Documentation ¶
Overview ¶
Copyright The Kmodules Authors.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
+k8s:deepcopy-gen=package
Index ¶
Constants ¶
const ( KindPodSecurityPolicy = "PodSecurityPolicy" KindSecurityContextConstraints = "SecurityContextConstraints" ResourcePodSecurityPolicies = "podsecuritypolicies" ResourceSecurityContextConstraints = "securitycontextconstraints" ResourcePodSecurityPolicy = "podsecuritypolicy" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type SecurityPolicy ¶
type SecurityPolicy struct { metav1.TypeMeta `json:",inline"` // Standard object's metadata. // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata // +optional metav1.ObjectMeta `json:"metadata,omitempty"` // spec defines the policy enforced. // +optional Spec SecurityPolicySpec `json:"spec,omitempty"` }
SecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.
func (*SecurityPolicy) DeepCopy ¶
func (in *SecurityPolicy) DeepCopy() *SecurityPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicy.
func (*SecurityPolicy) DeepCopyInto ¶
func (in *SecurityPolicy) DeepCopyInto(out *SecurityPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SecurityPolicy) DeepCopyObject ¶
func (in *SecurityPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type SecurityPolicyList ¶
type SecurityPolicyList struct { metav1.TypeMeta `json:",inline"` // Standard list metadata. // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // items is a list of schema objects. Items []SecurityPolicy `json:"items" protobuf:"bytes,2,rep,name=items"` }
SecurityPolicyList is a list of SecurityPolicy objects.
func (*SecurityPolicyList) DeepCopy ¶
func (in *SecurityPolicyList) DeepCopy() *SecurityPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicyList.
func (*SecurityPolicyList) DeepCopyInto ¶
func (in *SecurityPolicyList) DeepCopyInto(out *SecurityPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SecurityPolicyList) DeepCopyObject ¶
func (in *SecurityPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type SecurityPolicySpec ¶
type SecurityPolicySpec struct { policy.PodSecurityPolicySpec `json:",inline"` // The users who have permissions to use this security context constraints // +optional // +nullable Users []string `json:"users"` // The groups that have permission to use this security context constraints // +optional // +nullable Groups []string `json:"groups"` // SeccompProfiles lists the allowed profiles that may be set for the pod or // container's seccomp annotations. An unset (nil) or empty value means that no profiles may // be specifid by the pod or container. The wildcard '*' may be used to allow all profiles. When // used to generate a value for a pod the first non-wildcard profile will be used as // the default. SeccompProfiles []string `json:"seccompProfiles,omitempty"` // Priority influences the sort order of SCCs when evaluating which SCCs to try first for // a given pod request based on access in the Users and Groups fields. The higher the int, the // higher priority. An unset value is considered a 0 priority. If scores // for multiple SCCs are equal they will be sorted from most restrictive to // least restrictive. If both priorities and restrictions are equal the // SCCs will be sorted by name. Priority *int32 `json:"priority"` }
SecurityPolicySpec defines the policy enforced.
func (*SecurityPolicySpec) DeepCopy ¶
func (in *SecurityPolicySpec) DeepCopy() *SecurityPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecurityPolicySpec.
func (*SecurityPolicySpec) DeepCopyInto ¶
func (in *SecurityPolicySpec) DeepCopyInto(out *SecurityPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.