Documentation
¶
Overview ¶
Package v1alpha1 contains API Schema definitions for the policies v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=policies.ibm.com
Package v1alpha1 contains API Schema definitions for the policies v1alpha1 API group +k8s:deepcopy-gen=package,register +groupName=policies.ibm.com
Index ¶
- Variables
- func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
- type ComplianceState
- type Policy
- type PolicyList
- type RemediationAction
- type Severity
- type Target
- type TrustedContainerPolicy
- type TrustedContainerPolicyList
- type TrustedContainerPolicySpec
- type TrustedContainerPolicyStatus
Constants ¶
This section is empty.
Variables ¶
var ( // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: "policies.ibm.com", Version: "v1alpha1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} )
Functions ¶
func GetOpenAPIDefinitions ¶
func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition
Types ¶
type ComplianceState ¶
type ComplianceState string
ComplianceState shows the state of enforcement
const ( // Compliant is an ComplianceState Compliant ComplianceState = "Compliant" // NonCompliant is an ComplianceState NonCompliant ComplianceState = "NonCompliant" // UnknownCompliancy is an ComplianceState UnknownCompliancy ComplianceState = "UnknownCompliancy" )
type Policy ¶
type Policy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata"`
}
Policy is a specification for a Policy resource +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +genclient
func (*Policy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
func (*Policy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Policy) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyList ¶
type PolicyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata"`
Items []Policy `json:"items"`
}
PolicyList is a list of Policy resources +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +k8s:lister-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
func (*PolicyList) DeepCopy ¶
func (in *PolicyList) DeepCopy() *PolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.
func (*PolicyList) DeepCopyInto ¶
func (in *PolicyList) DeepCopyInto(out *PolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyList) DeepCopyObject ¶
func (in *PolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RemediationAction ¶
type RemediationAction string
RemediationAction : enforce or inform
const ( // Enforce is an remediationAction to make changes Enforce RemediationAction = "Enforce" // Inform is an remediationAction to only inform Inform RemediationAction = "Inform" )
type Target ¶
type Target struct {
Include []string `json:"include,omitempty"`
Exclude []string `json:"exclude,omitempty"`
}
Target defines the list of namespaces to include/exclude
func (*Target) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Target.
func (*Target) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TrustedContainerPolicy ¶
type TrustedContainerPolicy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec TrustedContainerPolicySpec `json:"spec,omitempty"`
Status TrustedContainerPolicyStatus `json:"status,omitempty"`
}
TrustedContainerPolicy is the Schema for the samplepolicies API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:resource:path=samplepolicies,scope=Namespaced
func (*TrustedContainerPolicy) DeepCopy ¶
func (in *TrustedContainerPolicy) DeepCopy() *TrustedContainerPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrustedContainerPolicy.
func (*TrustedContainerPolicy) DeepCopyInto ¶
func (in *TrustedContainerPolicy) DeepCopyInto(out *TrustedContainerPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TrustedContainerPolicy) DeepCopyObject ¶
func (in *TrustedContainerPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TrustedContainerPolicyList ¶
type TrustedContainerPolicyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []TrustedContainerPolicy `json:"items"`
}
TrustedContainerPolicyList contains a list of TrustedContainerPolicy
func (*TrustedContainerPolicyList) DeepCopy ¶
func (in *TrustedContainerPolicyList) DeepCopy() *TrustedContainerPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrustedContainerPolicyList.
func (*TrustedContainerPolicyList) DeepCopyInto ¶
func (in *TrustedContainerPolicyList) DeepCopyInto(out *TrustedContainerPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*TrustedContainerPolicyList) DeepCopyObject ¶
func (in *TrustedContainerPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type TrustedContainerPolicySpec ¶
type TrustedContainerPolicySpec struct {
Severity Severity `json:"severity,omitempty"` //low, medium, high
RemediationAction RemediationAction `json:"remediationAction,omitempty"` //enforce, inform
NamespaceSelector Target `json:"namespaceSelector,omitempty"` // selecting a list of namespaces where the policy applies
LabelSelector map[string]string `json:"labelSelector,omitempty"`
ImageRegistry string `json:"imageRegistry,omitempty"`
MaxRoleBindingUsersPerNamespace int `json:"maxRoleBindingUsersPerNamespace,omitempty"`
MaxRoleBindingGroupsPerNamespace int `json:"maxRoleBindingGroupsPerNamespace,omitempty"`
MaxClusterRoleBindingUsers int `json:"maxClusterRoleBindingUsers,omitempty"`
MaxClusterRoleBindingGroups int `json:"maxClusterRoleBindingGroups,omitempty"`
}
TrustedContainerPolicySpec defines the desired state of TrustedContainerPolicy +k8s:openapi-gen=true
func (*TrustedContainerPolicySpec) DeepCopy ¶
func (in *TrustedContainerPolicySpec) DeepCopy() *TrustedContainerPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrustedContainerPolicySpec.
func (*TrustedContainerPolicySpec) DeepCopyInto ¶
func (in *TrustedContainerPolicySpec) DeepCopyInto(out *TrustedContainerPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type TrustedContainerPolicyStatus ¶
type TrustedContainerPolicyStatus struct {
ComplianceState ComplianceState `json:"compliant,omitempty"` // Compliant, NonCompliant, UnkownCompliancy
CompliancyDetails map[string]map[string][]string `json:"compliancyDetails,omitempty"` // reason for non-compliancy
}
TrustedContainerPolicyStatus defines the observed state of TrustedContainerPolicy +k8s:openapi-gen=true
func (*TrustedContainerPolicyStatus) DeepCopy ¶
func (in *TrustedContainerPolicyStatus) DeepCopy() *TrustedContainerPolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrustedContainerPolicyStatus.
func (*TrustedContainerPolicyStatus) DeepCopyInto ¶
func (in *TrustedContainerPolicyStatus) DeepCopyInto(out *TrustedContainerPolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files