Documentation ¶
Index ¶
- Constants
- Variables
- func AppendCondition(conditions []policyv1.Condition, newCond *policyv1.Condition) (conditionsRes []policyv1.Condition)
- func IsBeingUninstalled(client client.Client) (bool, error)
- func IsSimilarToLastCondition(oldCond policyv1.Condition, newCond policyv1.Condition) bool
- type ConfigurationPolicyReconciler
- func (r *ConfigurationPolicyReconciler) PeriodicallyExecConfigPolicies(ctx context.Context, freq uint, elected <-chan struct{}, ...)
- func (r *ConfigurationPolicyReconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error)
- func (r *ConfigurationPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error
- type OperatorPolicyReconciler
Constants ¶
const ( ControllerName string = "configuration-policy-controller" CRDName string = "configurationpolicies.policy.open-cluster-management.io" )
const ( OperatorControllerName string = "operator-policy-controller" CatalogSourceReady string = "READY" )
const IVAnnotation = "policy.open-cluster-management.io/encryption-iv"
Variables ¶
var PlcChan chan *policyv1.ConfigurationPolicy
PlcChan a channel used to pass policies ready for update
Functions ¶
func AppendCondition ¶
func AppendCondition( conditions []policyv1.Condition, newCond *policyv1.Condition, ) (conditionsRes []policyv1.Condition)
AppendCondition check and appends conditions to the policy status
func IsBeingUninstalled ¶ added in v0.13.0
Types ¶
type ConfigurationPolicyReconciler ¶
type ConfigurationPolicyReconciler struct { // This client, initialized using mgr.Client() above, is a split client // that reads objects from the cache and writes to the apiserver client.Client DecryptionConcurrency uint8 // Determines if the target Kubernetes cluster supports dry run update requests. When OpenShift <v4.5 // support is dropped, this can be removed as it's always true. DryRunSupported bool // Determines the number of Go routines that can evaluate policies concurrently. EvaluationConcurrency uint8 Scheme *runtime.Scheme Recorder record.EventRecorder InstanceName string // The Kubernetes client to use when evaluating/enforcing policies. Most times, this will be the same cluster // where the controller is running. TargetK8sClient kubernetes.Interface TargetK8sDynamicClient dynamic.Interface TargetK8sConfig *rest.Config SelectorReconciler common.SelectorReconciler // Whether custom metrics collection is enabled EnableMetrics bool // When true, the controller has detected it is being uninstalled and only basic cleanup should be performed before // exiting. UninstallMode bool // contains filtered or unexported fields }
ConfigurationPolicyReconciler reconciles a ConfigurationPolicy object
func (*ConfigurationPolicyReconciler) PeriodicallyExecConfigPolicies ¶
func (r *ConfigurationPolicyReconciler) PeriodicallyExecConfigPolicies( ctx context.Context, freq uint, elected <-chan struct{}, uninstallDetected context.CancelFunc, )
PeriodicallyExecConfigPolicies loops through all configurationpolicies in the target namespace and triggers template handling for each one. This function drives all the work the configuration policy controller does.
func (*ConfigurationPolicyReconciler) Reconcile ¶
func (r *ConfigurationPolicyReconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error)
Reconcile currently does nothing except that it removes a policy's metric when the policy is deleted. All the logic is handled in the PeriodicallyExecConfigPolicies method.
func (*ConfigurationPolicyReconciler) SetupWithManager ¶
func (r *ConfigurationPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error
SetupWithManager sets up the controller with the Manager.
type OperatorPolicyReconciler ¶ added in v0.12.0
type OperatorPolicyReconciler struct { client.Client DynamicWatcher depclient.DynamicWatcher InstanceName string DefaultNamespace string }
OperatorPolicyReconciler reconciles a OperatorPolicy object
func (*OperatorPolicyReconciler) Reconcile ¶ added in v0.12.0
func (r *OperatorPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error)
Reconcile is part of the main kubernetes reconciliation loop which aims to move the current state of the cluster closer to the desired state. (user): Modify the Reconcile function to compare the state specified by the OperatorPolicy object against the actual cluster state, and then perform operations to make the cluster state reflect the state specified by the user.
For more details, check Reconcile and its Result here: - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.14.4/pkg/reconcile
func (*OperatorPolicyReconciler) SetupWithManager ¶ added in v0.12.0
func (r *OperatorPolicyReconciler) SetupWithManager(mgr ctrl.Manager, depEvents *source.Channel) error
SetupWithManager sets up the controller with the Manager and will reconcile when the dynamic watcher sees that an object is updated