policyrecipemutationmodel

package
v1.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2024 License: MPL-2.0 Imports: 3 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Annotation

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Annotation struct {
	Annotation *policyrecipemutationcommonmodel.KeyValue `json:"annotation"`

	Scope *policyrecipemutationcommonmodel.VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Scope `json:"scope,omitempty"`

	TargetKubernetesResources []*policyrecipecustomcommonmodel.VmwareTanzuManageV1alpha1CommonPolicySpecCustomV1TargetKubernetesResources `json:"targetKubernetesResources"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Annotation The input schema for annotation mutation policy recipe version v1.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Annotation) MarshalBinary

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Annotation) UnmarshalBinary

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Label

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Label struct {
	// Label Name and value of the label to be mutated
	Label *policyrecipemutationcommonmodel.KeyValue `json:"label"`

	// Scope Filter the defined target Kubernetes resources by 'Cluster' or 'Namespace' scope. Defaults to '*' (no filter)
	Scope *policyrecipemutationcommonmodel.VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Scope `json:"scope,omitempty"`

	// TargetKubernetesResources List of Kubernetes API resources on which the policy will be enforced, identified using apiGroups and kinds. Use 'kubectl api-resources' to view the list of available API resources
	TargetKubernetesResources []*policyrecipecustomcommonmodel.VmwareTanzuManageV1alpha1CommonPolicySpecCustomV1TargetKubernetesResources `json:"targetKubernetesResources"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Label The input schema for label mutation policy recipe version v1.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Label) MarshalBinary

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1Label) UnmarshalBinary

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurity

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurity struct {

	// allow privilege escalation
	AllowPrivilegeEscalation *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation `json:"allowPrivilegeEscalation,omitempty"`

	// capabilities add
	CapabilitiesAdd *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd `json:"capabilitiesAdd,omitempty"`

	// capabilities drop
	CapabilitiesDrop *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop `json:"capabilitiesDrop,omitempty"`

	// fs group
	FsGroup *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup `json:"fsGroup,omitempty"`

	// privileged
	Privileged *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged `json:"privileged,omitempty"`

	// read only root filesystem
	ReadOnlyRootFilesystem *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem `json:"readOnlyRootFilesystem,omitempty"`

	// run as group
	RunAsGroup *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup `json:"runAsGroup,omitempty"`

	// run as non root
	RunAsNonRoot *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot `json:"runAsNonRoot,omitempty"`

	// run as user
	RunAsUser *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser `json:"runAsUser,omitempty"`

	// se linux options
	SeLinuxOptions *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions `json:"seLinuxOptions,omitempty"`

	// supplemental groups
	SupplementalGroups *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups `json:"supplementalGroups,omitempty"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurity The input schema for pod-security mutation policy recipe version v1.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurity

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurity) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurity) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for allowPrivilegeEscalation field in container security context
	// Required: true
	Value *bool `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation Set allowPrivilegeEscalation flag in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityAllowPrivilegeEscalation) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd struct {

	// Option to either override the list or merge values into the list or prune values from the list
	// Required: true
	// Enum: [override merge prune]
	Operation *string `json:"operation"`

	// List of values to override/merge/prune in capabilities.add field in container security context
	// Required: true
	// Min Items: 1
	Values []string `json:"values"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd Set linux capabilities.add field in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesAdd) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop struct {

	// Option to either override the list or merge values into the list or prune values from the list
	// Required: true
	// Enum: [override merge prune]
	Operation *string `json:"operation"`

	// List of values to override/merge/prune in capabilities.drop field in container security context.
	// Required: true
	// Min Items: 1
	Values []string `json:"values"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop Set linux capabilities.drop field in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityCapabilitiesDrop) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup struct {

	// Condition specifies whether to always mutate/set this value or only if pod security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for fsGroup field in pod security context
	// Required: true
	// Maximum: 65535
	// Minimum: 0
	Value *float64 `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup Set numerical supplemental group ID in fsGroup flag in pod security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityFsGroup) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for privileged field in container security context
	// Required: true
	Value *bool `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged Set privileged flag in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityPrivileged) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for readOnlyRootFilesystem field in container security context
	// Required: true
	Value *bool `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem Set readOnlyRootFilesystem flag in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityReadOnlyRootFilesystem) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for runAsGroup field in container security context
	// Required: true
	// Maximum: 65535
	// Minimum: 0
	Value *float64 `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup Set numerical group ID in runAsGroup flag in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsGroup) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for runAsNonRoot field in container security context
	// Required: true
	Value *bool `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot Set runAsNonRoot flag in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsNonRoot) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// Value to set for runAsUser field in container security context
	// Required: true
	// Maximum: 65535
	// Minimum: 0
	Value *float64 `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser Set numerical user ID in runAsUser flag in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecurityRunAsUser) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions struct {

	// Condition specifies whether to always mutate/set this value or only if container security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// value
	// Required: true
	Value *VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue `json:"value"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions Set seLinuxOptions in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptions) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue struct {

	// Value to set for level field in container security context seLinuxOptions
	Level string `json:"level,omitempty"`

	// Value to set for role field in container security context seLinuxOptions
	Role string `json:"role,omitempty"`

	// Value to set for type field in container security context seLinuxOptions
	Type string `json:"type,omitempty"`

	// Value to set for user field in container security context seLinuxOptions
	User string `json:"user,omitempty"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue Value to set for seLinuxOptions field in container security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySeLinuxOptionsValue) UnmarshalBinary

UnmarshalBinary interface implementation.

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups

type VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups struct {

	// Condition specifies whether to always mutate/set this value or only if pod security context contains or does not contain this field
	// Required: true
	// Enum: [Always IfFieldExists IfFieldDoesNotExist]
	Condition *string `json:"condition"`

	// List of values to set for supplementalGroups field in pod security context
	// Required: true
	// Min Items: 1
	Values []*float64 `json:"values"`
}

VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups Set list of supplemental group IDs in supplementalGroups flag in pod security context.

swagger:model VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups) MarshalBinary

MarshalBinary interface implementation.

func (*VmwareTanzuManageV1alpha1CommonPolicySpecMutationV1PodSecuritySupplementalGroups) UnmarshalBinary

UnmarshalBinary interface implementation.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL