models

package

v0.0.0-...-ac29e22 Latest Latest Go to latest Published: Apr 17, 2024 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kyverno/playground

Links

Open Source Insights

Documentation ¶

Index ¶

type Context
type Cosign
type EnableDeferredLoading
type Exceptions
type Flags
type ForceFailurePolicyIgnore
type GenerateValidatingAdmissionPolicy
type ImageData
type Kubernetes
type Parameters
type PolicyResponse
type PolicyValidation
type ProtectManagedResources
type Registry
type Response
- func ConvertResponse(in engineapi.EngineResponse) Response
type Results
type RuleResponse

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Context ¶

type Context struct {
	Username        string                       `json:"username"`
	Groups          []string                     `json:"groups"`
	Roles           []string                     `json:"roles"`
	ClusterRoles    []string                     `json:"clusterRoles"`
	Operation       kyvernov1.AdmissionOperation `json:"operation"`
	NamespaceLabels map[string]string            `json:"namespaceLabels"`
	DryRun          bool                         `json:"dryRun"`
}

type Cosign ¶

type Cosign struct {
	ImageSignatureRepository string `json:"imageSignatureRepository"`
}

type EnableDeferredLoading ¶

type EnableDeferredLoading struct {
	Enabled bool `json:"enabled"`
}

type Exceptions ¶

type Exceptions struct {
	Enabled   bool   `json:"enabled"`
	Namespace string `json:"namespace"`
}

type Flags ¶

type Flags struct {
	Exceptions                        Exceptions                        `json:"exceptions"`
	Cosign                            Cosign                            `json:"cosign"`
	Registry                          Registry                          `json:"registry"`
	ProtectManagedResources           ProtectManagedResources           `json:"protectManagedResources"`
	ForceFailurePolicyIgnore          ForceFailurePolicyIgnore          `json:"forceFailurePolicyIgnore"`
	EnableDeferredLoading             EnableDeferredLoading             `json:"enableDeferredLoading"`
	GenerateValidatingAdmissionPolicy GenerateValidatingAdmissionPolicy `json:"generateValidatingAdmissionPolicy"`
}

type ForceFailurePolicyIgnore ¶

type ForceFailurePolicyIgnore struct {
	Enabled bool `json:"enabled"`
}

type GenerateValidatingAdmissionPolicy ¶

type GenerateValidatingAdmissionPolicy struct {
	Enabled bool `json:"enabled"`
}

type ImageData ¶

type ImageData struct {
	Image         string      `json:"image"`
	ResolvedImage string      `json:"resolvedImage"`
	Registry      string      `json:"registry"`
	Repository    string      `json:"repository"`
	Identifier    string      `json:"identifier"`
	Manifest      interface{} `json:"manifest"`
	ConfigData    interface{} `json:"configData"`
}

type Kubernetes ¶

type Kubernetes struct {
	Version string `json:"version"`
}

type Parameters ¶

type Parameters struct {
	Kubernetes Kubernetes             `json:"kubernetes"`
	Context    Context                `json:"context"`
	Variables  map[string]interface{} `json:"variables"`
	Flags      Flags                  `json:"flags"`
	ImageData  map[string]ImageData   `json:"imageData"`
}

type PolicyResponse ¶

type PolicyResponse struct {
	// Rules contains policy rules responses
	Rules []RuleResponse `json:"rules"`
}

type PolicyValidation ¶

type PolicyValidation struct {
	PolicyName      string `json:"policyName"`
	PolicyNamespace string `json:"policyNamespace"`
	Field           string `json:"field"`
	Type            string `json:"type"`
	Detail          string `json:"detail"`
}

type ProtectManagedResources ¶

type ProtectManagedResources struct {
	Enabled bool `json:"enabled"`
}

type Registry ¶

type Registry struct {
	AllowInsecure     bool     `json:"allowInsecure"`
	PullSecrets       []string `json:"pullSecrets"`
	CredentialHelpers []string `json:"credentialHelpers"`
}

type Response ¶

type Response struct {
	// OriginalResource is the original resource as YAML string
	OriginalResource string `json:"originalResource"`
	// Resource is the original resource
	Resource unstructured.Unstructured `json:"resource"`
	// Policy is the original policy
	Policy kyvernov1.PolicyInterface `json:"policy"`
	// ValidatingAdmissionPolicy is the original policy
	ValidatingAdmissionPolicy *v1alpha1.ValidatingAdmissionPolicy `json:"validatingAdmissionPolicy"`
	// namespaceLabels given by policy context
	NamespaceLabels map[string]string `json:"namespaceLabels"`
	// PatchedResource is the resource patched with the engine action changes
	PatchedResource string `json:"patchedResource"`
	// PolicyResponse contains the engine policy response
	PolicyResponse PolicyResponse `json:"policyResponse"`
}

func ConvertResponse ¶

func ConvertResponse(in engineapi.EngineResponse) Response

type Results ¶

type Results struct {
	Mutation          []Response `json:"mutation"`
	ImageVerification []Response `json:"imageVerification"`
	Validation        []Response `json:"validation"`
	Generation        []Response `json:"generation"`
}

type RuleResponse ¶

type RuleResponse struct {
	// name is the rule name specified in policy
	Name string `json:"name"`
	// ruleType is the rule type (Mutation,Generation,Validation) for Kyverno Policy
	RuleType engineapi.RuleType `json:"ruleType"`
	// message is the message response from the rule application
	Message string `json:"message"`
	// status rule status
	Status engineapi.RuleStatus `json:"status"`
	// generatedResource is the generated by the generate rules of a policy
	GeneratedResource string `json:"generatedResource"`
	// patchedTarget is the patched resource for mutate.targets
	PatchedTarget *unstructured.Unstructured `json:"patchedTarget"`
	// patchedTargetParentResourceGVR is the GVR of the parent resource of the PatchedTarget. This is only populated when PatchedTarget is a subresource.
	PatchedTargetParentResourceGVR metav1.GroupVersionResource `json:"patchedTargetParentResourceGVR"`
	// patchedTargetSubresourceName is the name of the subresource which is patched, empty if the resource patched is not a subresource.
	PatchedTargetSubresourceName string `json:"patchedTargetSubresourceName"`
	// podSecurityChecks contains pod security checks (only if this is a pod security rule)
	PodSecurityChecks *engineapi.PodSecurityChecks `json:"podSecurityChecks"`
	// exception is the exception applied (if any)
	Exception *v2beta1.PolicyException `json:"exception"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL