v1alpha2

package
v0.8.4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 4, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package v1alpha2 contains API Schema definitions for the security-profiles-operator v1alpha2 API group +kubebuilder:object:generate=true +groupName=security-profiles-operator.x-k8s.io

Index

Constants

View Source 
const (
	// AllowSelf describes an "allow" entry meant to give
	// the same process.
	AllowSelf = "@self"
)
View Source 
const (
	SystemPolicyKind = "System"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects.
	GroupVersion = schema.GroupVersion{Group: "security-profiles-operator.x-k8s.io", Version: "v1alpha2"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type Allow 

type Allow map[LabelKey]map[ObjectClassKey]PermissionSet

Allow defines the allow policy for the profile.

func (Allow) DeepCopy 

func (in Allow) DeepCopy() Allow

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Allow.

func (Allow) DeepCopyInto 

func (in Allow) DeepCopyInto(out *Allow)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LabelKey 

type LabelKey string

func SortLabelKeys added in v0.8.1 

func SortLabelKeys(allow Allow) []LabelKey

func (LabelKey) String 

func (lk LabelKey) String() string

type ObjectClassKey 

type ObjectClassKey string

func SortObjectClassKeys added in v0.8.1 

func SortObjectClassKeys(ock map[ObjectClassKey]PermissionSet) []ObjectClassKey

func (ObjectClassKey) String added in v0.8.1 

func (ock ObjectClassKey) String() string

type PermissionSet 

type PermissionSet []string

func (PermissionSet) DeepCopy 

func (in PermissionSet) DeepCopy() PermissionSet

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PermissionSet.

func (PermissionSet) DeepCopyInto 

func (in PermissionSet) DeepCopyInto(out *PermissionSet)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyRef 

type PolicyRef struct {
	// The Kind of the policy that this inherits from.
	// Can be a SelinuxProfile object Or "System" if an already
	// installed policy will be used.
	// The allowed "System" policies are available in the
	// SecurityProfilesOperatorDaemon instance.
	// +kubebuilder:default="System"
	// +kubebuilder:validation:Enum=System;SelinuxProfile;
	Kind string `json:"kind,omitempty"`
	// The name of the policy that this inherits from.
	Name string `json:"name"`
}

func (*PolicyRef) DeepCopy 

func (in *PolicyRef) DeepCopy() *PolicyRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyRef.

func (*PolicyRef) DeepCopyInto 

func (in *PolicyRef) DeepCopyInto(out *PolicyRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RawSelinuxProfile 

type RawSelinuxProfile struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   RawSelinuxProfileSpec `json:"spec,omitempty"`
	Status SelinuxProfileStatus  `json:"status,omitempty"`
}

RawSelinuxProfile is the Schema for the rawselinuxprofiles API. +kubebuilder:subresource:status +kubebuilder:resource:path=rawselinuxprofiles,scope=Namespaced +kubebuilder:printcolumn:name="Usage",type="string",JSONPath=`.status.usage` +kubebuilder:printcolumn:name="State",type="string",JSONPath=`.status.status`

func (*RawSelinuxProfile) DeepCopy 

func (in *RawSelinuxProfile) DeepCopy() *RawSelinuxProfile

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RawSelinuxProfile.

func (*RawSelinuxProfile) DeepCopyInto 

func (in *RawSelinuxProfile) DeepCopyInto(out *RawSelinuxProfile)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RawSelinuxProfile) DeepCopyObject 

func (in *RawSelinuxProfile) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*RawSelinuxProfile) DeepCopyToStatusBaseIf 

func (sp *RawSelinuxProfile) DeepCopyToStatusBaseIf() profilebasev1alpha1.StatusBaseUser

func (*RawSelinuxProfile) GetPolicyName 

func (sp *RawSelinuxProfile) GetPolicyName() string

GetPolicyName gets the policy module name in the format that we're expecting for parsing.

func (*RawSelinuxProfile) GetPolicyUsage 

func (sp *RawSelinuxProfile) GetPolicyUsage() string

GetPolicyUsage is the representation of how a pod will call this SELinux module.

func (*RawSelinuxProfile) GetStatusBase 

func (sp *RawSelinuxProfile) GetStatusBase() *profilebasev1alpha1.StatusBase

func (*RawSelinuxProfile) IsDisabled added in v0.8.1 

func (sp *RawSelinuxProfile) IsDisabled() bool

func (*RawSelinuxProfile) IsPartial added in v0.5.0 

func (sp *RawSelinuxProfile) IsPartial() bool

func (*RawSelinuxProfile) IsReconcilable added in v0.8.1 

func (sp *RawSelinuxProfile) IsReconcilable() bool

func (*RawSelinuxProfile) ListProfilesByRecording added in v0.5.0 

func (sp *RawSelinuxProfile) ListProfilesByRecording(
	ctx context.Context,
	cli client.Client,
	recording string,
) ([]metav1.Object, error)

func (*RawSelinuxProfile) SetImplementationStatus 

func (sp *RawSelinuxProfile) SetImplementationStatus()

type RawSelinuxProfileList 

type RawSelinuxProfileList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []SelinuxProfile `json:"items"`
}

RawSelinuxProfileList contains a list of RawSelinuxProfile.

func (*RawSelinuxProfileList) DeepCopy 

func (in *RawSelinuxProfileList) DeepCopy() *RawSelinuxProfileList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RawSelinuxProfileList.

func (*RawSelinuxProfileList) DeepCopyInto 

func (in *RawSelinuxProfileList) DeepCopyInto(out *RawSelinuxProfileList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RawSelinuxProfileList) DeepCopyObject 

func (in *RawSelinuxProfileList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RawSelinuxProfileSpec 

type RawSelinuxProfileSpec struct {
	// Common spec fields for all profiles.
	profilebasev1alpha1.SpecBase `json:",inline"`

	Policy string `json:"policy,omitempty"`
}

RawSelinuxProfileSpec defines the desired state of RawSelinuxProfile.

func (*RawSelinuxProfileSpec) DeepCopy 

func (in *RawSelinuxProfileSpec) DeepCopy() *RawSelinuxProfileSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RawSelinuxProfileSpec.

func (*RawSelinuxProfileSpec) DeepCopyInto 

func (in *RawSelinuxProfileSpec) DeepCopyInto(out *RawSelinuxProfileSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SelinuxProfile 

type SelinuxProfile struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   SelinuxProfileSpec   `json:"spec,omitempty"`
	Status SelinuxProfileStatus `json:"status,omitempty"`
}

SelinuxProfile is the Schema for the selinuxprofiles API. +kubebuilder:storageversion +kubebuilder:subresource:status +kubebuilder:resource:path=selinuxprofiles,scope=Namespaced +kubebuilder:printcolumn:name="Usage",type="string",JSONPath=`.status.usage` +kubebuilder:printcolumn:name="State",type="string",JSONPath=`.status.status`

func (*SelinuxProfile) DeepCopy 

func (in *SelinuxProfile) DeepCopy() *SelinuxProfile

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelinuxProfile.

func (*SelinuxProfile) DeepCopyInto 

func (in *SelinuxProfile) DeepCopyInto(out *SelinuxProfile)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SelinuxProfile) DeepCopyObject 

func (in *SelinuxProfile) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SelinuxProfile) DeepCopyToStatusBaseIf 

func (sp *SelinuxProfile) DeepCopyToStatusBaseIf() profilebasev1alpha1.StatusBaseUser

func (*SelinuxProfile) GetPolicyName 

func (sp *SelinuxProfile) GetPolicyName() string

GetPolicyName gets the policy module name in the format that we're expecting for parsing.

func (*SelinuxProfile) GetPolicyUsage 

func (sp *SelinuxProfile) GetPolicyUsage() string

GetPolicyUsage is the representation of how a pod will call this SELinux module.

func (*SelinuxProfile) GetStatusBase 

func (sp *SelinuxProfile) GetStatusBase() *profilebasev1alpha1.StatusBase

func (*SelinuxProfile) IsDisabled added in v0.8.1 

func (sp *SelinuxProfile) IsDisabled() bool

func (*SelinuxProfile) IsPartial added in v0.5.0 

func (sp *SelinuxProfile) IsPartial() bool

func (*SelinuxProfile) IsReconcilable added in v0.8.1 

func (sp *SelinuxProfile) IsReconcilable() bool

func (*SelinuxProfile) ListProfilesByRecording added in v0.5.0 

func (sp *SelinuxProfile) ListProfilesByRecording(
	ctx context.Context,
	cli client.Client,
	recording string,
) ([]metav1.Object, error)

func (*SelinuxProfile) SetImplementationStatus 

func (sp *SelinuxProfile) SetImplementationStatus()

type SelinuxProfileList 

type SelinuxProfileList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []SelinuxProfile `json:"items"`
}

SelinuxProfileList contains a list of SelinuxProfile.

func (*SelinuxProfileList) DeepCopy 

func (in *SelinuxProfileList) DeepCopy() *SelinuxProfileList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelinuxProfileList.

func (*SelinuxProfileList) DeepCopyInto 

func (in *SelinuxProfileList) DeepCopyInto(out *SelinuxProfileList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SelinuxProfileList) DeepCopyObject 

func (in *SelinuxProfileList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SelinuxProfileObject 

type SelinuxProfileObject interface {
	metav1.Object
	runtime.Object
	profilebase.SecurityProfileBase
	GetPolicyName() string
	GetPolicyUsage() string
}

+k8s:deepcopy-gen=false

type SelinuxProfileSpec 

type SelinuxProfileSpec struct {
	// Common spec fields for all profiles.
	profilebasev1alpha1.SpecBase `json:",inline"`

	// A SELinuxProfile or set of profiles that this inherits from.
	// Note that they need to be in the same namespace.
	// +optional
	// +kubebuilder:default={{kind:"System",name:"container"}}
	Inherit []PolicyRef `json:"inherit,omitempty"`
	// Permissive, when true will cause the SELinux profile to only
	// log violations instead of enforcing them.
	// +optional
	// +kubebuilder:default=false
	Permissive bool `json:"permissive,omitempty"`
	// Defines the allow policy for the profile
	Allow Allow `json:"allow,omitempty"`
}

SelinuxProfileSpec defines the desired state of SelinuxProfile.

func (*SelinuxProfileSpec) DeepCopy 

func (in *SelinuxProfileSpec) DeepCopy() *SelinuxProfileSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelinuxProfileSpec.

func (*SelinuxProfileSpec) DeepCopyInto 

func (in *SelinuxProfileSpec) DeepCopyInto(out *SelinuxProfileSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SelinuxProfileStatus 

type SelinuxProfileStatus struct {
	// Common status fields for all profiles.
	profilebasev1alpha1.StatusBase `json:",inline"`

	// Represents the string that the SelinuxProfile object can be
	// referenced as in a pod seLinuxOptions section.
	Usage           string   `json:"usage,omitempty"`
	ActiveWorkloads []string `json:"activeWorkloads,omitempty"`
}

SelinuxProfileStatus defines the observed state of SelinuxProfile.

func (*SelinuxProfileStatus) DeepCopy 

func (in *SelinuxProfileStatus) DeepCopy() *SelinuxProfileStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelinuxProfileStatus.

func (*SelinuxProfileStatus) DeepCopyInto 

func (in *SelinuxProfileStatus) DeepCopyInto(out *SelinuxProfileStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.