Documentation
¶
Index ¶
Constants ¶
const ( ControllerName string = "configuration-policy-controller" CRDName string = "configurationpolicies.policy.open-cluster-management.io" )
const ( OperatorControllerName string = "operator-policy-controller" CatalogSourceReady string = "READY" ManagedByLabel string = "operatorpolicy.policy.open-cluster-management.io/managed" ManagedByAnnotation string = ManagedByLabel ClusterNameLabel string = "policy.open-cluster-management.io/cluster-name" ClusterNamespaceLabel string = "policy.open-cluster-management.io/cluster-namespace" )
const IVAnnotation = "policy.open-cluster-management.io/encryption-iv"
Variables ¶
var (
ErrPackageManifest = errors.New("")
)
var ErrPolicyInvalid = errors.New("the Policy is invalid")
var PlcChan chan *policyv1.ConfigurationPolicy
PlcChan a channel used to pass policies ready for update
Functions ¶
Types ¶
type ConfigurationPolicyReconciler ¶
type ConfigurationPolicyReconciler struct {
// This client, initialized using mgr.Client() above, is a split client
// that reads objects from the cache and writes to the apiserver
client.Client
DecryptionConcurrency uint8
DynamicWatcher depclient.DynamicWatcher
Scheme *runtime.Scheme
Recorder record.EventRecorder
InstanceName string
// The Kubernetes client to use when evaluating/enforcing policies. Most times, this will be the same cluster
// where the controller is running.
TargetK8sClient kubernetes.Interface
TargetK8sDynamicClient dynamic.Interface
SelectorReconciler common.SelectorReconciler
// Whether custom metrics collection is enabled
EnableMetrics bool
ServerVersion string
// When true, the controller has detected it is being uninstalled and only basic cleanup should be performed before
// exiting.
UninstallMode bool
// The number of seconds before a policy is eligible for reevaluation in watch mode (throttles frequently evaluated
// policies)
EvalBackoffSeconds uint32
// contains filtered or unexported fields
}
ConfigurationPolicyReconciler reconciles a ConfigurationPolicy object
func (*ConfigurationPolicyReconciler) Reconcile ¶
func (r *ConfigurationPolicyReconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error)
Reconcile is responsible for evaluating and rescheduling ConfigurationPolicy evaluations.
func (*ConfigurationPolicyReconciler) SetupWithManager ¶
func (r *ConfigurationPolicyReconciler) SetupWithManager( mgr ctrl.Manager, evaluationConcurrency uint16, rawSources ...source.TypedSource[reconcile.Request], ) error
SetupWithManager sets up the controller with the Manager.
type OperatorPolicyReconciler ¶ added in v0.12.0
type OperatorPolicyReconciler struct {
client.Client
DynamicClient dynamic.Interface
DynamicWatcher depclient.DynamicWatcher
InstanceName string
DefaultNamespace string
TargetClient client.Client
}
OperatorPolicyReconciler reconciles a OperatorPolicy object
func (*OperatorPolicyReconciler) Reconcile ¶ added in v0.12.0
func (r *OperatorPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. (user): Modify the Reconcile function to compare the state specified by the OperatorPolicy object against the actual cluster state, and then perform operations to make the cluster state reflect the state specified by the user.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.14.4/pkg/reconcile
func (*OperatorPolicyReconciler) SetupWithManager ¶ added in v0.12.0
func (r *OperatorPolicyReconciler) SetupWithManager( mgr ctrl.Manager, depEvents source.TypedSource[reconcile.Request], ) error
SetupWithManager sets up the controller with the Manager and will reconcile when the dynamic watcher sees that an object is updated
Source Files