api: k8s.io/api/policy/v1beta1 Index | Files

package v1beta1

import "k8s.io/api/policy/v1beta1"

Package policy is for any kind of policy object. Suitable examples, even if they aren't all here, are PodDisruptionBudget, PodSecurityPolicy, NetworkPolicy, etc.

Index

Package Files

doc.go generated.pb.go register.go types.go types_swagger_doc_generated.go zz_generated.deepcopy.go

Constants

const AllowAllRuntimeClassNames = "*"

AllowAllRuntimeClassNames can be used as a value for the RuntimeClassStrategyOptions.AllowedRuntimeClassNames field and means that any RuntimeClassName is allowed.

const GroupName = "policy"

GroupName is the group name use in this package

Variables

var (
    ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling")
    ErrIntOverflowGenerated   = fmt.Errorf("proto: integer overflow")
)
var (
    // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
    // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
    SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)

    AddToScheme = localSchemeBuilder.AddToScheme
)
var AllowAllCapabilities v1.Capability = "*"

AllowAllCapabilities can be used as a value for the PodSecurityPolicy.AllowAllCapabilities field and means that any capabilities are allowed to be requested.

var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"}

SchemeGroupVersion is group version used to register these objects

func Resource Uses

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

type AllowedCSIDriver Uses

type AllowedCSIDriver struct {
    // Name is the registered name of the CSI driver
    Name string `json:"name" protobuf:"bytes,1,opt,name=name"`
}

AllowedCSIDriver represents a single inline CSI Driver that is allowed to be used.

func (*AllowedCSIDriver) DeepCopy Uses

func (in *AllowedCSIDriver) DeepCopy() *AllowedCSIDriver

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedCSIDriver.

func (*AllowedCSIDriver) DeepCopyInto Uses

func (in *AllowedCSIDriver) DeepCopyInto(out *AllowedCSIDriver)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AllowedCSIDriver) Descriptor Uses

func (*AllowedCSIDriver) Descriptor() ([]byte, []int)

func (*AllowedCSIDriver) Marshal Uses

func (m *AllowedCSIDriver) Marshal() (dAtA []byte, err error)

func (*AllowedCSIDriver) MarshalTo Uses

func (m *AllowedCSIDriver) MarshalTo(dAtA []byte) (int, error)

func (*AllowedCSIDriver) MarshalToSizedBuffer Uses

func (m *AllowedCSIDriver) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AllowedCSIDriver) ProtoMessage Uses

func (*AllowedCSIDriver) ProtoMessage()

func (*AllowedCSIDriver) Reset Uses

func (m *AllowedCSIDriver) Reset()

func (*AllowedCSIDriver) Size Uses

func (m *AllowedCSIDriver) Size() (n int)

func (*AllowedCSIDriver) String Uses

func (this *AllowedCSIDriver) String() string

func (AllowedCSIDriver) SwaggerDoc Uses

func (AllowedCSIDriver) SwaggerDoc() map[string]string

func (*AllowedCSIDriver) Unmarshal Uses

func (m *AllowedCSIDriver) Unmarshal(dAtA []byte) error

func (*AllowedCSIDriver) XXX_DiscardUnknown Uses

func (m *AllowedCSIDriver) XXX_DiscardUnknown()

func (*AllowedCSIDriver) XXX_Marshal Uses

func (m *AllowedCSIDriver) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AllowedCSIDriver) XXX_Merge Uses

func (m *AllowedCSIDriver) XXX_Merge(src proto.Message)

func (*AllowedCSIDriver) XXX_Size Uses

func (m *AllowedCSIDriver) XXX_Size() int

func (*AllowedCSIDriver) XXX_Unmarshal Uses

func (m *AllowedCSIDriver) XXX_Unmarshal(b []byte) error

type AllowedFlexVolume Uses

type AllowedFlexVolume struct {
    // driver is the name of the Flexvolume driver.
    Driver string `json:"driver" protobuf:"bytes,1,opt,name=driver"`
}

AllowedFlexVolume represents a single Flexvolume that is allowed to be used.

func (*AllowedFlexVolume) DeepCopy Uses

func (in *AllowedFlexVolume) DeepCopy() *AllowedFlexVolume

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedFlexVolume.

func (*AllowedFlexVolume) DeepCopyInto Uses

func (in *AllowedFlexVolume) DeepCopyInto(out *AllowedFlexVolume)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AllowedFlexVolume) Descriptor Uses

func (*AllowedFlexVolume) Descriptor() ([]byte, []int)

func (*AllowedFlexVolume) Marshal Uses

func (m *AllowedFlexVolume) Marshal() (dAtA []byte, err error)

func (*AllowedFlexVolume) MarshalTo Uses

func (m *AllowedFlexVolume) MarshalTo(dAtA []byte) (int, error)

func (*AllowedFlexVolume) MarshalToSizedBuffer Uses

func (m *AllowedFlexVolume) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AllowedFlexVolume) ProtoMessage Uses

func (*AllowedFlexVolume) ProtoMessage()

func (*AllowedFlexVolume) Reset Uses

func (m *AllowedFlexVolume) Reset()

func (*AllowedFlexVolume) Size Uses

func (m *AllowedFlexVolume) Size() (n int)

func (*AllowedFlexVolume) String Uses

func (this *AllowedFlexVolume) String() string

func (AllowedFlexVolume) SwaggerDoc Uses

func (AllowedFlexVolume) SwaggerDoc() map[string]string

func (*AllowedFlexVolume) Unmarshal Uses

func (m *AllowedFlexVolume) Unmarshal(dAtA []byte) error

func (*AllowedFlexVolume) XXX_DiscardUnknown Uses

func (m *AllowedFlexVolume) XXX_DiscardUnknown()

func (*AllowedFlexVolume) XXX_Marshal Uses

func (m *AllowedFlexVolume) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AllowedFlexVolume) XXX_Merge Uses

func (m *AllowedFlexVolume) XXX_Merge(src proto.Message)

func (*AllowedFlexVolume) XXX_Size Uses

func (m *AllowedFlexVolume) XXX_Size() int

func (*AllowedFlexVolume) XXX_Unmarshal Uses

func (m *AllowedFlexVolume) XXX_Unmarshal(b []byte) error

type AllowedHostPath Uses

type AllowedHostPath struct {
    // pathPrefix is the path prefix that the host volume must match.
    // It does not support `*`.
    // Trailing slashes are trimmed when validating the path prefix with a host path.
    //
    // Examples:
    // `/foo` would allow `/foo`, `/foo/` and `/foo/bar`
    // `/foo` would not allow `/food` or `/etc/foo`
    PathPrefix string `json:"pathPrefix,omitempty" protobuf:"bytes,1,rep,name=pathPrefix"`

    // when set to true, will allow host volumes matching the pathPrefix only if all volume mounts are readOnly.
    // +optional
    ReadOnly bool `json:"readOnly,omitempty" protobuf:"varint,2,opt,name=readOnly"`
}

AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use. It requires the path prefix to be defined.

func (*AllowedHostPath) DeepCopy Uses

func (in *AllowedHostPath) DeepCopy() *AllowedHostPath

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedHostPath.

func (*AllowedHostPath) DeepCopyInto Uses

func (in *AllowedHostPath) DeepCopyInto(out *AllowedHostPath)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AllowedHostPath) Descriptor Uses

func (*AllowedHostPath) Descriptor() ([]byte, []int)

func (*AllowedHostPath) Marshal Uses

func (m *AllowedHostPath) Marshal() (dAtA []byte, err error)

func (*AllowedHostPath) MarshalTo Uses

func (m *AllowedHostPath) MarshalTo(dAtA []byte) (int, error)

func (*AllowedHostPath) MarshalToSizedBuffer Uses

func (m *AllowedHostPath) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*AllowedHostPath) ProtoMessage Uses

func (*AllowedHostPath) ProtoMessage()

func (*AllowedHostPath) Reset Uses

func (m *AllowedHostPath) Reset()

func (*AllowedHostPath) Size Uses

func (m *AllowedHostPath) Size() (n int)

func (*AllowedHostPath) String Uses

func (this *AllowedHostPath) String() string

func (AllowedHostPath) SwaggerDoc Uses

func (AllowedHostPath) SwaggerDoc() map[string]string

func (*AllowedHostPath) Unmarshal Uses

func (m *AllowedHostPath) Unmarshal(dAtA []byte) error

func (*AllowedHostPath) XXX_DiscardUnknown Uses

func (m *AllowedHostPath) XXX_DiscardUnknown()

func (*AllowedHostPath) XXX_Marshal Uses

func (m *AllowedHostPath) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*AllowedHostPath) XXX_Merge Uses

func (m *AllowedHostPath) XXX_Merge(src proto.Message)

func (*AllowedHostPath) XXX_Size Uses

func (m *AllowedHostPath) XXX_Size() int

func (*AllowedHostPath) XXX_Unmarshal Uses

func (m *AllowedHostPath) XXX_Unmarshal(b []byte) error

type Eviction Uses

type Eviction struct {
    metav1.TypeMeta `json:",inline"`

    // ObjectMeta describes the pod that is being evicted.
    // +optional
    metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

    // DeleteOptions may be provided
    // +optional
    DeleteOptions *metav1.DeleteOptions `json:"deleteOptions,omitempty" protobuf:"bytes,2,opt,name=deleteOptions"`
}

Eviction evicts a pod from its node subject to certain policies and safety constraints. This is a subresource of Pod. A request to cause such an eviction is created by POSTing to .../pods/<pod name>/evictions.

func (*Eviction) DeepCopy Uses

func (in *Eviction) DeepCopy() *Eviction

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Eviction.

func (*Eviction) DeepCopyInto Uses

func (in *Eviction) DeepCopyInto(out *Eviction)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Eviction) DeepCopyObject Uses

func (in *Eviction) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Eviction) Descriptor Uses

func (*Eviction) Descriptor() ([]byte, []int)

func (*Eviction) Marshal Uses

func (m *Eviction) Marshal() (dAtA []byte, err error)

func (*Eviction) MarshalTo Uses

func (m *Eviction) MarshalTo(dAtA []byte) (int, error)

func (*Eviction) MarshalToSizedBuffer Uses

func (m *Eviction) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*Eviction) ProtoMessage Uses

func (*Eviction) ProtoMessage()

func (*Eviction) Reset Uses

func (m *Eviction) Reset()

func (*Eviction) Size Uses

func (m *Eviction) Size() (n int)

func (*Eviction) String Uses

func (this *Eviction) String() string

func (Eviction) SwaggerDoc Uses

func (Eviction) SwaggerDoc() map[string]string

func (*Eviction) Unmarshal Uses

func (m *Eviction) Unmarshal(dAtA []byte) error

func (*Eviction) XXX_DiscardUnknown Uses

func (m *Eviction) XXX_DiscardUnknown()

func (*Eviction) XXX_Marshal Uses

func (m *Eviction) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*Eviction) XXX_Merge Uses

func (m *Eviction) XXX_Merge(src proto.Message)

func (*Eviction) XXX_Size Uses

func (m *Eviction) XXX_Size() int

func (*Eviction) XXX_Unmarshal Uses

func (m *Eviction) XXX_Unmarshal(b []byte) error

type FSGroupStrategyOptions Uses

type FSGroupStrategyOptions struct {
    // rule is the strategy that will dictate what FSGroup is used in the SecurityContext.
    // +optional
    Rule FSGroupStrategyType `json:"rule,omitempty" protobuf:"bytes,1,opt,name=rule,casttype=FSGroupStrategyType"`
    // ranges are the allowed ranges of fs groups.  If you would like to force a single
    // fs group then supply a single range with the same start and end. Required for MustRunAs.
    // +optional
    Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
}

FSGroupStrategyOptions defines the strategy type and options used to create the strategy.

func (*FSGroupStrategyOptions) DeepCopy Uses

func (in *FSGroupStrategyOptions) DeepCopy() *FSGroupStrategyOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FSGroupStrategyOptions.

func (*FSGroupStrategyOptions) DeepCopyInto Uses

func (in *FSGroupStrategyOptions) DeepCopyInto(out *FSGroupStrategyOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*FSGroupStrategyOptions) Descriptor Uses

func (*FSGroupStrategyOptions) Descriptor() ([]byte, []int)

func (*FSGroupStrategyOptions) Marshal Uses

func (m *FSGroupStrategyOptions) Marshal() (dAtA []byte, err error)

func (*FSGroupStrategyOptions) MarshalTo Uses

func (m *FSGroupStrategyOptions) MarshalTo(dAtA []byte) (int, error)

func (*FSGroupStrategyOptions) MarshalToSizedBuffer Uses

func (m *FSGroupStrategyOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*FSGroupStrategyOptions) ProtoMessage Uses

func (*FSGroupStrategyOptions) ProtoMessage()

func (*FSGroupStrategyOptions) Reset Uses

func (m *FSGroupStrategyOptions) Reset()

func (*FSGroupStrategyOptions) Size Uses

func (m *FSGroupStrategyOptions) Size() (n int)

func (*FSGroupStrategyOptions) String Uses

func (this *FSGroupStrategyOptions) String() string

func (FSGroupStrategyOptions) SwaggerDoc Uses

func (FSGroupStrategyOptions) SwaggerDoc() map[string]string

func (*FSGroupStrategyOptions) Unmarshal Uses

func (m *FSGroupStrategyOptions) Unmarshal(dAtA []byte) error

func (*FSGroupStrategyOptions) XXX_DiscardUnknown Uses

func (m *FSGroupStrategyOptions) XXX_DiscardUnknown()

func (*FSGroupStrategyOptions) XXX_Marshal Uses

func (m *FSGroupStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*FSGroupStrategyOptions) XXX_Merge Uses

func (m *FSGroupStrategyOptions) XXX_Merge(src proto.Message)

func (*FSGroupStrategyOptions) XXX_Size Uses

func (m *FSGroupStrategyOptions) XXX_Size() int

func (*FSGroupStrategyOptions) XXX_Unmarshal Uses

func (m *FSGroupStrategyOptions) XXX_Unmarshal(b []byte) error

type FSGroupStrategyType Uses

type FSGroupStrategyType string

FSGroupStrategyType denotes strategy types for generating FSGroup values for a SecurityContext

const (
    // FSGroupStrategyMayRunAs means that container does not need to have FSGroup of X applied.
    // However, when FSGroups are specified, they have to fall in the defined range.
    FSGroupStrategyMayRunAs FSGroupStrategyType = "MayRunAs"
    // FSGroupStrategyMustRunAs meant that container must have FSGroup of X applied.
    FSGroupStrategyMustRunAs FSGroupStrategyType = "MustRunAs"
    // FSGroupStrategyRunAsAny means that container may make requests for any FSGroup labels.
    FSGroupStrategyRunAsAny FSGroupStrategyType = "RunAsAny"
)

type FSType Uses

type FSType string

FSType gives strong typing to different file systems that are used by volumes.

var (
    AzureFile             FSType = "azureFile"
    Flocker               FSType = "flocker"
    FlexVolume            FSType = "flexVolume"
    HostPath              FSType = "hostPath"
    EmptyDir              FSType = "emptyDir"
    GCEPersistentDisk     FSType = "gcePersistentDisk"
    AWSElasticBlockStore  FSType = "awsElasticBlockStore"
    GitRepo               FSType = "gitRepo"
    Secret                FSType = "secret"
    NFS                   FSType = "nfs"
    ISCSI                 FSType = "iscsi"
    Glusterfs             FSType = "glusterfs"
    PersistentVolumeClaim FSType = "persistentVolumeClaim"
    RBD                   FSType = "rbd"
    Cinder                FSType = "cinder"
    CephFS                FSType = "cephFS"
    DownwardAPI           FSType = "downwardAPI"
    FC                    FSType = "fc"
    ConfigMap             FSType = "configMap"
    VsphereVolume         FSType = "vsphereVolume"
    Quobyte               FSType = "quobyte"
    AzureDisk             FSType = "azureDisk"
    PhotonPersistentDisk  FSType = "photonPersistentDisk"
    StorageOS             FSType = "storageos"
    Projected             FSType = "projected"
    PortworxVolume        FSType = "portworxVolume"
    ScaleIO               FSType = "scaleIO"
    CSI                   FSType = "csi"
    All                   FSType = "*"
)

type HostPortRange Uses

type HostPortRange struct {
    // min is the start of the range, inclusive.
    Min int32 `json:"min" protobuf:"varint,1,opt,name=min"`
    // max is the end of the range, inclusive.
    Max int32 `json:"max" protobuf:"varint,2,opt,name=max"`
}

HostPortRange defines a range of host ports that will be enabled by a policy for pods to use. It requires both the start and end to be defined.

func (*HostPortRange) DeepCopy Uses

func (in *HostPortRange) DeepCopy() *HostPortRange

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostPortRange.

func (*HostPortRange) DeepCopyInto Uses

func (in *HostPortRange) DeepCopyInto(out *HostPortRange)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*HostPortRange) Descriptor Uses

func (*HostPortRange) Descriptor() ([]byte, []int)

func (*HostPortRange) Marshal Uses

func (m *HostPortRange) Marshal() (dAtA []byte, err error)

func (*HostPortRange) MarshalTo Uses

func (m *HostPortRange) MarshalTo(dAtA []byte) (int, error)

func (*HostPortRange) MarshalToSizedBuffer Uses

func (m *HostPortRange) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*HostPortRange) ProtoMessage Uses

func (*HostPortRange) ProtoMessage()

func (*HostPortRange) Reset Uses

func (m *HostPortRange) Reset()

func (*HostPortRange) Size Uses

func (m *HostPortRange) Size() (n int)

func (*HostPortRange) String Uses

func (this *HostPortRange) String() string

func (HostPortRange) SwaggerDoc Uses

func (HostPortRange) SwaggerDoc() map[string]string

func (*HostPortRange) Unmarshal Uses

func (m *HostPortRange) Unmarshal(dAtA []byte) error

func (*HostPortRange) XXX_DiscardUnknown Uses

func (m *HostPortRange) XXX_DiscardUnknown()

func (*HostPortRange) XXX_Marshal Uses

func (m *HostPortRange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*HostPortRange) XXX_Merge Uses

func (m *HostPortRange) XXX_Merge(src proto.Message)

func (*HostPortRange) XXX_Size Uses

func (m *HostPortRange) XXX_Size() int

func (*HostPortRange) XXX_Unmarshal Uses

func (m *HostPortRange) XXX_Unmarshal(b []byte) error

type IDRange Uses

type IDRange struct {
    // min is the start of the range, inclusive.
    Min int64 `json:"min" protobuf:"varint,1,opt,name=min"`
    // max is the end of the range, inclusive.
    Max int64 `json:"max" protobuf:"varint,2,opt,name=max"`
}

IDRange provides a min/max of an allowed range of IDs.

func (*IDRange) DeepCopy Uses

func (in *IDRange) DeepCopy() *IDRange

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IDRange.

func (*IDRange) DeepCopyInto Uses

func (in *IDRange) DeepCopyInto(out *IDRange)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IDRange) Descriptor Uses

func (*IDRange) Descriptor() ([]byte, []int)

func (*IDRange) Marshal Uses

func (m *IDRange) Marshal() (dAtA []byte, err error)

func (*IDRange) MarshalTo Uses

func (m *IDRange) MarshalTo(dAtA []byte) (int, error)

func (*IDRange) MarshalToSizedBuffer Uses

func (m *IDRange) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*IDRange) ProtoMessage Uses

func (*IDRange) ProtoMessage()

func (*IDRange) Reset Uses

func (m *IDRange) Reset()

func (*IDRange) Size Uses

func (m *IDRange) Size() (n int)

func (*IDRange) String Uses

func (this *IDRange) String() string

func (IDRange) SwaggerDoc Uses

func (IDRange) SwaggerDoc() map[string]string

func (*IDRange) Unmarshal Uses

func (m *IDRange) Unmarshal(dAtA []byte) error

func (*IDRange) XXX_DiscardUnknown Uses

func (m *IDRange) XXX_DiscardUnknown()

func (*IDRange) XXX_Marshal Uses

func (m *IDRange) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*IDRange) XXX_Merge Uses

func (m *IDRange) XXX_Merge(src proto.Message)

func (*IDRange) XXX_Size Uses

func (m *IDRange) XXX_Size() int

func (*IDRange) XXX_Unmarshal Uses

func (m *IDRange) XXX_Unmarshal(b []byte) error

type PodDisruptionBudget Uses

type PodDisruptionBudget struct {
    metav1.TypeMeta `json:",inline"`
    // +optional
    metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

    // Specification of the desired behavior of the PodDisruptionBudget.
    // +optional
    Spec PodDisruptionBudgetSpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
    // Most recently observed status of the PodDisruptionBudget.
    // +optional
    Status PodDisruptionBudgetStatus `json:"status,omitempty" protobuf:"bytes,3,opt,name=status"`
}

PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods

func (*PodDisruptionBudget) DeepCopy Uses

func (in *PodDisruptionBudget) DeepCopy() *PodDisruptionBudget

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudget.

func (*PodDisruptionBudget) DeepCopyInto Uses

func (in *PodDisruptionBudget) DeepCopyInto(out *PodDisruptionBudget)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudget) DeepCopyObject Uses

func (in *PodDisruptionBudget) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodDisruptionBudget) Descriptor Uses

func (*PodDisruptionBudget) Descriptor() ([]byte, []int)

func (*PodDisruptionBudget) Marshal Uses

func (m *PodDisruptionBudget) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudget) MarshalTo Uses

func (m *PodDisruptionBudget) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudget) MarshalToSizedBuffer Uses

func (m *PodDisruptionBudget) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudget) ProtoMessage Uses

func (*PodDisruptionBudget) ProtoMessage()

func (*PodDisruptionBudget) Reset Uses

func (m *PodDisruptionBudget) Reset()

func (*PodDisruptionBudget) Size Uses

func (m *PodDisruptionBudget) Size() (n int)

func (*PodDisruptionBudget) String Uses

func (this *PodDisruptionBudget) String() string

func (PodDisruptionBudget) SwaggerDoc Uses

func (PodDisruptionBudget) SwaggerDoc() map[string]string

func (*PodDisruptionBudget) Unmarshal Uses

func (m *PodDisruptionBudget) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudget) XXX_DiscardUnknown Uses

func (m *PodDisruptionBudget) XXX_DiscardUnknown()

func (*PodDisruptionBudget) XXX_Marshal Uses

func (m *PodDisruptionBudget) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudget) XXX_Merge Uses

func (m *PodDisruptionBudget) XXX_Merge(src proto.Message)

func (*PodDisruptionBudget) XXX_Size Uses

func (m *PodDisruptionBudget) XXX_Size() int

func (*PodDisruptionBudget) XXX_Unmarshal Uses

func (m *PodDisruptionBudget) XXX_Unmarshal(b []byte) error

type PodDisruptionBudgetList Uses

type PodDisruptionBudgetList struct {
    metav1.TypeMeta `json:",inline"`
    // +optional
    metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`
    Items           []PodDisruptionBudget `json:"items" protobuf:"bytes,2,rep,name=items"`
}

PodDisruptionBudgetList is a collection of PodDisruptionBudgets.

func (*PodDisruptionBudgetList) DeepCopy Uses

func (in *PodDisruptionBudgetList) DeepCopy() *PodDisruptionBudgetList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetList.

func (*PodDisruptionBudgetList) DeepCopyInto Uses

func (in *PodDisruptionBudgetList) DeepCopyInto(out *PodDisruptionBudgetList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudgetList) DeepCopyObject Uses

func (in *PodDisruptionBudgetList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodDisruptionBudgetList) Descriptor Uses

func (*PodDisruptionBudgetList) Descriptor() ([]byte, []int)

func (*PodDisruptionBudgetList) Marshal Uses

func (m *PodDisruptionBudgetList) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudgetList) MarshalTo Uses

func (m *PodDisruptionBudgetList) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudgetList) MarshalToSizedBuffer Uses

func (m *PodDisruptionBudgetList) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudgetList) ProtoMessage Uses

func (*PodDisruptionBudgetList) ProtoMessage()

func (*PodDisruptionBudgetList) Reset Uses

func (m *PodDisruptionBudgetList) Reset()

func (*PodDisruptionBudgetList) Size Uses

func (m *PodDisruptionBudgetList) Size() (n int)

func (*PodDisruptionBudgetList) String Uses

func (this *PodDisruptionBudgetList) String() string

func (PodDisruptionBudgetList) SwaggerDoc Uses

func (PodDisruptionBudgetList) SwaggerDoc() map[string]string

func (*PodDisruptionBudgetList) Unmarshal Uses

func (m *PodDisruptionBudgetList) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudgetList) XXX_DiscardUnknown Uses

func (m *PodDisruptionBudgetList) XXX_DiscardUnknown()

func (*PodDisruptionBudgetList) XXX_Marshal Uses

func (m *PodDisruptionBudgetList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudgetList) XXX_Merge Uses

func (m *PodDisruptionBudgetList) XXX_Merge(src proto.Message)

func (*PodDisruptionBudgetList) XXX_Size Uses

func (m *PodDisruptionBudgetList) XXX_Size() int

func (*PodDisruptionBudgetList) XXX_Unmarshal Uses

func (m *PodDisruptionBudgetList) XXX_Unmarshal(b []byte) error

type PodDisruptionBudgetSpec Uses

type PodDisruptionBudgetSpec struct {
    // An eviction is allowed if at least "minAvailable" pods selected by
    // "selector" will still be available after the eviction, i.e. even in the
    // absence of the evicted pod.  So for example you can prevent all voluntary
    // evictions by specifying "100%".
    // +optional
    MinAvailable *intstr.IntOrString `json:"minAvailable,omitempty" protobuf:"bytes,1,opt,name=minAvailable"`

    // Label query over pods whose evictions are managed by the disruption
    // budget.
    // +optional
    Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,2,opt,name=selector"`

    // An eviction is allowed if at most "maxUnavailable" pods selected by
    // "selector" are unavailable after the eviction, i.e. even in absence of
    // the evicted pod. For example, one can prevent all voluntary evictions
    // by specifying 0. This is a mutually exclusive setting with "minAvailable".
    // +optional
    MaxUnavailable *intstr.IntOrString `json:"maxUnavailable,omitempty" protobuf:"bytes,3,opt,name=maxUnavailable"`
}

PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.

func (*PodDisruptionBudgetSpec) DeepCopy Uses

func (in *PodDisruptionBudgetSpec) DeepCopy() *PodDisruptionBudgetSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetSpec.

func (*PodDisruptionBudgetSpec) DeepCopyInto Uses

func (in *PodDisruptionBudgetSpec) DeepCopyInto(out *PodDisruptionBudgetSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudgetSpec) Descriptor Uses

func (*PodDisruptionBudgetSpec) Descriptor() ([]byte, []int)

func (*PodDisruptionBudgetSpec) Marshal Uses

func (m *PodDisruptionBudgetSpec) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudgetSpec) MarshalTo Uses

func (m *PodDisruptionBudgetSpec) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudgetSpec) MarshalToSizedBuffer Uses

func (m *PodDisruptionBudgetSpec) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudgetSpec) ProtoMessage Uses

func (*PodDisruptionBudgetSpec) ProtoMessage()

func (*PodDisruptionBudgetSpec) Reset Uses

func (m *PodDisruptionBudgetSpec) Reset()

func (*PodDisruptionBudgetSpec) Size Uses

func (m *PodDisruptionBudgetSpec) Size() (n int)

func (*PodDisruptionBudgetSpec) String Uses

func (this *PodDisruptionBudgetSpec) String() string

func (PodDisruptionBudgetSpec) SwaggerDoc Uses

func (PodDisruptionBudgetSpec) SwaggerDoc() map[string]string

func (*PodDisruptionBudgetSpec) Unmarshal Uses

func (m *PodDisruptionBudgetSpec) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudgetSpec) XXX_DiscardUnknown Uses

func (m *PodDisruptionBudgetSpec) XXX_DiscardUnknown()

func (*PodDisruptionBudgetSpec) XXX_Marshal Uses

func (m *PodDisruptionBudgetSpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudgetSpec) XXX_Merge Uses

func (m *PodDisruptionBudgetSpec) XXX_Merge(src proto.Message)

func (*PodDisruptionBudgetSpec) XXX_Size Uses

func (m *PodDisruptionBudgetSpec) XXX_Size() int

func (*PodDisruptionBudgetSpec) XXX_Unmarshal Uses

func (m *PodDisruptionBudgetSpec) XXX_Unmarshal(b []byte) error

type PodDisruptionBudgetStatus Uses

type PodDisruptionBudgetStatus struct {
    // Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and other
    // status informatio is valid only if observedGeneration equals to PDB's object generation.
    // +optional
    ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,1,opt,name=observedGeneration"`

    // DisruptedPods contains information about pods whose eviction was
    // processed by the API server eviction subresource handler but has not
    // yet been observed by the PodDisruptionBudget controller.
    // A pod will be in this map from the time when the API server processed the
    // eviction request to the time when the pod is seen by PDB controller
    // as having been marked for deletion (or after a timeout). The key in the map is the name of the pod
    // and the value is the time when the API server processed the eviction request. If
    // the deletion didn't occur and a pod is still there it will be removed from
    // the list automatically by PodDisruptionBudget controller after some time.
    // If everything goes smooth this map should be empty for the most of the time.
    // Large number of entries in the map may indicate problems with pod deletions.
    // +optional
    DisruptedPods map[string]metav1.Time `json:"disruptedPods,omitempty" protobuf:"bytes,2,rep,name=disruptedPods"`

    // Number of pod disruptions that are currently allowed.
    PodDisruptionsAllowed int32 `json:"disruptionsAllowed" protobuf:"varint,3,opt,name=disruptionsAllowed"`

    // current number of healthy pods
    CurrentHealthy int32 `json:"currentHealthy" protobuf:"varint,4,opt,name=currentHealthy"`

    // minimum desired number of healthy pods
    DesiredHealthy int32 `json:"desiredHealthy" protobuf:"varint,5,opt,name=desiredHealthy"`

    // total number of pods counted by this disruption budget
    ExpectedPods int32 `json:"expectedPods" protobuf:"varint,6,opt,name=expectedPods"`
}

PodDisruptionBudgetStatus represents information about the status of a PodDisruptionBudget. Status may trail the actual state of a system.

func (*PodDisruptionBudgetStatus) DeepCopy Uses

func (in *PodDisruptionBudgetStatus) DeepCopy() *PodDisruptionBudgetStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodDisruptionBudgetStatus.

func (*PodDisruptionBudgetStatus) DeepCopyInto Uses

func (in *PodDisruptionBudgetStatus) DeepCopyInto(out *PodDisruptionBudgetStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodDisruptionBudgetStatus) Descriptor Uses

func (*PodDisruptionBudgetStatus) Descriptor() ([]byte, []int)

func (*PodDisruptionBudgetStatus) Marshal Uses

func (m *PodDisruptionBudgetStatus) Marshal() (dAtA []byte, err error)

func (*PodDisruptionBudgetStatus) MarshalTo Uses

func (m *PodDisruptionBudgetStatus) MarshalTo(dAtA []byte) (int, error)

func (*PodDisruptionBudgetStatus) MarshalToSizedBuffer Uses

func (m *PodDisruptionBudgetStatus) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodDisruptionBudgetStatus) ProtoMessage Uses

func (*PodDisruptionBudgetStatus) ProtoMessage()

func (*PodDisruptionBudgetStatus) Reset Uses

func (m *PodDisruptionBudgetStatus) Reset()

func (*PodDisruptionBudgetStatus) Size Uses

func (m *PodDisruptionBudgetStatus) Size() (n int)

func (*PodDisruptionBudgetStatus) String Uses

func (this *PodDisruptionBudgetStatus) String() string

func (PodDisruptionBudgetStatus) SwaggerDoc Uses

func (PodDisruptionBudgetStatus) SwaggerDoc() map[string]string

func (*PodDisruptionBudgetStatus) Unmarshal Uses

func (m *PodDisruptionBudgetStatus) Unmarshal(dAtA []byte) error

func (*PodDisruptionBudgetStatus) XXX_DiscardUnknown Uses

func (m *PodDisruptionBudgetStatus) XXX_DiscardUnknown()

func (*PodDisruptionBudgetStatus) XXX_Marshal Uses

func (m *PodDisruptionBudgetStatus) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodDisruptionBudgetStatus) XXX_Merge Uses

func (m *PodDisruptionBudgetStatus) XXX_Merge(src proto.Message)

func (*PodDisruptionBudgetStatus) XXX_Size Uses

func (m *PodDisruptionBudgetStatus) XXX_Size() int

func (*PodDisruptionBudgetStatus) XXX_Unmarshal Uses

func (m *PodDisruptionBudgetStatus) XXX_Unmarshal(b []byte) error

type PodSecurityPolicy Uses

type PodSecurityPolicy struct {
    metav1.TypeMeta `json:",inline"`
    // Standard object's metadata.
    // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
    // +optional
    metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

    // spec defines the policy enforced.
    // +optional
    Spec PodSecurityPolicySpec `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
}

PodSecurityPolicy governs the ability to make requests that affect the Security Context that will be applied to a pod and container.

func (*PodSecurityPolicy) DeepCopy Uses

func (in *PodSecurityPolicy) DeepCopy() *PodSecurityPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicy.

func (*PodSecurityPolicy) DeepCopyInto Uses

func (in *PodSecurityPolicy) DeepCopyInto(out *PodSecurityPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodSecurityPolicy) DeepCopyObject Uses

func (in *PodSecurityPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodSecurityPolicy) Descriptor Uses

func (*PodSecurityPolicy) Descriptor() ([]byte, []int)

func (*PodSecurityPolicy) Marshal Uses

func (m *PodSecurityPolicy) Marshal() (dAtA []byte, err error)

func (*PodSecurityPolicy) MarshalTo Uses

func (m *PodSecurityPolicy) MarshalTo(dAtA []byte) (int, error)

func (*PodSecurityPolicy) MarshalToSizedBuffer Uses

func (m *PodSecurityPolicy) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodSecurityPolicy) ProtoMessage Uses

func (*PodSecurityPolicy) ProtoMessage()

func (*PodSecurityPolicy) Reset Uses

func (m *PodSecurityPolicy) Reset()

func (*PodSecurityPolicy) Size Uses

func (m *PodSecurityPolicy) Size() (n int)

func (*PodSecurityPolicy) String Uses

func (this *PodSecurityPolicy) String() string

func (PodSecurityPolicy) SwaggerDoc Uses

func (PodSecurityPolicy) SwaggerDoc() map[string]string

func (*PodSecurityPolicy) Unmarshal Uses

func (m *PodSecurityPolicy) Unmarshal(dAtA []byte) error

func (*PodSecurityPolicy) XXX_DiscardUnknown Uses

func (m *PodSecurityPolicy) XXX_DiscardUnknown()

func (*PodSecurityPolicy) XXX_Marshal Uses

func (m *PodSecurityPolicy) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodSecurityPolicy) XXX_Merge Uses

func (m *PodSecurityPolicy) XXX_Merge(src proto.Message)

func (*PodSecurityPolicy) XXX_Size Uses

func (m *PodSecurityPolicy) XXX_Size() int

func (*PodSecurityPolicy) XXX_Unmarshal Uses

func (m *PodSecurityPolicy) XXX_Unmarshal(b []byte) error

type PodSecurityPolicyList Uses

type PodSecurityPolicyList struct {
    metav1.TypeMeta `json:",inline"`
    // Standard list metadata.
    // More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
    // +optional
    metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

    // items is a list of schema objects.
    Items []PodSecurityPolicy `json:"items" protobuf:"bytes,2,rep,name=items"`
}

PodSecurityPolicyList is a list of PodSecurityPolicy objects.

func (*PodSecurityPolicyList) DeepCopy Uses

func (in *PodSecurityPolicyList) DeepCopy() *PodSecurityPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicyList.

func (*PodSecurityPolicyList) DeepCopyInto Uses

func (in *PodSecurityPolicyList) DeepCopyInto(out *PodSecurityPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodSecurityPolicyList) DeepCopyObject Uses

func (in *PodSecurityPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PodSecurityPolicyList) Descriptor Uses

func (*PodSecurityPolicyList) Descriptor() ([]byte, []int)

func (*PodSecurityPolicyList) Marshal Uses

func (m *PodSecurityPolicyList) Marshal() (dAtA []byte, err error)

func (*PodSecurityPolicyList) MarshalTo Uses

func (m *PodSecurityPolicyList) MarshalTo(dAtA []byte) (int, error)

func (*PodSecurityPolicyList) MarshalToSizedBuffer Uses

func (m *PodSecurityPolicyList) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodSecurityPolicyList) ProtoMessage Uses

func (*PodSecurityPolicyList) ProtoMessage()

func (*PodSecurityPolicyList) Reset Uses

func (m *PodSecurityPolicyList) Reset()

func (*PodSecurityPolicyList) Size Uses

func (m *PodSecurityPolicyList) Size() (n int)

func (*PodSecurityPolicyList) String Uses

func (this *PodSecurityPolicyList) String() string

func (PodSecurityPolicyList) SwaggerDoc Uses

func (PodSecurityPolicyList) SwaggerDoc() map[string]string

func (*PodSecurityPolicyList) Unmarshal Uses

func (m *PodSecurityPolicyList) Unmarshal(dAtA []byte) error

func (*PodSecurityPolicyList) XXX_DiscardUnknown Uses

func (m *PodSecurityPolicyList) XXX_DiscardUnknown()

func (*PodSecurityPolicyList) XXX_Marshal Uses

func (m *PodSecurityPolicyList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodSecurityPolicyList) XXX_Merge Uses

func (m *PodSecurityPolicyList) XXX_Merge(src proto.Message)

func (*PodSecurityPolicyList) XXX_Size Uses

func (m *PodSecurityPolicyList) XXX_Size() int

func (*PodSecurityPolicyList) XXX_Unmarshal Uses

func (m *PodSecurityPolicyList) XXX_Unmarshal(b []byte) error

type PodSecurityPolicySpec Uses

type PodSecurityPolicySpec struct {
    // privileged determines if a pod can request to be run as privileged.
    // +optional
    Privileged bool `json:"privileged,omitempty" protobuf:"varint,1,opt,name=privileged"`
    // defaultAddCapabilities is the default set of capabilities that will be added to the container
    // unless the pod spec specifically drops the capability.  You may not list a capability in both
    // defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
    // allowed, and need not be included in the allowedCapabilities list.
    // +optional
    DefaultAddCapabilities []v1.Capability `json:"defaultAddCapabilities,omitempty" protobuf:"bytes,2,rep,name=defaultAddCapabilities,casttype=k8s.io/api/core/v1.Capability"`
    // requiredDropCapabilities are the capabilities that will be dropped from the container.  These
    // are required to be dropped and cannot be added.
    // +optional
    RequiredDropCapabilities []v1.Capability `json:"requiredDropCapabilities,omitempty" protobuf:"bytes,3,rep,name=requiredDropCapabilities,casttype=k8s.io/api/core/v1.Capability"`
    // allowedCapabilities is a list of capabilities that can be requested to add to the container.
    // Capabilities in this field may be added at the pod author's discretion.
    // You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
    // +optional
    AllowedCapabilities []v1.Capability `json:"allowedCapabilities,omitempty" protobuf:"bytes,4,rep,name=allowedCapabilities,casttype=k8s.io/api/core/v1.Capability"`
    // volumes is a white list of allowed volume plugins. Empty indicates that
    // no volumes may be used. To allow all volumes you may use '*'.
    // +optional
    Volumes []FSType `json:"volumes,omitempty" protobuf:"bytes,5,rep,name=volumes,casttype=FSType"`
    // hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
    // +optional
    HostNetwork bool `json:"hostNetwork,omitempty" protobuf:"varint,6,opt,name=hostNetwork"`
    // hostPorts determines which host port ranges are allowed to be exposed.
    // +optional
    HostPorts []HostPortRange `json:"hostPorts,omitempty" protobuf:"bytes,7,rep,name=hostPorts"`
    // hostPID determines if the policy allows the use of HostPID in the pod spec.
    // +optional
    HostPID bool `json:"hostPID,omitempty" protobuf:"varint,8,opt,name=hostPID"`
    // hostIPC determines if the policy allows the use of HostIPC in the pod spec.
    // +optional
    HostIPC bool `json:"hostIPC,omitempty" protobuf:"varint,9,opt,name=hostIPC"`
    // seLinux is the strategy that will dictate the allowable labels that may be set.
    SELinux SELinuxStrategyOptions `json:"seLinux" protobuf:"bytes,10,opt,name=seLinux"`
    // runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
    RunAsUser RunAsUserStrategyOptions `json:"runAsUser" protobuf:"bytes,11,opt,name=runAsUser"`
    // RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
    // If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
    // RunAsGroup feature gate to be enabled.
    // +optional
    RunAsGroup *RunAsGroupStrategyOptions `json:"runAsGroup,omitempty" protobuf:"bytes,22,opt,name=runAsGroup"`
    // supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
    SupplementalGroups SupplementalGroupsStrategyOptions `json:"supplementalGroups" protobuf:"bytes,12,opt,name=supplementalGroups"`
    // fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
    FSGroup FSGroupStrategyOptions `json:"fsGroup" protobuf:"bytes,13,opt,name=fsGroup"`
    // readOnlyRootFilesystem when set to true will force containers to run with a read only root file
    // system.  If the container specifically requests to run with a non-read only root file system
    // the PSP should deny the pod.
    // If set to false the container may run with a read only root file system if it wishes but it
    // will not be forced to.
    // +optional
    ReadOnlyRootFilesystem bool `json:"readOnlyRootFilesystem,omitempty" protobuf:"varint,14,opt,name=readOnlyRootFilesystem"`
    // defaultAllowPrivilegeEscalation controls the default setting for whether a
    // process can gain more privileges than its parent process.
    // +optional
    DefaultAllowPrivilegeEscalation *bool `json:"defaultAllowPrivilegeEscalation,omitempty" protobuf:"varint,15,opt,name=defaultAllowPrivilegeEscalation"`
    // allowPrivilegeEscalation determines if a pod can request to allow
    // privilege escalation. If unspecified, defaults to true.
    // +optional
    AllowPrivilegeEscalation *bool `json:"allowPrivilegeEscalation,omitempty" protobuf:"varint,16,opt,name=allowPrivilegeEscalation"`
    // allowedHostPaths is a white list of allowed host paths. Empty indicates
    // that all host paths may be used.
    // +optional
    AllowedHostPaths []AllowedHostPath `json:"allowedHostPaths,omitempty" protobuf:"bytes,17,rep,name=allowedHostPaths"`
    // allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
    // Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
    // is allowed in the "volumes" field.
    // +optional
    AllowedFlexVolumes []AllowedFlexVolume `json:"allowedFlexVolumes,omitempty" protobuf:"bytes,18,rep,name=allowedFlexVolumes"`
    // AllowedCSIDrivers is a whitelist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
    // An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
    // This is an alpha field, and is only honored if the API server enables the CSIInlineVolume feature gate.
    // +optional
    AllowedCSIDrivers []AllowedCSIDriver `json:"allowedCSIDrivers,omitempty" protobuf:"bytes,23,rep,name=allowedCSIDrivers"`
    // allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
    // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
    // as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
    // Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
    //
    // Examples:
    // e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
    // e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
    // +optional
    AllowedUnsafeSysctls []string `json:"allowedUnsafeSysctls,omitempty" protobuf:"bytes,19,rep,name=allowedUnsafeSysctls"`
    // forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
    // Each entry is either a plain sysctl name or ends in "*" in which case it is considered
    // as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
    //
    // Examples:
    // e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
    // e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
    // +optional
    ForbiddenSysctls []string `json:"forbiddenSysctls,omitempty" protobuf:"bytes,20,rep,name=forbiddenSysctls"`
    // AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
    // Empty or nil indicates that only the DefaultProcMountType may be used.
    // This requires the ProcMountType feature flag to be enabled.
    // +optional
    AllowedProcMountTypes []v1.ProcMountType `json:"allowedProcMountTypes,omitempty" protobuf:"bytes,21,opt,name=allowedProcMountTypes"`
    // runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
    // If this field is omitted, the pod's runtimeClassName field is unrestricted.
    // Enforcement of this field depends on the RuntimeClass feature gate being enabled.
    // +optional
    RuntimeClass *RuntimeClassStrategyOptions `json:"runtimeClass,omitempty" protobuf:"bytes,24,opt,name=runtimeClass"`
}

PodSecurityPolicySpec defines the policy enforced.

func (*PodSecurityPolicySpec) DeepCopy Uses

func (in *PodSecurityPolicySpec) DeepCopy() *PodSecurityPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodSecurityPolicySpec.

func (*PodSecurityPolicySpec) DeepCopyInto Uses

func (in *PodSecurityPolicySpec) DeepCopyInto(out *PodSecurityPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PodSecurityPolicySpec) Descriptor Uses

func (*PodSecurityPolicySpec) Descriptor() ([]byte, []int)

func (*PodSecurityPolicySpec) Marshal Uses

func (m *PodSecurityPolicySpec) Marshal() (dAtA []byte, err error)

func (*PodSecurityPolicySpec) MarshalTo Uses

func (m *PodSecurityPolicySpec) MarshalTo(dAtA []byte) (int, error)

func (*PodSecurityPolicySpec) MarshalToSizedBuffer Uses

func (m *PodSecurityPolicySpec) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*PodSecurityPolicySpec) ProtoMessage Uses

func (*PodSecurityPolicySpec) ProtoMessage()

func (*PodSecurityPolicySpec) Reset Uses

func (m *PodSecurityPolicySpec) Reset()

func (*PodSecurityPolicySpec) Size Uses

func (m *PodSecurityPolicySpec) Size() (n int)

func (*PodSecurityPolicySpec) String Uses

func (this *PodSecurityPolicySpec) String() string

func (PodSecurityPolicySpec) SwaggerDoc Uses

func (PodSecurityPolicySpec) SwaggerDoc() map[string]string

func (*PodSecurityPolicySpec) Unmarshal Uses

func (m *PodSecurityPolicySpec) Unmarshal(dAtA []byte) error

func (*PodSecurityPolicySpec) XXX_DiscardUnknown Uses

func (m *PodSecurityPolicySpec) XXX_DiscardUnknown()

func (*PodSecurityPolicySpec) XXX_Marshal Uses

func (m *PodSecurityPolicySpec) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*PodSecurityPolicySpec) XXX_Merge Uses

func (m *PodSecurityPolicySpec) XXX_Merge(src proto.Message)

func (*PodSecurityPolicySpec) XXX_Size Uses

func (m *PodSecurityPolicySpec) XXX_Size() int

func (*PodSecurityPolicySpec) XXX_Unmarshal Uses

func (m *PodSecurityPolicySpec) XXX_Unmarshal(b []byte) error

type RunAsGroupStrategy Uses

type RunAsGroupStrategy string

RunAsGroupStrategy denotes strategy types for generating RunAsGroup values for a Security Context.

const (
    // RunAsGroupStrategyMayRunAs means that container does not need to run with a particular gid.
    // However, when RunAsGroup are specified, they have to fall in the defined range.
    RunAsGroupStrategyMayRunAs RunAsGroupStrategy = "MayRunAs"
    // RunAsGroupStrategyMustRunAs means that container must run as a particular gid.
    RunAsGroupStrategyMustRunAs RunAsGroupStrategy = "MustRunAs"
    // RunAsUserStrategyRunAsAny means that container may make requests for any gid.
    RunAsGroupStrategyRunAsAny RunAsGroupStrategy = "RunAsAny"
)

type RunAsGroupStrategyOptions Uses

type RunAsGroupStrategyOptions struct {
    // rule is the strategy that will dictate the allowable RunAsGroup values that may be set.
    Rule RunAsGroupStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=RunAsGroupStrategy"`
    // ranges are the allowed ranges of gids that may be used. If you would like to force a single gid
    // then supply a single range with the same start and end. Required for MustRunAs.
    // +optional
    Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
}

RunAsGroupStrategyOptions defines the strategy type and any options used to create the strategy.

func (*RunAsGroupStrategyOptions) DeepCopy Uses

func (in *RunAsGroupStrategyOptions) DeepCopy() *RunAsGroupStrategyOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunAsGroupStrategyOptions.

func (*RunAsGroupStrategyOptions) DeepCopyInto Uses

func (in *RunAsGroupStrategyOptions) DeepCopyInto(out *RunAsGroupStrategyOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RunAsGroupStrategyOptions) Descriptor Uses

func (*RunAsGroupStrategyOptions) Descriptor() ([]byte, []int)

func (*RunAsGroupStrategyOptions) Marshal Uses

func (m *RunAsGroupStrategyOptions) Marshal() (dAtA []byte, err error)

func (*RunAsGroupStrategyOptions) MarshalTo Uses

func (m *RunAsGroupStrategyOptions) MarshalTo(dAtA []byte) (int, error)

func (*RunAsGroupStrategyOptions) MarshalToSizedBuffer Uses

func (m *RunAsGroupStrategyOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RunAsGroupStrategyOptions) ProtoMessage Uses

func (*RunAsGroupStrategyOptions) ProtoMessage()

func (*RunAsGroupStrategyOptions) Reset Uses

func (m *RunAsGroupStrategyOptions) Reset()

func (*RunAsGroupStrategyOptions) Size Uses

func (m *RunAsGroupStrategyOptions) Size() (n int)

func (*RunAsGroupStrategyOptions) String Uses

func (this *RunAsGroupStrategyOptions) String() string

func (RunAsGroupStrategyOptions) SwaggerDoc Uses

func (RunAsGroupStrategyOptions) SwaggerDoc() map[string]string

func (*RunAsGroupStrategyOptions) Unmarshal Uses

func (m *RunAsGroupStrategyOptions) Unmarshal(dAtA []byte) error

func (*RunAsGroupStrategyOptions) XXX_DiscardUnknown Uses

func (m *RunAsGroupStrategyOptions) XXX_DiscardUnknown()

func (*RunAsGroupStrategyOptions) XXX_Marshal Uses

func (m *RunAsGroupStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RunAsGroupStrategyOptions) XXX_Merge Uses

func (m *RunAsGroupStrategyOptions) XXX_Merge(src proto.Message)

func (*RunAsGroupStrategyOptions) XXX_Size Uses

func (m *RunAsGroupStrategyOptions) XXX_Size() int

func (*RunAsGroupStrategyOptions) XXX_Unmarshal Uses

func (m *RunAsGroupStrategyOptions) XXX_Unmarshal(b []byte) error

type RunAsUserStrategy Uses

type RunAsUserStrategy string

RunAsUserStrategy denotes strategy types for generating RunAsUser values for a Security Context.

const (
    // RunAsUserStrategyMustRunAs means that container must run as a particular uid.
    RunAsUserStrategyMustRunAs RunAsUserStrategy = "MustRunAs"
    // RunAsUserStrategyMustRunAsNonRoot means that container must run as a non-root uid.
    RunAsUserStrategyMustRunAsNonRoot RunAsUserStrategy = "MustRunAsNonRoot"
    // RunAsUserStrategyRunAsAny means that container may make requests for any uid.
    RunAsUserStrategyRunAsAny RunAsUserStrategy = "RunAsAny"
)

type RunAsUserStrategyOptions Uses

type RunAsUserStrategyOptions struct {
    // rule is the strategy that will dictate the allowable RunAsUser values that may be set.
    Rule RunAsUserStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=RunAsUserStrategy"`
    // ranges are the allowed ranges of uids that may be used. If you would like to force a single uid
    // then supply a single range with the same start and end. Required for MustRunAs.
    // +optional
    Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
}

RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.

func (*RunAsUserStrategyOptions) DeepCopy Uses

func (in *RunAsUserStrategyOptions) DeepCopy() *RunAsUserStrategyOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunAsUserStrategyOptions.

func (*RunAsUserStrategyOptions) DeepCopyInto Uses

func (in *RunAsUserStrategyOptions) DeepCopyInto(out *RunAsUserStrategyOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RunAsUserStrategyOptions) Descriptor Uses

func (*RunAsUserStrategyOptions) Descriptor() ([]byte, []int)

func (*RunAsUserStrategyOptions) Marshal Uses

func (m *RunAsUserStrategyOptions) Marshal() (dAtA []byte, err error)

func (*RunAsUserStrategyOptions) MarshalTo Uses

func (m *RunAsUserStrategyOptions) MarshalTo(dAtA []byte) (int, error)

func (*RunAsUserStrategyOptions) MarshalToSizedBuffer Uses

func (m *RunAsUserStrategyOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RunAsUserStrategyOptions) ProtoMessage Uses

func (*RunAsUserStrategyOptions) ProtoMessage()

func (*RunAsUserStrategyOptions) Reset Uses

func (m *RunAsUserStrategyOptions) Reset()

func (*RunAsUserStrategyOptions) Size Uses

func (m *RunAsUserStrategyOptions) Size() (n int)

func (*RunAsUserStrategyOptions) String Uses

func (this *RunAsUserStrategyOptions) String() string

func (RunAsUserStrategyOptions) SwaggerDoc Uses

func (RunAsUserStrategyOptions) SwaggerDoc() map[string]string

func (*RunAsUserStrategyOptions) Unmarshal Uses

func (m *RunAsUserStrategyOptions) Unmarshal(dAtA []byte) error

func (*RunAsUserStrategyOptions) XXX_DiscardUnknown Uses

func (m *RunAsUserStrategyOptions) XXX_DiscardUnknown()

func (*RunAsUserStrategyOptions) XXX_Marshal Uses

func (m *RunAsUserStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RunAsUserStrategyOptions) XXX_Merge Uses

func (m *RunAsUserStrategyOptions) XXX_Merge(src proto.Message)

func (*RunAsUserStrategyOptions) XXX_Size Uses

func (m *RunAsUserStrategyOptions) XXX_Size() int

func (*RunAsUserStrategyOptions) XXX_Unmarshal Uses

func (m *RunAsUserStrategyOptions) XXX_Unmarshal(b []byte) error

type RuntimeClassStrategyOptions Uses

type RuntimeClassStrategyOptions struct {
    // allowedRuntimeClassNames is a whitelist of RuntimeClass names that may be specified on a pod.
    // A value of "*" means that any RuntimeClass name is allowed, and must be the only item in the
    // list. An empty list requires the RuntimeClassName field to be unset.
    AllowedRuntimeClassNames []string `json:"allowedRuntimeClassNames" protobuf:"bytes,1,rep,name=allowedRuntimeClassNames"`
    // defaultRuntimeClassName is the default RuntimeClassName to set on the pod.
    // The default MUST be allowed by the allowedRuntimeClassNames list.
    // A value of nil does not mutate the Pod.
    // +optional
    DefaultRuntimeClassName *string `json:"defaultRuntimeClassName,omitempty" protobuf:"bytes,2,opt,name=defaultRuntimeClassName"`
}

RuntimeClassStrategyOptions define the strategy that will dictate the allowable RuntimeClasses for a pod.

func (*RuntimeClassStrategyOptions) DeepCopy Uses

func (in *RuntimeClassStrategyOptions) DeepCopy() *RuntimeClassStrategyOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuntimeClassStrategyOptions.

func (*RuntimeClassStrategyOptions) DeepCopyInto Uses

func (in *RuntimeClassStrategyOptions) DeepCopyInto(out *RuntimeClassStrategyOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RuntimeClassStrategyOptions) Descriptor Uses

func (*RuntimeClassStrategyOptions) Descriptor() ([]byte, []int)

func (*RuntimeClassStrategyOptions) Marshal Uses

func (m *RuntimeClassStrategyOptions) Marshal() (dAtA []byte, err error)

func (*RuntimeClassStrategyOptions) MarshalTo Uses

func (m *RuntimeClassStrategyOptions) MarshalTo(dAtA []byte) (int, error)

func (*RuntimeClassStrategyOptions) MarshalToSizedBuffer Uses

func (m *RuntimeClassStrategyOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*RuntimeClassStrategyOptions) ProtoMessage Uses

func (*RuntimeClassStrategyOptions) ProtoMessage()

func (*RuntimeClassStrategyOptions) Reset Uses

func (m *RuntimeClassStrategyOptions) Reset()

func (*RuntimeClassStrategyOptions) Size Uses

func (m *RuntimeClassStrategyOptions) Size() (n int)

func (*RuntimeClassStrategyOptions) String Uses

func (this *RuntimeClassStrategyOptions) String() string

func (RuntimeClassStrategyOptions) SwaggerDoc Uses

func (RuntimeClassStrategyOptions) SwaggerDoc() map[string]string

func (*RuntimeClassStrategyOptions) Unmarshal Uses

func (m *RuntimeClassStrategyOptions) Unmarshal(dAtA []byte) error

func (*RuntimeClassStrategyOptions) XXX_DiscardUnknown Uses

func (m *RuntimeClassStrategyOptions) XXX_DiscardUnknown()

func (*RuntimeClassStrategyOptions) XXX_Marshal Uses

func (m *RuntimeClassStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*RuntimeClassStrategyOptions) XXX_Merge Uses

func (m *RuntimeClassStrategyOptions) XXX_Merge(src proto.Message)

func (*RuntimeClassStrategyOptions) XXX_Size Uses

func (m *RuntimeClassStrategyOptions) XXX_Size() int

func (*RuntimeClassStrategyOptions) XXX_Unmarshal Uses

func (m *RuntimeClassStrategyOptions) XXX_Unmarshal(b []byte) error

type SELinuxStrategy Uses

type SELinuxStrategy string

SELinuxStrategy denotes strategy types for generating SELinux options for a Security Context.

const (
    // SELinuxStrategyMustRunAs means that container must have SELinux labels of X applied.
    SELinuxStrategyMustRunAs SELinuxStrategy = "MustRunAs"
    // SELinuxStrategyRunAsAny means that container may make requests for any SELinux context labels.
    SELinuxStrategyRunAsAny SELinuxStrategy = "RunAsAny"
)

type SELinuxStrategyOptions Uses

type SELinuxStrategyOptions struct {
    // rule is the strategy that will dictate the allowable labels that may be set.
    Rule SELinuxStrategy `json:"rule" protobuf:"bytes,1,opt,name=rule,casttype=SELinuxStrategy"`
    // seLinuxOptions required to run as; required for MustRunAs
    // More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
    // +optional
    SELinuxOptions *v1.SELinuxOptions `json:"seLinuxOptions,omitempty" protobuf:"bytes,2,opt,name=seLinuxOptions"`
}

SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.

func (*SELinuxStrategyOptions) DeepCopy Uses

func (in *SELinuxStrategyOptions) DeepCopy() *SELinuxStrategyOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SELinuxStrategyOptions.

func (*SELinuxStrategyOptions) DeepCopyInto Uses

func (in *SELinuxStrategyOptions) DeepCopyInto(out *SELinuxStrategyOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SELinuxStrategyOptions) Descriptor Uses

func (*SELinuxStrategyOptions) Descriptor() ([]byte, []int)

func (*SELinuxStrategyOptions) Marshal Uses

func (m *SELinuxStrategyOptions) Marshal() (dAtA []byte, err error)

func (*SELinuxStrategyOptions) MarshalTo Uses

func (m *SELinuxStrategyOptions) MarshalTo(dAtA []byte) (int, error)

func (*SELinuxStrategyOptions) MarshalToSizedBuffer Uses

func (m *SELinuxStrategyOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SELinuxStrategyOptions) ProtoMessage Uses

func (*SELinuxStrategyOptions) ProtoMessage()

func (*SELinuxStrategyOptions) Reset Uses

func (m *SELinuxStrategyOptions) Reset()

func (*SELinuxStrategyOptions) Size Uses

func (m *SELinuxStrategyOptions) Size() (n int)

func (*SELinuxStrategyOptions) String Uses

func (this *SELinuxStrategyOptions) String() string

func (SELinuxStrategyOptions) SwaggerDoc Uses

func (SELinuxStrategyOptions) SwaggerDoc() map[string]string

func (*SELinuxStrategyOptions) Unmarshal Uses

func (m *SELinuxStrategyOptions) Unmarshal(dAtA []byte) error

func (*SELinuxStrategyOptions) XXX_DiscardUnknown Uses

func (m *SELinuxStrategyOptions) XXX_DiscardUnknown()

func (*SELinuxStrategyOptions) XXX_Marshal Uses

func (m *SELinuxStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SELinuxStrategyOptions) XXX_Merge Uses

func (m *SELinuxStrategyOptions) XXX_Merge(src proto.Message)

func (*SELinuxStrategyOptions) XXX_Size Uses

func (m *SELinuxStrategyOptions) XXX_Size() int

func (*SELinuxStrategyOptions) XXX_Unmarshal Uses

func (m *SELinuxStrategyOptions) XXX_Unmarshal(b []byte) error

type SupplementalGroupsStrategyOptions Uses

type SupplementalGroupsStrategyOptions struct {
    // rule is the strategy that will dictate what supplemental groups is used in the SecurityContext.
    // +optional
    Rule SupplementalGroupsStrategyType `json:"rule,omitempty" protobuf:"bytes,1,opt,name=rule,casttype=SupplementalGroupsStrategyType"`
    // ranges are the allowed ranges of supplemental groups.  If you would like to force a single
    // supplemental group then supply a single range with the same start and end. Required for MustRunAs.
    // +optional
    Ranges []IDRange `json:"ranges,omitempty" protobuf:"bytes,2,rep,name=ranges"`
}

SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.

func (*SupplementalGroupsStrategyOptions) DeepCopy Uses

func (in *SupplementalGroupsStrategyOptions) DeepCopy() *SupplementalGroupsStrategyOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SupplementalGroupsStrategyOptions.

func (*SupplementalGroupsStrategyOptions) DeepCopyInto Uses

func (in *SupplementalGroupsStrategyOptions) DeepCopyInto(out *SupplementalGroupsStrategyOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SupplementalGroupsStrategyOptions) Descriptor Uses

func (*SupplementalGroupsStrategyOptions) Descriptor() ([]byte, []int)

func (*SupplementalGroupsStrategyOptions) Marshal Uses

func (m *SupplementalGroupsStrategyOptions) Marshal() (dAtA []byte, err error)

func (*SupplementalGroupsStrategyOptions) MarshalTo Uses

func (m *SupplementalGroupsStrategyOptions) MarshalTo(dAtA []byte) (int, error)

func (*SupplementalGroupsStrategyOptions) MarshalToSizedBuffer Uses

func (m *SupplementalGroupsStrategyOptions) MarshalToSizedBuffer(dAtA []byte) (int, error)

func (*SupplementalGroupsStrategyOptions) ProtoMessage Uses

func (*SupplementalGroupsStrategyOptions) ProtoMessage()

func (*SupplementalGroupsStrategyOptions) Reset Uses

func (m *SupplementalGroupsStrategyOptions) Reset()

func (*SupplementalGroupsStrategyOptions) Size Uses

func (m *SupplementalGroupsStrategyOptions) Size() (n int)

func (*SupplementalGroupsStrategyOptions) String Uses

func (this *SupplementalGroupsStrategyOptions) String() string

func (SupplementalGroupsStrategyOptions) SwaggerDoc Uses

func (SupplementalGroupsStrategyOptions) SwaggerDoc() map[string]string

func (*SupplementalGroupsStrategyOptions) Unmarshal Uses

func (m *SupplementalGroupsStrategyOptions) Unmarshal(dAtA []byte) error

func (*SupplementalGroupsStrategyOptions) XXX_DiscardUnknown Uses

func (m *SupplementalGroupsStrategyOptions) XXX_DiscardUnknown()

func (*SupplementalGroupsStrategyOptions) XXX_Marshal Uses

func (m *SupplementalGroupsStrategyOptions) XXX_Marshal(b []byte, deterministic bool) ([]byte, error)

func (*SupplementalGroupsStrategyOptions) XXX_Merge Uses

func (m *SupplementalGroupsStrategyOptions) XXX_Merge(src proto.Message)

func (*SupplementalGroupsStrategyOptions) XXX_Size Uses

func (m *SupplementalGroupsStrategyOptions) XXX_Size() int

func (*SupplementalGroupsStrategyOptions) XXX_Unmarshal Uses

func (m *SupplementalGroupsStrategyOptions) XXX_Unmarshal(b []byte) error

type SupplementalGroupsStrategyType Uses

type SupplementalGroupsStrategyType string

SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental groups for a SecurityContext.

const (
    // SupplementalGroupsStrategyMayRunAs means that container does not need to run with a particular gid.
    // However, when gids are specified, they have to fall in the defined range.
    SupplementalGroupsStrategyMayRunAs SupplementalGroupsStrategyType = "MayRunAs"
    // SupplementalGroupsStrategyMustRunAs means that container must run as a particular gid.
    SupplementalGroupsStrategyMustRunAs SupplementalGroupsStrategyType = "MustRunAs"
    // SupplementalGroupsStrategyRunAsAny means that container may make requests for any gid.
    SupplementalGroupsStrategyRunAsAny SupplementalGroupsStrategyType = "RunAsAny"
)

Package v1beta1 imports 13 packages (graph) and is imported by 559 packages. Updated 2019-07-27. Refresh now. Tools for package owners.