config

package
v1.1.12 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 18, 2020 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	//MutatingWebhookConfigurationName default resource mutating webhook configuration name
	MutatingWebhookConfigurationName = "kyverno-resource-mutating-webhook-cfg"
	//MutatingWebhookConfigurationDebugName default resource mutating webhook configuration name for debug mode
	MutatingWebhookConfigurationDebugName = "kyverno-resource-mutating-webhook-cfg-debug"
	//MutatingWebhookName default resource mutating webhook name
	MutatingWebhookName = "nirmata.kyverno.resource.mutating-webhook"

	ValidatingWebhookConfigurationName      = "kyverno-resource-validating-webhook-cfg"
	ValidatingWebhookConfigurationDebugName = "kyverno-resource-validating-webhook-cfg-debug"
	ValidatingWebhookName                   = "nirmata.kyverno.resource.validating-webhook"

	//VerifyMutatingWebhookConfigurationName default verify mutating webhook configuration name
	VerifyMutatingWebhookConfigurationName = "kyverno-verify-mutating-webhook-cfg"
	//VerifyMutatingWebhookConfigurationDebugName default verify mutating webhook configuration name for debug mode
	VerifyMutatingWebhookConfigurationDebugName = "kyverno-verify-mutating-webhook-cfg-debug"
	//VerifyMutatingWebhookName default verify mutating webhook name
	VerifyMutatingWebhookName = "nirmata.kyverno.verify-mutating-webhook"

	//PolicyValidatingWebhookConfigurationName default policy validating webhook configuration name
	PolicyValidatingWebhookConfigurationName = "kyverno-policy-validating-webhook-cfg"
	//PolicyValidatingWebhookConfigurationDebugName default policy validating webhook configuration name for debug mode
	PolicyValidatingWebhookConfigurationDebugName = "kyverno-policy-validating-webhook-cfg-debug"
	//PolicyValidatingWebhookName default policy validating webhook name
	PolicyValidatingWebhookName = "nirmata.kyverno.policy-validating-webhook"

	//PolicyMutatingWebhookConfigurationName default policy mutating webhook configuration name
	PolicyMutatingWebhookConfigurationName = "kyverno-policy-mutating-webhook-cfg"
	//PolicyMutatingWebhookConfigurationDebugName default policy mutating webhook configuration name for debug mode
	PolicyMutatingWebhookConfigurationDebugName = "kyverno-policy-mutating-webhook-cfg-debug"
	//PolicyMutatingWebhookName default policy mutating webhook name
	PolicyMutatingWebhookName = "nirmata.kyverno.policy-mutating-webhook"

	// DeploymentKind define the default deployment resource kind
	DeploymentKind = "Deployment"

	// DeploymentAPIVersion define the default deployment resource apiVersion
	DeploymentAPIVersion = "extensions/v1beta1"
)

These constants MUST be equal to the corresponding names in service definition in definitions/install.yaml

Variables

View Source 
var (
	//KubePolicyNamespace is the kyverno policy namespace
	KubePolicyNamespace = getKyvernoNameSpace()
	// KubePolicyDeploymentName define the default deployment namespace
	KubePolicyDeploymentName = "kyverno"
	//WebhookServiceName default kyverno webhook service name
	WebhookServiceName = getWebhookServiceName()

	//MutatingWebhookServicePath is the path for mutation webhook
	MutatingWebhookServicePath = "/mutate"
	//ValidatingWebhookServicePath is the path for validation webhook
	ValidatingWebhookServicePath = "/validate"
	//PolicyValidatingWebhookServicePath is the path for policy validation webhook(used to validate policy resource)
	PolicyValidatingWebhookServicePath = "/policyvalidate"
	//PolicyMutatingWebhookServicePath is the path for policy mutation webhook(used to default)
	PolicyMutatingWebhookServicePath = "/policymutate"
	//VerifyMutatingWebhookServicePath is the path for verify webhook(used to veryfing if admission control is enabled and active)
	VerifyMutatingWebhookServicePath = "/verifymutate"
	// LivenessServicePath is the path for check liveness health
	LivenessServicePath = "/health/liveness"
	// ReadinessServicePath is the path for check readness health
	ReadinessServicePath = "/health/readiness"
)

Functions

func CreateClientConfig added in v1.1.0 

func CreateClientConfig(kubeconfig string, log logr.Logger) (*rest.Config, error)

CreateClientConfig creates client config

Types

type ConfigData added in v0.11.0 

type ConfigData struct {
	// contains filtered or unexported fields
}

ConfigData stores the configuration

func NewConfigData added in v0.11.0 

func NewConfigData(rclient kubernetes.Interface, cmInformer informers.ConfigMapInformer, filterK8Resources, excludeGroupRole, excludeUsername string, log logr.Logger) *ConfigData

NewConfigData ...

func (*ConfigData) GetExcludeGroupRole added in v1.1.9 

func (cd *ConfigData) GetExcludeGroupRole() []string

GetExcludeGroupRole return exclude roles

func (*ConfigData) GetExcludeUsername added in v1.1.9 

func (cd *ConfigData) GetExcludeUsername() []string

GetExcludeUsername return exclude username

func (*ConfigData) RestrictDevelopmentUsername added in v1.1.9 

func (cd *ConfigData) RestrictDevelopmentUsername() []string

RestrictDevelopmentUsername return exclude development username

func (*ConfigData) Run added in v0.11.0 

func (cd *ConfigData) Run(stopCh <-chan struct{})

Run checks syncing

func (*ConfigData) ToFilter added in v0.11.0 

func (cd *ConfigData) ToFilter(kind, namespace, name string) bool

ToFilter checks if the given resource is set to be filtered in the configuration

type Interface added in v0.11.0 

type Interface interface {
	ToFilter(kind, namespace, name string) bool
	GetExcludeGroupRole() []string
	GetExcludeUsername() []string
	RestrictDevelopmentUsername() []string
}

Interface to be used by consumer to check filters

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.