README
¶
Policy Report
This is a proposal for a Policy Report Custom Resource Definition (CRD) that can be used as a common way to provide policy results to Kubernetes cluster administrators and users, using native tools.
See the proposal for background and details.
Policy Report CRD API Reference
Note: v1beta1 APIs is WIP and will have breaking changes.
Installing
Add the PolicyReport CRDs to your cluster (v1alpha2):
kubectl create -f https://github.com/kubernetes-sigs/wg-policy-prototypes/raw/master/policy-report/crd/v1alpha2/wgpolicyk8s.io_policyreports.yaml
Add the ClusterPolicyReport CRDs to your cluster (v1alpha2):
kubectl create -f https://github.com/kubernetes-sigs/wg-policy-prototypes/raw/master/policy-report/crd/v1alpha2/wgpolicyk8s.io_clusterpolicyreports.yaml
Create a sample policy report resource:
kubectl create -f https://github.com/kubernetes-sigs/wg-policy-prototypes/raw/master/policy-report/samples/sample-cis-k8s.yaml
View policy report resources:
kubectl get policyreports
Building
make
Contributing
The Policy Report CRDs definitions are in the api folder and defined as Golang types with comments using the syntax of the kubebuilder controller-gen tool that can generate Kubernetes YAMLs.
To update, edit the Golang definitions and then run make to generate the Kubernetes OpenAPI schema for the CRDs.
Definitions are provided for both cluster-wide and namespaced policy report resources.
NOTE : For generating CRD documentation please follow the steps
$ git clone https://github.com/M00nF1sh/gen-crd-api-reference-docs.git
$ cd gen-crd-api-reference-docs
$ go build
$ mv gen-crd-api-reference-docs /usr/local/bin/
$ make generate
Directories
¶
| Path | Synopsis |
|---|---|
|
pkg
|
|
|
api/reports.x-k8s.io/v1beta2
Package v1beta2 contains API Schema definitions for the policy v1beta2 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=reports.x-k8s.io
|
Package v1beta2 contains API Schema definitions for the policy v1beta2 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=reports.x-k8s.io |
|
api/wgpolicyk8s.io/v1alpha1
Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=wgpolicyk8s.io
|
Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=wgpolicyk8s.io |
|
api/wgpolicyk8s.io/v1alpha2
Package v1alpha2 contains API Schema definitions for the policy v1alpha2 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=wgpolicyk8s.io
|
Package v1alpha2 contains API Schema definitions for the policy v1alpha2 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=wgpolicyk8s.io |
|
api/wgpolicyk8s.io/v1beta1
Package v1beta1 contains API Schema definitions for the policy v1beta1 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=wgpolicyk8s.io
|
Package v1beta1 contains API Schema definitions for the policy v1beta1 API group +k8s:deepcopy-gen=package +kubebuilder:object:generate=true +k8s:openapi-gen=true +groupName=wgpolicyk8s.io |
|
generated/v1alpha1/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
|
generated/v1alpha1/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
|
generated/v1alpha1/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
|
generated/v1alpha1/clientset/versioned/typed/wgpolicyk8s.io/v1alpha1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
|
generated/v1alpha1/clientset/versioned/typed/wgpolicyk8s.io/v1alpha1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
|
generated/v1alpha2/clientset/versioned
This package has the automatically generated clientset.
|
This package has the automatically generated clientset. |
|
generated/v1alpha2/clientset/versioned/fake
This package has the automatically generated fake clientset.
|
This package has the automatically generated fake clientset. |
|
generated/v1alpha2/clientset/versioned/scheme
This package contains the scheme of the automatically generated clientset.
|
This package contains the scheme of the automatically generated clientset. |
|
generated/v1alpha2/clientset/versioned/typed/wgpolicyk8s.io/v1alpha1
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
|
generated/v1alpha2/clientset/versioned/typed/wgpolicyk8s.io/v1alpha1/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
|
generated/v1alpha2/clientset/versioned/typed/wgpolicyk8s.io/v1alpha2
This package has the automatically generated typed clients.
|
This package has the automatically generated typed clients. |
|
generated/v1alpha2/clientset/versioned/typed/wgpolicyk8s.io/v1alpha2/fake
Package fake has the automatically generated clients.
|
Package fake has the automatically generated clients. |
Click to show internal directories.
Click to hide internal directories.