Documentation

Index

Constants

View Source
const PluginName = "PodSecurityPolicy"

    PluginName is a string with the name of the plugin

    Variables

    This section is empty.

    Functions

    func Register

    func Register(plugins *admission.Plugins)

      Register registers a plugin

      Types

      type Plugin

      type Plugin struct {
      	*admission.Handler
      	// contains filtered or unexported fields
      }

        Plugin holds state for and implements the admission plugin.

        func (*Plugin) Admit

          Admit determines if the pod should be admitted based on the requested security context and the available PSPs.

          1. Find available PSPs. 2. Create the providers, includes setting pre-allocated values if necessary. 3. Try to generate and validate a PSP with providers. If we find one then admit the pod

          with the validated PSP.  If we don't find any reject the pod and give all errors from the
          failed attempts.
          

          func (*Plugin) SetAuthorizer

          func (p *Plugin) SetAuthorizer(authz authorizer.Authorizer)

            SetAuthorizer sets the authorizer.

            func (*Plugin) SetExternalKubeInformerFactory

            func (p *Plugin) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)

              SetExternalKubeInformerFactory registers an informer

              func (*Plugin) Validate

                Validate verifies attributes against the PodSecurityPolicy

                func (*Plugin) ValidateInitialization

                func (p *Plugin) ValidateInitialization() error

                  ValidateInitialization ensures an authorizer is set.

                  Source Files