kubernetes: k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp Index | Files

package seccomp

import "k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp"

Index

Package Files

strategy.go

Constants

const (
    // AllowAny is the wildcard used to allow any profile.
    AllowAny = "*"
    // The annotation key specifying the default seccomp profile.
    DefaultProfileAnnotationKey = "seccomp.security.alpha.kubernetes.io/defaultProfileName"
    // The annotation key specifying the allowed seccomp profiles.
    AllowedProfilesAnnotationKey = "seccomp.security.alpha.kubernetes.io/allowedProfileNames"
)

type Strategy Uses

type Strategy interface {
    // Generate returns a profile based on constraint rules.
    Generate(annotations map[string]string, pod *api.Pod) (string, error)
    // Validate ensures that the specified values fall within the range of the strategy.
    ValidatePod(pod *api.Pod) field.ErrorList
    // Validate ensures that the specified values fall within the range of the strategy.
    ValidateContainer(pod *api.Pod, container *api.Container) field.ErrorList
}

Strategy defines the interface for all seccomp constraint strategies.

func NewStrategy Uses

func NewStrategy(pspAnnotations map[string]string) Strategy

NewStrategy creates a new strategy that enforces seccomp profile constraints.

Package seccomp imports 4 packages (graph) and is imported by 92 packages. Updated 2018-06-29. Refresh now. Tools for package owners.