructured, err error)
}

ClusterPolicyReportInterface has methods to work with ClusterPolicyReport resources.

type ClusterPolicyReportList 

type ClusterPolicyReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ClusterPolicyReport `json:"items"`
}

ClusterPolicyReportList contains a list of ClusterPolicyReport

func (*ClusterPolicyReportList) DeepCopy 

func (in *ClusterPolicyReportList) DeepCopy() *ClusterPolicyReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReportList.

func (*ClusterPolicyReportList) DeepCopyInto 

func (in *ClusterPolicyReportList) DeepCopyInto(out *ClusterPolicyReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClusterPolicyReportList) DeepCopyObject 

func (in *ClusterPolicyReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClusterPolicyReportsGetter 

type ClusterPolicyReportsGetter interface {
	ClusterPolicyReports() ClusterPolicyReportInterface
}

ClusterPolicyReportsGetter has a method to return a ClusterPolicyReportInterface. A group's client should implement this interface.

type DemoPolicyV1alpha2Client 

type DemoPolicyV1alpha2Client struct {
	// contains filtered or unexported fields
}

func NewForConfig 

func NewForConfig(c *rest.Config) (*DemoPolicyV1alpha2Client, error)

func NewForConfigAndClient 

func NewForConfigAndClient(c *rest.Config, h *http.Client) (*DemoPolicyV1alpha2Client, error)

func NewForConfigOrDie 

func NewForConfigOrDie(c *rest.Config) *DemoPolicyV1alpha2Client

NewForConfigOrDie creates a new Wgpolicyk8sV1alpha2Client for the given config and panics if there is an error in the config.

func (*DemoPolicyV1alpha2Client) ClusterPolicyReports 

func (c *DemoPolicyV1alpha2Client) ClusterPolicyReports() ClusterPolicyReportInterface

func (*DemoPolicyV1alpha2Client) PolicyReports 

func (c *DemoPolicyV1alpha2Client) PolicyReports(namespace string) PolicyReportInterface

func (*DemoPolicyV1alpha2Client) RESTClient 

func (c *DemoPolicyV1alpha2Client) RESTClient() rest.Interface

type DemoPolicyV1alpha2Interface 

type DemoPolicyV1alpha2Interface interface {
	RESTClient() rest.Interface
	PolicyReportsGetter
	ClusterPolicyReportsGetter
}

type PolicyReport 

type PolicyReport struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
	// +optional
	Scope *corev1.ObjectReference `json:"scope,omitempty"`

	// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
	// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
	// +optional
	ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`

	// PolicyReportSummary provides a summary of results
	// +optional
	Summary PolicyReportSummary `json:"summary,omitempty"`

	// PolicyReportResult provides result details
	// +optional
	Results []PolicyReportResult `json:"results,omitempty"`
}

func (*PolicyReport) DeepCopy 

func (in *PolicyReport) DeepCopy() *PolicyReport

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReport.

func (*PolicyReport) DeepCopyInto 

func (in *PolicyReport) DeepCopyInto(out *PolicyReport)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyReport) DeepCopyObject 

func (in *PolicyReport) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PolicyReport) GetResults 

func (r *PolicyReport) GetResults() []PolicyReportResult

func (*PolicyReport) SetResults 

func (r *PolicyReport) SetResults(results []PolicyReportResult)

func (*PolicyReport) SetSummary 

func (r *PolicyReport) SetSummary(summary PolicyReportSummary)

type PolicyReportInterface 

type PolicyReportInterface interface {
	Create(ctx context.Context, obj *unstructured.Unstructured, opts v1.CreateOptions) (*unstructured.Unstructured, error)
	Update(ctx context.Context, obj *unstructured.Unstructured, opts v1.UpdateOptions) (*unstructured.Unstructured, error)
	Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
	DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
	Get(ctx context.Context, name string, opts v1.GetOptions) (*unstructured.Unstructured, error)
	List(ctx context.Context, opts v1.ListOptions) (*unstructured.UnstructuredList, error)
	Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
	Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *unstructured.Unstructured, err error)
}

PolicyReportInterface has methods to work with PolicyReport resources.

type PolicyReportList 

type PolicyReportList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []PolicyReport `json:"items"`
}

PolicyReportList contains a list of PolicyReport

func (*PolicyReportList) DeepCopy 

func (in *PolicyReportList) DeepCopy() *PolicyReportList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportList.

func (*PolicyReportList) DeepCopyInto 

func (in *PolicyReportList) DeepCopyInto(out *PolicyReportList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyReportList) DeepCopyObject 

func (in *PolicyReportList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyReportResult 

type PolicyReportResult struct {
	// Source is an identifier for the policy engine that manages this report
	// +optional
	Source string `json:"source"`

	// Policy is the name or identifier of the policy
	Policy string `json:"policy"`

	// Rule is the name or identifier of the rule within the policy
	// +optional
	Rule string `json:"rule,omitempty"`

	// Subjects is an optional reference to the checked Kubernetes resources
	// +optional
	Resources []corev1.ObjectReference `json:"resources,omitempty"`

	// SubjectSelector is an optional label selector for checked Kubernetes resources.
	// For example, a policy result may apply to all pods that match a label.
	// Either a Subject or a SubjectSelector can be specified.
	// If neither are provided, the result is assumed to be for the policy report scope.
	// +optional
	ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`

	// Description is a short user friendly message for the policy rule
	Message string `json:"message,omitempty"`

	// Result indicates the outcome of the policy rule execution
	Result PolicyResult `json:"result,omitempty"`

	// Scored indicates if this result is scored
	Scored bool `json:"scored,omitempty"`

	// Properties provides additional information for the policy rule
	Properties map[string]string `json:"properties,omitempty"`

	// Timestamp indicates the time the result was found
	Timestamp metav1.Timestamp `json:"timestamp,omitempty"`

	// Category indicates policy category
	// +optional
	Category string `json:"category,omitempty"`

	// Severity indicates policy check result criticality
	// +optional
	Severity PolicySeverity `json:"severity,omitempty"`
}

PolicyReportResult provides the result for an individual policy

func (*PolicyReportResult) DeepCopy 

func (in *PolicyReportResult) DeepCopy() *PolicyReportResult

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportResult.

func (*PolicyReportResult) DeepCopyInto 

func (in *PolicyReportResult) DeepCopyInto(out *PolicyReportResult)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyReportSummary 

type PolicyReportSummary struct {
	// Pass provides the count of policies whose requirements were met
	// +optional
	Pass int `json:"pass"`

	// Fail provides the count of policies whose requirements were not met
	// +optional
	Fail int `json:"fail"`

	// Warn provides the count of non-scored policies whose requirements were not met
	// +optional
	Warn int `json:"warn"`

	// Error provides the count of policies that could not be evaluated
	// +optional
	Error int `json:"error"`

	// Skip indicates the count of policies that were not selected for evaluation
	// +optional
	Skip int `json:"skip"`
}

PolicyReportSummary provides a status count summary

func (*PolicyReportSummary) DeepCopy 

func (in *PolicyReportSummary) DeepCopy() *PolicyReportSummary

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportSummary.

func (*PolicyReportSummary) DeepCopyInto 

func (in *PolicyReportSummary) DeepCopyInto(out *PolicyReportSummary)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (PolicyReportSummary) ToMap 

func (prs PolicyReportSummary) ToMap() map[string]interface{}

type PolicyReportsGetter 

type PolicyReportsGetter interface {
	PolicyReports(namespace string) PolicyReportInterface
}

PolicyReportsGetter has a method to return a PolicyReportInterface. A group's client should implement this interface.

type PolicyResult 

type PolicyResult string

PolicyResult has one of the following values:

  • pass: indicates that the policy requirements are met
  • fail: indicates that the policy requirements are not met
  • warn: indicates that the policy requirements and not met, and the policy is not scored
  • error: indicates that the policy could not be evaluated
  • skip: indicates that the policy was not selected based on user inputs or applicability

type PolicySeverity 

type PolicySeverity string

PolicySeverity has one of the following values: - critical - high - low - medium - info

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.