Documentation
¶
Index ¶
- Constants
- Variables
- func NewPodAnnotatorMutate(c client.Client, d *admission.Decoder) admission.Handler
- type Authorities
- type CosignKey
- type CosignKeyList
- type CosignKeySpec
- type CosignKeyStatus
- type CustomCosignKey
- func (r *CustomCosignKey) Default(ctx context.Context, obj runtime.Object) error
- func (r *CustomCosignKey) SetupWebhookWithManager(mgr ctrl.Manager) error
- func (r *CustomCosignKey) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error)
- func (r *CustomCosignKey) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error)
- func (r *CustomCosignKey) ValidateUpdate(ctx context.Context, oldObj runtime.Object, newObj runtime.Object) (admission.Warnings, error)
- type PodAnnotator
Constants ¶
const ( WebhookName = "CosignWebhook" WebhookEnable = "enabled" WebhookDisable = "disabled" WebhookVersion = "v1" )
Variables ¶
var ( ErrInvalidCosignCRDMoreThanOne = errors.New("invalid cosignkey CRD more than one in this namespace") ErrInvalidAdmissionReview = errors.New("invalid admission review error") ErrInvalidAdmissionReviewObj = errors.New("invalid admission review object error") ErrMissingCosignCRD = errors.New("invalid cosignkey CRD not find in cluster") ErrMissingCosignCRDKeys = errors.New("invalid cosignkey CRD key counter iz zero in cluster") ErrInvalidCosignVerify = errors.New("invalid cosign verify cosignkey key error") )
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "kubeservice.cn", Version: "v1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
Types ¶
type Authorities ¶
type Authorities struct {
Key []string `json:"key"`
}
func (*Authorities) DeepCopy ¶
func (in *Authorities) DeepCopy() *Authorities
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Authorities.
func (*Authorities) DeepCopyInto ¶
func (in *Authorities) DeepCopyInto(out *Authorities)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CosignKey ¶
type CosignKey struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec CosignKeySpec `json:"spec,omitempty"`
Status CosignKeyStatus `json:"status,omitempty"`
}
CosignKey is the Schema for the cosignkeys API
func (*CosignKey) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CosignKey.
func (*CosignKey) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CosignKey) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CosignKeyList ¶
type CosignKeyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []CosignKey `json:"items"`
}
CosignKeyList contains a list of CosignKey
func (*CosignKeyList) DeepCopy ¶
func (in *CosignKeyList) DeepCopy() *CosignKeyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CosignKeyList.
func (*CosignKeyList) DeepCopyInto ¶
func (in *CosignKeyList) DeepCopyInto(out *CosignKeyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*CosignKeyList) DeepCopyObject ¶
func (in *CosignKeyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type CosignKeySpec ¶
type CosignKeySpec struct {
// Foo is an example field of CosignKey. Edit CosignKey_types.go to remove/update
Auth Authorities `json:"authorities"`
}
CosignKeySpec defines the desired state of CosignKey
func (*CosignKeySpec) DeepCopy ¶
func (in *CosignKeySpec) DeepCopy() *CosignKeySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CosignKeySpec.
func (*CosignKeySpec) DeepCopyInto ¶
func (in *CosignKeySpec) DeepCopyInto(out *CosignKeySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CosignKeyStatus ¶
type CosignKeyStatus struct {
}
CosignKeyStatus defines the observed state of CosignKey
func (*CosignKeyStatus) DeepCopy ¶
func (in *CosignKeyStatus) DeepCopy() *CosignKeyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CosignKeyStatus.
func (*CosignKeyStatus) DeepCopyInto ¶
func (in *CosignKeyStatus) DeepCopyInto(out *CosignKeyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CustomCosignKey ¶
func (*CustomCosignKey) Default ¶
Default implements webhook.Defaulter so a webhook will be registered for the type
func (*CustomCosignKey) SetupWebhookWithManager ¶
func (r *CustomCosignKey) SetupWebhookWithManager(mgr ctrl.Manager) error
func (*CustomCosignKey) ValidateCreate ¶
func (r *CustomCosignKey) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error)
ValidateCreate implements webhook.Validator so a webhook will be registered for the type
func (*CustomCosignKey) ValidateDelete ¶
func (r *CustomCosignKey) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error)
ValidateDelete implements webhook.Validator so a webhook will be registered for the type
type PodAnnotator ¶
PodAnnotator validates Pods
func (*PodAnnotator) GeCosignKeys ¶ added in v1.1.0
func (a *PodAnnotator) GeCosignKeys(namespace string) ([]CosignKey, error)
func (*PodAnnotator) ValidationCosignVerify ¶
func (a *PodAnnotator) ValidationCosignVerify(items []CosignKey, image string) (bool, error)
Source Files