mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-05 15:37:19 +00:00
add namespace cluster policyviolation crd
This commit is contained in:
Shuting Zhao
parent
e75791c58f
commit
0badf761a8
13 changed files with 685 additions and 1 deletions
|
|
@ -240,6 +240,71 @@ spec:
|
|||
creationBlocked:
|
||||
type: boolean
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1beta1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: policyviolations.kyverno.io
|
||||
spec:
|
||||
group: kyverno.io
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
served: true
|
||||
storage: true
|
||||
scope: Namespaced
|
||||
names:
|
||||
kind: PolicyViolation
|
||||
plural: policyviolations
|
||||
singular: policyviolation
|
||||
subresources:
|
||||
status: {}
|
||||
validation:
|
||||
openAPIV3Schema:
|
||||
properties:
|
||||
spec:
|
||||
required:
|
||||
- policy
|
||||
- resource
|
||||
- rules
|
||||
properties:
|
||||
policy:
|
||||
type: string
|
||||
resource:
|
||||
type: object
|
||||
required:
|
||||
- kind
|
||||
- name
|
||||
properties:
|
||||
kind:
|
||||
type: string
|
||||
name:
|
||||
type: string
|
||||
namespace:
|
||||
type: string
|
||||
rules:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
required:
|
||||
- name
|
||||
- type
|
||||
- message
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
type:
|
||||
type: string
|
||||
message:
|
||||
type: string
|
||||
managedResource:
|
||||
type: object
|
||||
properties:
|
||||
kind:
|
||||
type: string
|
||||
namespace:
|
||||
type: string
|
||||
creationBlocked:
|
||||
type: boolean
|
||||
---
|
||||
kind: Namespace
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
|
|
|
|||
|
|
@ -36,6 +36,21 @@ type ClusterPolicyViolationList struct {
|
|||
Items []ClusterPolicyViolation `json:"items"`
|
||||
}
|
||||
|
||||
// +genclient
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// NamespacedPolicyViolation ...
|
||||
type NamespacedPolicyViolation PolicyViolation
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// NamespacedPolicyViolationList ...
|
||||
type NamespacedPolicyViolationList struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
metav1.ListMeta `json:"metadata"`
|
||||
Items []NamespacedPolicyViolation `json:"items"`
|
||||
}
|
||||
|
||||
// Policy contains rules to be applied to created resources
|
||||
type Policy struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
|
|
|
|||
|
|
@ -233,6 +233,67 @@ func (in *Mutation) DeepCopy() *Mutation {
|
|||
return out
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *NamespacedPolicyViolation) DeepCopyInto(out *NamespacedPolicyViolation) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
in.Status.DeepCopyInto(&out.Status)
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespacedPolicyViolation.
|
||||
func (in *NamespacedPolicyViolation) DeepCopy() *NamespacedPolicyViolation {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(NamespacedPolicyViolation)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||
func (in *NamespacedPolicyViolation) DeepCopyObject() runtime.Object {
|
||||
if c := in.DeepCopy(); c != nil {
|
||||
return c
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *NamespacedPolicyViolationList) DeepCopyInto(out *NamespacedPolicyViolationList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
out.ListMeta = in.ListMeta
|
||||
if in.Items != nil {
|
||||
in, out := &in.Items, &out.Items
|
||||
*out = make([]NamespacedPolicyViolation, len(*in))
|
||||
for i := range *in {
|
||||
(*in)[i].DeepCopyInto(&(*out)[i])
|
||||
}
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespacedPolicyViolationList.
|
||||
func (in *NamespacedPolicyViolationList) DeepCopy() *NamespacedPolicyViolationList {
|
||||
if in == nil {
|
||||
return nil
|
||||
}
|
||||
out := new(NamespacedPolicyViolationList)
|
||||
in.DeepCopyInto(out)
|
||||
return out
|
||||
}
|
||||
|
||||
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
|
||||
func (in *NamespacedPolicyViolationList) DeepCopyObject() runtime.Object {
|
||||
if c := in.DeepCopy(); c != nil {
|
||||
return c
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Policy) DeepCopyInto(out *Policy) {
|
||||
*out = *in
|
||||
|
|
|
|||
|
|
@ -36,6 +36,10 @@ func (c *FakeKyvernoV1alpha1) ClusterPolicyViolations() v1alpha1.ClusterPolicyVi
|
|||
return &FakeClusterPolicyViolations{c}
|
||||
}
|
||||
|
||||
func (c *FakeKyvernoV1alpha1) NamespacedPolicyViolations(namespace string) v1alpha1.NamespacedPolicyViolationInterface {
|
||||
return &FakeNamespacedPolicyViolations{c, namespace}
|
||||
}
|
||||
|
||||
// RESTClient returns a RESTClient that is used to communicate
|
||||
// with API server by this client implementation.
|
||||
func (c *FakeKyvernoV1alpha1) RESTClient() rest.Interface {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,140 @@
|
|||
/*
|
||||
Copyright The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
// Code generated by client-gen. DO NOT EDIT.
|
||||
|
||||
package fake
|
||||
|
||||
import (
|
||||
v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
labels "k8s.io/apimachinery/pkg/labels"
|
||||
schema "k8s.io/apimachinery/pkg/runtime/schema"
|
||||
types "k8s.io/apimachinery/pkg/types"
|
||||
watch "k8s.io/apimachinery/pkg/watch"
|
||||
testing "k8s.io/client-go/testing"
|
||||
)
|
||||
|
||||
// FakeNamespacedPolicyViolations implements NamespacedPolicyViolationInterface
|
||||
type FakeNamespacedPolicyViolations struct {
|
||||
Fake *FakeKyvernoV1alpha1
|
||||
ns string
|
||||
}
|
||||
|
||||
var namespacedpolicyviolationsResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "namespacedpolicyviolations"}
|
||||
|
||||
var namespacedpolicyviolationsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "NamespacedPolicyViolation"}
|
||||
|
||||
// Get takes name of the namespacedPolicyViolation, and returns the corresponding namespacedPolicyViolation object, and an error if there is any.
|
||||
func (c *FakeNamespacedPolicyViolations) Get(name string, options v1.GetOptions) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewGetAction(namespacedpolicyviolationsResource, c.ns, name), &v1alpha1.NamespacedPolicyViolation{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.NamespacedPolicyViolation), err
|
||||
}
|
||||
|
||||
// List takes label and field selectors, and returns the list of NamespacedPolicyViolations that match those selectors.
|
||||
func (c *FakeNamespacedPolicyViolations) List(opts v1.ListOptions) (result *v1alpha1.NamespacedPolicyViolationList, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewListAction(namespacedpolicyviolationsResource, namespacedpolicyviolationsKind, c.ns, opts), &v1alpha1.NamespacedPolicyViolationList{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
label, _, _ := testing.ExtractFromListOptions(opts)
|
||||
if label == nil {
|
||||
label = labels.Everything()
|
||||
}
|
||||
list := &v1alpha1.NamespacedPolicyViolationList{ListMeta: obj.(*v1alpha1.NamespacedPolicyViolationList).ListMeta}
|
||||
for _, item := range obj.(*v1alpha1.NamespacedPolicyViolationList).Items {
|
||||
if label.Matches(labels.Set(item.Labels)) {
|
||||
list.Items = append(list.Items, item)
|
||||
}
|
||||
}
|
||||
return list, err
|
||||
}
|
||||
|
||||
// Watch returns a watch.Interface that watches the requested namespacedPolicyViolations.
|
||||
func (c *FakeNamespacedPolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
|
||||
return c.Fake.
|
||||
InvokesWatch(testing.NewWatchAction(namespacedpolicyviolationsResource, c.ns, opts))
|
||||
|
||||
}
|
||||
|
||||
// Create takes the representation of a namespacedPolicyViolation and creates it. Returns the server's representation of the namespacedPolicyViolation, and an error, if there is any.
|
||||
func (c *FakeNamespacedPolicyViolations) Create(namespacedPolicyViolation *v1alpha1.NamespacedPolicyViolation) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewCreateAction(namespacedpolicyviolationsResource, c.ns, namespacedPolicyViolation), &v1alpha1.NamespacedPolicyViolation{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.NamespacedPolicyViolation), err
|
||||
}
|
||||
|
||||
// Update takes the representation of a namespacedPolicyViolation and updates it. Returns the server's representation of the namespacedPolicyViolation, and an error, if there is any.
|
||||
func (c *FakeNamespacedPolicyViolations) Update(namespacedPolicyViolation *v1alpha1.NamespacedPolicyViolation) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewUpdateAction(namespacedpolicyviolationsResource, c.ns, namespacedPolicyViolation), &v1alpha1.NamespacedPolicyViolation{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.NamespacedPolicyViolation), err
|
||||
}
|
||||
|
||||
// UpdateStatus was generated because the type contains a Status member.
|
||||
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
|
||||
func (c *FakeNamespacedPolicyViolations) UpdateStatus(namespacedPolicyViolation *v1alpha1.NamespacedPolicyViolation) (*v1alpha1.NamespacedPolicyViolation, error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewUpdateSubresourceAction(namespacedpolicyviolationsResource, "status", c.ns, namespacedPolicyViolation), &v1alpha1.NamespacedPolicyViolation{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.NamespacedPolicyViolation), err
|
||||
}
|
||||
|
||||
// Delete takes name of the namespacedPolicyViolation and deletes it. Returns an error if one occurs.
|
||||
func (c *FakeNamespacedPolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
|
||||
_, err := c.Fake.
|
||||
Invokes(testing.NewDeleteAction(namespacedpolicyviolationsResource, c.ns, name), &v1alpha1.NamespacedPolicyViolation{})
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
// DeleteCollection deletes a collection of objects.
|
||||
func (c *FakeNamespacedPolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
|
||||
action := testing.NewDeleteCollectionAction(namespacedpolicyviolationsResource, c.ns, listOptions)
|
||||
|
||||
_, err := c.Fake.Invokes(action, &v1alpha1.NamespacedPolicyViolationList{})
|
||||
return err
|
||||
}
|
||||
|
||||
// Patch applies the patch and returns the patched namespacedPolicyViolation.
|
||||
func (c *FakeNamespacedPolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
obj, err := c.Fake.
|
||||
Invokes(testing.NewPatchSubresourceAction(namespacedpolicyviolationsResource, c.ns, name, pt, data, subresources...), &v1alpha1.NamespacedPolicyViolation{})
|
||||
|
||||
if obj == nil {
|
||||
return nil, err
|
||||
}
|
||||
return obj.(*v1alpha1.NamespacedPolicyViolation), err
|
||||
}
|
||||
|
|
@ -21,3 +21,5 @@ package v1alpha1
|
|||
type ClusterPolicyExpansion interface{}
|
||||
|
||||
type ClusterPolicyViolationExpansion interface{}
|
||||
|
||||
type NamespacedPolicyViolationExpansion interface{}
|
||||
|
|
|
|||
|
|
@ -29,6 +29,7 @@ type KyvernoV1alpha1Interface interface {
|
|||
RESTClient() rest.Interface
|
||||
ClusterPoliciesGetter
|
||||
ClusterPolicyViolationsGetter
|
||||
NamespacedPolicyViolationsGetter
|
||||
}
|
||||
|
||||
// KyvernoV1alpha1Client is used to interact with features provided by the kyverno.io group.
|
||||
|
|
@ -44,6 +45,10 @@ func (c *KyvernoV1alpha1Client) ClusterPolicyViolations() ClusterPolicyViolation
|
|||
return newClusterPolicyViolations(c)
|
||||
}
|
||||
|
||||
func (c *KyvernoV1alpha1Client) NamespacedPolicyViolations(namespace string) NamespacedPolicyViolationInterface {
|
||||
return newNamespacedPolicyViolations(c, namespace)
|
||||
}
|
||||
|
||||
// NewForConfig creates a new KyvernoV1alpha1Client for the given config.
|
||||
func NewForConfig(c *rest.Config) (*KyvernoV1alpha1Client, error) {
|
||||
config := *c
|
||||
|
|
|
|||
|
|
@ -0,0 +1,191 @@
|
|||
/*
|
||||
Copyright The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
// Code generated by client-gen. DO NOT EDIT.
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
"time"
|
||||
|
||||
v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
|
||||
scheme "github.com/nirmata/kyverno/pkg/client/clientset/versioned/scheme"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
types "k8s.io/apimachinery/pkg/types"
|
||||
watch "k8s.io/apimachinery/pkg/watch"
|
||||
rest "k8s.io/client-go/rest"
|
||||
)
|
||||
|
||||
// NamespacedPolicyViolationsGetter has a method to return a NamespacedPolicyViolationInterface.
|
||||
// A group's client should implement this interface.
|
||||
type NamespacedPolicyViolationsGetter interface {
|
||||
NamespacedPolicyViolations(namespace string) NamespacedPolicyViolationInterface
|
||||
}
|
||||
|
||||
// NamespacedPolicyViolationInterface has methods to work with NamespacedPolicyViolation resources.
|
||||
type NamespacedPolicyViolationInterface interface {
|
||||
Create(*v1alpha1.NamespacedPolicyViolation) (*v1alpha1.NamespacedPolicyViolation, error)
|
||||
Update(*v1alpha1.NamespacedPolicyViolation) (*v1alpha1.NamespacedPolicyViolation, error)
|
||||
UpdateStatus(*v1alpha1.NamespacedPolicyViolation) (*v1alpha1.NamespacedPolicyViolation, error)
|
||||
Delete(name string, options *v1.DeleteOptions) error
|
||||
DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error
|
||||
Get(name string, options v1.GetOptions) (*v1alpha1.NamespacedPolicyViolation, error)
|
||||
List(opts v1.ListOptions) (*v1alpha1.NamespacedPolicyViolationList, error)
|
||||
Watch(opts v1.ListOptions) (watch.Interface, error)
|
||||
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.NamespacedPolicyViolation, err error)
|
||||
NamespacedPolicyViolationExpansion
|
||||
}
|
||||
|
||||
// namespacedPolicyViolations implements NamespacedPolicyViolationInterface
|
||||
type namespacedPolicyViolations struct {
|
||||
client rest.Interface
|
||||
ns string
|
||||
}
|
||||
|
||||
// newNamespacedPolicyViolations returns a NamespacedPolicyViolations
|
||||
func newNamespacedPolicyViolations(c *KyvernoV1alpha1Client, namespace string) *namespacedPolicyViolations {
|
||||
return &namespacedPolicyViolations{
|
||||
client: c.RESTClient(),
|
||||
ns: namespace,
|
||||
}
|
||||
}
|
||||
|
||||
// Get takes name of the namespacedPolicyViolation, and returns the corresponding namespacedPolicyViolation object, and an error if there is any.
|
||||
func (c *namespacedPolicyViolations) Get(name string, options v1.GetOptions) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
result = &v1alpha1.NamespacedPolicyViolation{}
|
||||
err = c.client.Get().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
Name(name).
|
||||
VersionedParams(&options, scheme.ParameterCodec).
|
||||
Do().
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// List takes label and field selectors, and returns the list of NamespacedPolicyViolations that match those selectors.
|
||||
func (c *namespacedPolicyViolations) List(opts v1.ListOptions) (result *v1alpha1.NamespacedPolicyViolationList, err error) {
|
||||
var timeout time.Duration
|
||||
if opts.TimeoutSeconds != nil {
|
||||
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
|
||||
}
|
||||
result = &v1alpha1.NamespacedPolicyViolationList{}
|
||||
err = c.client.Get().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Timeout(timeout).
|
||||
Do().
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// Watch returns a watch.Interface that watches the requested namespacedPolicyViolations.
|
||||
func (c *namespacedPolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
|
||||
var timeout time.Duration
|
||||
if opts.TimeoutSeconds != nil {
|
||||
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
|
||||
}
|
||||
opts.Watch = true
|
||||
return c.client.Get().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
VersionedParams(&opts, scheme.ParameterCodec).
|
||||
Timeout(timeout).
|
||||
Watch()
|
||||
}
|
||||
|
||||
// Create takes the representation of a namespacedPolicyViolation and creates it. Returns the server's representation of the namespacedPolicyViolation, and an error, if there is any.
|
||||
func (c *namespacedPolicyViolations) Create(namespacedPolicyViolation *v1alpha1.NamespacedPolicyViolation) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
result = &v1alpha1.NamespacedPolicyViolation{}
|
||||
err = c.client.Post().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
Body(namespacedPolicyViolation).
|
||||
Do().
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// Update takes the representation of a namespacedPolicyViolation and updates it. Returns the server's representation of the namespacedPolicyViolation, and an error, if there is any.
|
||||
func (c *namespacedPolicyViolations) Update(namespacedPolicyViolation *v1alpha1.NamespacedPolicyViolation) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
result = &v1alpha1.NamespacedPolicyViolation{}
|
||||
err = c.client.Put().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
Name(namespacedPolicyViolation.Name).
|
||||
Body(namespacedPolicyViolation).
|
||||
Do().
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// UpdateStatus was generated because the type contains a Status member.
|
||||
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
|
||||
|
||||
func (c *namespacedPolicyViolations) UpdateStatus(namespacedPolicyViolation *v1alpha1.NamespacedPolicyViolation) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
result = &v1alpha1.NamespacedPolicyViolation{}
|
||||
err = c.client.Put().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
Name(namespacedPolicyViolation.Name).
|
||||
SubResource("status").
|
||||
Body(namespacedPolicyViolation).
|
||||
Do().
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
||||
// Delete takes name of the namespacedPolicyViolation and deletes it. Returns an error if one occurs.
|
||||
func (c *namespacedPolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
|
||||
return c.client.Delete().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
Name(name).
|
||||
Body(options).
|
||||
Do().
|
||||
Error()
|
||||
}
|
||||
|
||||
// DeleteCollection deletes a collection of objects.
|
||||
func (c *namespacedPolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
|
||||
var timeout time.Duration
|
||||
if listOptions.TimeoutSeconds != nil {
|
||||
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
|
||||
}
|
||||
return c.client.Delete().
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
VersionedParams(&listOptions, scheme.ParameterCodec).
|
||||
Timeout(timeout).
|
||||
Body(options).
|
||||
Do().
|
||||
Error()
|
||||
}
|
||||
|
||||
// Patch applies the patch and returns the patched namespacedPolicyViolation.
|
||||
func (c *namespacedPolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
result = &v1alpha1.NamespacedPolicyViolation{}
|
||||
err = c.client.Patch(pt).
|
||||
Namespace(c.ns).
|
||||
Resource("namespacedpolicyviolations").
|
||||
SubResource(subresources...).
|
||||
Name(name).
|
||||
Body(data).
|
||||
Do().
|
||||
Into(result)
|
||||
return
|
||||
}
|
||||
|
|
@ -57,6 +57,8 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
|
|||
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().ClusterPolicies().Informer()}, nil
|
||||
case v1alpha1.SchemeGroupVersion.WithResource("clusterpolicyviolations"):
|
||||
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().ClusterPolicyViolations().Informer()}, nil
|
||||
case v1alpha1.SchemeGroupVersion.WithResource("namespacedpolicyviolations"):
|
||||
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().NamespacedPolicyViolations().Informer()}, nil
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,6 +28,8 @@ type Interface interface {
|
|||
ClusterPolicies() ClusterPolicyInformer
|
||||
// ClusterPolicyViolations returns a ClusterPolicyViolationInformer.
|
||||
ClusterPolicyViolations() ClusterPolicyViolationInformer
|
||||
// NamespacedPolicyViolations returns a NamespacedPolicyViolationInformer.
|
||||
NamespacedPolicyViolations() NamespacedPolicyViolationInformer
|
||||
}
|
||||
|
||||
type version struct {
|
||||
|
|
@ -50,3 +52,8 @@ func (v *version) ClusterPolicies() ClusterPolicyInformer {
|
|||
func (v *version) ClusterPolicyViolations() ClusterPolicyViolationInformer {
|
||||
return &clusterPolicyViolationInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
|
||||
}
|
||||
|
||||
// NamespacedPolicyViolations returns a NamespacedPolicyViolationInformer.
|
||||
func (v *version) NamespacedPolicyViolations() NamespacedPolicyViolationInformer {
|
||||
return &namespacedPolicyViolationInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,89 @@
|
|||
/*
|
||||
Copyright The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
// Code generated by informer-gen. DO NOT EDIT.
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
time "time"
|
||||
|
||||
kyvernov1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
|
||||
versioned "github.com/nirmata/kyverno/pkg/client/clientset/versioned"
|
||||
internalinterfaces "github.com/nirmata/kyverno/pkg/client/informers/externalversions/internalinterfaces"
|
||||
v1alpha1 "github.com/nirmata/kyverno/pkg/client/listers/kyverno/v1alpha1"
|
||||
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||
runtime "k8s.io/apimachinery/pkg/runtime"
|
||||
watch "k8s.io/apimachinery/pkg/watch"
|
||||
cache "k8s.io/client-go/tools/cache"
|
||||
)
|
||||
|
||||
// NamespacedPolicyViolationInformer provides access to a shared informer and lister for
|
||||
// NamespacedPolicyViolations.
|
||||
type NamespacedPolicyViolationInformer interface {
|
||||
Informer() cache.SharedIndexInformer
|
||||
Lister() v1alpha1.NamespacedPolicyViolationLister
|
||||
}
|
||||
|
||||
type namespacedPolicyViolationInformer struct {
|
||||
factory internalinterfaces.SharedInformerFactory
|
||||
tweakListOptions internalinterfaces.TweakListOptionsFunc
|
||||
namespace string
|
||||
}
|
||||
|
||||
// NewNamespacedPolicyViolationInformer constructs a new informer for NamespacedPolicyViolation type.
|
||||
// Always prefer using an informer factory to get a shared informer instead of getting an independent
|
||||
// one. This reduces memory footprint and number of connections to the server.
|
||||
func NewNamespacedPolicyViolationInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
|
||||
return NewFilteredNamespacedPolicyViolationInformer(client, namespace, resyncPeriod, indexers, nil)
|
||||
}
|
||||
|
||||
// NewFilteredNamespacedPolicyViolationInformer constructs a new informer for NamespacedPolicyViolation type.
|
||||
// Always prefer using an informer factory to get a shared informer instead of getting an independent
|
||||
// one. This reduces memory footprint and number of connections to the server.
|
||||
func NewFilteredNamespacedPolicyViolationInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
|
||||
return cache.NewSharedIndexInformer(
|
||||
&cache.ListWatch{
|
||||
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
|
||||
if tweakListOptions != nil {
|
||||
tweakListOptions(&options)
|
||||
}
|
||||
return client.KyvernoV1alpha1().NamespacedPolicyViolations(namespace).List(options)
|
||||
},
|
||||
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
|
||||
if tweakListOptions != nil {
|
||||
tweakListOptions(&options)
|
||||
}
|
||||
return client.KyvernoV1alpha1().NamespacedPolicyViolations(namespace).Watch(options)
|
||||
},
|
||||
},
|
||||
&kyvernov1alpha1.NamespacedPolicyViolation{},
|
||||
resyncPeriod,
|
||||
indexers,
|
||||
)
|
||||
}
|
||||
|
||||
func (f *namespacedPolicyViolationInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
|
||||
return NewFilteredNamespacedPolicyViolationInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
|
||||
}
|
||||
|
||||
func (f *namespacedPolicyViolationInformer) Informer() cache.SharedIndexInformer {
|
||||
return f.factory.InformerFor(&kyvernov1alpha1.NamespacedPolicyViolation{}, f.defaultInformer)
|
||||
}
|
||||
|
||||
func (f *namespacedPolicyViolationInformer) Lister() v1alpha1.NamespacedPolicyViolationLister {
|
||||
return v1alpha1.NewNamespacedPolicyViolationLister(f.Informer().GetIndexer())
|
||||
}
|
||||
|
|
@ -38,6 +38,7 @@ type PolicyViolationListerExpansion interface{}
|
|||
// PolicyListerExpansion allows custom methods to be added to
|
||||
// PolicyLister.
|
||||
type ClusterPolicyListerExpansion interface {
|
||||
// TODO(shuting): change to getpolicyforclusterpolicyviolation?
|
||||
GetPolicyForPolicyViolation(pv *kyverno.ClusterPolicyViolation) ([]*kyverno.ClusterPolicy, error)
|
||||
ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicy, err error)
|
||||
}
|
||||
|
|
@ -45,11 +46,19 @@ type ClusterPolicyListerExpansion interface {
|
|||
// PolicyViolationListerExpansion allows custom methods to be added to
|
||||
// PolicyViolationLister.
|
||||
type ClusterPolicyViolationListerExpansion interface {
|
||||
// List lists all PolicyViolations in the indexer with GVK.
|
||||
// List lists all PolicyViolations in the indexer with GVK.
|
||||
ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicyViolation, err error)
|
||||
}
|
||||
|
||||
// NamespacedPolicyViolationListerExpansion allows custom methods to be added to
|
||||
// NamespacedPolicyViolationLister.
|
||||
type NamespacedPolicyViolationListerExpansion interface{}
|
||||
|
||||
// NamespacedPolicyViolationNamespaceListerExpansion allows custom methods to be added to
|
||||
// NamespacedPolicyViolationNamespaceLister.
|
||||
type NamespacedPolicyViolationNamespaceListerExpansion interface {
|
||||
}
|
||||
|
||||
//ListResources is a wrapper to List and adds the resource kind information
|
||||
// as the lister is specific to a gvk we can harcode the values here
|
||||
func (pvl *clusterPolicyViolationLister) ListResources(selector labels.Selector) (ret []*v1alpha1.ClusterPolicyViolation, err error) {
|
||||
|
|
|
|||
|
|
@ -0,0 +1,94 @@
|
|||
/*
|
||||
Copyright The Kubernetes Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
// Code generated by lister-gen. DO NOT EDIT.
|
||||
|
||||
package v1alpha1
|
||||
|
||||
import (
|
||||
v1alpha1 "github.com/nirmata/kyverno/pkg/api/kyverno/v1alpha1"
|
||||
"k8s.io/apimachinery/pkg/api/errors"
|
||||
"k8s.io/apimachinery/pkg/labels"
|
||||
"k8s.io/client-go/tools/cache"
|
||||
)
|
||||
|
||||
// NamespacedPolicyViolationLister helps list NamespacedPolicyViolations.
|
||||
type NamespacedPolicyViolationLister interface {
|
||||
// List lists all NamespacedPolicyViolations in the indexer.
|
||||
List(selector labels.Selector) (ret []*v1alpha1.NamespacedPolicyViolation, err error)
|
||||
// NamespacedPolicyViolations returns an object that can list and get NamespacedPolicyViolations.
|
||||
NamespacedPolicyViolations(namespace string) NamespacedPolicyViolationNamespaceLister
|
||||
NamespacedPolicyViolationListerExpansion
|
||||
}
|
||||
|
||||
// namespacedPolicyViolationLister implements the NamespacedPolicyViolationLister interface.
|
||||
type namespacedPolicyViolationLister struct {
|
||||
indexer cache.Indexer
|
||||
}
|
||||
|
||||
// NewNamespacedPolicyViolationLister returns a new NamespacedPolicyViolationLister.
|
||||
func NewNamespacedPolicyViolationLister(indexer cache.Indexer) NamespacedPolicyViolationLister {
|
||||
return &namespacedPolicyViolationLister{indexer: indexer}
|
||||
}
|
||||
|
||||
// List lists all NamespacedPolicyViolations in the indexer.
|
||||
func (s *namespacedPolicyViolationLister) List(selector labels.Selector) (ret []*v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
err = cache.ListAll(s.indexer, selector, func(m interface{}) {
|
||||
ret = append(ret, m.(*v1alpha1.NamespacedPolicyViolation))
|
||||
})
|
||||
return ret, err
|
||||
}
|
||||
|
||||
// NamespacedPolicyViolations returns an object that can list and get NamespacedPolicyViolations.
|
||||
func (s *namespacedPolicyViolationLister) NamespacedPolicyViolations(namespace string) NamespacedPolicyViolationNamespaceLister {
|
||||
return namespacedPolicyViolationNamespaceLister{indexer: s.indexer, namespace: namespace}
|
||||
}
|
||||
|
||||
// NamespacedPolicyViolationNamespaceLister helps list and get NamespacedPolicyViolations.
|
||||
type NamespacedPolicyViolationNamespaceLister interface {
|
||||
// List lists all NamespacedPolicyViolations in the indexer for a given namespace.
|
||||
List(selector labels.Selector) (ret []*v1alpha1.NamespacedPolicyViolation, err error)
|
||||
// Get retrieves the NamespacedPolicyViolation from the indexer for a given namespace and name.
|
||||
Get(name string) (*v1alpha1.NamespacedPolicyViolation, error)
|
||||
NamespacedPolicyViolationNamespaceListerExpansion
|
||||
}
|
||||
|
||||
// namespacedPolicyViolationNamespaceLister implements the NamespacedPolicyViolationNamespaceLister
|
||||
// interface.
|
||||
type namespacedPolicyViolationNamespaceLister struct {
|
||||
indexer cache.Indexer
|
||||
namespace string
|
||||
}
|
||||
|
||||
// List lists all NamespacedPolicyViolations in the indexer for a given namespace.
|
||||
func (s namespacedPolicyViolationNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.NamespacedPolicyViolation, err error) {
|
||||
err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) {
|
||||
ret = append(ret, m.(*v1alpha1.NamespacedPolicyViolation))
|
||||
})
|
||||
return ret, err
|
||||
}
|
||||
|
||||
// Get retrieves the NamespacedPolicyViolation from the indexer for a given namespace and name.
|
||||
func (s namespacedPolicyViolationNamespaceLister) Get(name string) (*v1alpha1.NamespacedPolicyViolation, error) {
|
||||
obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
if !exists {
|
||||
return nil, errors.NewNotFound(v1alpha1.Resource("namespacedpolicyviolation"), name)
|
||||
}
|
||||
return obj.(*v1alpha1.NamespacedPolicyViolation), nil
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue