v1

package
v0.0.0-...-b7baaf8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2024 License: Apache-2.0 Imports: 4 Imported by: 12

Documentation

Overview

Package v1 contains API Schema definitions for the security v1 API group +kubebuilder:object:generate=true +groupName=security.kubearmor.com

Index

Constants

This section is empty.

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: "security.kubearmor.com", Version: "v1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type ActionType 

type ActionType string

+kubebuilder:validation:Enum=Allow;Audit;Block

type CapabilitiesType 

type CapabilitiesType struct {
	MatchCapabilities []MatchCapabilitiesType `json:"matchCapabilities,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*CapabilitiesType) DeepCopy 

func (in *CapabilitiesType) DeepCopy() *CapabilitiesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapabilitiesType.

func (*CapabilitiesType) DeepCopyInto 

func (in *CapabilitiesType) DeepCopyInto(out *CapabilitiesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FileDirectoryType 

type FileDirectoryType struct {
	Directory MatchDirectoryType `json:"dir"`

	// +kubebuilder:validation:Optional
	Recursive bool `json:"recursive,omitempty"`
	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FileDirectoryType) DeepCopy 

func (in *FileDirectoryType) DeepCopy() *FileDirectoryType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileDirectoryType.

func (*FileDirectoryType) DeepCopyInto 

func (in *FileDirectoryType) DeepCopyInto(out *FileDirectoryType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilePathType 

type FilePathType struct {
	Path MatchPathType `json:"path"`

	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FilePathType) DeepCopy 

func (in *FilePathType) DeepCopy() *FilePathType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilePathType.

func (*FilePathType) DeepCopyInto 

func (in *FilePathType) DeepCopyInto(out *FilePathType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilePatternType 

type FilePatternType struct {
	Pattern string `json:"pattern"`

	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FilePatternType) DeepCopy 

func (in *FilePatternType) DeepCopy() *FilePatternType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilePatternType.

func (*FilePatternType) DeepCopyInto 

func (in *FilePatternType) DeepCopyInto(out *FilePatternType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FileType 

type FileType struct {
	MatchPaths       []FilePathType      `json:"matchPaths,omitempty"`
	MatchDirectories []FileDirectoryType `json:"matchDirectories,omitempty"`
	MatchPatterns    []FilePatternType   `json:"matchPatterns,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FileType) DeepCopy 

func (in *FileType) DeepCopy() *FileType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileType.

func (*FileType) DeepCopyInto 

func (in *FileType) DeepCopyInto(out *FileType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HostCapabilitiesType 

type HostCapabilitiesType struct {
	MatchCapabilities []MatchHostCapabilitiesType `json:"matchCapabilities,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*HostCapabilitiesType) DeepCopy 

func (in *HostCapabilitiesType) DeepCopy() *HostCapabilitiesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostCapabilitiesType.

func (*HostCapabilitiesType) DeepCopyInto 

func (in *HostCapabilitiesType) DeepCopyInto(out *HostCapabilitiesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type HostNetworkType 

type HostNetworkType struct {
	MatchProtocols []MatchHostNetworkProtocolType `json:"matchProtocols,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*HostNetworkType) DeepCopy 

func (in *HostNetworkType) DeepCopy() *HostNetworkType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostNetworkType.

func (*HostNetworkType) DeepCopyInto 

func (in *HostNetworkType) DeepCopyInto(out *HostNetworkType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeArmorHostPolicy 

type KubeArmorHostPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   KubeArmorHostPolicySpec   `json:"spec,omitempty"`
	Status KubeArmorHostPolicyStatus `json:"status,omitempty"`
}

KubeArmorHostPolicy is the Schema for the kubearmorhostpolicies API +genclient +genclient:nonNamespaced +kubebuilder:resource:scope=Cluster,shortName=hsp +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +kubebuilder:printcolumn:name="Action",type=string,JSONPath=`.spec.action`,priority=10 +kubebuilder:printcolumn:name="Selector",type=string,JSONPath=`.spec.nodeSelector.matchLabels`,priority=10

func (*KubeArmorHostPolicy) DeepCopy 

func (in *KubeArmorHostPolicy) DeepCopy() *KubeArmorHostPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorHostPolicy.

func (*KubeArmorHostPolicy) DeepCopyInto 

func (in *KubeArmorHostPolicy) DeepCopyInto(out *KubeArmorHostPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeArmorHostPolicy) DeepCopyObject 

func (in *KubeArmorHostPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeArmorHostPolicyList 

type KubeArmorHostPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []KubeArmorHostPolicy `json:"items"`
}

KubeArmorHostPolicyList contains a list of KubeArmorHostPolicy

func (*KubeArmorHostPolicyList) DeepCopy 

func (in *KubeArmorHostPolicyList) DeepCopy() *KubeArmorHostPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorHostPolicyList.

func (*KubeArmorHostPolicyList) DeepCopyInto 

func (in *KubeArmorHostPolicyList) DeepCopyInto(out *KubeArmorHostPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeArmorHostPolicyList) DeepCopyObject 

func (in *KubeArmorHostPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeArmorHostPolicySpec 

type KubeArmorHostPolicySpec struct {
	NodeSelector NodeSelectorType `json:"nodeSelector"`

	Process      ProcessType          `json:"process,omitempty"`
	File         FileType             `json:"file,omitempty"`
	Network      HostNetworkType      `json:"network,omitempty"`
	Capabilities HostCapabilitiesType `json:"capabilities,omitempty"`
	Syscalls     SyscallsType         `json:"syscalls,omitempty"`

	AppArmor string `json:"apparmor,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

KubeArmorHostPolicySpec defines the desired state of KubeArmorHostPolicy

func (*KubeArmorHostPolicySpec) DeepCopy 

func (in *KubeArmorHostPolicySpec) DeepCopy() *KubeArmorHostPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorHostPolicySpec.

func (*KubeArmorHostPolicySpec) DeepCopyInto 

func (in *KubeArmorHostPolicySpec) DeepCopyInto(out *KubeArmorHostPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeArmorHostPolicyStatus 

type KubeArmorHostPolicyStatus struct {
	PolicyStatus string `json:"status,omitempty"`
}

KubeArmorHostPolicyStatus defines the observed state of KubeArmorHostPolicy

func (*KubeArmorHostPolicyStatus) DeepCopy 

func (in *KubeArmorHostPolicyStatus) DeepCopy() *KubeArmorHostPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorHostPolicyStatus.

func (*KubeArmorHostPolicyStatus) DeepCopyInto 

func (in *KubeArmorHostPolicyStatus) DeepCopyInto(out *KubeArmorHostPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeArmorPolicy 

type KubeArmorPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   KubeArmorPolicySpec   `json:"spec,omitempty"`
	Status KubeArmorPolicyStatus `json:"status,omitempty"`
}

KubeArmorPolicy is the Schema for the kubearmorpolicies API +genclient +kubebuilder:resource:shortName=ksp +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` +kubebuilder:printcolumn:name="Action",type=string,JSONPath=`.spec.action`,priority=10 +kubebuilder:printcolumn:name="Selector",type=string,JSONPath=`.spec.selector.matchLabels`,priority=10

func (*KubeArmorPolicy) DeepCopy 

func (in *KubeArmorPolicy) DeepCopy() *KubeArmorPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicy.

func (*KubeArmorPolicy) DeepCopyInto 

func (in *KubeArmorPolicy) DeepCopyInto(out *KubeArmorPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeArmorPolicy) DeepCopyObject 

func (in *KubeArmorPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeArmorPolicyList 

type KubeArmorPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []KubeArmorPolicy `json:"items"`
}

KubeArmorPolicyList contains a list of KubeArmorPolicy

func (*KubeArmorPolicyList) DeepCopy 

func (in *KubeArmorPolicyList) DeepCopy() *KubeArmorPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicyList.

func (*KubeArmorPolicyList) DeepCopyInto 

func (in *KubeArmorPolicyList) DeepCopyInto(out *KubeArmorPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeArmorPolicyList) DeepCopyObject 

func (in *KubeArmorPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeArmorPolicySpec 

type KubeArmorPolicySpec struct {
	Selector SelectorType `json:"selector,omitempty"`

	Process      ProcessType      `json:"process,omitempty"`
	File         FileType         `json:"file,omitempty"`
	Network      NetworkType      `json:"network,omitempty"`
	Capabilities CapabilitiesType `json:"capabilities,omitempty"`
	Syscalls     SyscallsType     `json:"syscalls,omitempty"`

	AppArmor string `json:"apparmor,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

KubeArmorPolicySpec defines the desired state of KubeArmorPolicy

func (*KubeArmorPolicySpec) DeepCopy 

func (in *KubeArmorPolicySpec) DeepCopy() *KubeArmorPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicySpec.

func (*KubeArmorPolicySpec) DeepCopyInto 

func (in *KubeArmorPolicySpec) DeepCopyInto(out *KubeArmorPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeArmorPolicyStatus 

type KubeArmorPolicyStatus struct {
	PolicyStatus string `json:"status,omitempty"`
}

KubeArmorPolicyStatus defines the observed state of KubeArmorPolicy

func (*KubeArmorPolicyStatus) DeepCopy 

func (in *KubeArmorPolicyStatus) DeepCopy() *KubeArmorPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicyStatus.

func (*KubeArmorPolicyStatus) DeepCopyInto 

func (in *KubeArmorPolicyStatus) DeepCopyInto(out *KubeArmorPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchBinType 

type MatchBinType string

+kubebuilder:validation:Pattern=^[^\/]+$

type MatchCapabilitiesStringType 

type MatchCapabilitiesStringType string

+kubebuilder:validation:Pattern=(chown|dac_override|dac_read_search|fowner|fsetid|kill|setgid|setuid|setpcap|linux_immutable|net_bind_service|net_broadcast|net_admin|net_raw|ipc_lock|ipc_owner|sys_module|sys_rawio|sys_chroot|sys_ptrace|sys_pacct|sys_admin|sys_boot|sys_nice|sys_resource|sys_time|sys_tty_config|mknod|lease|audit_write|audit_control|setfcap|mac_override|mac_admin)$

type MatchCapabilitiesType 

type MatchCapabilitiesType struct {
	Capability MatchCapabilitiesStringType `json:"capability"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchCapabilitiesType) DeepCopy 

func (in *MatchCapabilitiesType) DeepCopy() *MatchCapabilitiesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchCapabilitiesType.

func (*MatchCapabilitiesType) DeepCopyInto 

func (in *MatchCapabilitiesType) DeepCopyInto(out *MatchCapabilitiesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchDirectoryType 

type MatchDirectoryType string

+kubebuilder:validation:Pattern=^\/$|^\/.*\/$

type MatchHostCapabilitiesType 

type MatchHostCapabilitiesType struct {
	Capability MatchCapabilitiesStringType `json:"capability"`
	FromSource []MatchSourceType           `json:"fromSource"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchHostCapabilitiesType) DeepCopy 

func (in *MatchHostCapabilitiesType) DeepCopy() *MatchHostCapabilitiesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchHostCapabilitiesType.

func (*MatchHostCapabilitiesType) DeepCopyInto 

func (in *MatchHostCapabilitiesType) DeepCopyInto(out *MatchHostCapabilitiesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchHostNetworkProtocolType 

type MatchHostNetworkProtocolType struct {
	Protocol   MatchNetworkProtocolStringType `json:"protocol"`
	FromSource []MatchSourceType              `json:"fromSource"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchHostNetworkProtocolType) DeepCopy 

func (in *MatchHostNetworkProtocolType) DeepCopy() *MatchHostNetworkProtocolType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchHostNetworkProtocolType.

func (*MatchHostNetworkProtocolType) DeepCopyInto 

func (in *MatchHostNetworkProtocolType) DeepCopyInto(out *MatchHostNetworkProtocolType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchNetworkProtocolStringType 

type MatchNetworkProtocolStringType string

+kubebuilder:validation:Pattern=(icmp|ICMP|tcp|TCP|udp|UDP|raw|RAW)$

type MatchNetworkProtocolType 

type MatchNetworkProtocolType struct {
	Protocol MatchNetworkProtocolStringType `json:"protocol"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchNetworkProtocolType) DeepCopy 

func (in *MatchNetworkProtocolType) DeepCopy() *MatchNetworkProtocolType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchNetworkProtocolType.

func (*MatchNetworkProtocolType) DeepCopyInto 

func (in *MatchNetworkProtocolType) DeepCopyInto(out *MatchNetworkProtocolType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchPathType 

type MatchPathType string

+kubebuilder:validation:Pattern=^\/+.*[^\/]$

type MatchSourceType 

type MatchSourceType struct {
	Path MatchPathType `json:"path,omitempty"`
}

func (*MatchSourceType) DeepCopy 

func (in *MatchSourceType) DeepCopy() *MatchSourceType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchSourceType.

func (*MatchSourceType) DeepCopyInto 

func (in *MatchSourceType) DeepCopyInto(out *MatchSourceType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchSyscallPathType 

type MatchSyscallPathType string

+kubebuilder:validation:Pattern=(^\/+.*[^\/]$)|(^\/$|^\/.*\/$)

type MatchVolumeMountType 

type MatchVolumeMountType struct {
	// +kubebuilder:validation:Optional
	Path MatchPathType `json:"path,omitempty"`
	// +kubebuilder:validation:Optional
	Directory MatchDirectoryType `json:"dir,omitempty"`
	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchVolumeMountType) DeepCopy 

func (in *MatchVolumeMountType) DeepCopy() *MatchVolumeMountType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchVolumeMountType.

func (*MatchVolumeMountType) DeepCopyInto 

func (in *MatchVolumeMountType) DeepCopyInto(out *MatchVolumeMountType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NetworkType 

type NetworkType struct {
	MatchProtocols []MatchNetworkProtocolType `json:"matchProtocols,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*NetworkType) DeepCopy 

func (in *NetworkType) DeepCopy() *NetworkType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkType.

func (*NetworkType) DeepCopyInto 

func (in *NetworkType) DeepCopyInto(out *NetworkType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NodeSelectorType 

type NodeSelectorType struct {
	MatchLabels map[string]string `json:"matchLabels,omitempty"`
}

func (*NodeSelectorType) DeepCopy 

func (in *NodeSelectorType) DeepCopy() *NodeSelectorType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeSelectorType.

func (*NodeSelectorType) DeepCopyInto 

func (in *NodeSelectorType) DeepCopyInto(out *NodeSelectorType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessDirectoryType 

type ProcessDirectoryType struct {
	Directory MatchDirectoryType `json:"dir"`

	// +kubebuilder:validation:Optional
	Recursive bool `json:"recursive,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessDirectoryType) DeepCopy 

func (in *ProcessDirectoryType) DeepCopy() *ProcessDirectoryType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessDirectoryType.

func (*ProcessDirectoryType) DeepCopyInto 

func (in *ProcessDirectoryType) DeepCopyInto(out *ProcessDirectoryType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessPathType 

type ProcessPathType struct {
	// +kubebuilder:validation:Optional
	Path MatchPathType `json:"path,omitempty"`

	// +kubebuilder:validation:Optional
	ExecName MatchBinType `json:"execname,omitempty"`

	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessPathType) DeepCopy 

func (in *ProcessPathType) DeepCopy() *ProcessPathType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessPathType.

func (*ProcessPathType) DeepCopyInto 

func (in *ProcessPathType) DeepCopyInto(out *ProcessPathType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessPatternType 

type ProcessPatternType struct {
	Pattern string `json:"pattern"`

	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessPatternType) DeepCopy 

func (in *ProcessPatternType) DeepCopy() *ProcessPatternType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessPatternType.

func (*ProcessPatternType) DeepCopyInto 

func (in *ProcessPatternType) DeepCopyInto(out *ProcessPatternType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessType 

type ProcessType struct {
	MatchPaths       []ProcessPathType      `json:"matchPaths,omitempty"`
	MatchDirectories []ProcessDirectoryType `json:"matchDirectories,omitempty"`
	MatchPatterns    []ProcessPatternType   `json:"matchPatterns,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessType) DeepCopy 

func (in *ProcessType) DeepCopy() *ProcessType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessType.

func (*ProcessType) DeepCopyInto 

func (in *ProcessType) DeepCopyInto(out *ProcessType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SELinuxType 

type SELinuxType struct {
	MatchVolumeMounts []MatchVolumeMountType `json:"matchVolumeMounts"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*SELinuxType) DeepCopy 

func (in *SELinuxType) DeepCopy() *SELinuxType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SELinuxType.

func (*SELinuxType) DeepCopyInto 

func (in *SELinuxType) DeepCopyInto(out *SELinuxType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SelectorType 

type SelectorType struct {
	MatchLabels map[string]string `json:"matchLabels,omitempty"`
}

func (*SelectorType) DeepCopy 

func (in *SelectorType) DeepCopy() *SelectorType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelectorType.

func (*SelectorType) DeepCopyInto 

func (in *SelectorType) DeepCopyInto(out *SelectorType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SeverityType 

type SeverityType int

+kubebuilder:validation:Minimum:=1 +kubebuilder:validation:Maximum:=10

type Syscall 

type Syscall string

+kubebuilder:validation:Enum=read;write;open;close;stat;fstat;lstat;poll;lseek;mmap;mprotect;munmap;brk;rt_sigaction;rt_sigprocmask;rt_sigreturn;ioctl;pread64;pwrite64;readv;writev;access;pipe;select;sched_yield;mremap;msync;mincore;madvise;shmget;shmat;shmctl;dup;dup2;pause;nanosleep;getitimer;alarm;setitimer;getpid;sendfile;socket;connect;accept;sendto;recvfrom;sendmsg;recvmsg;shutdown;bind;listen;getsockname;getpeername;socketpair;setsockopt;getsockopt;clone;fork;vfork;execve;exit;wait4;kill;uname;semget;semop;semctl;shmdt;msgget;msgsnd;msgrcv;msgctl;fcntl;flock;fsync;fdatasync;truncate;ftruncate;getdents;getcwd;chdir;fchdir;rename;mkdir;rmdir;creat;link;unlink;symlink;readlink;chmod;fchmod;chown;fchown;lchown;umask;gettimeofday;getrlimit;getrusage;sysinfo;times;ptrace;getuid;syslog;getgid;setuid;setgid;geteuid;getegid;setpgid;getppid;getpgrp;setsid;setreuid;setregid;getgroups;setgroups;setresuid;getresuid;setresgid;getresgid;getpgid;setfsuid;setfsgid;getsid;capget;capset;rt_sigpending;rt_sigtimedwait;rt_sigqueueinfo;rt_sigsuspend;sigaltstack;utime;mknod;uselib;personality;ustat;statfs;fstatfs;sysfs;getpriority;setpriority;sched_setparam;sched_getparam;sched_setscheduler;sched_getscheduler;sched_get_priority_max;sched_get_priority_min;sched_rr_get_interval;mlock;munlock;mlockall;munlockall;vhangup;modify_ldt;pivot_root;_sysctl;prctl;arch_prctl;adjtimex;setrlimit;chroot;sync;acct;settimeofday;mount;umount2;swapon;swapoff;reboot;sethostname;setdomainname;iopl;ioperm;create_module;init_module;delete_module;get_kernel_syms;query_module;quotactl;nfsservctl;getpmsg;putpmsg;afs_syscall;tuxcall;security;gettid;readahead;setxattr;lsetxattr;fsetxattr;getxattr;lgetxattr;fgetxattr;listxattr;llistxattr;flistxattr;removexattr;lremovexattr;fremovexattr;tkill;time;futex;sched_setaffinity;sched_getaffinity;set_thread_area;io_setup;io_destroy;io_getevents;io_submit;io_cancel;get_thread_area;lookup_dcookie;epoll_create;epoll_ctl_old;epoll_wait_old;remap_file_pages;getdents64;set_tid_address;restart_syscall;semtimedop;fadvise64;timer_create;timer_settime;timer_gettime;timer_getoverrun;timer_delete;clock_settime;clock_gettime;clock_getres;clock_nanosleep;exit_group;epoll_wait;epoll_ctl;tgkill;utimes;vserver;mbind;set_mempolicy;get_mempolicy;mq_open;mq_unlink;mq_timedsend;mq_timedreceive;mq_notify;mq_getsetattr;kexec_load;waitid;add_key;request_key;keyctl;ioprio_set;ioprio_get;inotify_init;inotify_add_watch;inotify_rm_watch;migrate_pages;openat;mkdirat;mknodat;fchownat;futimesat;newfstatat;unlinkat;renameat;linkat;symlinkat;readlinkat;fchmodat;faccessat;pselect6;ppoll;unshare;set_robust_list;get_robust_list;splice;tee;sync_file_range;vmsplice;move_pages;utimensat;epoll_pwait;signalfd;timerfd_create;eventfd;fallocate;timerfd_settime;timerfd_gettime;accept4;signalfd4;eventfd2;epoll_create1;dup3;pipe2;inotify_init1;preadv;pwritev;rt_tgsigqueueinfo;perf_event_open;recvmmsg;fanotify_init;fanotify_mark;prlimit64;name_to_handle_at;open_by_handle_at;clock_adjtime;syncfs;sendmmsg;setns;getcpu;process_vm_readv;process_vm_writev;kcmp;finit_module;sched_setattr;sched_getattr;renameat2;seccomp;getrandom;memfd_create;kexec_file_load;bpf;execveat;userfaultfd;membarrier;mlock2;copy_file_range;preadv2;pwritev2;pkey_mprotect;pkey_alloc;pkey_free;statx;io_pgetevents;rseq

type SyscallFromSourceType 

type SyscallFromSourceType struct {
	Path      MatchPathType `json:"path,omitempty"`
	Dir       string        `json:"dir,omitempty"`
	Recursive bool          `json:"recursive,omitempty"`
}

func (*SyscallFromSourceType) DeepCopy 

func (in *SyscallFromSourceType) DeepCopy() *SyscallFromSourceType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SyscallFromSourceType.

func (*SyscallFromSourceType) DeepCopyInto 

func (in *SyscallFromSourceType) DeepCopyInto(out *SyscallFromSourceType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SyscallMatchPathType 

type SyscallMatchPathType struct {
	Path       MatchSyscallPathType    `json:"path,omitempty"`
	Recursive  bool                    `json:"recursive,omitempty"`
	Syscalls   []Syscall               `json:"syscall,omitempty"`
	FromSource []SyscallFromSourceType `json:"fromSource,omitempty"`
}

func (*SyscallMatchPathType) DeepCopy 

func (in *SyscallMatchPathType) DeepCopy() *SyscallMatchPathType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SyscallMatchPathType.

func (*SyscallMatchPathType) DeepCopyInto 

func (in *SyscallMatchPathType) DeepCopyInto(out *SyscallMatchPathType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SyscallMatchType 

type SyscallMatchType struct {
	Syscalls   []Syscall               `json:"syscall,omitempty"`
	FromSource []SyscallFromSourceType `json:"fromSource,omitempty"`
}

func (*SyscallMatchType) DeepCopy 

func (in *SyscallMatchType) DeepCopy() *SyscallMatchType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SyscallMatchType.

func (*SyscallMatchType) DeepCopyInto 

func (in *SyscallMatchType) DeepCopyInto(out *SyscallMatchType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SyscallsType 

type SyscallsType struct {
	MatchSyscalls []SyscallMatchType     `json:"matchSyscalls,omitempty"`
	MatchPaths    []SyscallMatchPathType `json:"matchPaths,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
}

func (*SyscallsType) DeepCopy 

func (in *SyscallsType) DeepCopy() *SyscallsType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SyscallsType.

func (*SyscallsType) DeepCopyInto 

func (in *SyscallsType) DeepCopyInto(out *SyscallsType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.