util

package
v0.8.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2024 License: Apache-2.0 Imports: 37 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ErrGetProfile                = "cannot get security profile"
	HasActivePodsFinalizerString = "in-use-by-active-pods"
	DefaultReadHeaderTimeout     = 3 * time.Second
)
View Source 
const (
	EventTypeNormal  string = "Normal"
	EventTypeWarning string = "Warning"
)
View Source 
const (
	// OperatorConfigMap corresponds to the configMap created from deploy/base/profiles.
	OperatorConfigMap = "security-profiles-operator-profile"
	// SelinuxdImageMappingKey is the key in the configMap that contains the mapping
	// between the selinuxd image and the OS version.
	SelinuxdImageMappingKey = "selinuxd-image-mapping.json"
)

Variables

View Source 
var (
	// ContainerIDRegex is the regular expression for determining the 64 digit
	// container ID.
	ContainerIDRegex = regexp.MustCompile(`[0-9a-f]{64}`)

	// ErrProcessNotFound is the error returned by ContainerIDForPID if the
	// process path could not be found in /proc.
	ErrProcessNotFound = errors.New("process not found in cgroup path")

	// ErrContainerIDNotFound is the error returned by ContainerIDForPID if the
	// cgroup does not contain any container ID.
	ErrContainerIDNotFound = errors.New("unable to find container ID in cgroup path")
)

Functions

func AddFinalizer 

func AddFinalizer(ctx context.Context, c client.Client, pol client.Object, finalizer string) error

addFinalizer attempts to add a finalizer to an object if not present and update the object.

func ContainerIDForPID added in v0.4.0 

func ContainerIDForPID(cache *ttlcache.Cache[string, string], pid int) (string, error)

ContainerIDForPID tries to find the 64 digit container ID for the provided PID by using its cgroup. It supports caching via the cache argument.

func Contains added in v0.4.0 

func Contains(a []string, b string) bool

Contains returns true if the slice a contains string b.

func ContainsSubstring added in v0.8.4 

func ContainsSubstring(list []string, str string) bool

func FinalizersMatchCurrentNodes added in v0.8.4 

func FinalizersMatchCurrentNodes(ctx context.Context,
	nodeStatusList *statusv1alpha1.SecurityProfileNodeStatusList,
) (bool, error)

func GetContainerRuntime added in v0.6.0 

func GetContainerRuntime(node *corev1.Node) string

GetContainerRuntime parses the container runtime from a node object.

func GetDynamicClient added in v0.8.4 

func GetDynamicClient() (dynamic.Interface, error)

func GetFinalizerNodeString added in v0.6.0 

func GetFinalizerNodeString(nodeName string) string

GetFinalizerNodeString gets finalizer string from Node Name.

func GetKubeletDirFromNodeLabel added in v0.7.0 

func GetKubeletDirFromNodeLabel(ctx context.Context, c client.Reader) (string, error)

GetKubeletDirFromNodeLabel parses the kubelet directory path from the current node labels.

func GetNodeList added in v0.8.4 

func GetNodeList(ctx context.Context) ([]string, error)

func GetSeccompLocalhostProfilePath added in v0.6.0 

func GetSeccompLocalhostProfilePath(node *corev1.Node) string

GetSeccompLocalhostProfilePath returns the path of local seccomp profile according to the runtime.

func GetVersion added in v0.6.0 

func GetVersion(node *corev1.Node) string

GetVersion returns the version of the kubelet running on the node.

func IgnoreNotFound 

func IgnoreNotFound(err error) error

func IsNotFoundOrConflict 

func IsNotFoundOrConflict(err error) bool

func KindBasedDNSLengthName added in v0.4.0 

func KindBasedDNSLengthName(obj client.Object) string

func MapKeys added in v0.8.1 

func MapKeys[M ~map[K]V, K comparable, V any](m M) []K

Keys returns the keys of the map m. The keys will be in an indeterminate order.

func MatchSelinuxdImageJSONMapping added in v0.8.0 

func MatchSelinuxdImageJSONMapping(node *corev1.Node, mappingObj []byte) (string, error)

func NamespacedName 

func NamespacedName(name, namespace string) types.NamespacedName

func RemoveFinalizer 

func RemoveFinalizer(ctx context.Context, c client.Client, pol client.Object, finalizer string) error

removeFinalizer attempts to remove a finalizer from an object if present and update the object.

func Retry 

func Retry(fn func() error, retryCondition func(error) bool) error

retry attempts to execute fn up to 5 times if its failure meets retryCondition.

func RetryEx added in v0.4.0 

func RetryEx(backoff *wait.Backoff, fn func() error, retryCondition func(error) bool) error

func UnionSyscalls added in v0.5.0 

func UnionSyscalls(syscalls, appliedSyscalls []*seccompprofile.Syscall) ([]*seccompprofile.Syscall, error)

Types

type MockClient added in v0.6.0 

type MockClient struct {
	MockGet         MockGetFn
	MockList        MockListFn
	MockCreate      MockCreateFn
	MockDelete      MockDeleteFn
	MockDeleteAllOf MockDeleteAllOfFn
	MockUpdate      MockUpdateFn
	MockPatch       MockPatchFn

	MockSubResourceWriterCreate MockSubResourceWriterCreateFn
	MockSubResourceWriterUpdate MockSubResourceWriterUpdateFn
	MockSubResourceWriterPatch  MockSubResourceWriterPatchFn

	MockSubResourceReaderGet MockSubResourceReaderGetFn

	MockScheme              MockSchemeFn
	MockGroupVersionKindFor MockGroupVersionKindForFn
	MockIsObjectNamespaced  MockIsObjectNamespacedFn
}

MockClient implements controller-runtime's Client interface, allowing each method to be overridden for testing. The controller-runtime provides a fake client, but it is has surprising side effects (e.g. silently calling os.Exit(1)) and does not allow us control over the errors it returns.

func NewMockClient added in v0.6.0 

func NewMockClient() *MockClient

NewMockClient returns a MockClient that does nothing when its methods are called.

func (*MockClient) Create added in v0.6.0 

func (c *MockClient) Create(ctx context.Context, obj client.Object, opts ...client.CreateOption) error

Create calls MockClient's MockCreate function.

func (*MockClient) Delete added in v0.6.0 

func (c *MockClient) Delete(ctx context.Context, obj client.Object, opts ...client.DeleteOption) error

Delete calls MockClient's MockDelete function.

func (*MockClient) DeleteAllOf added in v0.6.0 

func (c *MockClient) DeleteAllOf(ctx context.Context, obj client.Object, opts ...client.DeleteAllOfOption) error

DeleteAllOf calls MockClient's DeleteAllOf function.

func (*MockClient) Get added in v0.6.0 

func (c *MockClient) Get(ctx context.Context, key client.ObjectKey, obj client.Object, _ ...client.GetOption) error

Get calls MockClient's MockGet function.

func (*MockClient) GroupVersionKindFor added in v0.8.1 

func (c *MockClient) GroupVersionKindFor(obj runtime.Object) (schema.GroupVersionKind, error)

GroupVersionKindFor calls MockClient's GroupVersionKindFor function.

func (*MockClient) IsObjectNamespaced added in v0.8.1 

func (c *MockClient) IsObjectNamespaced(obj runtime.Object) (bool, error)

func (*MockClient) List added in v0.6.0 

func (c *MockClient) List(ctx context.Context, list client.ObjectList, opts ...client.ListOption) error

List calls MockClient's MockList function.

func (*MockClient) Patch added in v0.6.0 

func (c *MockClient) Patch(
	ctx context.Context, obj client.Object, patch client.Patch, opts ...client.PatchOption,
) error

Patch calls MockClient's MockPatch function.

func (*MockClient) RESTMapper added in v0.6.0 

func (c *MockClient) RESTMapper() meta.RESTMapper

RESTMapper returns the REST mapper.

func (*MockClient) Scheme added in v0.6.0 

func (c *MockClient) Scheme() *runtime.Scheme

Scheme calls MockClient's MockScheme function.

func (*MockClient) Status added in v0.6.0 

func (c *MockClient) Status() client.SubResourceWriter

Status returns status writer for sub-resource writer.

func (*MockClient) SubResource added in v0.7.0 

func (c *MockClient) SubResource(string) client.SubResourceClient

func (*MockClient) Update added in v0.6.0 

func (c *MockClient) Update(ctx context.Context, obj client.Object, opts ...client.UpdateOption) error

Update calls MockClient's MockUpdate function.

type MockCreateFn added in v0.6.0 

type MockCreateFn func(ctx context.Context, obj client.Object, opts ...client.CreateOption) error

A MockCreateFn is used to mock client.Client's Create implementation.

func NewMockCreateFn added in v0.6.0 

func NewMockCreateFn(err error, ofn ...ObjectFn) MockCreateFn

NewMockCreateFn returns a MockCreateFn that returns the supplied error.

type MockDeleteAllOfFn added in v0.6.0 

type MockDeleteAllOfFn func(ctx context.Context, obj client.Object, opts ...client.DeleteAllOfOption) error

A MockDeleteAllOfFn is used to mock client.Client's Delete implementation.

func NewMockDeleteAllOfFn added in v0.6.0 

func NewMockDeleteAllOfFn(err error, ofn ...ObjectFn) MockDeleteAllOfFn

NewMockDeleteAllOfFn returns a MockDeleteAllOfFn that returns the supplied error.

type MockDeleteFn added in v0.6.0 

type MockDeleteFn func(ctx context.Context, obj client.Object, opts ...client.DeleteOption) error

A MockDeleteFn is used to mock client.Client's Delete implementation.

func NewMockDeleteFn added in v0.6.0 

func NewMockDeleteFn(err error, ofn ...ObjectFn) MockDeleteFn

NewMockDeleteFn returns a MockDeleteFn that returns the supplied error.

type MockGetFn added in v0.6.0 

type MockGetFn func(ctx context.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error

A MockGetFn is used to mock client.Client's Get implementation.

func NewMockGetFn added in v0.6.0 

func NewMockGetFn(err error, ofn ...ObjectFn) MockGetFn

NewMockGetFn returns a MockGetFn that returns the supplied error.

type MockGroupVersionKindForFn added in v0.8.1 

type MockGroupVersionKindForFn func(obj runtime.Object) (schema.GroupVersionKind, error)

A MockGroupVersionKindForFn is used to mock client.Client's GroupVersionKindFor implementation.

func NewMockGroupVersionKindForFn added in v0.8.1 

func NewMockGroupVersionKindForFn(err error, ofn ...RuntimeObjectFn) MockGroupVersionKindForFn

NewMockGroupVersionKindForFn returns a MockGroupVersionKindForFn that returns the supplied error.

type MockIsObjectNamespacedFn added in v0.8.1 

type MockIsObjectNamespacedFn func(obj runtime.Object) (bool, error)

A MockIsObjectNamespacedFn is used to mock client.Client's IsObjectNamespaced implementation.

func NewMockIsObjectNamespacedFn added in v0.8.1 

func NewMockIsObjectNamespacedFn(err error, ofn ...RuntimeObjectFn) MockIsObjectNamespacedFn

NewMockIsObjectNamespacedFn returns a MockIsObjectNamespacedFn that returns the supplied error.

type MockListFn added in v0.6.0 

type MockListFn func(ctx context.Context, list client.ObjectList, opts ...client.ListOption) error

A MockListFn is used to mock client.Client's List implementation.

func NewMockListFn added in v0.6.0 

func NewMockListFn(err error, ofn ...ObjectListFn) MockListFn

NewMockListFn returns a MockListFn that returns the supplied error.

type MockPatchFn added in v0.6.0 

type MockPatchFn func(ctx context.Context, obj client.Object, patch client.Patch, opts ...client.PatchOption) error

A MockPatchFn is used to mock client.Client's Patch implementation.

func NewMockPatchFn added in v0.6.0 

func NewMockPatchFn(err error, ofn ...ObjectFn) MockPatchFn

NewMockPatchFn returns a MockPatchFn that returns the supplied error.

type MockSchemeFn added in v0.6.0 

type MockSchemeFn func() *runtime.Scheme

A MockSchemeFn is used to mock client.Client's Scheme implementation.

func NewMockSchemeFn added in v0.6.0 

func NewMockSchemeFn(scheme *runtime.Scheme) MockSchemeFn

NewMockSchemeFn returns a MockSchemeFn that returns the scheme.

type MockSubResource added in v0.7.0 

type MockSubResource struct {
	client.SubResourceReader
	client.SubResourceWriter
}

MockSubResource provides mock functionality for sub-resource client.

type MockSubResourceReader added in v0.7.0 

type MockSubResourceReader struct {
	MockGet MockSubResourceReaderGetFn
}

MockSubResourceReader provides mock functionality for sub-resource reader.

func (*MockSubResourceReader) Get added in v0.7.0 

func (m *MockSubResourceReader) Get(
	ctx context.Context, obj client.Object, subResource client.Object, opts ...client.SubResourceGetOption,
) error

type MockSubResourceReaderGetFn added in v0.7.0 

type MockSubResourceReaderGetFn func(
	ctx context.Context, obj client.Object, subResource client.Object, opts ...client.SubResourceGetOption,
) error

A MockSubResourceReaderGetFn is used to mock client.Client's SubResourceReaderGet implementation.

type MockSubResourceWriter added in v0.7.0 

type MockSubResourceWriter struct {
	MockCreate MockSubResourceWriterCreateFn
	MockUpdate MockSubResourceWriterUpdateFn
	MockPatch  MockSubResourceWriterPatchFn
}

MockSubResourceWriter provides mock functionality for sub-resource writer.

func (*MockSubResourceWriter) Create added in v0.7.0 

func (m *MockSubResourceWriter) Create(
	ctx context.Context, obj, subResource client.Object, opts ...client.SubResourceCreateOption,
) error

func (*MockSubResourceWriter) Patch added in v0.7.0 

func (m *MockSubResourceWriter) Patch(
	ctx context.Context, obj client.Object, patch client.Patch, opts ...client.SubResourcePatchOption,
) error

Patch mocks the patch method.

func (*MockSubResourceWriter) Update added in v0.7.0 

func (m *MockSubResourceWriter) Update(
	ctx context.Context, obj client.Object, opts ...client.SubResourceUpdateOption,
) error

Update status sub-resource.

type MockSubResourceWriterCreateFn added in v0.7.0 

type MockSubResourceWriterCreateFn func(
	ctx context.Context, obj, subResource client.Object, opts ...client.SubResourceCreateOption,
) error

A MockSubResourceWriterCreateFn is used to mock client.Client's SubResourceWriterCreate implementation.

func NewMockSubResourceWriterCreateFn added in v0.7.0 

func NewMockSubResourceWriterCreateFn(err error, ofn ...ObjectFn) MockSubResourceWriterCreateFn

NewMockSubResourceWriterCreateFn returns a MockSubResourceWriterCreateFn that returns the supplied error.

type MockSubResourceWriterPatchFn added in v0.7.0 

type MockSubResourceWriterPatchFn func(
	ctx context.Context, obj client.Object, patch client.Patch, opts ...client.SubResourcePatchOption,
) error

A MockSubResourceWriterPatchFn is used to mock client.Client's SubResourceWriterUpdate implementation.

func NewMockSubResourceWriterPatchFn added in v0.7.0 

func NewMockSubResourceWriterPatchFn(err error, ofn ...ObjectFn) MockSubResourceWriterPatchFn

NewMockSubResourceWriterPatchFn returns a MockSubResourceWriterPatchFn that returns the supplied error.

type MockSubResourceWriterUpdateFn added in v0.7.0 

type MockSubResourceWriterUpdateFn func(
	ctx context.Context, obj client.Object, opts ...client.SubResourceUpdateOption,
) error

A MockSubResourceWriterUpdateFn is used to mock client.Client's SubResourceWriterUpdate implementation.

func NewMockSubResourceWriterUpdateFn added in v0.7.0 

func NewMockSubResourceWriterUpdateFn(err error, ofn ...ObjectFn) MockSubResourceWriterUpdateFn

NewMockSubResourceWriterUpdateFn returns a MockSubResourceWriterUpdateFn that returns the supplied error.

type MockUpdateFn added in v0.6.0 

type MockUpdateFn func(ctx context.Context, obj client.Object, opts ...client.UpdateOption) error

A MockUpdateFn is used to mock client.Client's Update implementation.

func NewMockUpdateFn added in v0.6.0 

func NewMockUpdateFn(err error, ofn ...ObjectFn) MockUpdateFn

NewMockUpdateFn returns a MockUpdateFn that returns the supplied error.

type ObjectFn added in v0.6.0 

type ObjectFn func(obj client.Object) error

An ObjectFn operates on the supplied Object. You might use an ObjectFn to test or update the contents of an Object.

type ObjectListFn added in v0.6.0 

type ObjectListFn func(obj client.ObjectList) error

An ObjectListFn operates on the supplied ObjectList. You might use an ObjectListFn to test or update the contents of an ObjectList.

type RuntimeObjectFn added in v0.8.1 

type RuntimeObjectFn func(obj runtime.Object) error

An RuntimeObjectFn operates on the supplied runtime Object. You might use an ObjectFn to test or update the contents of an Object.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.