user

package
v1.16.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 9, 2022 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Overview

Package user contains code for validating and defaulting the UID of a pod or container according to a security policy.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type RunAsUserStrategy

type RunAsUserStrategy interface {
	// Generate creates the uid based on policy rules.
	Generate(pod *api.Pod, container *api.Container) (*int64, error)
	// Validate ensures that the specified values fall within the range of the strategy.
	// scPath is the field path to the container's security context
	Validate(scPath *field.Path, pod *api.Pod, container *api.Container, runAsNonRoot *bool, runAsUser *int64) field.ErrorList
}

RunAsUserStrategy defines the interface for all uid constraint strategies.

func NewMustRunAs

func NewMustRunAs(options *policy.RunAsUserStrategyOptions) (RunAsUserStrategy, error)

NewMustRunAs provides a strategy that requires the container to run as a specific UID in a range.

func NewRunAsAny

func NewRunAsAny(options *policy.RunAsUserStrategyOptions) (RunAsUserStrategy, error)

NewRunAsAny provides a strategy that will return nil.

func NewRunAsNonRoot

func NewRunAsNonRoot(options *policy.RunAsUserStrategyOptions) (RunAsUserStrategy, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL