v1

package
v0.0.0-...-52e38e2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 22, 2023 License: Apache-2.0 Imports: 3 Imported by: 3

Documentation

Overview

Package v1 contains API Schema definitions for the security v1 API group +kubebuilder:object:generate=true +groupName=security.kubearmor.com

Index

Constants

This section is empty.

Variables

View Source 
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: "security.kubearmor.com", Version: "v1"}

SchemeGroupVersion is group version used to register these objects

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

Types

type ActionType 

type ActionType string

+kubebuilder:validation:Enum=Allow;Audit;Block

type CapabilitiesType 

type CapabilitiesType struct {
	MatchCapabilities []MatchCapabilitiesType `json:"matchCapabilities"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*CapabilitiesType) DeepCopy 

func (in *CapabilitiesType) DeepCopy() *CapabilitiesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapabilitiesType.

func (*CapabilitiesType) DeepCopyInto 

func (in *CapabilitiesType) DeepCopyInto(out *CapabilitiesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FileDirectoryType 

type FileDirectoryType struct {
	Directory MatchDirectoryType `json:"dir"`

	// +kubebuilder:validation:Optional
	Recursive bool `json:"recursive,omitempty"`
	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FileDirectoryType) DeepCopy 

func (in *FileDirectoryType) DeepCopy() *FileDirectoryType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileDirectoryType.

func (*FileDirectoryType) DeepCopyInto 

func (in *FileDirectoryType) DeepCopyInto(out *FileDirectoryType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilePathType 

type FilePathType struct {
	Path MatchPathType `json:"path"`

	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FilePathType) DeepCopy 

func (in *FilePathType) DeepCopy() *FilePathType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilePathType.

func (*FilePathType) DeepCopyInto 

func (in *FilePathType) DeepCopyInto(out *FilePathType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilePatternType 

type FilePatternType struct {
	Pattern string `json:"pattern"`

	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FilePatternType) DeepCopy 

func (in *FilePatternType) DeepCopy() *FilePatternType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FilePatternType.

func (*FilePatternType) DeepCopyInto 

func (in *FilePatternType) DeepCopyInto(out *FilePatternType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FileType 

type FileType struct {
	MatchPaths       []FilePathType      `json:"matchPaths,omitempty"`
	MatchDirectories []FileDirectoryType `json:"matchDirectories,omitempty"`
	MatchPatterns    []FilePatternType   `json:"matchPatterns,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*FileType) DeepCopy 

func (in *FileType) DeepCopy() *FileType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FileType.

func (*FileType) DeepCopyInto 

func (in *FileType) DeepCopyInto(out *FileType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeArmorPolicy 

type KubeArmorPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   KubeArmorPolicySpec   `json:"spec,omitempty"`
	Status KubeArmorPolicyStatus `json:"status,omitempty"`
}

KubeArmorPolicy is the Schema for the kubearmorpolicies API +genclient +kubebuilder:resource:shortName=ksp +kubebuilder:subresource:status

func (*KubeArmorPolicy) DeepCopy 

func (in *KubeArmorPolicy) DeepCopy() *KubeArmorPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicy.

func (*KubeArmorPolicy) DeepCopyInto 

func (in *KubeArmorPolicy) DeepCopyInto(out *KubeArmorPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeArmorPolicy) DeepCopyObject 

func (in *KubeArmorPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeArmorPolicyList 

type KubeArmorPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []KubeArmorPolicy `json:"items"`
}

KubeArmorPolicyList contains a list of KubeArmorPolicy

func (*KubeArmorPolicyList) DeepCopy 

func (in *KubeArmorPolicyList) DeepCopy() *KubeArmorPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicyList.

func (*KubeArmorPolicyList) DeepCopyInto 

func (in *KubeArmorPolicyList) DeepCopyInto(out *KubeArmorPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KubeArmorPolicyList) DeepCopyObject 

func (in *KubeArmorPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type KubeArmorPolicySpec 

type KubeArmorPolicySpec struct {
	Selector SelectorType `json:"selector"`

	Process      ProcessType      `json:"process,omitempty"`
	File         FileType         `json:"file,omitempty"`
	Network      NetworkType      `json:"network,omitempty"`
	Capabilities CapabilitiesType `json:"capabilities,omitempty"`

	AppArmor string `json:"apparmor,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

KubeArmorPolicySpec defines the desired state of KubeArmorPolicy

func (*KubeArmorPolicySpec) DeepCopy 

func (in *KubeArmorPolicySpec) DeepCopy() *KubeArmorPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicySpec.

func (*KubeArmorPolicySpec) DeepCopyInto 

func (in *KubeArmorPolicySpec) DeepCopyInto(out *KubeArmorPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubeArmorPolicyStatus 

type KubeArmorPolicyStatus struct {
	PolicyStatus string `json:"status,omitempty"`
}

KubeArmorPolicyStatus defines the observed state of KubeArmorPolicy

func (*KubeArmorPolicyStatus) DeepCopy 

func (in *KubeArmorPolicyStatus) DeepCopy() *KubeArmorPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubeArmorPolicyStatus.

func (*KubeArmorPolicyStatus) DeepCopyInto 

func (in *KubeArmorPolicyStatus) DeepCopyInto(out *KubeArmorPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchCapabilitiesStringType 

type MatchCapabilitiesStringType string

+kubebuilder:validation:Pattern=(chown|dac_override|dac_read_search|fowner|fsetid|kill|setgid|setuid|setpcap|linux_immutable|net_bind_service|net_broadcast|net_admin|net_raw|ipc_lock|ipc_owner|sys_module|sys_rawio|sys_chroot|sys_ptrace|sys_pacct|sys_admin|sys_boot|sys_nice|sys_resource|sys_time|sys_tty_config|mknod|lease|audit_write|audit_control|setfcap|mac_override|mac_admin)$

type MatchCapabilitiesType 

type MatchCapabilitiesType struct {
	Capability MatchCapabilitiesStringType `json:"capability"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchCapabilitiesType) DeepCopy 

func (in *MatchCapabilitiesType) DeepCopy() *MatchCapabilitiesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchCapabilitiesType.

func (*MatchCapabilitiesType) DeepCopyInto 

func (in *MatchCapabilitiesType) DeepCopyInto(out *MatchCapabilitiesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchDirectoryType 

type MatchDirectoryType string

+kubebuilder:validation:Pattern=^\/$|^\/.*\/$

type MatchNetworkProtocolStringType 

type MatchNetworkProtocolStringType string

+kubebuilder:validation:Pattern=(icmp|ICMP|tcp|TCP|udp|UDP|raw|RAW)$

type MatchNetworkProtocolType 

type MatchNetworkProtocolType struct {
	Protocol MatchNetworkProtocolStringType `json:"protocol"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchNetworkProtocolType) DeepCopy 

func (in *MatchNetworkProtocolType) DeepCopy() *MatchNetworkProtocolType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchNetworkProtocolType.

func (*MatchNetworkProtocolType) DeepCopyInto 

func (in *MatchNetworkProtocolType) DeepCopyInto(out *MatchNetworkProtocolType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchPathType 

type MatchPathType string

+kubebuilder:validation:Pattern=^\/+.*[^\/]$

type MatchSourceType 

type MatchSourceType struct {
	Path MatchPathType `json:"path,omitempty"`
}

func (*MatchSourceType) DeepCopy 

func (in *MatchSourceType) DeepCopy() *MatchSourceType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchSourceType.

func (*MatchSourceType) DeepCopyInto 

func (in *MatchSourceType) DeepCopyInto(out *MatchSourceType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MatchVolumeMountType 

type MatchVolumeMountType struct {
	// +kubebuilder:validation:Optional
	Path MatchPathType `json:"path,omitempty"`
	// +kubebuilder:validation:Optional
	Directory MatchDirectoryType `json:"dir,omitempty"`
	// +kubebuilder:validation:Optional
	ReadOnly bool `json:"readOnly,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*MatchVolumeMountType) DeepCopy 

func (in *MatchVolumeMountType) DeepCopy() *MatchVolumeMountType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MatchVolumeMountType.

func (*MatchVolumeMountType) DeepCopyInto 

func (in *MatchVolumeMountType) DeepCopyInto(out *MatchVolumeMountType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NetworkType 

type NetworkType struct {
	MatchProtocols []MatchNetworkProtocolType `json:"matchProtocols"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*NetworkType) DeepCopy 

func (in *NetworkType) DeepCopy() *NetworkType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkType.

func (*NetworkType) DeepCopyInto 

func (in *NetworkType) DeepCopyInto(out *NetworkType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessDirectoryType 

type ProcessDirectoryType struct {
	Directory MatchDirectoryType `json:"dir"`

	// +kubebuilder:validation:Optional
	Recursive bool `json:"recursive,omitempty"`
	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessDirectoryType) DeepCopy 

func (in *ProcessDirectoryType) DeepCopy() *ProcessDirectoryType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessDirectoryType.

func (*ProcessDirectoryType) DeepCopyInto 

func (in *ProcessDirectoryType) DeepCopyInto(out *ProcessDirectoryType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessPathType 

type ProcessPathType struct {
	Path MatchPathType `json:"path"`

	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	FromSource []MatchSourceType `json:"fromSource,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessPathType) DeepCopy 

func (in *ProcessPathType) DeepCopy() *ProcessPathType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessPathType.

func (*ProcessPathType) DeepCopyInto 

func (in *ProcessPathType) DeepCopyInto(out *ProcessPathType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessPatternType 

type ProcessPatternType struct {
	Pattern string `json:"pattern"`

	// +kubebuilder:validation:Optional
	OwnerOnly bool `json:"ownerOnly,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessPatternType) DeepCopy 

func (in *ProcessPatternType) DeepCopy() *ProcessPatternType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessPatternType.

func (*ProcessPatternType) DeepCopyInto 

func (in *ProcessPatternType) DeepCopyInto(out *ProcessPatternType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProcessType 

type ProcessType struct {
	MatchPaths       []ProcessPathType      `json:"matchPaths,omitempty"`
	MatchDirectories []ProcessDirectoryType `json:"matchDirectories,omitempty"`
	MatchPatterns    []ProcessPatternType   `json:"matchPatterns,omitempty"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*ProcessType) DeepCopy 

func (in *ProcessType) DeepCopy() *ProcessType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProcessType.

func (*ProcessType) DeepCopyInto 

func (in *ProcessType) DeepCopyInto(out *ProcessType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SELinuxType 

type SELinuxType struct {
	MatchVolumeMounts []MatchVolumeMountType `json:"matchVolumeMounts"`

	// +kubebuilder:validation:optional
	Severity SeverityType `json:"severity,omitempty"`
	// +kubebuilder:validation:optional
	Tags []string `json:"tags,omitempty"`
	// +kubebuilder:validation:optional
	Message string `json:"message,omitempty"`
	// +kubebuilder:validation:optional
	Action ActionType `json:"action,omitempty"`
}

func (*SELinuxType) DeepCopy 

func (in *SELinuxType) DeepCopy() *SELinuxType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SELinuxType.

func (*SELinuxType) DeepCopyInto 

func (in *SELinuxType) DeepCopyInto(out *SELinuxType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SelectorType 

type SelectorType struct {
	MatchLabels map[string]string `json:"matchLabels,omitempty"`
}

func (*SelectorType) DeepCopy 

func (in *SelectorType) DeepCopy() *SelectorType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SelectorType.

func (*SelectorType) DeepCopyInto 

func (in *SelectorType) DeepCopyInto(out *SelectorType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SeverityType 

type SeverityType int

+kubebuilder:validation:Minimum:=1 +kubebuilder:validation:Maximum:=10

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.