api

package

v0.22.8 Latest Latest Go to latest Published: Mar 19, 2022 License: Apache-2.0 Imports: 5 Imported by: 102

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubernetes/pod-security-admission

Links

Open Source Insights

Documentation ¶

Overview ¶

Package api contains constants and helpers for PodSecurity admission label keys and values

Index ¶

Constants
func CompareLevels(a, b Level) int
type Level
- func ParseLevel(level string) (Level, error)
- func (l *Level) Valid() bool
type LevelVersion
- func (lv LevelVersion) String() string
type Policy
- func PolicyToEvaluate(labels map[string]string, defaults Policy) (Policy, error)
type Version

Constants ¶

View Source

const (
	EnforceLevelLabel   = labelPrefix + "enforce"
	EnforceVersionLabel = labelPrefix + "enforce-version"
	AuditLevelLabel     = labelPrefix + "audit"
	AuditVersionLabel   = labelPrefix + "audit-version"
	WarnLevelLabel      = labelPrefix + "warn"
	WarnVersionLabel    = labelPrefix + "warn-version"
)

View Source

const AuditAnnotationPrefix = labelPrefix

View Source

const VersionLatest = "latest"

Variables ¶

This section is empty.

Functions ¶

func CompareLevels ¶

func CompareLevels(a, b Level) int

CompareLevels returns an integer comparing two levels by strictness. The result will be 0 if a==b, -1 if a is less strict than b, and +1 if a is more strict than b.

Types ¶

type Level ¶

type Level string

const (
	LevelPrivileged Level = "privileged"
	LevelBaseline   Level = "baseline"
	LevelRestricted Level = "restricted"
)

func ParseLevel ¶

func ParseLevel(level string) (Level, error)

ParseLevel returns the level that should be evaluated. level must be "privileged", "baseline", or "restricted". if level does not match one of those strings, "restricted" and an error is returned.

func (*Level) Valid ¶

func (l *Level) Valid() bool

Valid checks whether the level l is a valid level.

type LevelVersion ¶

type LevelVersion struct {
	Level
	Version
}

func (LevelVersion) String ¶

func (lv LevelVersion) String() string

type Policy ¶

type Policy struct {
	Enforce LevelVersion
	Audit   LevelVersion
	Warn    LevelVersion
}

func PolicyToEvaluate ¶

func PolicyToEvaluate(labels map[string]string, defaults Policy) (Policy, error)

PolicyToEvaluate resolves the PodSecurity namespace labels to the policy for that namespace, falling back to the provided defaults when a label is unspecified. A valid policy is always returned, even when an error is returned. If labels cannot be parsed correctly, the values of "restricted" and "latest" are used for level and version respectively.

type Version ¶

type Version struct {
	// contains filtered or unexported fields
}

func LatestVersion ¶

func LatestVersion() Version

func MajorMinorVersion ¶

func MajorMinorVersion(major, minor int) Version

func ParseVersion ¶

func ParseVersion(version string) (Version, error)

ParseVersion returns the policy version that should be evaluated. version must be "latest" or "v1.x". If version does not match one of those patterns, the latest version and an error is returned.

func (*Version) Latest ¶

func (v *Version) Latest() bool

func (*Version) Major ¶

func (v *Version) Major() int

func (*Version) Minor ¶

func (v *Version) Minor() int

func (*Version) Older ¶

func (v *Version) Older(other Version) bool

Older returns true if this version v is older than the other.

func (Version) String ¶

func (v Version) String() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL