Documentation ¶
Index ¶
- Constants
- func Register(plugins *admission.Plugins)
- type Plugin
- func (p *Plugin) Admit(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error
- func (p *Plugin) SetAuthorizer(authz authorizer.Authorizer)
- func (p *Plugin) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)
- func (p *Plugin) Validate(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error
- func (p *Plugin) ValidateInitialization() error
Constants ¶
View Source
const PluginName = "PodSecurityPolicy"
PluginName is a string with the name of the plugin
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Plugin ¶
Plugin holds state for and implements the admission plugin.
func (*Plugin) Admit ¶
func (p *Plugin) Admit(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error
Admit determines if the pod should be admitted based on the requested security context and the available PSPs.
- Find available PSPs.
- Create the providers, includes setting pre-allocated values if necessary.
- Try to generate and validate a PSP with providers. If we find one then admit the pod with the validated PSP. If we don't find any reject the pod and give all errors from the failed attempts.
func (*Plugin) SetAuthorizer ¶
func (p *Plugin) SetAuthorizer(authz authorizer.Authorizer)
SetAuthorizer sets the authorizer.
func (*Plugin) SetExternalKubeInformerFactory ¶
func (p *Plugin) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)
SetExternalKubeInformerFactory registers an informer
func (*Plugin) Validate ¶
func (p *Plugin) Validate(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error
Validate verifies attributes against the PodSecurityPolicy
func (*Plugin) ValidateInitialization ¶
ValidateInitialization ensures an authorizer is set.
Click to show internal directories.
Click to hide internal directories.