Documentation
¶
Index ¶
- Constants
- Variables
- type ClusterPolicyReport
- func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport
- func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport)
- func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object
- func (r *ClusterPolicyReport) GetResults() []PolicyReportResult
- func (r *ClusterPolicyReport) SetResults(results []PolicyReportResult)
- func (r *ClusterPolicyReport) SetSummary(summary PolicyReportSummary)
- type ClusterPolicyReportInterface
- type ClusterPolicyReportList
- type ClusterPolicyReportsGetter
- type DemoPolicyV1alpha2Client
- type DemoPolicyV1alpha2Interface
- type PolicyReport
- func (in *PolicyReport) DeepCopy() *PolicyReport
- func (in *PolicyReport) DeepCopyInto(out *PolicyReport)
- func (in *PolicyReport) DeepCopyObject() runtime.Object
- func (r *PolicyReport) GetResults() []PolicyReportResult
- func (r *PolicyReport) SetResults(results []PolicyReportResult)
- func (r *PolicyReport) SetSummary(summary PolicyReportSummary)
- type PolicyReportInterface
- type PolicyReportList
- type PolicyReportResult
- type PolicyReportSummary
- type PolicyReportsGetter
- type PolicyResult
- type PolicySeverity
Constants ¶
View Source
const ( StatusPass = "pass" StatusFail = "fail" StatusWarn = "warn" StatusError = "error" StatusSkip = "skip" )
Status specifies state of a policy result
View Source
const ( SeverityCritical = "critical" SeverityHigh = "high" SeverityMedium = "medium" SeverityLow = "low" SeverityInfo = "info" )
Severity specifies priority of a policy result
Variables ¶
View Source
var ( GroupVersion = schema.GroupVersion{Group: "prext.demo", Version: "v1alpha1"} Scheme *runtime.Scheme ParameterCodec runtime.ParameterCodec )
Functions ¶
This section is empty.
Types ¶
type ClusterPolicyReport ¶
type ClusterPolicyReport struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []PolicyReportResult `json:"results,omitempty"`
}
func (*ClusterPolicyReport) DeepCopy ¶
func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReport.
func (*ClusterPolicyReport) DeepCopyInto ¶
func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport)
func (*ClusterPolicyReport) DeepCopyObject ¶
func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*ClusterPolicyReport) GetResults ¶
func (r *ClusterPolicyReport) GetResults() []PolicyReportResult
func (*ClusterPolicyReport) SetResults ¶
func (r *ClusterPolicyReport) SetResults(results []PolicyReportResult)
func (*ClusterPolicyReport) SetSummary ¶
func (r *ClusterPolicyReport) SetSummary(summary PolicyReportSummary)
type ClusterPolicyReportInterface ¶
type ClusterPolicyReportInterface interface {
Create(ctx context.Context, obj *unstructured.Unstructured, opts v1.CreateOptions) (*unstructured.Unstructured, error)
Update(ctx context.Context, obj *unstructured.Unstructured, opts v1.UpdateOptions) (*unstructured.Unstructured, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*unstructured.Unstructured, error)
List(ctx context.Context, opts v1.ListOptions) (*unstructured.UnstructuredList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *unstructured.Unstructured, err error)
}
ClusterPolicyReportInterface has methods to work with ClusterPolicyReport resources.
type ClusterPolicyReportList ¶
type ClusterPolicyReportList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ClusterPolicyReport `json:"items"`
}
ClusterPolicyReportList contains a list of ClusterPolicyReport
func (*ClusterPolicyReportList) DeepCopy ¶
func (in *ClusterPolicyReportList) DeepCopy() *ClusterPolicyReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReportList.
func (*ClusterPolicyReportList) DeepCopyInto ¶
func (in *ClusterPolicyReportList) DeepCopyInto(out *ClusterPolicyReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ClusterPolicyReportList) DeepCopyObject ¶
func (in *ClusterPolicyReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type ClusterPolicyReportsGetter ¶
type ClusterPolicyReportsGetter interface {
ClusterPolicyReports() ClusterPolicyReportInterface
}
ClusterPolicyReportsGetter has a method to return a ClusterPolicyReportInterface. A group's client should implement this interface.
type DemoPolicyV1alpha2Client ¶
type DemoPolicyV1alpha2Client struct {
// contains filtered or unexported fields
}
func NewForConfig ¶
func NewForConfig(c *rest.Config) (*DemoPolicyV1alpha2Client, error)
func NewForConfigAndClient ¶
func NewForConfigOrDie ¶
func NewForConfigOrDie(c *rest.Config) *DemoPolicyV1alpha2Client
NewForConfigOrDie creates a new Wgpolicyk8sV1alpha2Client for the given config and panics if there is an error in the config.
func (*DemoPolicyV1alpha2Client) ClusterPolicyReports ¶
func (c *DemoPolicyV1alpha2Client) ClusterPolicyReports() ClusterPolicyReportInterface
func (*DemoPolicyV1alpha2Client) PolicyReports ¶
func (c *DemoPolicyV1alpha2Client) PolicyReports(namespace string) PolicyReportInterface
func (*DemoPolicyV1alpha2Client) RESTClient ¶
func (c *DemoPolicyV1alpha2Client) RESTClient() rest.Interface
type DemoPolicyV1alpha2Interface ¶
type DemoPolicyV1alpha2Interface interface {
RESTClient() rest.Interface
PolicyReportsGetter
ClusterPolicyReportsGetter
}
type PolicyReport ¶
type PolicyReport struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []PolicyReportResult `json:"results,omitempty"`
}
func (*PolicyReport) DeepCopy ¶
func (in *PolicyReport) DeepCopy() *PolicyReport
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReport.
func (*PolicyReport) DeepCopyInto ¶
func (in *PolicyReport) DeepCopyInto(out *PolicyReport)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyReport) DeepCopyObject ¶
func (in *PolicyReport) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*PolicyReport) GetResults ¶
func (r *PolicyReport) GetResults() []PolicyReportResult
func (*PolicyReport) SetResults ¶
func (r *PolicyReport) SetResults(results []PolicyReportResult)
func (*PolicyReport) SetSummary ¶
func (r *PolicyReport) SetSummary(summary PolicyReportSummary)
type PolicyReportInterface ¶
type PolicyReportInterface interface {
Create(ctx context.Context, obj *unstructured.Unstructured, opts v1.CreateOptions) (*unstructured.Unstructured, error)
Update(ctx context.Context, obj *unstructured.Unstructured, opts v1.UpdateOptions) (*unstructured.Unstructured, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*unstructured.Unstructured, error)
List(ctx context.Context, opts v1.ListOptions) (*unstructured.UnstructuredList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *unstructured.Unstructured, err error)
}
PolicyReportInterface has methods to work with PolicyReport resources.
type PolicyReportList ¶
type PolicyReportList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []PolicyReport `json:"items"`
}
PolicyReportList contains a list of PolicyReport
func (*PolicyReportList) DeepCopy ¶
func (in *PolicyReportList) DeepCopy() *PolicyReportList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportList.
func (*PolicyReportList) DeepCopyInto ¶
func (in *PolicyReportList) DeepCopyInto(out *PolicyReportList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyReportList) DeepCopyObject ¶
func (in *PolicyReportList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyReportResult ¶
type PolicyReportResult struct {
// Source is an identifier for the policy engine that manages this report
// +optional
Source string `json:"source"`
// Policy is the name or identifier of the policy
Policy string `json:"policy"`
// Rule is the name or identifier of the rule within the policy
// +optional
Rule string `json:"rule,omitempty"`
// Subjects is an optional reference to the checked Kubernetes resources
// +optional
Resources []corev1.ObjectReference `json:"resources,omitempty"`
// SubjectSelector is an optional label selector for checked Kubernetes resources.
// For example, a policy result may apply to all pods that match a label.
// Either a Subject or a SubjectSelector can be specified.
// If neither are provided, the result is assumed to be for the policy report scope.
// +optional
ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`
// Description is a short user friendly message for the policy rule
Message string `json:"message,omitempty"`
// Result indicates the outcome of the policy rule execution
Result PolicyResult `json:"result,omitempty"`
// Scored indicates if this result is scored
Scored bool `json:"scored,omitempty"`
// Properties provides additional information for the policy rule
Properties map[string]string `json:"properties,omitempty"`
// Timestamp indicates the time the result was found
Timestamp metav1.Timestamp `json:"timestamp,omitempty"`
// Category indicates policy category
// +optional
Category string `json:"category,omitempty"`
// Severity indicates policy check result criticality
// +optional
Severity PolicySeverity `json:"severity,omitempty"`
}
PolicyReportResult provides the result for an individual policy
func (*PolicyReportResult) DeepCopy ¶
func (in *PolicyReportResult) DeepCopy() *PolicyReportResult
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportResult.
func (*PolicyReportResult) DeepCopyInto ¶
func (in *PolicyReportResult) DeepCopyInto(out *PolicyReportResult)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyReportSummary ¶
type PolicyReportSummary struct {
// Pass provides the count of policies whose requirements were met
// +optional
Pass int `json:"pass"`
// Fail provides the count of policies whose requirements were not met
// +optional
Fail int `json:"fail"`
// Warn provides the count of non-scored policies whose requirements were not met
// +optional
Warn int `json:"warn"`
// Error provides the count of policies that could not be evaluated
// +optional
Error int `json:"error"`
// Skip indicates the count of policies that were not selected for evaluation
// +optional
Skip int `json:"skip"`
}
PolicyReportSummary provides a status count summary
func (*PolicyReportSummary) DeepCopy ¶
func (in *PolicyReportSummary) DeepCopy() *PolicyReportSummary
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportSummary.
func (*PolicyReportSummary) DeepCopyInto ¶
func (in *PolicyReportSummary) DeepCopyInto(out *PolicyReportSummary)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (PolicyReportSummary) ToMap ¶
func (prs PolicyReportSummary) ToMap() map[string]interface{}
type PolicyReportsGetter ¶
type PolicyReportsGetter interface {
PolicyReports(namespace string) PolicyReportInterface
}
PolicyReportsGetter has a method to return a PolicyReportInterface. A group's client should implement this interface.
type PolicyResult ¶
type PolicyResult string
PolicyResult has one of the following values:
- pass: indicates that the policy requirements are met
- fail: indicates that the policy requirements are not met
- warn: indicates that the policy requirements and not met, and the policy is not scored
- error: indicates that the policy could not be evaluated
- skip: indicates that the policy was not selected based on user inputs or applicability
type PolicySeverity ¶
type PolicySeverity string
PolicySeverity has one of the following values: - critical - high - low - medium - info
Source Files
Click to show internal directories.
Click to hide internal directories.