Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ImageSelectionRule ¶
type MappingRule ¶
type MappingRule struct { Id string `json:"id,omitempty"` Name string `json:"name"` WhitelistIds []string `json:"whitelist_ids"` // Optional single policy to evalute, if set will override any value in policy_ids, for backwards compatibility. Generally, policy_ids should be used even with a array of length 1. PolicyId string `json:"policy_id,omitempty"` // List of policyIds to evaluate in order, to completion PolicyIds []string `json:"policy_ids,omitempty"` Registry string `json:"registry"` Repository string `json:"repository"` Image ImageRef `json:"image"` }
type Policy ¶
type Policy struct { Id string `json:"id"` Name string `json:"name"` Comment string `json:"comment,omitempty"` Version string `json:"version"` Rules []PolicyRule `json:"rules"` }
type PolicyBundle ¶
type PolicyBundle struct { // Id of the bundle Id string `json:"id"` // Human readable name for the bundle Name string `json:"name"` // Description of the bundle, human readable Comment string `json:"comment"` // Version id for this bundle format Version string `json:"version,omitempty"` // Whitelists which define which policy matches to disregard explicitly in the final policy decision Whitelists []Whitelist `json:"whitelists"` // Policies which define the go/stop/warn status of an image using rule matches on image properties Policies []Policy `json:"policies"` // Mapping rules for defining which policy and whitelist(s) to apply to an image based on a match of the image tag or id. Evaluated in order. Mappings []MappingRule `json:"mappings"` // List of mapping rules that define which images should always be passed (unless also on the blacklist), regardless of policy result. WhitelistedImages []ImageSelectionRule `json:"whitelisted_images,omitempty"` // List of mapping rules that define which images should always result in a STOP/FAIL policy result regardless of policy content or presence in whitelisted_images BlacklistedImages []ImageSelectionRule `json:"blacklisted_images,omitempty"` }
A bundle containing a set of policies, whitelists, and rules for mapping them to specific images
type PolicyBundleRecord ¶
type PolicyBundleRecord struct { CreatedAt time.Time `json:"created_at,omitempty"` LastUpdated time.Time `json:"last_updated,omitempty"` // The bundle's identifier PolicyId string `json:"policyId,omitempty"` // True if the bundle is currently defined to be used automatically Active bool `json:"active,omitempty"` // UserId of the user that owns the bundle UserId string `json:"userId,omitempty"` // Source location of where the policy bundle originated PolicySource string `json:"policy_source,omitempty"` Policybundle PolicyBundle `json:"policybundle,omitempty"` }
A policy bundle plus some metadata
type PolicyRule ¶
type PolicyRule struct { Id string `json:"id"` Gate string `json:"gate"` Trigger string `json:"trigger"` Action string `json:"action"` Params []PolicyRuleParams `json:"params"` }
A rule that defines and decision value if the match is found true for a given image.
type PolicyRuleParams ¶
type ReleaseWhiteListItem ¶
type Whitelist ¶
type Whitelist struct { Id string `json:"id"` Name string `json:"name,omitempty"` Version string `json:"version"` Comment string `json:"comment,omitempty"` Items []WhitelistItem `json:"items,omitempty"` }
A collection of whitelist items to match a policy evaluation against.
type WhitelistItem ¶
type WhitelistItem struct { Id string `json:"id,omitempty"` Gate string `json:"gate"` TriggerId string `json:"trigger_id"` }
Identifies a specific gate and trigger match from a policy against an image and indicates it should be ignored in final policy decisions
Click to show internal directories.
Click to hide internal directories.