Documentation
¶
Index ¶
Constants ¶
const GroupName = "psa.openshift.io"
Variables ¶
var ( SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) AddToScheme = SchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
SchemeGroupVersion is group version used to register these objects
Functions ¶
func NewCmdPSA ¶
func NewCmdPSA(parentName string, streams genericclioptions.IOStreams) *cobra.Command
NewCmdPSA creates a new cobra.Command instance that enables checking namespaces for their compatibility with a specified PodSecurity level.
func Resource ¶
func Resource(resource string) schema.GroupResource
Types ¶
type PSAOptions ¶
type PSAOptions struct {
genericclioptions.IOStreams
// contains filtered or unexported fields
}
PSAOptions contains all the options and configsi for running the PSA command.
func (*PSAOptions) Complete ¶
func (o *PSAOptions) Complete() error
Complete sets all information required for processing the command.
func (*PSAOptions) Run ¶
func (o *PSAOptions) Run() error
Run attempts to update the namespace psa enforce label to the psa audit value.
func (*PSAOptions) Validate ¶
func (o *PSAOptions) Validate() error
Validate ensures that all required arguments and flag values are set properly.
type PodSecurityViolation ¶
type PodSecurityViolation struct {
metav1.TypeMeta `json:",inline"`
// Namespace where the violation happened.
Namespace string `json:"namespace"`
// Level is the pod security level that was violated.
Level string `json:"level"`
// PodName is the name of the pod with the shortest name that violates the
// PodSecurity level.
PodName string `json:"podName"`
// Violations lists the violations that all the pods in the namespace made.
Violations []string `json:"violations"`
// Pod is the pod with the shortest name that violates the PodSecurity level.
Pod *corev1.Pod `json:"pod,omitempty"`
// PodControllers are the controllers that manage the referenced pod.
PodControllers []any `json:"podControllers,omitempty"`
// Labels contain the pod security labels, present in the namespace.
Labels map[string]psapi.Level `json:"labels,omitempty"`
// SyncControlLabel signals that the label syncer is turned on for this namespace.
SyncControlLabel string `json:"syncControlLabel,omitempty"`
}
PodSecurityViolation is a violation of the PodSecurity level set.
func (*PodSecurityViolation) DeepCopyObject ¶
func (v *PodSecurityViolation) DeepCopyObject() runtime.Object
DeepCopyObject complements the runtime.Object interface.
type PodSecurityViolationList ¶
type PodSecurityViolationList struct {
metav1.TypeMeta `json:",inline"`
// Standard list metadata.
metav1.ListMeta `json:"metadata,omitempty"`
// Items is a list of PodSecurityViolation objects.
Items []PodSecurityViolation `json:"items"`
}
PodSecurityViolationList is a list of PodSecurityViolation objects.
func (*PodSecurityViolationList) DeepCopyObject ¶
func (l *PodSecurityViolationList) DeepCopyObject() runtime.Object
DeepCopyObject complements the runtime.Object interface.
Source Files