validation

package

v0.5.0 Latest Latest Go to latest Published: Sep 26, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/anchore/kubernetes-admission-controller

Links

Open Source Insights

Documentation ¶

Index ¶

type Configuration
- func NewConfiguration(meta metav1.ObjectMeta, imageReference string, ...) *Configuration
type Mode
type PolicySelector
type ResourceSelector
type ResourceSelectorType
type Result
- func Reduce(results []Result, messagePrefix string) Result
type Validator
- func New(configuration Configuration, imageBackend anchore.ImageBackend, ...) (Validator, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Configuration ¶ added in v0.3.1

type Configuration struct {
	Mode            Mode
	PolicyReference anchore.PolicyReference
}

func NewConfiguration ¶ added in v0.3.1

func NewConfiguration(
	meta metav1.ObjectMeta,
	imageReference string,
	policySelectors []PolicySelector,
	clientset kubernetes.Clientset,
) *Configuration

type Mode ¶

type Mode string

const (
	PolicyGateMode   Mode = "policy"
	AnalysisGateMode Mode = "analysis"
	BreakGlassMode   Mode = "breakglass"
)

type PolicySelector ¶ added in v0.3.1

type PolicySelector struct {
	ResourceSelector ResourceSelector `mapstructure:"Selector"`
	Mode             Mode
	PolicyReference  anchore.PolicyReference
}

type ResourceSelector ¶ added in v0.3.1

type ResourceSelector struct {
	Type ResourceSelectorType `mapstructure:"ResourceType"` // The resource to do selection on,
	// supported: pod, namespace
	SelectorKeyRegex   string // The regex to select a matching key
	SelectorValueRegex string // The regex to apply to the label/annotation of the specified resource type
}

type ResourceSelectorType ¶ added in v0.3.1

type ResourceSelectorType string

const (
	GeneralResourceSelectorType   ResourceSelectorType = "resource"
	NamespaceResourceSelectorType ResourceSelectorType = "namespace"
	ImageResourceSelectorType     ResourceSelectorType = "image"
)

type Result ¶

type Result struct {
	Mode        Mode
	IsValid     bool
	Message     string
	ImageDigest string
}

Result is a data structure that describes the evaluation result for a validation operation.

func Reduce ¶

func Reduce(results []Result, messagePrefix string) Result

Reduce takes an arbitrary number of Results as input and reduces them to a single Result. This Result's Message aggregates the input Results' Messages, prefixed with the given messagePrefix. If only a single Result is passed in, the Result is returned as-is (and the messagePrefix is not used).

type Validator ¶ added in v0.3.1

type Validator func() Result

Validator is a function that can be executed to produce a validation Result.

func New ¶ added in v0.3.1

func New(configuration Configuration, imageBackend anchore.ImageBackend, user anchore.Credential,
	imageReference string) (Validator, error)

New returns a validator function with its internal state fully configured. If a validator function cannot be created, New returns an error.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL