2019-11-08 18:57:27 -08:00
|
|
|
package engine
|
|
|
|
|
|
|
|
|
|
import (
|
2019-11-13 15:46:43 -08:00
|
|
|
client "github.com/nirmata/kyverno/pkg/dclient"
|
2019-11-13 13:41:08 -08:00
|
|
|
kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1"
|
2019-11-08 18:57:27 -08:00
|
|
|
authenticationv1 "k8s.io/api/authentication/v1"
|
|
|
|
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
2019-12-11 09:45:22 -08:00
|
|
|
"github.com/nirmata/kyverno/pkg/engine/context"
|
2019-11-08 18:57:27 -08:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// PolicyContext contains the contexts for engine to process
|
|
|
|
|
type PolicyContext struct {
|
|
|
|
|
// policy to be processed
|
|
|
|
|
Policy kyverno.ClusterPolicy
|
|
|
|
|
// resource to be processed
|
2019-11-13 13:13:07 -08:00
|
|
|
NewResource unstructured.Unstructured
|
|
|
|
|
// old Resource - Update operations
|
|
|
|
|
OldResource unstructured.Unstructured
|
2019-11-08 18:57:27 -08:00
|
|
|
AdmissionInfo RequestInfo
|
2019-11-13 15:46:43 -08:00
|
|
|
// Dynamic client - used by generate
|
|
|
|
|
Client *client.Client
|
2019-12-11 09:45:22 -08:00
|
|
|
// Contexts to store resources
|
|
|
|
|
Context *context.Context
|
2019-11-08 18:57:27 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RequestInfo contains permission info carried in an admission request
|
|
|
|
|
type RequestInfo struct {
|
|
|
|
|
// Roles is a list of possible role send the request
|
|
|
|
|
Roles []string
|
|
|
|
|
// ClusterRoles is a list of possible clusterRoles send the request
|
|
|
|
|
ClusterRoles []string
|
|
|
|
|
// UserInfo is the userInfo carried in the admission request
|
|
|
|
|
AdmissionUserInfo authenticationv1.UserInfo
|
|
|
|
|
}
|
