policytemplate

package
v0.0.0-...-d535874 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 26, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PartOfKey       = "app.kubernetes.io/part-of"
	PartOfVal       = "tks-policy-operator"
	TksLabelPrefix  = "tks/"
	PolicyIDLabel   = TksLabelPrefix + "policy-id"
	TemplateIDLabel = TksLabelPrefix + "policy-template-id"
)

Variables

View Source 
var TKSClusterGVR = schema.GroupVersionResource{
	Group: "tkspolicy.openinfradev.github.io", Version: "v1",
	Resource: "tksclusters",
}
View Source 
var TKSPolicyGVR = schema.GroupVersionResource{
	Group: "tkspolicy.openinfradev.github.io", Version: "v1",
	Resource: "tkspolicies",
}
View Source 
var TKSPolicyTemplateGVR = schema.GroupVersionResource{
	Group: "tkspolicy.openinfradev.github.io", Version: "v1",
	Resource: "tkspolicytemplates",
}
View Source 
var VALID_PARAM_TYPES = []string{"string", "number", "integer", "object", "boolean", "null"}

Functions

func AddTksGuardToRego 

func AddTksGuardToRego(rego string) string

violation 정책에 가드 정책 추가

func ApplyTksPolicyCR 

func ApplyTksPolicyCR(ctx context.Context, primaryClusterId string, tksPolicy *TKSPolicy) error

func ApplyTksPolicyTemplateCR 

func ApplyTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, tksPolicyTemplate *TKSPolicyTemplate) error

func CompareParamDef 

func CompareParamDef(paramdef1 *domain.ParameterDef, paramdef2 *domain.ParameterDef) bool

func CompareParamDefAndExtractedParamDef 

func CompareParamDefAndExtractedParamDef(paramdef *domain.ParameterDef, extractedParamdef *domain.ParameterDef) bool

func CompileRegoWithLibs 

func CompileRegoWithLibs(rego string, libs []string) (compiler *ast.Compiler, err error)

func DeleteTksPolicyCR 

func DeleteTksPolicyCR(ctx context.Context, primaryClusterId string, name string) error

func DeleteTksPolicyTemplateCR 

func DeleteTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, name string) error

func ExistsTksPolicyCR 

func ExistsTksPolicyCR(ctx context.Context, primaryClusterId string, name string) (bool, error)

func ExistsTksPolicyTemplateCR 

func ExistsTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, name string) (bool, error)

func ExtractParameter 

func ExtractParameter(modules map[string]*ast.Module) []*domain.ParameterDef

func FillParamDefFromJson 

func FillParamDefFromJson(paramdefs []*domain.ParameterDef, parameters *map[string]interface{}) (err error)

func FillParamDefFromJsonStr 

func FillParamDefFromJsonStr(paramdefs []*domain.ParameterDef, parameters string) (err error)

func FormatLibCode 

func FormatLibCode(libs []string) []string

func FormatRegoCode 

func FormatRegoCode(rego string) string

func GetNewExtractedParamDefs 

func GetNewExtractedParamDefs(paramdefs []*domain.ParameterDef, extractedParamdefs []*domain.ParameterDef) (newParamdefs []*domain.ParameterDef, err error)

func GetNewParamDefs 

func GetNewParamDefs(paramdefs1 []*domain.ParameterDef, paramdefs2 []*domain.ParameterDef) (newParamdefs []*domain.ParameterDef, err error)

func GetPackageFromRegoCode 

func GetPackageFromRegoCode(regoCode string) string

func IsArray 

func IsArray(t types.Type) bool

func JSONSchemaProeprtiesToParamDefs 

func JSONSchemaProeprtiesToParamDefs(jsschema *apiextensionsv1.JSONSchemaProps) []*domain.ParameterDef

func MergeAndCompileRegoWithLibs 

func MergeAndCompileRegoWithLibs(rego string, libs []string) (modules map[string]*ast.Module, err error)

func MergeRegoAndLibs 

func MergeRegoAndLibs(rego string, libs []string) string

func ParamDefsToJSONSchemaProeprties 

func ParamDefsToJSONSchemaProeprties(paramdefs []*domain.ParameterDef, forValidation bool) *apiextensionsv1.JSONSchemaProps

func UpdateTksPolicyTemplateCR 

func UpdateTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, tksPolicyTemplate *TKSPolicyTemplate) error

func ValidateJSONusingParamdefs 

func ValidateJSONusingParamdefs(paramdefs []*domain.ParameterDef, jsonStr string) error

func ValidateParamDef 

func ValidateParamDef(paramdef *domain.ParameterDef) error

func ValidateParamDefs 

func ValidateParamDefs(paramdefs []*domain.ParameterDef) error

Types

type Anything 

type Anything struct {
	Value interface{} `json:"-"`
}

type CRD 

type CRD struct {
	Spec CRDSpec `json:"spec,omitempty"`
}

type CRDSpec 

type CRDSpec struct {
	Names      Names       `json:"names,omitempty"`
	Validation *Validation `json:"validation,omitempty"`
}

type Code 

type Code struct {
	Engine string    `json:"engine"`
	Source *Anything `json:"source"`
}

type DeploymentInfo 

type DeploymentInfo struct {
	Image         string   `json:"image,omitempty"`
	Args          []string `json:"args,omitempty"`
	TotalReplicas int      `json:"totalReplicas,omitempty"`
	NumReplicas   int      `json:"numReplicas,omitempty"`
}

DeploymentInfo defines the observed status of the proxy

type Names 

type Names struct {
	Kind       string   `json:"kind,omitempty"`
	ShortNames []string `json:"shortNames,omitempty"`
}

type ParamDefStore 

type ParamDefStore struct {
	// contains filtered or unexported fields
}

func NewParamDefStore 

func NewParamDefStore() *ParamDefStore

func (*ParamDefStore) AddDefinition 

func (s *ParamDefStore) AddDefinition(params []string)

func (*ParamDefStore) GetStore 

func (s *ParamDefStore) GetStore() []*domain.ParameterDef

type PolicyStatus 

type PolicyStatus struct {
	ConstraintStatus string `json:"constraintStatus" enums:"ready,applying,deleting,error"`
	Reason           string `json:"reason,omitempty"`
	LastUpdate       string `json:"lastUpdate"`
	TemplateVersion  string `json:"templateVersion"`
}

PolicyStatus defines the constraints state on the cluster

type TKSCluster 

type TKSCluster struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TKSClusterSpec   `json:"spec,omitempty"`
	Status TKSClusterStatus `json:"status,omitempty"`
}

TKSCluster is the Schema for the tksclusters API

func GetTksClusterCR 

func GetTksClusterCR(ctx context.Context, primaryClusterId string, resourceName string) (*TKSCluster, error)

func GetTksClusterCRs 

func GetTksClusterCRs(ctx context.Context, primaryClusterId string) (tksClusters []TKSCluster, err error)

type TKSClusterList 

type TKSClusterList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []TKSCluster `json:"items"`
}

TKSClusterList contains a list of TKSCluster

type TKSClusterSpec 

type TKSClusterSpec struct {
	ClusterName string `json:"clusterName"  validate:"required"`
	Context     string `json:"context"  validate:"required"`
}

TKSClusterSpec defines the desired state of TKSCluster

type TKSClusterStatus 

type TKSClusterStatus struct {
	Status              string              `json:"status" enums:"running,deleting,error"`
	Error               string              `json:"error,omitempty"`
	TKSProxy            TKSProxy            `json:"tksproxy,omitempty"`
	LastStatusCheckTime int64               `json:"laststatuschecktime,omitempty"`
	Templates           map[string][]string `json:"templates,omitempty"`
	LastUpdate          string              `json:"lastUpdate"`
	UpdateQueue         map[string]bool     `json:"updateQueue,omitempty"`
}

TKSClusterStatus defines the observed state of TKSCluster

type TKSPolicy 

type TKSPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TKSPolicySpec   `json:"spec,omitempty"`
	Status TKSPolicyStatus `json:"status,omitempty"`
}

TKSPolicy is the Schema for the tkspolicies API

func GetTksPolicyCR 

func GetTksPolicyCR(ctx context.Context, primaryClusterId string, name string) (*TKSPolicy, error)

func GetTksPolicyCRs 

func GetTksPolicyCRs(ctx context.Context, primaryClusterId string) (tksPolicies []TKSPolicy, err error)

func PolicyToTksPolicyCR 

func PolicyToTksPolicyCR(policy *model.Policy) *TKSPolicy

func (*TKSPolicy) GetPolicyID 

func (tksPolicy *TKSPolicy) GetPolicyID() string

func (*TKSPolicy) GetTemplateID 

func (tksPolicy *TKSPolicy) GetTemplateID() string

func (*TKSPolicy) JSON 

func (tksPolicy *TKSPolicy) JSON() (string, error)

func (*TKSPolicy) ToUnstructured 

func (tksPolicy *TKSPolicy) ToUnstructured() (*unstructured.Unstructured, error)

func (*TKSPolicy) YAML 

func (tksPolicy *TKSPolicy) YAML() (string, error)

type TKSPolicyList 

type TKSPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []TKSPolicy `json:"items"`
}

TKSPolicyList contains a list of TKSPolicy

type TKSPolicySpec 

type TKSPolicySpec struct {
	Clusters []string `json:"clusters"`
	Template string   `json:"template" validate:"required"`

	Parameters        *apiextensionsv1.JSON `json:"parameters,omitempty"`
	Match             *domain.Match         `json:"match,omitempty"`
	EnforcementAction string                `json:"enforcementAction,omitempty"`
}

TKSPolicySpec defines the desired state of TKSPolicy

type TKSPolicyStatus 

type TKSPolicyStatus struct {
	Clusters    map[string]PolicyStatus `json:"clusters,omitempty"`
	LastUpdate  string                  `json:"lastUpdate"`
	UpdateQueue map[string]bool         `json:"updateQueue,omitempty"`
	Reason      string                  `json:"reason,omitempty"`
}

TKSPolicyStatus defines the observed state of TKSPolicy

type TKSPolicyTemplate 

type TKSPolicyTemplate struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TKSPolicyTemplateSpec   `json:"spec,omitempty"`
	Status TKSPolicyTemplateStatus `json:"status,omitempty"`
}

TKSPolicyTemplate is the Schema for the tkspolicytemplates API

func GetTksPolicyTemplateCR 

func GetTksPolicyTemplateCR(ctx context.Context, primaryClusterId string, name string) (*TKSPolicyTemplate, error)

func GetTksPolicyTemplateCRs 

func GetTksPolicyTemplateCRs(ctx context.Context, primaryClusterId string) (tksPolicyTemplates []TKSPolicyTemplate, err error)

func PolicyTemplateToTksPolicyTemplateCR 

func PolicyTemplateToTksPolicyTemplateCR(policyTemplate *model.PolicyTemplate) *TKSPolicyTemplate

func (*TKSPolicyTemplate) GetId 

func (tksPolicyTemplate *TKSPolicyTemplate) GetId() string

func (*TKSPolicyTemplate) JSON 

func (tksPolicyTemplate *TKSPolicyTemplate) JSON() (string, error)

func (*TKSPolicyTemplate) ToUnstructured 

func (tksPolicyTemplate *TKSPolicyTemplate) ToUnstructured() (*unstructured.Unstructured, error)

func (*TKSPolicyTemplate) YAML 

func (tksPolicyTemplate *TKSPolicyTemplate) YAML() (string, error)

type TKSPolicyTemplateList 

type TKSPolicyTemplateList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []TKSPolicyTemplate `json:"items"`
}

TKSPolicyTemplateList contains a list of TKSPolicyTemplate

type TKSPolicyTemplateSpec 

type TKSPolicyTemplateSpec struct {
	CRD      CRD      `json:"crd,omitempty"`
	Targets  []Target `json:"targets,omitempty"`
	Clusters []string `json:"clusters,omitempty"`
	Version  string   `json:"version"`
	ToLatest []string `json:"toLatest,omitempty"`
}

TKSPolicyTemplateSpec defines the desired state of TKSPolicyTemplate

type TKSPolicyTemplateStatus 

type TKSPolicyTemplateStatus struct {
	TemplateStatus map[string]TemplateStatus `json:"templateStatus,omitempty"`
	LastUpdate     string                    `json:"lastUpdate"`
	UpdateQueue    map[string]bool           `json:"updateQueue,omitempty"`
}

TKSPolicyTemplateStatus defines the observed state of TKSPolicyTemplate

type TKSProxy 

type TKSProxy struct {
	Status            string          `json:"status" enums:"ready,warn,error"`
	ControllerManager *DeploymentInfo `json:"controllerManager,omitempty"`
	Audit             *DeploymentInfo `json:"audit,omitempty"`
}

TKSProxy defines the observed proxy state for each cluster

type Target 

type Target struct {
	Target string   `json:"target,omitempty"`
	Rego   string   `json:"rego,omitempty" yaml:"rego,omitempty"`
	Libs   []string `json:"libs,omitempty" yaml:"libs,omitempty"`
	Code   []Code   `json:"code,omitempty"`
}

type TemplateReference 

type TemplateReference struct {
	Policies  map[string]string `json:"polices,omitempty"`
	Templates map[string]string `json:"templates,omitempty"`
}

TemplateReference defines the desired state of TKSCluster

type TemplateStatus 

type TemplateStatus struct {
	ConstraintTemplateStatus string `json:"constraintTemplateStatus" enums:"ready,applying,deleting,error"`
	Reason                   string `json:"reason,omitempty"`
	LastUpdate               string `json:"lastUpdate"`
	Version                  string `json:"version"`
}

TemplateStatus defines the constraints state of ConstraintTemplate on the cluster

type Validation 

type Validation struct {
	OpenAPIV3Schema *apiextensionsv1.JSONSchemaProps `json:"openAPIV3Schema,omitempty"`
	LegacySchema    *bool                            `json:"legacySchema,omitempty"` // *bool allows for "unset" state which we need to apply appropriate defaults
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.