util

package
v1.8.0-alpha.2....-ef85265 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 7, 2018 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package util contains utility code shared amongst different parts of the pod security policy apparatus.

Index

Constants

View Source
const (
	ValidatedPSPAnnotation = "kubernetes.io/psp"
)

Variables

This section is empty.

Functions

func AllowsHostVolumePath

func AllowsHostVolumePath(psp *extensions.PodSecurityPolicy, hostPath string) bool

AllowsHostVolumePath is a utility for checking if a PSP allows the host volume path. This only checks the path. You should still check to make sure the host volume fs type is allowed.

func FSTypeToStringSet

func FSTypeToStringSet(fsTypes []extensions.FSType) sets.String

FSTypeToStringSet converts an FSType slice to a string set.

func GetAllFSTypesAsSet

func GetAllFSTypesAsSet() sets.String

func GetAllFSTypesExcept

func GetAllFSTypesExcept(exceptions ...string) sets.String

func GetVolumeFSType

func GetVolumeFSType(v api.Volume) (extensions.FSType, error)

getVolumeFSType gets the FSType for a volume.

func GroupFallsInRange

func GroupFallsInRange(id int64, rng extensions.GroupIDRange) bool

GroupFallsInRange is a utility to determine it the id falls in the valid range.

func PSPAllowsAllVolumes

func PSPAllowsAllVolumes(psp *extensions.PodSecurityPolicy) bool

PSPAllowsAllVolumes checks for FSTypeAll in the psp's allowed volumes.

func PSPAllowsFSType

func PSPAllowsFSType(psp *extensions.PodSecurityPolicy, fsType extensions.FSType) bool

PSPAllowsFSType is a utility for checking if a PSP allows a particular FSType. If all volumes are allowed then this will return true for any FSType passed.

func UserFallsInRange

func UserFallsInRange(id int64, rng extensions.UserIDRange) bool

UserFallsInRange is a utility to determine it the id falls in the valid range.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL