Documentation ¶
Index ¶
- Constants
- Variables
- func GenerateEncryptionKey() ([]byte, error)
- func HandlerForBinding(c client.Client) handler.EventHandler
- func HandlerForDecision(c client.Client) handler.EventHandler
- func HandlerForRule(c client.Client) handler.EventHandler
- type Propagator
- type ReplicatedPolicyReconciler
- type RootPolicyReconciler
Constants ¶
const ( // #nosec G101 EncryptionKeySecret = "policy-encryption-key" IVAnnotation = "policy.open-cluster-management.io/encryption-iv" LastRotatedAnnotation = "policy.open-cluster-management.io/last-rotated" )
const ( TemplateStartDelim = "{{hub" TemplateStopDelim = "hub}}" TriggerUpdateAnnotation = "policy.open-cluster-management.io/trigger-update" )
const ( ParentPolicyIDAnnotation = "policy.open-cluster-management.io/parent-policy-compliance-db-id" PolicyIDAnnotation = "policy.open-cluster-management.io/policy-compliance-db-id" )
const ControllerName string = "policy-propagator"
Variables ¶
var ErrRetryable = errors.New("")
Functions ¶
func GenerateEncryptionKey ¶ added in v0.7.0
func HandlerForBinding ¶ added in v0.13.0
func HandlerForBinding(c client.Client) handler.EventHandler
HandlerForBinding maps a PlacementBinding to the targeted RepPolicies that are either directly in its subjects list, or are in a PolicySet which is a subject of this PlacementBinding.
func HandlerForDecision ¶ added in v0.13.0
func HandlerForDecision(c client.Client) handler.EventHandler
HandlerForDecision maps a PlacementDecision to all replicated policies that are in namespace as a decision cluster name. The name of replicated policy is rootpolicy name + namespace which is in Placementbinding subject
func HandlerForRule ¶ added in v0.13.0
func HandlerForRule(c client.Client) handler.EventHandler
HandlerForRule maps a PlacementRule to all replicated policies which are in the namespace as PlacementRule status.decisions. This finds placementBindings, of which placementRef is the placementRule, then collects all rootPolicies in placementBindings. Replicated policies are determined from decisions in the placementRule and a rootPolicy name
Types ¶
type Propagator ¶ added in v0.12.0
type Propagator struct { client.Client Scheme *runtime.Scheme Recorder record.EventRecorder RootPolicyLocks *sync.Map ReplicatedPolicyUpdates chan event.GenericEvent }
type ReplicatedPolicyReconciler ¶ added in v0.12.0
type ReplicatedPolicyReconciler struct { Propagator ResourceVersions *sync.Map DynamicWatcher k8sdepwatches.DynamicWatcher TemplateResolver *templates.TemplateResolver ComplianceServerCtx *complianceeventsapi.ComplianceServerCtx }
type RootPolicyReconciler ¶ added in v0.12.0
type RootPolicyReconciler struct {
Propagator
}
func (*RootPolicyReconciler) Reconcile ¶ added in v0.12.0
func (r *RootPolicyReconciler) Reconcile(ctx context.Context, request ctrl.Request) (ctrl.Result, error)
Reconcile handles root policies, sending events to the replicated policy reconciler to ensure that the desired policies are on the correct clusters. It also populates the status of the root policy with placement information.
func (*RootPolicyReconciler) SetupWithManager ¶ added in v0.12.0
func (r *RootPolicyReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint) error
SetupWithManager sets up the controller with the Manager.