View Source
const (
	DefaultKubernetesDomain   = "svc." + constants.DefaultKubernetesDomain
	ExportToNamespaceLocal    = "."
	ExportToAllNamespaces     = "*"
	IstioProxyName            = "istio-proxy"
	MeshGateway               = "mesh"
	Wildcard                  = "*"
	MeshConfigName            = "istio"
	InjectionLabelName        = "istio-injection"
	InjectionLabelEnableValue = "enabled"
View Source
const (

	// Path for host in VirtualService.
	// Required parameters: route rule, route rule index, route index.
	DestinationHost = "{.spec.%s[%d].route[%d]}"

	// Path for mirror host in VirtualService.
	// Required parameters: http index.
	MirrorHost = "{.spec.http[%d]}"

	// Path for VirtualService gateway.
	// Required parameters: gateway index.
	VSGateway = "{.spec.gateways[%d]}"

	// Path for regex match of uri, scheme, method and authority.
	// Required parameters: http index, match index, where to match.
	URISchemeMethodAuthorityRegexMatch = "{.spec.http[%d].match[%d].%s.regex}"

	// Path for regex match of headers and queryParams.
	// Required parameters: http index, match index, where to match, match key.
	HeaderAndQueryParamsRegexMatch = "{.spec.http[%d].match[%d].%s.%s.regex}"

	// Path for regex match of allowOrigins.
	// Required parameters: http index, allowOrigins index.
	AllowOriginsRegexMatch = "{.spec.http[%d].corsPolicy.allowOrigins[%d].regex}"

	// Path for workload selector.
	// Required parameters: selector label.
	WorkloadSelector = "{.spec.workloadSelector.labels.%s}"

	// Path for port from ports collections.
	// Required parameters: port index.
	PortInPorts = "{.spec.ports[%d].port}"

	// Path for fromRegistry in the mesh networks.
	// Required parameters: network name, endPoint index.
	FromRegistry = "{.networks.%s.endpoints[%d]}"

	// Path for the image in the container.
	// Required parameters: container index.
	ImageInContainer = "{.spec.containers[%d].image}"

	// Path for namespace in metadata.
	// Required parameters: none.
	MetadataNamespace = "{.metadata.namespace}"

	// Path for name in metadata.
	// Required parameters: none.
	MetadataName = "{}"

	// Path for namespace in authorizationPolicy.
	// Required parameters: rule index, from index, namespace index.
	AuthorizationPolicyNameSpace = "{.spec.rules[%d].from[%d].source.namespaces[%d]}"

	// Path for annotation.
	// Required parameters: annotation name.
	Annotation = "{.metadata.annotations.%s}"

	// Path for selector in Gateway.
	// Required parameters: selector label.
	GatewaySelector = "{.spec.selector.%s}"

	// Path for credentialName.
	// Required parameters: server index.
	CredentialName = "{.spec.servers[%d].tls.credentialName}"

	// Path for Port in ServiceEntry.
	// Required parameters: port index.
	ServiceEntryPort = "{.spec.ports[%d].name}"


    Ref: "kube-system": The namespace for objects created by the Kubernetes system. "kube-public": This namespace is mostly reserved for cluster usage. "kube-node-lease": This namespace for the lease objects associated with each node

    which improves the performance of the node heartbeats as the cluster scales.

    "local-path-storage": Dynamically provisioning persistent local storage with Kubernetes.

    used with Kind cluster:


    func AddLineNumber

    func AddLineNumber(r *resource.Instance, ann string, m diag.Message) bool

    func ConvertHostToFQDN

    func ConvertHostToFQDN(namespace resource.Namespace, host string) string

      ConvertHostToFQDN returns the given host as a FQDN, if it isn't already.

      func DeploymentInMesh

      func DeploymentInMesh(r *resource.Instance, c analysis.Context) bool

        DeploymentinMesh returns true if deployment is in the service mesh (has sidecar)

        func ErrorLine

        func ErrorLine(r *resource.Instance, path string) (line int, found bool)

          ErrorLine returns the line number of the input path key in the resource

          func ExtractLabelFromSelectorString

          func ExtractLabelFromSelectorString(s string) string

            ExtractLabelFromSelectorString returns the label of the match in the k8s labels.Selector

            func GetDestinationHost

            func GetDestinationHost(sourceNs resource.Namespace, host string, serviceEntryHosts map[ScopedFqdn]*v1alpha3.ServiceEntry) *v1alpha3.ServiceEntry

            func GetFullNameFromFQDN

            func GetFullNameFromFQDN(fqdn string) resource.FullName

              GetFullNameFromFQDN tries to parse namespace and name from a fqdn. Empty strings are returned if either namespace or name cannot be parsed.

              func GetResourceNameFromHost

              func GetResourceNameFromHost(defaultNamespace resource.Namespace, host string) resource.FullName

                GetResourceNameFromHost figures out the resource.FullName to look up from the provided host string We need to handle two possible formats: short name and FQDN

                func InitServiceEntryHostMap

                func InitServiceEntryHostMap(ctx analysis.Context) map[ScopedFqdn]*v1alpha3.ServiceEntry

                func IsExportToAllNamespaces

                func IsExportToAllNamespaces(exportTos []string) bool

                  IsExportToAllNamespaces returns true if export to applies to all namespaces and false if it is set to namespace local.

                  func IsIncluded

                  func IsIncluded(slice []string, term string) bool

                    IsIncluded check if the term exists in a slice of string

                    func IsIstioControlPlane

                    func IsIstioControlPlane(r *resource.Instance) bool

                      IsIstioControlPlane returns true for resources that are part of the Istio control plane

                      func IsSystemNamespace

                      func IsSystemNamespace(ns resource.Namespace) bool

                        IsSystemNamespace returns true for system namespaces

                        func PodInMesh

                        func PodInMesh(r *resource.Instance, c analysis.Context) bool

                          PodInMesh returns true if a Pod is in the service mesh (has sidecar)


                          type ScopedFqdn

                          type ScopedFqdn string

                          func NewScopedFqdn

                          func NewScopedFqdn(scope string, namespace resource.Namespace, host string) ScopedFqdn

                            NewScopedFqdn converts the passed host to FQDN if needed and applies the passed scope.

                            func (ScopedFqdn) GetScopeAndFqdn

                            func (s ScopedFqdn) GetScopeAndFqdn() (string, string)

                              GetScopeAndFqdn splits ScopedFqdn back to scope namespace and fqdn parts

                              func (ScopedFqdn) InScopeOf

                              func (s ScopedFqdn) InScopeOf(ns string) bool

                                InScopeOf returns true if ns is in the scope of ScopedFqdn