policy

package

v0.0.0-...-55e8439 Latest Latest Go to latest Published: Oct 4, 2016 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/30x/congress

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func AddBridgePolicy(client *unversioned.ExtensionsClient, namespace *api.Namespace, ...) error
func AddIntraPolicy(client *unversioned.ExtensionsClient, namespace *api.Namespace, ...) error
func EnactPolicies(client *unversioned.ExtensionsClient, namespace *api.Namespace, ...) error
func IsolateNamespace(client *unversioned.Client, namespace *api.Namespace, config *utils.Config) error
func ValidateIsolation(client *unversioned.Client, extClient *unversioned.ExtensionsClient, ...) error
func ValidateList(client *unversioned.Client, extClient *unversioned.ExtensionsClient, ...) (*api.NamespaceList, error)
func ValidateNamespace(client *unversioned.Client, extClient *unversioned.ExtensionsClient, ...) error

Constants ¶

View Source

const (
	// IngressAnnotationKey key for the network policy annotation in a namespace
	IngressAnnotationKey = "net.beta.kubernetes.io/network-policy"
	// IngressAnnotationValue is the policy that belongs to the NetworkPolicy key
	IngressAnnotationValue = `{"ingress": {"isolation": "DefaultDeny"}}`
	// IntraPolicyName name of the intra-namespace network policy
	IntraPolicyName = "allow-intra-namespace"
)

Variables ¶

This section is empty.

Functions ¶

func AddBridgePolicy ¶

func AddBridgePolicy(client *unversioned.ExtensionsClient, namespace *api.Namespace, config *utils.Config) error

AddBridgePolicy adds the allow-apigee NetworkPolicy to the given namespace

func AddIntraPolicy ¶

func AddIntraPolicy(client *unversioned.ExtensionsClient, namespace *api.Namespace, config *utils.Config) error

AddIntraPolicy adds the intra-namespace network policy to a given namespace

func EnactPolicies ¶

func EnactPolicies(client *unversioned.ExtensionsClient, namespace *api.Namespace, config *utils.Config) error

EnactPolicies creates the necessary network policies in the given namespace

func IsolateNamespace ¶

func IsolateNamespace(client *unversioned.Client, namespace *api.Namespace, config *utils.Config) error

IsolateNamespace adds the necessary label for network isolation

func ValidateIsolation ¶

func ValidateIsolation(client *unversioned.Client, extClient *unversioned.ExtensionsClient, namespace *api.Namespace, config *utils.Config) error

ValidateIsolation ensures that a namespace excluded by the IgnoreSelector labels is not isolated by congress

func ValidateList ¶

func ValidateList(client *unversioned.Client, extClient *unversioned.ExtensionsClient, list *api.NamespaceList, config *utils.Config) (*api.NamespaceList, error)

ValidateList validates that a list of namespaces conform to network isolation standards

func ValidateNamespace ¶

func ValidateNamespace(client *unversioned.Client, extClient *unversioned.ExtensionsClient, namespace *api.Namespace, config *utils.Config) error

ValidateNamespace validates that a single namespace conforms to network isolation standards

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL