kubernetes: k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy Index | Files

package podsecuritypolicy

import "k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy"


Package Files



const PluginName = "PodSecurityPolicy"

PluginName is a string with the name of the plugin

func Register Uses

func Register(plugins *admission.Plugins)

Register registers a plugin

type Plugin Uses

type Plugin struct {
    // contains filtered or unexported fields

Plugin holds state for and implements the admission plugin.

func (*Plugin) Admit Uses

func (p *Plugin) Admit(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error

Admit determines if the pod should be admitted based on the requested security context and the available PSPs.

1. Find available PSPs. 2. Create the providers, includes setting pre-allocated values if necessary. 3. Try to generate and validate a PSP with providers. If we find one then admit the pod

with the validated PSP.  If we don't find any reject the pod and give all errors from the
failed attempts.

func (*Plugin) SetAuthorizer Uses

func (p *Plugin) SetAuthorizer(authz authorizer.Authorizer)

SetAuthorizer sets the authorizer.

func (*Plugin) SetExternalKubeInformerFactory Uses

func (p *Plugin) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)

SetExternalKubeInformerFactory registers an informer

func (*Plugin) Validate Uses

func (p *Plugin) Validate(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error

Validate verifies attributes against the PodSecurityPolicy

func (*Plugin) ValidateInitialization Uses

func (p *Plugin) ValidateInitialization() error

ValidateInitialization ensures an authorizer is set.

Package podsecuritypolicy imports 23 packages (graph) and is imported by 68 packages. Updated 2020-11-09. Refresh now. Tools for package owners.