Documentation ¶
Index ¶
- Constants
- Variables
- func AddTksGuardToRego(rego string) string
- func ApplyTksPolicyCR(ctx context.Context, primaryClusterId string, tksPolicy *TKSPolicy) error
- func ApplyTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, ...) error
- func CompareParamDef(paramdef1 *domain.ParameterDef, paramdef2 *domain.ParameterDef) bool
- func CompareParamDefAndExtractedParamDef(paramdef *domain.ParameterDef, extractedParamdef *domain.ParameterDef) bool
- func CompileRegoWithLibs(rego string, libs []string) (compiler *ast.Compiler, err error)
- func DeleteTksPolicyCR(ctx context.Context, primaryClusterId string, name string) error
- func DeleteTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, name string) error
- func ExistsTksPolicyCR(ctx context.Context, primaryClusterId string, name string) (bool, error)
- func ExistsTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, name string) (bool, error)
- func ExtractParameter(modules map[string]*ast.Module) []*domain.ParameterDef
- func FillParamDefFromJson(paramdefs []*domain.ParameterDef, parameters *map[string]interface{}) (err error)
- func FillParamDefFromJsonStr(paramdefs []*domain.ParameterDef, parameters string) (err error)
- func FormatLibCode(libs []string) []string
- func FormatRegoCode(rego string) string
- func GetNewExtractedParamDefs(paramdefs []*domain.ParameterDef, extractedParamdefs []*domain.ParameterDef) (newParamdefs []*domain.ParameterDef, err error)
- func GetNewParamDefs(paramdefs1 []*domain.ParameterDef, paramdefs2 []*domain.ParameterDef) (newParamdefs []*domain.ParameterDef, err error)
- func GetPackageFromRegoCode(regoCode string) string
- func IsArray(t types.Type) bool
- func JSONSchemaProeprtiesToParamDefs(jsschema *apiextensionsv1.JSONSchemaProps) []*domain.ParameterDef
- func MergeAndCompileRegoWithLibs(rego string, libs []string) (modules map[string]*ast.Module, err error)
- func MergeRegoAndLibs(rego string, libs []string) string
- func ParamDefsToJSONSchemaProeprties(paramdefs []*domain.ParameterDef, forValidation bool) *apiextensionsv1.JSONSchemaProps
- func UpdateTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, ...) error
- func ValidateJSONusingParamdefs(paramdefs []*domain.ParameterDef, jsonStr string) error
- func ValidateParamDef(paramdef *domain.ParameterDef) error
- func ValidateParamDefs(paramdefs []*domain.ParameterDef) error
- type Anything
- type CRD
- type CRDSpec
- type Code
- type DeploymentInfo
- type Names
- type ParamDefStore
- type PolicyStatus
- type TKSCluster
- type TKSClusterList
- type TKSClusterSpec
- type TKSClusterStatus
- type TKSPolicy
- type TKSPolicyList
- type TKSPolicySpec
- type TKSPolicyStatus
- type TKSPolicyTemplate
- func GetTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, name string) (*TKSPolicyTemplate, error)
- func GetTksPolicyTemplateCRs(ctx context.Context, primaryClusterId string) (tksPolicyTemplates []TKSPolicyTemplate, err error)
- func PolicyTemplateToTksPolicyTemplateCR(policyTemplate *model.PolicyTemplate) *TKSPolicyTemplate
- type TKSPolicyTemplateList
- type TKSPolicyTemplateSpec
- type TKSPolicyTemplateStatus
- type TKSProxy
- type Target
- type TemplateReference
- type TemplateStatus
- type Validation
Constants ¶
const ( PartOfKey = "app.kubernetes.io/part-of" PartOfVal = "tks-policy-operator" TksLabelPrefix = "tks/" PolicyIDLabel = TksLabelPrefix + "policy-id" TemplateIDLabel = TksLabelPrefix + "policy-template-id" )
Variables ¶
var TKSClusterGVR = schema.GroupVersionResource{
Group: "tkspolicy.openinfradev.github.io", Version: "v1",
Resource: "tksclusters",
}
var TKSPolicyGVR = schema.GroupVersionResource{
Group: "tkspolicy.openinfradev.github.io", Version: "v1",
Resource: "tkspolicies",
}
var TKSPolicyTemplateGVR = schema.GroupVersionResource{
Group: "tkspolicy.openinfradev.github.io", Version: "v1",
Resource: "tkspolicytemplates",
}
var VALID_PARAM_TYPES = []string{"string", "number", "integer", "object", "boolean", "null"}
Functions ¶
func ApplyTksPolicyCR ¶
func ApplyTksPolicyTemplateCR ¶
func ApplyTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, tksPolicyTemplate *TKSPolicyTemplate) error
func CompareParamDef ¶
func CompareParamDef(paramdef1 *domain.ParameterDef, paramdef2 *domain.ParameterDef) bool
func CompareParamDefAndExtractedParamDef ¶
func CompareParamDefAndExtractedParamDef(paramdef *domain.ParameterDef, extractedParamdef *domain.ParameterDef) bool
func CompileRegoWithLibs ¶
func DeleteTksPolicyCR ¶
func ExistsTksPolicyCR ¶
func ExtractParameter ¶
func ExtractParameter(modules map[string]*ast.Module) []*domain.ParameterDef
func FillParamDefFromJson ¶
func FillParamDefFromJson(paramdefs []*domain.ParameterDef, parameters *map[string]interface{}) (err error)
func FillParamDefFromJsonStr ¶
func FillParamDefFromJsonStr(paramdefs []*domain.ParameterDef, parameters string) (err error)
func FormatLibCode ¶
func FormatRegoCode ¶
func GetNewExtractedParamDefs ¶
func GetNewExtractedParamDefs(paramdefs []*domain.ParameterDef, extractedParamdefs []*domain.ParameterDef) (newParamdefs []*domain.ParameterDef, err error)
func GetNewParamDefs ¶
func GetNewParamDefs(paramdefs1 []*domain.ParameterDef, paramdefs2 []*domain.ParameterDef) (newParamdefs []*domain.ParameterDef, err error)
func GetPackageFromRegoCode ¶
func JSONSchemaProeprtiesToParamDefs ¶
func JSONSchemaProeprtiesToParamDefs(jsschema *apiextensionsv1.JSONSchemaProps) []*domain.ParameterDef
func MergeRegoAndLibs ¶
func ParamDefsToJSONSchemaProeprties ¶
func ParamDefsToJSONSchemaProeprties(paramdefs []*domain.ParameterDef, forValidation bool) *apiextensionsv1.JSONSchemaProps
func UpdateTksPolicyTemplateCR ¶
func UpdateTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, tksPolicyTemplate *TKSPolicyTemplate) error
func ValidateJSONusingParamdefs ¶
func ValidateJSONusingParamdefs(paramdefs []*domain.ParameterDef, jsonStr string) error
func ValidateParamDef ¶
func ValidateParamDef(paramdef *domain.ParameterDef) error
func ValidateParamDefs ¶
func ValidateParamDefs(paramdefs []*domain.ParameterDef) error
Types ¶
type CRDSpec ¶
type CRDSpec struct { Names Names `json:"names,omitempty"` Validation *Validation `json:"validation,omitempty"` }
type DeploymentInfo ¶
type DeploymentInfo struct { Image string `json:"image,omitempty"` Args []string `json:"args,omitempty"` TotalReplicas int `json:"totalReplicas,omitempty"` NumReplicas int `json:"numReplicas,omitempty"` }
DeploymentInfo defines the observed status of the proxy
type ParamDefStore ¶
type ParamDefStore struct {
// contains filtered or unexported fields
}
func NewParamDefStore ¶
func NewParamDefStore() *ParamDefStore
func (*ParamDefStore) AddDefinition ¶
func (s *ParamDefStore) AddDefinition(params []string)
func (*ParamDefStore) GetStore ¶
func (s *ParamDefStore) GetStore() []*domain.ParameterDef
type PolicyStatus ¶
type PolicyStatus struct { ConstraintStatus string `json:"constraintStatus" enums:"ready,applying,deleting,error"` Reason string `json:"reason,omitempty"` LastUpdate string `json:"lastUpdate"` TemplateVersion string `json:"templateVersion"` }
PolicyStatus defines the constraints state on the cluster
type TKSCluster ¶
type TKSCluster struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec TKSClusterSpec `json:"spec,omitempty"` Status TKSClusterStatus `json:"status,omitempty"` }
TKSCluster is the Schema for the tksclusters API
func GetTksClusterCR ¶
func GetTksClusterCRs ¶
func GetTksClusterCRs(ctx context.Context, primaryClusterId string) (tksClusters []TKSCluster, err error)
type TKSClusterList ¶
type TKSClusterList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []TKSCluster `json:"items"` }
TKSClusterList contains a list of TKSCluster
type TKSClusterSpec ¶
type TKSClusterSpec struct { ClusterName string `json:"clusterName" validate:"required"` Context string `json:"context" validate:"required"` }
TKSClusterSpec defines the desired state of TKSCluster
type TKSClusterStatus ¶
type TKSClusterStatus struct { Status string `json:"status" enums:"running,deleting,error"` Error string `json:"error,omitempty"` TKSProxy TKSProxy `json:"tksproxy,omitempty"` LastStatusCheckTime int64 `json:"laststatuschecktime,omitempty"` Templates map[string][]string `json:"templates,omitempty"` LastUpdate string `json:"lastUpdate"` UpdateQueue map[string]bool `json:"updateQueue,omitempty"` }
TKSClusterStatus defines the observed state of TKSCluster
type TKSPolicy ¶
type TKSPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec TKSPolicySpec `json:"spec,omitempty"` Status TKSPolicyStatus `json:"status,omitempty"` }
TKSPolicy is the Schema for the tkspolicies API
func GetTksPolicyCR ¶
func GetTksPolicyCRs ¶
func PolicyToTksPolicyCR ¶
func (*TKSPolicy) GetPolicyID ¶
func (*TKSPolicy) GetTemplateID ¶
func (*TKSPolicy) ToUnstructured ¶
func (tksPolicy *TKSPolicy) ToUnstructured() (*unstructured.Unstructured, error)
type TKSPolicyList ¶
type TKSPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []TKSPolicy `json:"items"` }
TKSPolicyList contains a list of TKSPolicy
type TKSPolicySpec ¶
type TKSPolicySpec struct { Clusters []string `json:"clusters"` Template string `json:"template" validate:"required"` Parameters *apiextensionsv1.JSON `json:"parameters,omitempty"` Match *domain.Match `json:"match,omitempty"` EnforcementAction string `json:"enforcementAction,omitempty"` }
TKSPolicySpec defines the desired state of TKSPolicy
type TKSPolicyStatus ¶
type TKSPolicyStatus struct { Clusters map[string]PolicyStatus `json:"clusters,omitempty"` LastUpdate string `json:"lastUpdate"` UpdateQueue map[string]bool `json:"updateQueue,omitempty"` Reason string `json:"reason,omitempty"` }
TKSPolicyStatus defines the observed state of TKSPolicy
type TKSPolicyTemplate ¶
type TKSPolicyTemplate struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec TKSPolicyTemplateSpec `json:"spec,omitempty"` Status TKSPolicyTemplateStatus `json:"status,omitempty"` }
TKSPolicyTemplate is the Schema for the tkspolicytemplates API
func GetTksPolicyTemplateCR ¶
func GetTksPolicyTemplateCRs ¶
func GetTksPolicyTemplateCRs(ctx context.Context, primaryClusterId string) (tksPolicyTemplates []TKSPolicyTemplate, err error)
func PolicyTemplateToTksPolicyTemplateCR ¶
func PolicyTemplateToTksPolicyTemplateCR(policyTemplate *model.PolicyTemplate) *TKSPolicyTemplate
func (*TKSPolicyTemplate) GetId ¶
func (tksPolicyTemplate *TKSPolicyTemplate) GetId() string
func (*TKSPolicyTemplate) JSON ¶
func (tksPolicyTemplate *TKSPolicyTemplate) JSON() (string, error)
func (*TKSPolicyTemplate) ToUnstructured ¶
func (tksPolicyTemplate *TKSPolicyTemplate) ToUnstructured() (*unstructured.Unstructured, error)
func (*TKSPolicyTemplate) YAML ¶
func (tksPolicyTemplate *TKSPolicyTemplate) YAML() (string, error)
type TKSPolicyTemplateList ¶
type TKSPolicyTemplateList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []TKSPolicyTemplate `json:"items"` }
TKSPolicyTemplateList contains a list of TKSPolicyTemplate
type TKSPolicyTemplateSpec ¶
type TKSPolicyTemplateSpec struct { CRD CRD `json:"crd,omitempty"` Targets []Target `json:"targets,omitempty"` Clusters []string `json:"clusters,omitempty"` Version string `json:"version"` ToLatest []string `json:"toLatest,omitempty"` }
TKSPolicyTemplateSpec defines the desired state of TKSPolicyTemplate
type TKSPolicyTemplateStatus ¶
type TKSPolicyTemplateStatus struct { TemplateStatus map[string]TemplateStatus `json:"templateStatus,omitempty"` LastUpdate string `json:"lastUpdate"` UpdateQueue map[string]bool `json:"updateQueue,omitempty"` }
TKSPolicyTemplateStatus defines the observed state of TKSPolicyTemplate
type TKSProxy ¶
type TKSProxy struct { Status string `json:"status" enums:"ready,warn,error"` ControllerManager *DeploymentInfo `json:"controllerManager,omitempty"` Audit *DeploymentInfo `json:"audit,omitempty"` }
TKSProxy defines the observed proxy state for each cluster
type TemplateReference ¶
type TemplateReference struct { Policies map[string]string `json:"polices,omitempty"` Templates map[string]string `json:"templates,omitempty"` }
TemplateReference defines the desired state of TKSCluster
type TemplateStatus ¶
type TemplateStatus struct { ConstraintTemplateStatus string `json:"constraintTemplateStatus" enums:"ready,applying,deleting,error"` Reason string `json:"reason,omitempty"` LastUpdate string `json:"lastUpdate"` Version string `json:"version"` }
TemplateStatus defines the constraints state of ConstraintTemplate on the cluster
type Validation ¶
type Validation struct { OpenAPIV3Schema *apiextensionsv1.JSONSchemaProps `json:"openAPIV3Schema,omitempty"` LegacySchema *bool `json:"legacySchema,omitempty"` // *bool allows for "unset" state which we need to apply appropriate defaults }