Documentation ¶
Index ¶
Constants ¶
const ( ControllerName = "gatekeeper-constraint-status-sync" GatekeeperWebhookName = "gatekeeper-validating-webhook-configuration" )
Variables ¶
This section is empty.
Functions ¶
func GatekeeperInstallationChecker ¶
func GatekeeperInstallationChecker( ctx context.Context, dynamicClient dynamic.Interface, checkers ...healthz.Checker, ) ( healthz.Checker, bool, error, )
GatekeeperInstallationChecker is a health checker for a health endpoint that fails if Gatekeeper's installation status changes or the passed in health checker functions fail. This is useful for Kubernetes to trigger a restart to either enable or disable the gatekeeper-constraint-status-sync controller based on the Gatekeeper installation status.
Types ¶
type GatekeeperConstraintReconciler ¶
type GatekeeperConstraintReconciler struct { client.Client utils.ComplianceEventSender Scheme *runtime.Scheme DynamicClient dynamic.Interface ConstraintsWatcher depclient.DynamicWatcher // contains filtered or unexported fields }
GatekeeperConstraintReconciler is responsible for relaying Gatekeeper constraint audit results as policy status events.
func (*GatekeeperConstraintReconciler) Reconcile ¶
func (r *GatekeeperConstraintReconciler) Reconcile( ctx context.Context, request reconcile.Request, ) ( reconcile.Result, error, )
Reconcile handles Policy objects that contain a Gatekeeper constraint and relays status messages from Gatekeeper audit results. Every time a Gatekeeper constraint in a Policy is updated, a reconcile on the Policy is triggered.
func (*GatekeeperConstraintReconciler) SetupWithManager ¶
func (r *GatekeeperConstraintReconciler) SetupWithManager(mgr ctrl.Manager, constraintEvents *source.Channel) error
SetupWithManager sets up the controller with the Manager.