config

package
v0.0.0-...-73c46f4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 1, 2021 License: Apache-2.0 Imports: 20 Imported by: 2

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func LoadKeySecret 

func LoadKeySecret(keySecretNamespace, keySecretName string) (string, error)

func SetupLogger 

func SetupLogger(config LogConfig, req admission.Request)

Types

type Action 

type Action struct {
	Audit struct {
		Inform bool `json:"inform,omitempty"`
	} `json:"audit,omitempty"`
	AdmissionControl struct {
		Enforce bool `json:"enforce,omitempty"`
	} `json:"admissionControl,omitempty"`
}

type ImageProfile 

type ImageProfile struct {
	KeyConfigs []KeyConfig  `json:"keyConfigs,omitempty"`
	Match      ImageRefList `json:"match,omitempty"`
	Exclude    ImageRefList `json:"exclude,omitempty"`
}

func (ImageProfile) Enabled 

func (p ImageProfile) Enabled() bool

if any profile condition is defined, image profile returns enabled = true

func (ImageProfile) MatchWith 

func (p ImageProfile) MatchWith(imageRef string) bool

returns if this profile matches the specified image ref or not

type ImageRef 

type ImageRef string

func (ImageRef) Match 

func (r ImageRef) Match(imageRef string) bool

type ImageRefList 

type ImageRefList []ImageRef

func (ImageRefList) Match 

func (l ImageRefList) Match(imageRef string) bool

type ImageVerificationConfig 

type ImageVerificationConfig struct {
}

type KeyConfig 

type KeyConfig struct {
	KeySecretName      string `json:"keySecretName,omitempty"`
	KeySecretNamespace string `json:"keySecretNamespace,omitempty"`
}

type LogConfig 

type LogConfig struct {
	Level                    string `json:"level,omitempty"`
	ManifestSigstoreLogLevel string `json:"manifestSigstoreLogLevel,omitempty"`
	Format                   string `json:"format,omitempty"`
}

type ObjectUserBinding 

type ObjectUserBinding struct {
	Objects k8smanifest.ObjectReferenceList `json:"objects,omitempty"`
	Users   []string                        `json:"users,omitempty"`
}

func (ObjectUserBinding) Match 

func (u ObjectUserBinding) Match(obj unstructured.Unstructured, username string) bool

type ObjectUserBindingList 

type ObjectUserBindingList []ObjectUserBinding

func (ObjectUserBindingList) Match 

func (l ObjectUserBindingList) Match(obj unstructured.Unstructured, username string) bool

type ParameterObject 

type ParameterObject struct {
	ConstraintName                   string                          `json:"constraintName,omitempty"`
	SignatureRef                     SignatureRef                    `json:"signatureRef,omitempty"`
	KeyConfigs                       []KeyConfig                     `json:"keyConfigs,omitempty"`
	InScopeObjects                   k8smanifest.ObjectReferenceList `json:"objectSelector,omitempty"`
	SkipUsers                        ObjectUserBindingList           `json:"skipUsers,omitempty"`
	InScopeUsers                     ObjectUserBindingList           `json:"inScopeUsers,omitempty"`
	ImageProfile                     ImageProfile                    `json:"imageProfile,omitempty"`
	k8smanifest.VerifyResourceOption `json:""`
	Action                           *Action `json:"action,omitempty"`
}

func (*ParameterObject) DeepCopyInto 

func (p *ParameterObject) DeepCopyInto(p2 *ParameterObject)

type RequestFilterProfile 

type RequestFilterProfile struct {
	SkipObjects  k8smanifest.ObjectReferenceList    `json:"skipObjects,omitempty"`
	SkipUsers    ObjectUserBindingList              `json:"skipUsers,omitempty"`
	IgnoreFields k8smanifest.ObjectFieldBindingList `json:"ignoreFields,omitempty"`
}

type RequestHandlerConfig 

type RequestHandlerConfig struct {
	ImageVerificationConfig ImageVerificationConfig `json:"imageVerificationConfig,omitempty"`
	KeyPathList             []string                `json:"keyPathList,omitempty"`
	SigStoreConfig          SigStoreConfig          `json:"sigStoreConfig,omitempty"`
	RequestFilterProfile    RequestFilterProfile    `json:"requestFilterProfile,omitempty"`
	Log                     LogConfig               `json:"log,omitempty"`
	SideEffectConfig        SideEffectConfig        `json:"sideEffect,omitempty"`
	DefaultConstraintAction Action                  `json:"defaultConstraintAction,omitempty"`
	Options                 []string
}

func LoadRequestHandlerConfig 

func LoadRequestHandlerConfig() (*RequestHandlerConfig, error)

type ResourceRef 

type ResourceRef struct {
	Name      string `json:"name,omitempty"`
	Namespace string `json:"namespace,omitempty"`
}

type SideEffectConfig 

type SideEffectConfig struct {
	// Event
	CreateDenyEvent bool `json:"createDenyEvent"`
}

type SigStoreConfig 

type SigStoreConfig struct {
	RekorServer string `json:"rekorServer,omitempty"`
}

type SignatureRef 

type SignatureRef struct {
	ImageRef              string      `json:"imageRef,omitempty"`
	SignatureResourceRef  ResourceRef `json:"signatureResourceRef,omitempty"`
	ProvenanceResourceRef ResourceRef `json:"provenanceResourceRef,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.