allowed

package

v0.3.0 Latest Latest Go to latest Published: Jan 5, 2022 License: Apache-2.0 Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cert-manager/approver-policy

Links

Open Source Insights

Documentation ¶

Index ¶

type Allowed

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Allowed ¶

type Allowed struct{}

Allowed is a base approver-policy Approver that is responsible for ensuring incoming requests may only request all or some of the X.509 attributes that are allowed by the policy. Requests which do not request all of the attributes which they are allowed to in the policy are permitted. It is expected that allowed must _always_ be registered for all approver-policy builds.

func (Allowed) EnqueueChan ¶ added in v0.2.0

func (a Allowed) EnqueueChan() <-chan string

Allowed never needs to manually enqueue policies.

func (Allowed) Evaluate ¶

func (a Allowed) Evaluate(_ context.Context, policy *policyapi.CertificateRequestPolicy, request *cmapi.CertificateRequest) (approver.EvaluationResponse, error)

Evaluate evaluates whether the given CertificateRequest conforms to the allowed attributes defined in the policy. The request _must_ conform to _all_ allowed attributes in the policy to be permitted by the passed policy. If the request is denied by the allowed attributes an explanation is returned. An error signals that the policy couldn't be evaluated to completion.

func (Allowed) Name ¶

func (a Allowed) Name() string

Name of Approver is "allowed"

func (Allowed) Prepare ¶

func (a Allowed) Prepare(_ context.Context, _ logr.Logger, _ manager.Manager) error

Prepare is a no-op, Allowed doesn't need to prepare anything.

func (Allowed) Ready ¶

func (a Allowed) Ready(_ context.Context, _ *policyapi.CertificateRequestPolicy) (approver.ReconcilerReadyResponse, error)

Ready always returns ready, Allowed doesn't have any dependencies to block readiness.

func (Allowed) RegisterFlags ¶

func (a Allowed) RegisterFlags(_ *pflag.FlagSet)

RegisterFlags is a no-op, Allowed doesn't need any flags.

func (Allowed) Validate ¶

func (a Allowed) Validate(_ context.Context, policy *policyapi.CertificateRequestPolicy) (approver.WebhookValidationResponse, error)

Validate validates that the processed CertificateRequestPolicy has valid allowed fields defined and there are no parsing errors in the values.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL