v2

package
v2.16.10 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 20, 2021 License: Apache-2.0 Imports: 2 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Constraint

type Constraint struct {
	Name string `json:"name"`

	Spec   crdapiv1.ConstraintSpec `json:"spec"`
	Status *ConstraintStatus       `json:"status,omitempty"`
}

Constraint represents a gatekeeper Constraint swagger:model Constraint

type ConstraintStatus

type ConstraintStatus struct {
	Enforcement    string      `json:"enforcement,omitempty"`
	AuditTimestamp string      `json:"auditTimestamp,omitempty"`
	Violations     []Violation `json:"violations,omitempty"`
}

ConstraintStatus represents a constraint status which holds audit info

type ConstraintTemplate

type ConstraintTemplate struct {
	Name string `json:"name"`

	Spec   crdapiv1.ConstraintTemplateSpec  `json:"spec"`
	Status v1beta1.ConstraintTemplateStatus `json:"status"`
}

ConstraintTemplate represents a gatekeeper ConstraintTemplate swagger:model ConstraintTemplate

type GVK

type GVK struct {
	Group   string `json:"group,omitempty"`
	Version string `json:"version,omitempty"`
	Kind    string `json:"kind,omitempty"`
}

GVK group version kind of a resource

type GatekeeperConfig

type GatekeeperConfig struct {
	Spec GatekeeperConfigSpec `json:"spec"`
}

GatekeeperConfig represents a gatekeeper config swagger:model GatekeeperConfig

type GatekeeperConfigSpec

type GatekeeperConfigSpec struct {
	// Configuration for syncing k8s objects
	Sync Sync `json:"sync,omitempty"`

	// Configuration for validation
	Validation Validation `json:"validation,omitempty"`

	// Configuration for namespace exclusion
	Match []MatchEntry `json:"match,omitempty"`

	// Configuration for readiness tracker
	Readiness ReadinessSpec `json:"readiness,omitempty"`
}

type MatchEntry

type MatchEntry struct {
	// Namespaces which will be excluded
	ExcludedNamespaces []string `json:"excludedNamespaces,omitempty"`
	// Processes which will be excluded in the given namespaces (sync, webhook, audit, *)
	Processes []string `json:"processes,omitempty"`
}

type Preset

type Preset struct {
	Name      string           `json:"name"`
	Enabled   bool             `json:"enabled"`
	Providers []PresetProvider `json:"providers"`
}

Preset represents a preset swagger:model Preset

type PresetList

type PresetList struct {
	Items []Preset `json:"items"`
}

PresetList represents a list of presets swagger:model PresetList

type PresetProvider

type PresetProvider struct {
	Name    crdapiv1.ProviderType `json:"name"`
	Enabled bool                  `json:"enabled"`
}

PresetProvider represents a preset provider swagger:model PresetProvider

type ReadinessSpec

type ReadinessSpec struct {
	// enables stats for gatekeeper audit
	StatsEnabled bool `json:"statsEnabled,omitempty"`
}

type Sync

type Sync struct {
	// If non-empty, entries on this list will be replicated into OPA
	SyncOnly []GVK `json:"syncOnly,omitempty"`
}

type Trace

type Trace struct {
	// Only trace requests from the specified user
	User string `json:"user,omitempty"`
	// Only trace requests of the following GroupVersionKind
	Kind GVK `json:"kind,omitempty"`
	// Also dump the state of OPA with the trace. Set to `All` to dump everything.
	Dump string `json:"dump,omitempty"`
}

type Validation

type Validation struct {
	// List of requests to trace. Both "user" and "kinds" must be specified
	Traces []Trace `json:"traces,omitempty"`
}

type Violation

type Violation struct {
	EnforcementAction string `json:"enforcementAction,omitempty"`
	Kind              string `json:"kind,omitempty"`
	Message           string `json:"message,omitempty"`
	Name              string `json:"name,omitempty"`
	Namespace         string `json:"namespace,omitempty"`
}

Violation represents a gatekeeper constraint violation

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL