mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-09 09:26:54 +00:00
Code Activity
kyverno/docs/user/crd/kyverno.v2alpha1.html

1524 lines
25 KiB
HTML
Raw Normal View History

(docs) changed docs tool to kubernetes-sigs/reference-docs (#9212) * (docs) updated gen-crd tool to reference-docs/genref Signed-off-by: Srikanth Iyengar <ksrikanth3012@gmail.com> * (docs) updated branch with recent docs Signed-off-by: Srikanth Iyengar <ksrikanth3012@gmail.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * (docs) codegen * fix Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> * codegen Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> --------- Signed-off-by: Srikanth Iyengar <ksrikanth3012@gmail.com> Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com> Co-authored-by: shuting <shuting@nirmata.com>
2024-02-04 18:27:00 +05:30
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
<style>
.bg-blue {
color: #ffffff;
background-color: #1589dd;
}
</style>
</head>
<body>
<div class="container">
<h2 id="kyverno-io-v2alpha1">Package: <span style="font-family: monospace">kyverno.io/v2alpha1</span></h2>
<p></p>
<h3>Resource Types:</h3>
<ul><li>
<a href="#kyverno-io-v2alpha1-CleanupPolicy">CleanupPolicy</a>
</li><li>
<a href="#kyverno-io-v2alpha1-ClusterCleanupPolicy">ClusterCleanupPolicy</a>
</li><li>
<a href="#kyverno-io-v2alpha1-GlobalContextEntry">GlobalContextEntry</a>
</li><li>
<a href="#kyverno-io-v2alpha1-PolicyException">PolicyException</a>
</li></ul>
<H3 id="kyverno-io-v2alpha1-CleanupPolicy">CleanupPolicy
</H3>
<p><p>CleanupPolicy defines a rule for resource cleanup.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>apiVersion</code></br>string</td>
<td><code>kyverno.io/v2alpha1</code></td>
</tr>
<tr>
<td><code>kind</code></br>string</td>
<td><code>CleanupPolicy</code></td>
</tr>
<tr>
<td><code>metadata</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">meta/v1.ObjectMeta</span>
</td>
<td>
Refer to the Kubernetes API documentation for the fields of the
<code>metadata</code> field.
</td>
</tr>
<tr>
<td><code>spec</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.CleanupPolicySpec</span>
</td>
<td>
<p>Spec declares policy behaviors.</p>
<br/>
<br/>
<table>
<tr>
<td><code>context</code>
</br>
<a href="#kyverno-io-v1-ContextEntry">
<span style="font-family: monospace">[]ContextEntry</span>
</a>
</td>
<td>
<p>Context defines variables and data sources that can be used during rule execution.</p>
</td>
</tr>
<tr>
<td><code>match</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.MatchResources</span>
</td>
<td>
<p>MatchResources defines when cleanuppolicy should be applied. The match
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.</p>
</td>
</tr>
<tr>
<td><code>exclude</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.MatchResources</span>
</td>
<td>
<p>ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.</p>
</td>
</tr>
<tr>
<td><code>schedule</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">string</span>
</td>
<td>
<p>The schedule in Cron format</p>
</td>
</tr>
<tr>
<td><code>conditions</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.AnyAllConditions</span>
</td>
<td>
<p>Conditions defines the conditions used to select the resources which will be cleaned up.</p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><code>status</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.CleanupPolicyStatus</span>
</td>
<td>
<p>Status contains policy runtime data.</p>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-ClusterCleanupPolicy">ClusterCleanupPolicy
</H3>
<p><p>ClusterCleanupPolicy defines rule for resource cleanup.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>apiVersion</code></br>string</td>
<td><code>kyverno.io/v2alpha1</code></td>
</tr>
<tr>
<td><code>kind</code></br>string</td>
<td><code>ClusterCleanupPolicy</code></td>
</tr>
<tr>
<td><code>metadata</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">meta/v1.ObjectMeta</span>
</td>
<td>
Refer to the Kubernetes API documentation for the fields of the
<code>metadata</code> field.
</td>
</tr>
<tr>
<td><code>spec</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.CleanupPolicySpec</span>
</td>
<td>
<p>Spec declares policy behaviors.</p>
<br/>
<br/>
<table>
<tr>
<td><code>context</code>
</br>
<a href="#kyverno-io-v1-ContextEntry">
<span style="font-family: monospace">[]ContextEntry</span>
</a>
</td>
<td>
<p>Context defines variables and data sources that can be used during rule execution.</p>
</td>
</tr>
<tr>
<td><code>match</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.MatchResources</span>
</td>
<td>
<p>MatchResources defines when cleanuppolicy should be applied. The match
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the user name or role.
At least one kind is required.</p>
</td>
</tr>
<tr>
<td><code>exclude</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.MatchResources</span>
</td>
<td>
<p>ExcludeResources defines when cleanuppolicy should not be applied. The exclude
criteria can include resource information (e.g. kind, name, namespace, labels)
and admission review request information like the name or role.</p>
</td>
</tr>
<tr>
<td><code>schedule</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">string</span>
</td>
<td>
<p>The schedule in Cron format</p>
</td>
</tr>
<tr>
<td><code>conditions</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.AnyAllConditions</span>
</td>
<td>
<p>Conditions defines the conditions used to select the resources which will be cleaned up.</p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><code>status</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.CleanupPolicyStatus</span>
</td>
<td>
<p>Status contains policy runtime data.</p>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-GlobalContextEntry">GlobalContextEntry
</H3>
<p><p>GlobalContextEntry declares resources to be cached.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>apiVersion</code></br>string</td>
<td><code>kyverno.io/v2alpha1</code></td>
</tr>
<tr>
<td><code>kind</code></br>string</td>
<td><code>GlobalContextEntry</code></td>
</tr>
<tr>
<td><code>metadata</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">meta/v1.ObjectMeta</span>
</td>
<td>
Refer to the Kubernetes API documentation for the fields of the
<code>metadata</code> field.
</td>
</tr>
<tr>
<td><code>spec</code>
<span style="color:blue;"> *</span>
</br>
<a href="#kyverno-io-v2alpha1-GlobalContextEntrySpec">
<span style="font-family: monospace">GlobalContextEntrySpec</span>
</a>
</td>
<td>
<p>Spec declares policy exception behaviors.</p>
<br/>
<br/>
<table>
<tr>
<td><code>kubernetesResource</code>
<span style="color:blue;"> *</span>
</br>
<a href="#kyverno-io-v2alpha1-KubernetesResource">
<span style="font-family: monospace">KubernetesResource</span>
</a>
</td>
<td>
<p>KubernetesResource stores infos about kubernetes resource that should be cached</p>
</td>
</tr>
<tr>
<td><code>apiCall</code>
<span style="color:blue;"> *</span>
</br>
<a href="#kyverno-io-v2alpha1-ExternalAPICall">
<span style="font-family: monospace">ExternalAPICall</span>
</a>
</td>
<td>
<p>APICall stores infos about API call that should be cached</p>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><code>status</code>
</br>
<a href="#kyverno-io-v2alpha1-GlobalContextEntryStatus">
<span style="font-family: monospace">GlobalContextEntryStatus</span>
</a>
</td>
<td>
<p>Status contains globalcontextentry runtime data.</p>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-PolicyException">PolicyException
</H3>
<p><p>PolicyException declares resources to be excluded from specified policies.</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>apiVersion</code></br>string</td>
<td><code>kyverno.io/v2alpha1</code></td>
</tr>
<tr>
<td><code>kind</code></br>string</td>
<td><code>PolicyException</code></td>
</tr>
<tr>
<td><code>metadata</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">meta/v1.ObjectMeta</span>
</td>
<td>
Refer to the Kubernetes API documentation for the fields of the
<code>metadata</code> field.
</td>
</tr>
<tr>
<td><code>spec</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.PolicyExceptionSpec</span>
</td>
<td>
<p>Spec declares policy exception behaviors.</p>
<br/>
<br/>
<table>
<tr>
<td><code>background</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">bool</span>
</td>
<td>
<p>Background controls if exceptions are applied to existing policies during a background scan.
Optional. Default value is &quot;true&quot;. The value must be set to &quot;false&quot; if the policy rule
uses variables that are only available in the admission review request (e.g. user name).</p>
</td>
</tr>
<tr>
<td><code>match</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.MatchResources</span>
</td>
<td>
<p>Match defines match clause used to check if a resource applies to the exception</p>
</td>
</tr>
<tr>
<td><code>conditions</code>
</br>
<span style="font-family: monospace">github.com/kyverno/kyverno/api/kyverno/v2beta1.AnyAllConditions</span>
</td>
<td>
<p>Conditions are used to determine if a resource applies to the exception by evaluating a
set of conditions. The declaration can contain nested <code>any</code> or <code>all</code> statements.</p>
</td>
</tr>
<tr>
<td><code>exceptions</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">[]github.com/kyverno/kyverno/api/kyverno/v2beta1.Exception</span>
</td>
<td>
<p>Exceptions is a list policy/rules to be excluded</p>
</td>
</tr>
<tr>
<td><code>podSecurity</code>
</br>
<a href="#kyverno-io-v1-PodSecurityStandard">
<span style="font-family: monospace">[]PodSecurityStandard</span>
</a>
</td>
<td>
<p>PodSecurity specifies the Pod Security Standard controls to be excluded.
Applicable only to policies that have validate.podSecurity subrule.</p>
</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-ExternalAPICall">ExternalAPICall
</H3>
<p>
(<em>Appears in:</em>
<a href="#kyverno-io-v2alpha1-GlobalContextEntrySpec">GlobalContextEntrySpec</a>)
</p>
<p><p>ExternalAPICall stores infos about API call that should be cached</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>APICall</code>
<span style="color:blue;"> *</span>
</br>
<a href="#kyverno-io-v1-APICall">
<span style="font-family: monospace">APICall</span>
</a>
</td>
<td>
<p>(Members of <code>APICall</code> are embedded into this type.)</p>
</td>
</tr>
<tr>
<td><code>refreshInterval</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">meta/v1.Duration</span>
</td>
<td>
<p>RefreshInterval defines the interval in duration at which to poll the APICall</p>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-GlobalContextEntrySpec">GlobalContextEntrySpec
</H3>
<p>
(<em>Appears in:</em>
<a href="#kyverno-io-v2alpha1-GlobalContextEntry">GlobalContextEntry</a>)
</p>
<p><p>GlobalContextEntrySpec stores policy exception spec</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>kubernetesResource</code>
<span style="color:blue;"> *</span>
</br>
<a href="#kyverno-io-v2alpha1-KubernetesResource">
<span style="font-family: monospace">KubernetesResource</span>
</a>
</td>
<td>
<p>KubernetesResource stores infos about kubernetes resource that should be cached</p>
</td>
</tr>
<tr>
<td><code>apiCall</code>
<span style="color:blue;"> *</span>
</br>
<a href="#kyverno-io-v2alpha1-ExternalAPICall">
<span style="font-family: monospace">ExternalAPICall</span>
</a>
</td>
<td>
<p>APICall stores infos about API call that should be cached</p>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-GlobalContextEntryStatus">GlobalContextEntryStatus
</H3>
<p>
(<em>Appears in:</em>
<a href="#kyverno-io-v2alpha1-GlobalContextEntry">GlobalContextEntry</a>)
</p>
<p></p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>ready</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">bool</span>
</td>
<td>
<p>Deprecated in favor of Conditions</p>
</td>
</tr>
<tr>
<td><code>conditions</code>
</br>
<span style="font-family: monospace">[]meta/v1.Condition</span>
</td>
<td>
</td>
</tr>
</tbody>
</table>
<H3 id="kyverno-io-v2alpha1-KubernetesResource">KubernetesResource
</H3>
<p>
(<em>Appears in:</em>
<a href="#kyverno-io-v2alpha1-GlobalContextEntrySpec">GlobalContextEntrySpec</a>)
</p>
<p><p>KubernetesResource stores infos about kubernetes resource that should be cached</p>
</p>
<table class="table table-striped">
<thead class="thead-dark">
<tr>
<th>Field</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>group</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">string</span>
</td>
<td>
<p>Group defines the group of the resource</p>
</td>
</tr>
<tr>
<td><code>version</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">string</span>
</td>
<td>
<p>Version defines the version of the resource</p>
</td>
</tr>
<tr>
<td><code>resource</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">string</span>
</td>
<td>
<p>Resource defines the type of the resource</p>
</td>
</tr>
<tr>
<td><code>namespace</code>
<span style="color:blue;"> *</span>
</br>
<span style="font-family: monospace">string</span>
</td>
<td>
<p>Namespace defines the namespace of the resource. Leave empty for cluster scoped resources.</p>
</td>
</tr>
</tbody>
</table>
<hr />
</div>
</body>
</html>
Copy permalink