mirrors/kyverno
mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2025-03-31 03:45:17 +00:00
Code Activity

Add Policy Report (#1229)

Browse source 
* add report in cli

* policy report crd added

* policy report added

* configmap added

* added jobs

* added jobs

* bug fixed

* added logic for cli

* common function added

* sub command added for policy report

* subcommand added for report

* common package changed

* configmap added

* added logic for kyverno cli

* added logic for jobs

* added logic for jobs

* added logic for jobs

* added logic for cli

* buf fix

* cli changes

* count bug fix

* docs added for command

* go fmt

* refactor codebase

* remove policy controller for policyreport

* policy report removed

* bug fixes

* bug fixes

* added job trigger if needed

* job deletation logic added

* build failed fix

* fixed e2e test

* remove hard coded variables

* packages adde

* improvment added in jobs sheduler

* policy report yaml added

* cronjob added

* small fixes

* remove background sync

* documentation added for report command

* remove extra log

* small improvement

* tested policy report

* revert hardcoded changes

* changes for demo

* demo changes

* resource aggrigation added

* More changes

* More changes

* - resolve PR comments; - refactor jobs controller

* set rbac for jobs

* add clean up in job controller

* add short names

* remove application scope for policyreport

* move job controller to policyreport

* add report logic in command apply

* - update policy report types;  - upgrade k8s library; - update code gen

* temporarily comment out code to pass CI build

* generate / update policyreport to cluster

* add unit test for CLI report

* add test for apply - generate policy report

* fix unit test

* - remove job controller; - remove in-memory configmap; - clean up kustomize manifest

* remove dependency

* add reportRequest / clusterReportRequest

* clean up policy report

* generate report request

* update crd clusterReportRequest

* - update json tag of report summary; - update definition manifests; -  fix dclient creation

* aggregate reportRequest into policy report

* fix unit tests

* - update report summary to optional; - generate clusterPolicyReport; - remove reportRequests after merged to report

* remove

* generate reportRequest in kyverno namespace

* update resource filter in helm chart

* - rename reportRequest to reportChangeRequest; -rename clusterReportRequest to clusterReportChangeRequest

* generate policy report in background scan

* skip generating report change request if there's entry results

* fix results entry removal when policy / rule gets deleted

* rename apiversion from policy.kubernetes.io to policy.k8s.io

* update summary.* to lower case

* move reportChangeRequest to kyverno.io/v1alpha1

* remove policy report flag

* fix report update

* clean up policy violation CRD

* remove violation CRD from manifest

* clean up policy violation code - remove pvGenerator

* change severity fields to lower case

* update import library

* set report category

Co-authored-by: Yuvraj <yuvraj.yad001@gmail.com>
Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com>
Co-authored-by: Jim Bugwadia <jim@nirmata.com>
This commit is contained in:
shuting 2020-11-09 11:26:12 -08:00 committed by GitHub
parent 50fa042bbc
commit 5e07ecc5f3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
161 changed files with 12281 additions and 3021 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/release.yaml vendored
View file

@ -70,7 +70,6 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}
- uses: J12934/helm-gh-pages-action@master
name: Run Helm Publish
with:

25
Makefile
View file

@ -113,6 +113,8 @@ docker-publish-all: docker-publish-initContainer docker-publish-kyverno docker-p
docker-build-all: docker-build-initContainer docker-build-kyverno docker-build-cli
docker-tag-all: docker-tag-repo-initContainer docker-tag-repo-kyverno docker-tag-repo-cli
##################################
# CI Testing
##################################
@ -181,6 +183,29 @@ release:
kustomize build ./definitions > ./definitions/install.yaml
kustomize build ./definitions > ./definitions/release/install.yaml
report-crd: controller-gen
$(CONTROLLER_GEN) crd:trivialVersions=true paths="./pkg/api/policyreport/v1alpha1" output:dir=./definitions/crds
$(CONTROLLER_GEN) object paths=./pkg/api/policyreport/v1alpha1
$(CONTROLLER_GEN) crd:trivialVersions=true paths="./pkg/api/kyverno/v1alpha1" output:dir=./definitions/crds
$(CONTROLLER_GEN) object paths=./pkg/api/kyverno/v1alpha1
# find or download controller-gen
# download controller-gen if necessary
controller-gen:
ifeq (, $(shell which controller-gen))
@{ \
set -e ;\
CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
cd $$CONTROLLER_GEN_TMP_DIR ;\
go mod init tmp ;\
go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.2.5 ;\
rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
}
CONTROLLER_GEN=$(GOBIN)/controller-gen
else
CONTROLLER_GEN=$(shell which controller-gen)
endif
# Run go fmt against code
fmt:
go fmt ./...

8
api/swaggerDoc.go
View file

@ -26,7 +26,7 @@ const SwaggerDoc = `
"type": "string"
},
"name": {
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.k8s.io/v1alpha1, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"type": "string"
},
"namespaceSelector": {
@ -223,7 +223,7 @@ const SwaggerDoc = `
"type": "string"
},
"name": {
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.k8s.io/v1alpha1, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"type": "string"
},
"namespaceSelector": {
@ -370,7 +370,7 @@ const SwaggerDoc = `
"type": "string"
},
"name": {
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.k8s.io/v1alpha1, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"type": "string"
},
"namespaceSelector": {
@ -565,7 +565,7 @@ const SwaggerDoc = `
"type": "string"
},
"name": {
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.kubernetes.io, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"description": "The name of the admission webhook. Name should be fully qualified, e.g., imagepolicy.k8s.io/v1alpha1, where \"imagepolicy\" is the name of the webhook, and kubernetes.io is the name of the organization. Required.",
"type": "string"
},
"namespaceSelector": {

1369
charts/kyverno/crds/crds.yaml
View file

File diff suppressed because it is too large Load diff

6
charts/kyverno/templates/clusterrole.yaml
View file

@ -98,6 +98,12 @@ rules:
- patch
- update
- watch
- apiGroups:
- 'apiextensions.k8s.io'
resources:
- customresourcedefinitions
verbs:
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole

5
charts/kyverno/values.yaml
View file

@ -98,6 +98,10 @@ config:
- "[TokenReview,*,*]"
- "[SubjectAccessReview,*,*]"
- "[*,kyverno,*]"
- "[Binding,*,*]"
- "[ReplicaSet,*,*]"
- "[ReportChangeRequest,*,*]"
- "[ClusterReportChangeRequest,*,*]"
# Or give the name of an existing config map (ignores default/provided resourceFilters)
existingConfig: ''
excludeGroupRole:
@ -128,3 +132,4 @@ service:
# 3) Let Helm generate a self signed cert, by setting createSelfSignedCert true
# If letting Kyverno create its own CA or providing your own, make createSelfSignedCert is false
createSelfSignedCert: false

119
cmd/initContainer/main.go
View file

@ -10,6 +10,7 @@ import (
"sync"
"time"
"github.com/gardener/controller-manager-library/pkg/logger"
"github.com/kyverno/kyverno/pkg/config"
client "github.com/kyverno/kyverno/pkg/dclient"
"github.com/kyverno/kyverno/pkg/signal"
@ -30,6 +31,10 @@ var (
const (
mutatingWebhookConfigKind string = "MutatingWebhookConfiguration"
validatingWebhookConfigKind string = "ValidatingWebhookConfiguration"
policyReportKind string = "PolicyReport"
clusterPolicyReportKind string = "ClusterPolicyReport"
policyViolation string = "PolicyViolation"
clusterPolicyViolation string = "ClusterPolicyViolation"
)
func main() {
@ -75,6 +80,12 @@ func main() {
{validatingWebhookConfigKind, config.PolicyValidatingWebhookConfigurationDebugName},
{mutatingWebhookConfigKind, config.PolicyMutatingWebhookConfigurationName},
{mutatingWebhookConfigKind, config.PolicyMutatingWebhookConfigurationDebugName},
// policy report
{policyReportKind, ""},
{clusterPolicyReportKind, ""},
// clean up policy violation
{policyViolation, ""},
{clusterPolicyViolation, ""},
}
done := make(chan struct{})
@ -101,26 +112,17 @@ func main() {
}
}
func removeWebhookIfExists(client *client.Client, kind string, name string) error {
logger := log.Log.WithName("removeExistingWebhook").WithValues("kind", kind, "name", name)
var err error
// Get resource
_, err = client.GetResource("", kind, "", name)
if errors.IsNotFound(err) {
logger.V(4).Info("resource not found")
return nil
func executeRequest(client *client.Client, req request) error {
switch req.kind {
case mutatingWebhookConfigKind, validatingWebhookConfigKind:
return removeWebhookIfExists(client, req.kind, req.name)
case policyReportKind:
return removePolicyReport(client, req.kind)
case clusterPolicyReportKind:
return removeClusterPolicyReport(client, req.kind)
case policyViolation, clusterPolicyViolation:
return removeViolationCRD(client)
}
if err != nil {
logger.Error(err, "failed to get resource")
return err
}
// Delete resource
err = client.DeleteResource("", kind, "", name, false)
if err != nil {
logger.Error(err, "failed to delete resource")
return err
}
logger.Info("removed the resource")
return nil
}
@ -175,7 +177,7 @@ func process(client *client.Client, done <-chan struct{}, stopCh <-chan struct{}
defer close(out)
for req := range requests {
select {
case out <- removeWebhookIfExists(client, req.kind, req.name):
case out <- executeRequest(client, req):
case <-done:
logger.Info("done")
return
@ -221,3 +223,80 @@ func merge(done <-chan struct{}, stopCh <-chan struct{}, processes ...<-chan err
}()
return out
}
func removeWebhookIfExists(client *client.Client, kind string, name string) error {
logger := log.Log.WithName("removeExistingWebhook").WithValues("kind", kind, "name", name)
var err error
// Get resource
_, err = client.GetResource("", kind, "", name)
if errors.IsNotFound(err) {
logger.V(4).Info("resource not found")
return nil
}
if err != nil {
logger.Error(err, "failed to get resource")
return err
}
// Delete resource
err = client.DeleteResource("", kind, "", name, false)
if err != nil {
logger.Error(err, "failed to delete resource")
return err
}
logger.Info("removed the resource")
return nil
}
func removeClusterPolicyReport(client *client.Client, kind string) error {
logger := log.Log.WithName("removeClusterPolicyReport")
cpolrs, err := client.ListResource("", kind, "", nil)
if err != nil && !errors.IsNotFound(err) {
logger.Error(err, "failed to list clusterPolicyReport")
return err
}
for _, cpolr := range cpolrs.Items {
if err := client.DeleteResource(cpolr.GetAPIVersion(), cpolr.GetKind(), "", cpolr.GetName(), false); err != nil {
logger.Error(err, "failed to delete clusterPolicyReport", "name", cpolr.GetName())
}
}
return nil
}
func removePolicyReport(client *client.Client, kind string) error {
logger := log.Log.WithName("removePolicyReport")
namespaces, err := client.ListResource("", "Namespace", "", nil)
if err != nil {
logger.Error(err, "failed to list namespaces")
return err
}
// name of namespace policy report follows the name convention
// policyreport-ns-<namespace name>
for _, ns := range namespaces.Items {
reportName := fmt.Sprintf("policyreport-ns-%s", ns.GetName())
err := client.DeleteResource("", kind, ns.GetName(), reportName, false)
if err != nil && !errors.IsNotFound(err) {
logger.Error(err, "failed to delete policyReport", "name", reportName)
}
}
return nil
}
func removeViolationCRD(client *client.Client) error {
if err := client.DeleteResource("", "CustomResourceDefinition", "", "policyviolations.kyverno.io", false); err != nil {
if !errors.IsNotFound(err) {
logger.Error(err, "failed to delete CRD policyViolation")
}
}
if err := client.DeleteResource("", "CustomResourceDefinition", "", "clusterpolicyviolations.kyverno.io", false); err != nil {
if !errors.IsNotFound(err) {
logger.Error(err, "failed to delete CRD clusterPolicyViolation")
}
}
return nil
}

72
cmd/kyverno/main.go Normal file → Executable file
View file

@ -9,20 +9,20 @@ import (
"os"
"time"
"github.com/kyverno/kyverno/pkg/openapi"
"github.com/kyverno/kyverno/pkg/policycache"
"github.com/kyverno/kyverno/pkg/checker"
kyvernoclient "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
kyvernoinformer "github.com/kyverno/kyverno/pkg/client/informers/externalversions"
"github.com/kyverno/kyverno/pkg/common"
"github.com/kyverno/kyverno/pkg/config"
dclient "github.com/kyverno/kyverno/pkg/dclient"
event "github.com/kyverno/kyverno/pkg/event"
"github.com/kyverno/kyverno/pkg/generate"
generatecleanup "github.com/kyverno/kyverno/pkg/generate/cleanup"
"github.com/kyverno/kyverno/pkg/openapi"
"github.com/kyverno/kyverno/pkg/policy"
"github.com/kyverno/kyverno/pkg/policycache"
"github.com/kyverno/kyverno/pkg/policyreport"
"github.com/kyverno/kyverno/pkg/policystatus"
"github.com/kyverno/kyverno/pkg/policyviolation"
"github.com/kyverno/kyverno/pkg/resourcecache"
"github.com/kyverno/kyverno/pkg/signal"
"github.com/kyverno/kyverno/pkg/utils"
@ -42,6 +42,7 @@ var (
kubeconfig string
serverIP string
webhookTimeout int
backgroundSync int
runValidationInMutatingWebhook string
profile bool
//TODO: this has been added to backward support command line arguments
@ -51,8 +52,9 @@ var (
excludeGroupRole string
excludeUsername string
// User FQDN as CSR CN
fqdncn bool
setupLog = log.Log.WithName("setup")
fqdncn bool
policyReport bool
setupLog = log.Log.WithName("setup")
)
func main() {
@ -79,6 +81,9 @@ func main() {
go http.ListenAndServe("localhost:6060", nil)
}
// Policy report is enabled by default in Kyverno 1.3.0+
os.Setenv("POLICY-TYPE", common.PolicyReport)
version.PrintVersionInfo(log.Log)
cleanUp := make(chan struct{})
stopCh := signal.SetupSignalHandler()
@ -90,8 +95,9 @@ func main() {
// KYVERNO CRD CLIENT
// access CRD resources
// - Policy
// - PolicyViolation
// - ClusterPolicy, Policy
// - ClusterPolicyReport, PolicyReport
// - GenerateRequest
pclient, err := kyvernoclient.NewForConfig(clientConfig)
if err != nil {
setupLog.Error(err, "Failed to create client")
@ -116,7 +122,7 @@ func main() {
// ===========================================================
// CRD CHECK
// - verify if the CRD for Policy & PolicyViolation are available
// - verify if Kyverno CRDs are available
if !utils.CRDInstalled(client.DiscoveryClient, log.Log) {
setupLog.Error(fmt.Errorf("CRDs not installed"), "Failed to access Kyverno CRDs")
os.Exit(1)
@ -128,9 +134,6 @@ func main() {
os.Exit(1)
}
// TODO: To be removed for v1.2.0
utils.CleanupOldCrd(client, log.Log)
kubeInformer := kubeinformers.NewSharedInformerFactoryWithOptions(kubeClient, resyncPeriod)
kubedynamicInformer := client.NewDynamicSharedInformerFactory(resyncPeriod)
@ -154,8 +157,10 @@ func main() {
// KYVERNO CRD INFORMER
// watches CRD resources:
// - Policy
// - PolicyViolation
// - ClusterPolicy, Policy
// - ClusterPolicyReport, PolicyReport
// - GenerateRequest
// - ClusterReportChangeRequest, ReportChangeRequest
pInformer := kyvernoinformer.NewSharedInformerFactoryWithOptions(pclient, resyncPeriod)
// Configuration Data
@ -184,14 +189,27 @@ func main() {
pInformer.Kyverno().V1().ClusterPolicies().Lister(),
pInformer.Kyverno().V1().Policies().Lister())
// POLICY VIOLATION GENERATOR
// -- generate policy violation
pvgen := policyviolation.NewPVGenerator(pclient,
// POLICY Report GENERATOR
// -- generate policy report
var reportReqGen *policyreport.Generator
var prgen *policyreport.ReportGenerator
reportReqGen = policyreport.NewReportChangeRequestGenerator(pclient,
client,
pInformer.Kyverno().V1().ClusterPolicyViolations(),
pInformer.Kyverno().V1().PolicyViolations(),
pInformer.Kyverno().V1alpha1().ReportChangeRequests(),
pInformer.Kyverno().V1alpha1().ClusterReportChangeRequests(),
pInformer.Kyverno().V1().ClusterPolicies(),
pInformer.Kyverno().V1().Policies(),
statusSync.Listener,
log.Log.WithName("PolicyViolationGenerator"),
log.Log.WithName("ReportChangeRequestGenerator"),
)
prgen = policyreport.NewReportGenerator(client,
pInformer.Policy().V1alpha1().ClusterPolicyReports(),
pInformer.Policy().V1alpha1().PolicyReports(),
pInformer.Kyverno().V1alpha1().ReportChangeRequests(),
pInformer.Kyverno().V1alpha1().ClusterReportChangeRequests(),
kubeInformer.Core().V1().Namespaces(),
log.Log.WithName("PolicyReportGenerator"),
)
// POLICY CONTROLLER
@ -202,12 +220,10 @@ func main() {
client,
pInformer.Kyverno().V1().ClusterPolicies(),
pInformer.Kyverno().V1().Policies(),
pInformer.Kyverno().V1().ClusterPolicyViolations(),
pInformer.Kyverno().V1().PolicyViolations(),
pInformer.Kyverno().V1().GenerateRequests(),
configData,
eventGenerator,
pvgen,
reportReqGen,
rWebhookWatcher,
kubeInformer.Core().V1().Namespaces(),
log.Log.WithName("PolicyController"),
@ -258,7 +274,7 @@ func main() {
pCacheController.Cache,
eventGenerator,
statusSync.Listener,
pvgen,
reportReqGen,
kubeInformer.Rbac().V1().RoleBindings(),
kubeInformer.Rbac().V1().ClusterRoleBindings(),
log.Log.WithName("ValidateAuditHandler"),
@ -314,7 +330,7 @@ func main() {
webhookRegistrationClient,
statusSync.Listener,
configData,
pvgen,
reportReqGen,
grgen,
rWebhookWatcher,
auditHandler,
@ -334,14 +350,16 @@ func main() {
pInformer.Start(stopCh)
kubeInformer.Start(stopCh)
kubedynamicInformer.Start(stopCh)
go reportReqGen.Run(2, stopCh)
go prgen.Run(1, stopCh)
go grgen.Run(1)
go rWebhookWatcher.Run(stopCh)
go configData.Run(stopCh)
go policyCtrl.Run(3, stopCh)
go policyCtrl.Run(2, stopCh)
go eventGenerator.Run(3, stopCh)
go grc.Run(1, stopCh)
go grcc.Run(1, stopCh)
go pvgen.Run(1, stopCh)
go statusSync.Run(1, stopCh)
go pCacheController.Run(1, stopCh)
go auditHandler.Run(10, stopCh)

144
definitions/crds/crds.yaml Normal file → Executable file
View file

@ -550,150 +550,6 @@ spec:
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: clusterpolicyviolations.kyverno.io
spec:
group: kyverno.io
versions:
- name: v1
served: true
storage: true
scope: Cluster
names:
kind: ClusterPolicyViolation
plural: clusterpolicyviolations
singular: clusterpolicyviolation
shortNames:
- cpolv
subresources:
status: {}
additionalPrinterColumns:
- name: Policy
type: string
description: The policy that resulted in the violation
JSONPath: .spec.policy
- name: ResourceKind
type: string
description: The resource kind that cause the violation
JSONPath: .spec.resource.kind
- name: ResourceName
type: string
description: The resource name that caused the violation
JSONPath: .spec.resource.name
- name: Age
type: date
JSONPath: .metadata.creationTimestamp
validation:
openAPIV3Schema:
properties:
spec:
required:
- policy
- resource
- rules
properties:
policy:
type: string
resource:
type: object
required:
- kind
- name
properties:
kind:
type: string
name:
type: string
rules:
type: array
items:
type: object
required:
- name
- type
- message
properties:
name:
type: string
type:
type: string
message:
type: string
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: policyviolations.kyverno.io
spec:
group: kyverno.io
versions:
- name: v1
served: true
storage: true
scope: Namespaced
names:
kind: PolicyViolation
plural: policyviolations
singular: policyviolation
shortNames:
- polv
subresources:
status: {}
additionalPrinterColumns:
- name: Policy
type: string
description: The policy that resulted in the violation
JSONPath: .spec.policy
- name: ResourceKind
type: string
description: The resource kind that cause the violation
JSONPath: .spec.resource.kind
- name: ResourceName
type: string
description: The resource name that caused the violation
JSONPath: .spec.resource.name
- name: Age
type: date
JSONPath: .metadata.creationTimestamp
validation:
openAPIV3Schema:
properties:
spec:
required:
- policy
- resource
- rules
properties:
policy:
type: string
resource:
type: object
required:
- kind
- name
properties:
kind:
type: string
name:
type: string
rules:
type: array
items:
type: object
required:
- name
- type
- message
properties:
name:
type: string
type:
type: string
message:
type: string
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: generaterequests.kyverno.io
spec:

6
definitions/crds/kustomization.yaml Normal file → Executable file
View file

@ -2,4 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ./crds.yaml
- ./crds.yaml
- ./policy.k8s.io_clusterpolicyreports.yaml
- ./policy.k8s.io_policyreports.yaml
- ./kyverno.io_reportchangerequests.yaml
- ./kyverno.io_clusterreportchangerequests.yaml

334
definitions/crds/kyverno.io_clusterreportchangerequests.yaml Normal file
View file

@ -0,0 +1,334 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: clusterreportchangerequests.kyverno.io
spec:
additionalPrinterColumns:
- JSONPath: .scope.kind
name: Kind
priority: 1
type: string
- JSONPath: .scope.name
name: Name
priority: 1
type: string
- JSONPath: .summary.pass
name: Pass
type: integer
- JSONPath: .summary.fail
name: Fail
type: integer
- JSONPath: .summary.warn
name: Warn
type: integer
- JSONPath: .summary.error
name: Error
type: integer
- JSONPath: .summary.skip
name: Skip
type: integer
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
group: kyverno.io
names:
kind: ClusterReportChangeRequest
listKind: ClusterReportChangeRequestList
plural: clusterreportchangerequests
singular: clusterreportchangerequest
scope: Namespaced
subresources: {}
validation:
openAPIV3Schema:
description: ClusterReportChangeRequest is the Schema for the ClusterReportChangeRequests
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
results:
description: PolicyReportResult provides result details
items:
description: PolicyReportResult provides the result for an individual
policy
properties:
category:
description: Category indicates policy category
type: string
data:
additionalProperties:
type: string
description: Data provides additional information for the policy rule
type: object
message:
description: Message is a short user friendly description of the policy
rule
type: string
policy:
description: Policy is the name of the policy
type: string
resourceSelector:
description: ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
resources:
description: Resources is an optional reference to the resource checked
by the policy and rule
items:
description: 'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
.'
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: array
rule:
description: Rule is the name of the policy rule
type: string
scored:
description: Scored indicates if this policy rule is scored
type: boolean
severity:
description: Severity indicates policy severity
enum:
- high
- low
- medium
type: string
status:
description: Status indicates the result of the policy rule check
enum:
- pass
- fail
- warn
- error
- skip
type: string
required:
- policy
type: object
type: array
scope:
description: Scope is an optional reference to the report scope (e.g. a
Deployment, Namespace, or Node)
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire
object, this string should contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For example, if the object
reference is to a container within a pod, this would take on a value
like: "spec.containers{name}" (where "name" refers to the name of
the container that triggered the event) or if no container name is
specified "spec.containers[2]" (container with index 2 in this pod).
This syntax is chosen only to have some well-defined way of referencing
a part of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made,
if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
scopeSelector:
description: ScopeSelector is an optional selector for multiple scopes (e.g.
Pods). Either one of, or none of, but not both of, Scope or ScopeSelector
should be specified.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains
values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the operator
is Exists or DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value}
in the matchLabels map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
summary:
description: PolicyReportSummary provides a summary of results
properties:
error:
description: Error provides the count of policies that could not be
evaluated
type: integer
fail:
description: Fail provides the count of policies whose requirements
were not met
type: integer
pass:
description: Pass provides the count of policies whose requirements
were met
type: integer
skip:
description: Skip indicates the count of policies that were not selected
for evaluation
type: integer
warn:
description: Warn provides the count of unscored policies whose requirements
were not met
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

334
definitions/crds/kyverno.io_reportchangerequests.yaml Normal file
View file

@ -0,0 +1,334 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: reportchangerequests.kyverno.io
spec:
additionalPrinterColumns:
- JSONPath: .scope.kind
name: Kind
priority: 1
type: string
- JSONPath: .scope.name
name: Name
priority: 1
type: string
- JSONPath: .summary.pass
name: Pass
type: integer
- JSONPath: .summary.fail
name: Fail
type: integer
- JSONPath: .summary.warn
name: Warn
type: integer
- JSONPath: .summary.error
name: Error
type: integer
- JSONPath: .summary.skip
name: Skip
type: integer
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
group: kyverno.io
names:
kind: ReportChangeRequest
listKind: ReportChangeRequestList
plural: reportchangerequests
singular: reportchangerequest
scope: Namespaced
subresources: {}
validation:
openAPIV3Schema:
description: ReportChangeRequest is the Schema for the ReportChangeRequests
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
results:
description: PolicyReportResult provides result details
items:
description: PolicyReportResult provides the result for an individual
policy
properties:
category:
description: Category indicates policy category
type: string
data:
additionalProperties:
type: string
description: Data provides additional information for the policy rule
type: object
message:
description: Message is a short user friendly description of the policy
rule
type: string
policy:
description: Policy is the name of the policy
type: string
resourceSelector:
description: ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
resources:
description: Resources is an optional reference to the resource checked
by the policy and rule
items:
description: 'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
.'
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: array
rule:
description: Rule is the name of the policy rule
type: string
scored:
description: Scored indicates if this policy rule is scored
type: boolean
severity:
description: Severity indicates policy severity
enum:
- high
- low
- medium
type: string
status:
description: Status indicates the result of the policy rule check
enum:
- pass
- fail
- warn
- error
- skip
type: string
required:
- policy
type: object
type: array
scope:
description: Scope is an optional reference to the report scope (e.g. a
Deployment, Namespace, or Node)
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire
object, this string should contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For example, if the object
reference is to a container within a pod, this would take on a value
like: "spec.containers{name}" (where "name" refers to the name of
the container that triggered the event) or if no container name is
specified "spec.containers[2]" (container with index 2 in this pod).
This syntax is chosen only to have some well-defined way of referencing
a part of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made,
if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
scopeSelector:
description: ScopeSelector is an optional selector for multiple scopes (e.g.
Pods). Either one of, or none of, but not both of, Scope or ScopeSelector
should be specified.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains
values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the operator
is Exists or DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value}
in the matchLabels map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
summary:
description: PolicyReportSummary provides a summary of results
properties:
error:
description: Error provides the count of policies that could not be
evaluated
type: integer
fail:
description: Fail provides the count of policies whose requirements
were not met
type: integer
pass:
description: Pass provides the count of policies whose requirements
were met
type: integer
skip:
description: Skip indicates the count of policies that were not selected
for evaluation
type: integer
warn:
description: Warn provides the count of unscored policies whose requirements
were not met
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

336
definitions/crds/policy.k8s.io_clusterpolicyreports.yaml Normal file
View file

@ -0,0 +1,336 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: clusterpolicyreports.policy.k8s.io
spec:
additionalPrinterColumns:
- JSONPath: .scope.kind
name: Kind
priority: 1
type: string
- JSONPath: .scope.name
name: Name
priority: 1
type: string
- JSONPath: .summary.pass
name: Pass
type: integer
- JSONPath: .summary.fail
name: Fail
type: integer
- JSONPath: .summary.warn
name: Warn
type: integer
- JSONPath: .summary.error
name: Error
type: integer
- JSONPath: .summary.skip
name: Skip
type: integer
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
group: policy.k8s.io
names:
kind: ClusterPolicyReport
listKind: ClusterPolicyReportList
plural: clusterpolicyreports
shortNames:
- cpolr
singular: clusterpolicyreport
scope: Namespaced
subresources: {}
validation:
openAPIV3Schema:
description: ClusterPolicyReport is the Schema for the clusterpolicyreports
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
results:
description: PolicyReportResult provides result details
items:
description: PolicyReportResult provides the result for an individual
policy
properties:
category:
description: Category indicates policy category
type: string
data:
additionalProperties:
type: string
description: Data provides additional information for the policy rule
type: object
message:
description: Message is a short user friendly description of the policy
rule
type: string
policy:
description: Policy is the name of the policy
type: string
resourceSelector:
description: ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
resources:
description: Resources is an optional reference to the resource checked
by the policy and rule
items:
description: 'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
.'
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: array
rule:
description: Rule is the name of the policy rule
type: string
scored:
description: Scored indicates if this policy rule is scored
type: boolean
severity:
description: Severity indicates policy severity
enum:
- high
- low
- medium
type: string
status:
description: Status indicates the result of the policy rule check
enum:
- pass
- fail
- warn
- error
- skip
type: string
required:
- policy
type: object
type: array
scope:
description: Scope is an optional reference to the report scope (e.g. a
Deployment, Namespace, or Node)
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire
object, this string should contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For example, if the object
reference is to a container within a pod, this would take on a value
like: "spec.containers{name}" (where "name" refers to the name of
the container that triggered the event) or if no container name is
specified "spec.containers[2]" (container with index 2 in this pod).
This syntax is chosen only to have some well-defined way of referencing
a part of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made,
if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
scopeSelector:
description: ScopeSelector is an optional selector for multiple scopes (e.g.
Pods). Either one of, or none of, but not both of, Scope or ScopeSelector
should be specified.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains
values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the operator
is Exists or DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value}
in the matchLabels map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
summary:
description: PolicyReportSummary provides a summary of results
properties:
error:
description: Error provides the count of policies that could not be
evaluated
type: integer
fail:
description: Fail provides the count of policies whose requirements
were not met
type: integer
pass:
description: Pass provides the count of policies whose requirements
were met
type: integer
skip:
description: Skip indicates the count of policies that were not selected
for evaluation
type: integer
warn:
description: Warn provides the count of unscored policies whose requirements
were not met
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

335
definitions/crds/policy.k8s.io_policyreports.yaml Normal file
View file

@ -0,0 +1,335 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: policyreports.policy.k8s.io
spec:
additionalPrinterColumns:
- JSONPath: .scope.kind
name: Kind
priority: 1
type: string
- JSONPath: .scope.name
name: Name
priority: 1
type: string
- JSONPath: .summary.pass
name: Pass
type: integer
- JSONPath: .summary.fail
name: Fail
type: integer
- JSONPath: .summary.warn
name: Warn
type: integer
- JSONPath: .summary.error
name: Error
type: integer
- JSONPath: .summary.skip
name: Skip
type: integer
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
group: policy.k8s.io
names:
kind: PolicyReport
listKind: PolicyReportList
plural: policyreports
shortNames:
- polr
singular: policyreport
scope: Namespaced
subresources: {}
validation:
openAPIV3Schema:
description: PolicyReport is the Schema for the policyreports API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
results:
description: PolicyReportResult provides result details
items:
description: PolicyReportResult provides the result for an individual
policy
properties:
category:
description: Category indicates policy category
type: string
data:
additionalProperties:
type: string
description: Data provides additional information for the policy rule
type: object
message:
description: Message is a short user friendly description of the policy
rule
type: string
policy:
description: Policy is the name of the policy
type: string
resourceSelector:
description: ResourceSelector is an optional selector for policy results
that apply to multiple resources. For example, a policy result may
apply to all pods that match a label. Either a Resource or a ResourceSelector
can be specified. If neither are provided, the result is assumed
to be for the policy report scope.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
resources:
description: Resources is an optional reference to the resource checked
by the policy and rule
items:
description: 'ObjectReference contains enough information to let
you inspect or modify the referred object. --- New uses of this
type are discouraged because of difficulty describing its usage
when embedded in APIs. 1. Ignored fields. It includes many fields
which are not generally honored. For instance, ResourceVersion
and FieldPath are both very rarely valid in actual usage. 2.
Invalid usage help. It is impossible to add specific help for
individual usage. In most embedded usages, there are particular restrictions
like, "must refer only to types A and B" or "UID not honored"
or "name must be restricted". Those cannot be well described
when embedded. 3. Inconsistent validation. Because the usages
are different, the validation rules are different by usage, which
makes it hard for users to predict what will happen. 4. The fields
are both imprecise and overly precise. Kind is not a precise
mapping to a URL. This can produce ambiguity during interpretation
and require a REST mapping. In most cases, the dependency is
on the group,resource tuple and the version of the actual
struct is irrelevant. 5. We cannot easily change it. Because
this type is embedded in many locations, updates to this type will
affect numerous schemas. Don''t make new APIs embed an underspecified
API type they do not control. Instead of using this type, create
a locally provided and used type that is well-focused on your
reference. For example, ServiceReferences for admission registration:
https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533
.'
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of
an entire object, this string should contain a valid JSON/Go
field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within
a pod, this would take on a value like: "spec.containers{name}"
(where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]"
(container with index 2 in this pod). This syntax is chosen
only to have some well-defined way of referencing a part of
an object. TODO: this design is not final and this field is
subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference
is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
type: array
rule:
description: Rule is the name of the policy rule
type: string
scored:
description: Scored indicates if this policy rule is scored
type: boolean
severity:
description: Severity indicates policy severity
enum:
- high
- low
- medium
type: string
status:
description: Status indicates the result of the policy rule check
enum:
- pass
- fail
- warn
- error
- skip
type: string
required:
- policy
type: object
type: array
scope:
description: Scope is an optional reference to the report scope (e.g. a
Deployment, Namespace, or Node)
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire
object, this string should contain a valid JSON/Go field access statement,
such as desiredState.manifest.containers[2]. For example, if the object
reference is to a container within a pod, this would take on a value
like: "spec.containers{name}" (where "name" refers to the name of
the container that triggered the event) or if no container name is
specified "spec.containers[2]" (container with index 2 in this pod).
This syntax is chosen only to have some well-defined way of referencing
a part of an object. TODO: this design is not final and this field
is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made,
if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
type: object
scopeSelector:
description: ScopeSelector is an optional selector for multiple scopes (e.g.
Pods). Either one of, or none of, but not both of, Scope or ScopeSelector
should be specified.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains
values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the operator
is Exists or DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single {key,value}
in the matchLabels map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
summary:
description: PolicyReportSummary provides a summary of results
properties:
error:
description: Error provides the count of policies that could not be
evaluated
type: integer
fail:
description: Fail provides the count of policies whose requirements
were not met
type: integer
pass:
description: Pass provides the count of policies whose requirements
were met
type: integer
skip:
description: Skip indicates the count of policies that were not selected
for evaluation
type: integer
warn:
description: Warn provides the count of unscored policies whose requirements
were not met
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

0
definitions/debug/kustomization.yaml Normal file → Executable file
View file

0
definitions/github/rbac.yaml Normal file → Executable file
View file

1483
definitions/install.yaml Normal file → Executable file
View file

File diff suppressed because it is too large Load diff

1481
definitions/install_debug.yaml Normal file → Executable file
View file

File diff suppressed because it is too large Load diff

4
definitions/k8s-resource/configmap.yaml Normal file → Executable file
View file

@ -1,8 +1,8 @@
apiVersion: v1
data:
resourceFilters: '[Event,*,*][*,kube-system,*][*,kube-public,*][*,kube-node-lease,*][Node,*,*][APIService,*,*][TokenReview,*,*][SubjectAccessReview,*,*][*,kyverno,*][Binding,*,*][ReplicaSet,*,*]'
resourceFilters: '[Event,*,*][*,kube-system,*][*,kube-public,*][*,kube-node-lease,*][Node,*,*][APIService,*,*][TokenReview,*,*][SubjectAccessReview,*,*][*,kyverno,*][Binding,*,*][ReplicaSet,*,*][ReportChangeRequest,*,*][ClusterReportChangeRequest,*,*][PolicyReport,*,*][ClusterPolicyReport,*,*]'
excludeGroupRole: 'system:serviceaccounts:kube-system,system:nodes,system:kube-scheduler'
kind: ConfigMap
metadata:
name: init-config
namespace: kyverno
namespace: kyverno

0
definitions/k8s-resource/kustomization.yaml Normal file → Executable file
View file

127
definitions/k8s-resource/rbac.yaml Normal file → Executable file
View file

@ -1,7 +1,7 @@
---
kind: Namespace
apiVersion: v1
metadata:
metadata:
name: "kyverno"
---
apiVersion: v1
@ -71,7 +71,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: kyverno-service-account
namespace: kyverno
namespace: kyverno
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
@ -84,8 +84,8 @@ roleRef:
subjects:
- kind: ServiceAccount
name: kyverno-service-account
namespace: kyverno
---
namespace: kyverno
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
@ -97,7 +97,7 @@ roleRef:
subjects:
- kind: ServiceAccount
name: kyverno-service-account
namespace: kyverno
namespace: kyverno
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@ -116,7 +116,7 @@ rules:
verbs:
- create
- delete
- get
- get
- list
- patch
- update
@ -132,7 +132,7 @@ rules:
verbs:
- create
- delete
- get
- get
- update
- watch
- apiGroups:
@ -142,7 +142,7 @@ rules:
resourceNames:
- kubernetes.io/legacy-unknown
verbs:
- approve
- approve
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
@ -176,21 +176,35 @@ rules:
- policies/status
- clusterpolicies
- clusterpolicies/status
- policyreports
- policyreports/status
- clusterpolicyreports
- clusterpolicyreports/status
- clusterpolicyviolations
- clusterpolicyviolations/status
- policyviolations
- policyviolations/status
- generaterequests
- generaterequests/status
- reportchangerequests
- reportchangerequests/status
- clusterreportchangerequests
- clusterreportchangerequests/status
verbs:
- create
- delete
- get
- list
- get
- list
- patch
- update
- watch
---
- apiGroups:
- 'apiextensions.k8s.io'
resources:
- customresourcedefinitions
verbs:
- delete
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
@ -279,17 +293,100 @@ rules:
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kyverno:policyreport
rules:
- apiGroups: ["*"]
resources:
- policyreports
- clusterpolicyreports
- pods
verbs: ["get", "list", "watch", "delete"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kyverno:policyreport
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kyverno:policyreport
subjects:
- kind: ServiceAccount
name: kyverno-service-account
namespace: kyverno
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kyverno:view-policyreport
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
- apiGroups: [ "policy.k8s.io/v1alpha1" ]
resources:
- policyreport
verbs: [ "get", "list", "watch" ]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: kyverno:view-clusterpolicyreport
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups: ["policy.k8s.io/v1alpha1"]
resources:
- clusterpolicyreport
verbs: ["get", "list", "watch"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: kyverno:edit-policies-policyreport
rules:
- apiGroups:
- policy.k8s.io/v1alpha1
resources:
- policyreport
- clusterpolicyreport
- policies
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
name: kyverno:admin-policyreport
rules:
- apiGroups:
- policy.k8s.io/v1alpha1
resources:
- policyreport
- clusterpolicyreport
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
name: kyverno:edit-policies-policyviolations
rules:
- apiGroups:
- apiGroups:
- kyverno.io
resources:
- policyviolations
- policies
verbs:
verbs:
- get
- list
- watch
- watch

0
definitions/kustomization.yaml Normal file → Executable file
View file

2
definitions/manifest/deployment.yaml Normal file → Executable file
View file

@ -37,7 +37,7 @@ spec:
image: nirmata/kyverno:latest
imagePullPolicy: Always
args:
- "--filterK8Resources=[Event,*,*][*,kube-system,*][*,kube-public,*][*,kube-node-lease,*][Node,*,*][APIService,*,*][TokenReview,*,*][SubjectAccessReview,*,*][*,kyverno,*][Binding,*,*][ReplicaSet,*,*]"
- "--filterK8Resources=[Event,*,*][*,kube-system,*][*,kube-public,*][*,kube-node-lease,*][Node,*,*][APIService,*,*][TokenReview,*,*][SubjectAccessReview,*,*][*,kyverno,*][Binding,*,*][ReplicaSet,*,*][ReportChangeRequest,*,*][ClusterReportChangeRequest,*,*][PolicyReport,*,*][ClusterPolicyReport,*,*]"
# customize webhook timeout
#- "--webhooktimeout=4"
# enable profiling

0
definitions/manifest/kustomization.yaml Normal file → Executable file
View file

0
definitions/release/install.yaml Normal file → Executable file
View file

44
go.mod
View file

@ -3,11 +3,23 @@ module github.com/kyverno/kyverno
go 1.13
require (
github.com/ahmetb/gen-crd-api-reference-docs v0.2.0 // indirect
github.com/cameront/go-jsonpatch v0.0.0-20180223123257-a8710867776e
cloud.google.com/go v0.52.0 // indirect
github.com/Azure/azure-sdk-for-go v38.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest v0.9.4 // indirect
github.com/Azure/go-autorest/autorest/adal v0.8.1 // indirect
github.com/Azure/go-autorest/autorest/to v0.3.0 // indirect
github.com/aws/aws-sdk-go v1.28.9 // indirect
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/containerd/fifo v0.0.0-20200410184934-f15a3290365b // indirect
github.com/cornelk/hashmap v1.0.1
github.com/docker/distribution v2.7.1+incompatible // indirect
github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0
github.com/docker/go-connections v0.4.0 // indirect
github.com/docker/go-metrics v0.0.1 // indirect
github.com/evanphx/json-patch v4.5.0+incompatible
github.com/evanphx/json-patch/v5 v5.0.0 // indirect
github.com/fatih/color v1.9.0 // indirect
github.com/fatih/structtag v1.2.0 // indirect
github.com/gardener/controller-manager-library v0.2.0
github.com/ghodss/yaml v1.0.1-0.20190212211648-25d852aebe32
github.com/go-logr/logr v0.1.0
@ -15,37 +27,42 @@ require (
github.com/go-openapi/strfmt v0.19.5
github.com/go-openapi/validate v0.19.8
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 // indirect
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect
github.com/googleapis/gnostic v0.3.1
github.com/hashicorp/golang-lru v0.5.3 // indirect
github.com/graymeta/stow v0.2.4 // indirect
github.com/hashicorp/golang-lru v0.5.4 // indirect
github.com/imdario/mergo v0.3.8 // indirect
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af
github.com/json-iterator/go v1.1.9 // indirect
github.com/julienschmidt/httprouter v1.3.0
github.com/lyft/flytestdlib v0.2.31
github.com/mattbaird/jsonpatch v0.0.0-20171005235357-81af80346b1a
github.com/mattn/go-isatty v0.0.12 // indirect
github.com/minio/minio v0.0.0-20200114012931-30922148fbb5
github.com/morikuni/aec v1.0.0 // indirect
github.com/onsi/ginkgo v1.11.0
github.com/onsi/gomega v1.8.1
github.com/ory/go-acc v0.2.1 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.0.1 // indirect
github.com/pelletier/go-toml v1.6.0 // indirect
github.com/pkg/errors v0.9.1
github.com/pkg/profile v1.2.1
github.com/prometheus/common v0.4.1
github.com/prometheus/common v0.7.0
github.com/rogpeppe/godef v1.1.2 // indirect
github.com/spf13/cobra v1.0.0
github.com/spf13/viper v1.6.2 // indirect
github.com/stretchr/testify v1.4.0
github.com/tevino/abool v0.0.0-20170917061928-9b9efcf221b5
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect
golang.org/x/sys v0.0.0-20200113162924-86b910548bc1 // indirect
golang.org/x/time v0.0.0-20191024005414-555d28b269f0 // indirect
google.golang.org/appengine v1.6.5 // indirect
gopkg.in/yaml.v2 v2.3.0
gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71
gotest.tools v2.2.0+incompatible
k8s.io/api v0.17.4
k8s.io/apiextensions-apiserver v0.17.4
k8s.io/apimachinery v0.17.4
k8s.io/cli-runtime v0.17.4
k8s.io/client-go v0.17.4
k8s.io/api v0.18.4
k8s.io/apiextensions-apiserver v0.18.4
k8s.io/apimachinery v0.18.4
k8s.io/cli-runtime v0.18.4
k8s.io/client-go v0.18.4
k8s.io/klog v1.0.0
k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6
sigs.k8s.io/controller-runtime v0.5.0
@ -57,7 +74,6 @@ require (
// Added for go1.13 migration https://github.com/golang/go/issues/32805
replace (
github.com/gorilla/rpc v1.2.0+incompatible => github.com/gorilla/rpc v1.2.0
k8s.io/client-go v0.17.4 => github.com/nirmata/client-go v0.17.5-0.20200625181911-7e81180b291e
k8s.io/code-generator => k8s.io/code-generator v0.0.0-20200306081859-6a048a382944
k8s.io/component-base => k8s.io/component-base v0.0.0-20190612130303-4062e14deebe
)

581
go.sum
View file

File diff suppressed because it is too large Load diff

0
pkg/api/kyverno/register.go Normal file → Executable file
View file

0
pkg/api/kyverno/v1/doc.go Normal file → Executable file
View file

3
pkg/api/kyverno/v1/register.go Normal file → Executable file
View file

@ -1,11 +1,10 @@
package v1
import (
"github.com/kyverno/kyverno/pkg/api/kyverno"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
"github.com/kyverno/kyverno/pkg/api/kyverno"
)
// SchemeGroupVersion is group version used to register these objects

2
pkg/api/kyverno/v1/types.go Normal file → Executable file
View file

@ -415,6 +415,8 @@ type ViolatedRule struct {
Type string `json:"type" yaml:"type"`
// Specifies violation message
Message string `json:"message" yaml:"message"`
// +optional
Check string `json:"check" yaml:"check"`
}
//PolicyViolationStatus provides information regarding policyviolation status

0
pkg/api/kyverno/v1/utils.go Normal file → Executable file
View file

18
pkg/api/kyverno/v1/zz_generated.deepcopy.go Normal file → Executable file
View file

@ -193,7 +193,11 @@ func (in *ConfigMapReference) DeepCopy() *ConfigMapReference {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ContextEntry) DeepCopyInto(out *ContextEntry) {
*out = *in
out.ConfigMap = in.ConfigMap
if in.ConfigMap != nil {
in, out := &in.ConfigMap, &out.ConfigMap
*out = new(ConfigMapReference)
**out = **in
}
return
}
@ -689,6 +693,13 @@ func (in *ResourceSpec) DeepCopy() *ResourceSpec {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Rule) DeepCopyInto(out *Rule) {
*out = *in
if in.Context != nil {
in, out := &in.Context, &out.Context
*out = make([]ContextEntry, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
in.MatchResources.DeepCopyInto(&out.MatchResources)
in.ExcludeResources.DeepCopyInto(&out.ExcludeResources)
if in.Conditions != nil {
@ -701,11 +712,6 @@ func (in *Rule) DeepCopyInto(out *Rule) {
in.Mutation.DeepCopyInto(&out.Mutation)
in.Validation.DeepCopyInto(&out.Validation)
in.Generation.DeepCopyInto(&out.Generation)
if in.Context != nil {
in, out := &in.Context, &out.Context
*out = make([]ContextEntry, len(*in))
copy(*out, *in)
}
return
}

75
pkg/api/kyverno/v1alpha1/clusterreportchangerequest_types.go Normal file
View file

@ -0,0 +1,75 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
report "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +genclient:nonNamespaced
// +kubebuilder:object:root=true
// +kubebuilder:printcolumn:name="Kind",type=string,JSONPath=`.scope.kind`,priority=1
// +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.scope.name`,priority=1
// +kubebuilder:printcolumn:name="Pass",type=integer,JSONPath=`.summary.pass`
// +kubebuilder:printcolumn:name="Fail",type=integer,JSONPath=`.summary.fail`
// +kubebuilder:printcolumn:name="Warn",type=integer,JSONPath=`.summary.warn`
// +kubebuilder:printcolumn:name="Error",type=integer,JSONPath=`.summary.error`
// +kubebuilder:printcolumn:name="Skip",type=integer,JSONPath=`.summary.skip`
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
// ClusterReportChangeRequest is the Schema for the ClusterReportChangeRequests API
type ClusterReportChangeRequest struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary report.PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []*report.PolicyReportResult `json:"results,omitempty"`
}
// +kubebuilder:object:root=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// ClusterReportChangeRequestList contains a list of ClusterReportChangeRequest
type ClusterReportChangeRequestList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ClusterReportChangeRequest `json:"items"`
}
func init() {
SchemeBuilder.Register(&ClusterReportChangeRequest{}, &ClusterReportChangeRequestList{})
}

21
pkg/api/kyverno/v1alpha1/doc.go Normal file
View file

@ -0,0 +1,21 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
// +k8s:deepcopy-gen=package
// +kubebuilder:object:generate=true
// +groupName=kyverno.io
package v1alpha1

49
pkg/api/kyverno/v1alpha1/groupversion_info.go Executable file
View file

@ -0,0 +1,49 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
// +kubebuilder:object:generate=true
// +groupName=kyverno.io
package v1alpha1
import (
"k8s.io/apimachinery/pkg/runtime/schema"
"sigs.k8s.io/controller-runtime/pkg/scheme"
)
// Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
// +kubebuilder:object:generate=true
// +groupName=kyverno.io
var (
// SchemeGroupVersion is group version used to register these objects
SchemeGroupVersion = schema.GroupVersion{Group: "kyverno.io", Version: "v1alpha1"}
// SchemeBuilder is used to add go types to the GroupVersionKind scheme
SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
// AddToScheme adds the types in this group-version to the given scheme.
AddToScheme = SchemeBuilder.AddToScheme
)
// Kind takes an unqualified kind and returns back a Group qualified GroupKind
func Kind(kind string) schema.GroupKind {
return SchemeGroupVersion.WithKind(kind).GroupKind()
}
// Resource takes an unqualified resource and returns a Group qualified GroupResource
func Resource(resource string) schema.GroupResource {
return SchemeGroupVersion.WithResource(resource).GroupResource()
}

74
pkg/api/kyverno/v1alpha1/reportchangerequest_types.go Normal file
View file

@ -0,0 +1,74 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
report "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:object:root=true
// +kubebuilder:printcolumn:name="Kind",type=string,JSONPath=`.scope.kind`,priority=1
// +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.scope.name`,priority=1
// +kubebuilder:printcolumn:name="Pass",type=integer,JSONPath=`.summary.pass`
// +kubebuilder:printcolumn:name="Fail",type=integer,JSONPath=`.summary.fail`
// +kubebuilder:printcolumn:name="Warn",type=integer,JSONPath=`.summary.warn`
// +kubebuilder:printcolumn:name="Error",type=integer,JSONPath=`.summary.error`
// +kubebuilder:printcolumn:name="Skip",type=integer,JSONPath=`.summary.skip`
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
// ReportChangeRequest is the Schema for the ReportChangeRequests API
type ReportChangeRequest struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary report.PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []*report.PolicyReportResult `json:"results,omitempty"`
}
// +kubebuilder:object:root=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// ReportChangeRequestList contains a list of ReportChangeRequest
type ReportChangeRequestList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ReportChangeRequest `json:"items"`
}
func init() {
SchemeBuilder.Register(&ReportChangeRequest{}, &ReportChangeRequestList{})
}

170
pkg/api/kyverno/v1alpha1/zz_generated.deepcopy.go Normal file
View file

@ -0,0 +1,170 @@
// +build !ignore_autogenerated
// Code generated by controller-gen. DO NOT EDIT.
package v1alpha1
import (
policyreportv1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
"k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterReportChangeRequest) DeepCopyInto(out *ClusterReportChangeRequest) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
if in.Scope != nil {
in, out := &in.Scope, &out.Scope
*out = new(v1.ObjectReference)
**out = **in
}
if in.ScopeSelector != nil {
in, out := &in.ScopeSelector, &out.ScopeSelector
*out = new(metav1.LabelSelector)
(*in).DeepCopyInto(*out)
}
out.Summary = in.Summary
if in.Results != nil {
in, out := &in.Results, &out.Results
*out = make([]*policyreportv1alpha1.PolicyReportResult, len(*in))
for i := range *in {
if (*in)[i] != nil {
in, out := &(*in)[i], &(*out)[i]
*out = new(policyreportv1alpha1.PolicyReportResult)
(*in).DeepCopyInto(*out)
}
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterReportChangeRequest.
func (in *ClusterReportChangeRequest) DeepCopy() *ClusterReportChangeRequest {
if in == nil {
return nil
}
out := new(ClusterReportChangeRequest)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ClusterReportChangeRequest) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterReportChangeRequestList) DeepCopyInto(out *ClusterReportChangeRequestList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]ClusterReportChangeRequest, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterReportChangeRequestList.
func (in *ClusterReportChangeRequestList) DeepCopy() *ClusterReportChangeRequestList {
if in == nil {
return nil
}
out := new(ClusterReportChangeRequestList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ClusterReportChangeRequestList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ReportChangeRequest) DeepCopyInto(out *ReportChangeRequest) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
if in.Scope != nil {
in, out := &in.Scope, &out.Scope
*out = new(v1.ObjectReference)
**out = **in
}
if in.ScopeSelector != nil {
in, out := &in.ScopeSelector, &out.ScopeSelector
*out = new(metav1.LabelSelector)
(*in).DeepCopyInto(*out)
}
out.Summary = in.Summary
if in.Results != nil {
in, out := &in.Results, &out.Results
*out = make([]*policyreportv1alpha1.PolicyReportResult, len(*in))
for i := range *in {
if (*in)[i] != nil {
in, out := &(*in)[i], &(*out)[i]
*out = new(policyreportv1alpha1.PolicyReportResult)
(*in).DeepCopyInto(*out)
}
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReportChangeRequest.
func (in *ReportChangeRequest) DeepCopy() *ReportChangeRequest {
if in == nil {
return nil
}
out := new(ReportChangeRequest)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ReportChangeRequest) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ReportChangeRequestList) DeepCopyInto(out *ReportChangeRequestList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]ReportChangeRequest, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReportChangeRequestList.
func (in *ReportChangeRequestList) DeepCopy() *ReportChangeRequestList {
if in == nil {
return nil
}
out := new(ReportChangeRequestList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ReportChangeRequestList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}

75
pkg/api/policyreport/v1alpha1/clusterpolicyreport_types.go Executable file
View file

@ -0,0 +1,75 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +genclient:nonNamespaced
// +kubebuilder:object:root=true
// +kubebuilder:printcolumn:name="Kind",type=string,JSONPath=`.scope.kind`,priority=1
// +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.scope.name`,priority=1
// +kubebuilder:printcolumn:name="Pass",type=integer,JSONPath=`.summary.pass`
// +kubebuilder:printcolumn:name="Fail",type=integer,JSONPath=`.summary.fail`
// +kubebuilder:printcolumn:name="Warn",type=integer,JSONPath=`.summary.warn`
// +kubebuilder:printcolumn:name="Error",type=integer,JSONPath=`.summary.error`
// +kubebuilder:printcolumn:name="Skip",type=integer,JSONPath=`.summary.skip`
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:shortName=cpolr
// ClusterPolicyReport is the Schema for the clusterpolicyreports API
type ClusterPolicyReport struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []*PolicyReportResult `json:"results,omitempty"`
}
// +kubebuilder:object:root=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// ClusterPolicyReportList contains a list of ClusterPolicyReport
type ClusterPolicyReportList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []ClusterPolicyReport `json:"items"`
}
func init() {
SchemeBuilder.Register(&ClusterPolicyReport{}, &ClusterPolicyReportList{})
}

21
pkg/api/policyreport/v1alpha1/doc.go Executable file
View file

@ -0,0 +1,21 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
// +k8s:deepcopy-gen=package
// +kubebuilder:object:generate=true
// +groupName=policy.k8s.io
package v1alpha1

49
pkg/api/policyreport/v1alpha1/groupversion_info.go Executable file
View file

@ -0,0 +1,49 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
// +kubebuilder:object:generate=true
// +groupName=policy.k8s.io
package v1alpha1
import (
"k8s.io/apimachinery/pkg/runtime/schema"
"sigs.k8s.io/controller-runtime/pkg/scheme"
)
// Package v1alpha1 contains API Schema definitions for the policy v1alpha1 API group
// +kubebuilder:object:generate=true
// +groupName=policy.k8s.io
var (
// SchemeGroupVersion is group version used to register these objects
SchemeGroupVersion = schema.GroupVersion{Group: "policy.k8s.io", Version: "v1alpha1"}
// SchemeBuilder is used to add go types to the GroupVersionKind scheme
SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
// AddToScheme adds the types in this group-version to the given scheme.
AddToScheme = SchemeBuilder.AddToScheme
)
// Kind takes an unqualified kind and returns back a Group qualified GroupKind
func Kind(kind string) schema.GroupKind {
return SchemeGroupVersion.WithKind(kind).GroupKind()
}
// Resource takes an unqualified resource and returns a Group qualified GroupResource
func Resource(resource string) schema.GroupResource {
return SchemeGroupVersion.WithResource(resource).GroupResource()
}

162
pkg/api/policyreport/v1alpha1/policyreport_types.go Executable file
View file

@ -0,0 +1,162 @@
/*
Copyright 2020 The Kubernetes authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1alpha1
import (
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
const (
StatusPass = "pass"
StatusFail = "fail"
StatusWarn = "warn"
StatusError = "error"
StatusSkip = "skip"
)
// PolicyReportSummary provides a status count summary
type PolicyReportSummary struct {
// Pass provides the count of policies whose requirements were met
// +optional
Pass int `json:"pass"`
// Fail provides the count of policies whose requirements were not met
// +optional
Fail int `json:"fail"`
// Warn provides the count of unscored policies whose requirements were not met
// +optional
Warn int `json:"warn"`
// Error provides the count of policies that could not be evaluated
// +optional
Error int `json:"error"`
// Skip indicates the count of policies that were not selected for evaluation
// +optional
Skip int `json:"skip"`
}
// PolicyStatus has one of the following values:
// - pass: indicates that the policy requirements are met
// - fail: indicates that the policy requirements are not met
// - warn: indicates that the policy requirements and not met, and the policy is not scored
// - error: indicates that the policy could not be evaluated
// - skip: indicates that the policy was not selected based on user inputs or applicability
//
// +kubebuilder:validation:Enum=pass;fail;warn;error;skip
type PolicyStatus string
// PolicySeverity has one of the following values:
// - high
// - low
// - medium
// +kubebuilder:validation:Enum=high;low;medium
type PolicySeverity string
// PolicyReportResult provides the result for an individual policy
type PolicyReportResult struct {
// Policy is the name of the policy
Policy string `json:"policy"`
// Rule is the name of the policy rule
// +optional
Rule string `json:"rule,omitempty"`
// Resources is an optional reference to the resource checked by the policy and rule
// +optional
Resources []*corev1.ObjectReference `json:"resources,omitempty"`
// ResourceSelector is an optional selector for policy results that apply to multiple resources.
// For example, a policy result may apply to all pods that match a label.
// Either a Resource or a ResourceSelector can be specified. If neither are provided, the
// result is assumed to be for the policy report scope.
// +optional
ResourceSelector *metav1.LabelSelector `json:"resourceSelector,omitempty"`
// Message is a short user friendly description of the policy rule
Message string `json:"message,omitempty"`
// Status indicates the result of the policy rule check
Status PolicyStatus `json:"status,omitempty"`
// Scored indicates if this policy rule is scored
Scored bool `json:"scored,omitempty"`
// Data provides additional information for the policy rule
Data map[string]string `json:"data,omitempty"`
// Category indicates policy category
// +optional
Category string `json:"category,omitempty"`
// Severity indicates policy severity
// +optional
Severity PolicySeverity `json:"severity,omitempty"`
}
// +genclient
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// +kubebuilder:object:root=true
// +kubebuilder:printcolumn:name="Kind",type=string,JSONPath=`.scope.kind`,priority=1
// +kubebuilder:printcolumn:name="Name",type=string,JSONPath=`.scope.name`,priority=1
// +kubebuilder:printcolumn:name="Pass",type=integer,JSONPath=`.summary.pass`
// +kubebuilder:printcolumn:name="Fail",type=integer,JSONPath=`.summary.fail`
// +kubebuilder:printcolumn:name="Warn",type=integer,JSONPath=`.summary.warn`
// +kubebuilder:printcolumn:name="Error",type=integer,JSONPath=`.summary.error`
// +kubebuilder:printcolumn:name="Skip",type=integer,JSONPath=`.summary.skip`
// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:shortName=polr
// PolicyReport is the Schema for the policyreports API
type PolicyReport struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// Scope is an optional reference to the report scope (e.g. a Deployment, Namespace, or Node)
// +optional
Scope *corev1.ObjectReference `json:"scope,omitempty"`
// ScopeSelector is an optional selector for multiple scopes (e.g. Pods).
// Either one of, or none of, but not both of, Scope or ScopeSelector should be specified.
// +optional
ScopeSelector *metav1.LabelSelector `json:"scopeSelector,omitempty"`
// PolicyReportSummary provides a summary of results
// +optional
Summary PolicyReportSummary `json:"summary,omitempty"`
// PolicyReportResult provides result details
// +optional
Results []*PolicyReportResult `json:"results,omitempty"`
}
// +kubebuilder:object:root=true
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
// PolicyReportList contains a list of PolicyReport
type PolicyReportList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []PolicyReport `json:"items"`
}
func init() {
SchemeBuilder.Register(&PolicyReport{}, &PolicyReportList{})
}

222
pkg/api/policyreport/v1alpha1/zz_generated.deepcopy.go Normal file
View file

@ -0,0 +1,222 @@
// +build !ignore_autogenerated
// Code generated by controller-gen. DO NOT EDIT.
package v1alpha1
import (
"k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
)
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterPolicyReport) DeepCopyInto(out *ClusterPolicyReport) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
if in.Scope != nil {
in, out := &in.Scope, &out.Scope
*out = new(v1.ObjectReference)
**out = **in
}
if in.ScopeSelector != nil {
in, out := &in.ScopeSelector, &out.ScopeSelector
*out = new(metav1.LabelSelector)
(*in).DeepCopyInto(*out)
}
out.Summary = in.Summary
if in.Results != nil {
in, out := &in.Results, &out.Results
*out = make([]*PolicyReportResult, len(*in))
for i := range *in {
if (*in)[i] != nil {
in, out := &(*in)[i], &(*out)[i]
*out = new(PolicyReportResult)
(*in).DeepCopyInto(*out)
}
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReport.
func (in *ClusterPolicyReport) DeepCopy() *ClusterPolicyReport {
if in == nil {
return nil
}
out := new(ClusterPolicyReport)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ClusterPolicyReport) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ClusterPolicyReportList) DeepCopyInto(out *ClusterPolicyReportList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]ClusterPolicyReport, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterPolicyReportList.
func (in *ClusterPolicyReportList) DeepCopy() *ClusterPolicyReportList {
if in == nil {
return nil
}
out := new(ClusterPolicyReportList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *ClusterPolicyReportList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PolicyReport) DeepCopyInto(out *PolicyReport) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
if in.Scope != nil {
in, out := &in.Scope, &out.Scope
*out = new(v1.ObjectReference)
**out = **in
}
if in.ScopeSelector != nil {
in, out := &in.ScopeSelector, &out.ScopeSelector
*out = new(metav1.LabelSelector)
(*in).DeepCopyInto(*out)
}
out.Summary = in.Summary
if in.Results != nil {
in, out := &in.Results, &out.Results
*out = make([]*PolicyReportResult, len(*in))
for i := range *in {
if (*in)[i] != nil {
in, out := &(*in)[i], &(*out)[i]
*out = new(PolicyReportResult)
(*in).DeepCopyInto(*out)
}
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReport.
func (in *PolicyReport) DeepCopy() *PolicyReport {
if in == nil {
return nil
}
out := new(PolicyReport)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PolicyReport) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PolicyReportList) DeepCopyInto(out *PolicyReportList) {
*out = *in
out.TypeMeta = in.TypeMeta
in.ListMeta.DeepCopyInto(&out.ListMeta)
if in.Items != nil {
in, out := &in.Items, &out.Items
*out = make([]PolicyReport, len(*in))
for i := range *in {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportList.
func (in *PolicyReportList) DeepCopy() *PolicyReportList {
if in == nil {
return nil
}
out := new(PolicyReportList)
in.DeepCopyInto(out)
return out
}
// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (in *PolicyReportList) DeepCopyObject() runtime.Object {
if c := in.DeepCopy(); c != nil {
return c
}
return nil
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PolicyReportResult) DeepCopyInto(out *PolicyReportResult) {
*out = *in
if in.Resources != nil {
in, out := &in.Resources, &out.Resources
*out = make([]*v1.ObjectReference, len(*in))
for i := range *in {
if (*in)[i] != nil {
in, out := &(*in)[i], &(*out)[i]
*out = new(v1.ObjectReference)
**out = **in
}
}
}
if in.ResourceSelector != nil {
in, out := &in.ResourceSelector, &out.ResourceSelector
*out = new(metav1.LabelSelector)
(*in).DeepCopyInto(*out)
}
if in.Data != nil {
in, out := &in.Data, &out.Data
*out = make(map[string]string, len(*in))
for key, val := range *in {
(*out)[key] = val
}
}
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportResult.
func (in *PolicyReportResult) DeepCopy() *PolicyReportResult {
if in == nil {
return nil
}
out := new(PolicyReportResult)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *PolicyReportSummary) DeepCopyInto(out *PolicyReportSummary) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyReportSummary.
func (in *PolicyReportSummary) DeepCopy() *PolicyReportSummary {
if in == nil {
return nil
}
out := new(PolicyReportSummary)
in.DeepCopyInto(out)
return out
}

32
pkg/client/clientset/versioned/clientset.go Normal file → Executable file
View file

@ -22,6 +22,8 @@ import (
"fmt"
kyvernov1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1"
kyvernov1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1alpha1"
policyv1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/policyreport/v1alpha1"
discovery "k8s.io/client-go/discovery"
rest "k8s.io/client-go/rest"
flowcontrol "k8s.io/client-go/util/flowcontrol"
@ -30,13 +32,17 @@ import (
type Interface interface {
Discovery() discovery.DiscoveryInterface
KyvernoV1() kyvernov1.KyvernoV1Interface
KyvernoV1alpha1() kyvernov1alpha1.KyvernoV1alpha1Interface
PolicyV1alpha1() policyv1alpha1.PolicyV1alpha1Interface
}
// Clientset contains the clients for groups. Each group has exactly one
// version included in a Clientset.
type Clientset struct {
*discovery.DiscoveryClient
kyvernoV1 *kyvernov1.KyvernoV1Client
kyvernoV1 *kyvernov1.KyvernoV1Client
kyvernoV1alpha1 *kyvernov1alpha1.KyvernoV1alpha1Client
policyV1alpha1 *policyv1alpha1.PolicyV1alpha1Client
}
// KyvernoV1 retrieves the KyvernoV1Client
@ -44,6 +50,16 @@ func (c *Clientset) KyvernoV1() kyvernov1.KyvernoV1Interface {
return c.kyvernoV1
}
// KyvernoV1alpha1 retrieves the KyvernoV1alpha1Client
func (c *Clientset) KyvernoV1alpha1() kyvernov1alpha1.KyvernoV1alpha1Interface {
return c.kyvernoV1alpha1
}
// PolicyV1alpha1 retrieves the PolicyV1alpha1Client
func (c *Clientset) PolicyV1alpha1() policyv1alpha1.PolicyV1alpha1Interface {
return c.policyV1alpha1
}
// Discovery retrieves the DiscoveryClient
func (c *Clientset) Discovery() discovery.DiscoveryInterface {
if c == nil {
@ -59,7 +75,7 @@ func NewForConfig(c *rest.Config) (*Clientset, error) {
configShallowCopy := *c
if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 {
if configShallowCopy.Burst <= 0 {
return nil, fmt.Errorf("Burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0")
return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0")
}
configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst)
}
@ -69,6 +85,14 @@ func NewForConfig(c *rest.Config) (*Clientset, error) {
if err != nil {
return nil, err
}
cs.kyvernoV1alpha1, err = kyvernov1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.policyV1alpha1, err = policyv1alpha1.NewForConfig(&configShallowCopy)
if err != nil {
return nil, err
}
cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy)
if err != nil {
@ -82,6 +106,8 @@ func NewForConfig(c *rest.Config) (*Clientset, error) {
func NewForConfigOrDie(c *rest.Config) *Clientset {
var cs Clientset
cs.kyvernoV1 = kyvernov1.NewForConfigOrDie(c)
cs.kyvernoV1alpha1 = kyvernov1alpha1.NewForConfigOrDie(c)
cs.policyV1alpha1 = policyv1alpha1.NewForConfigOrDie(c)
cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c)
return &cs
@ -91,6 +117,8 @@ func NewForConfigOrDie(c *rest.Config) *Clientset {
func New(c rest.Interface) *Clientset {
var cs Clientset
cs.kyvernoV1 = kyvernov1.New(c)
cs.kyvernoV1alpha1 = kyvernov1alpha1.New(c)
cs.policyV1alpha1 = policyv1alpha1.New(c)
cs.DiscoveryClient = discovery.NewDiscoveryClient(c)
return &cs

0
pkg/client/clientset/versioned/doc.go Normal file → Executable file
View file

14
pkg/client/clientset/versioned/fake/clientset_generated.go Normal file → Executable file
View file

@ -22,6 +22,10 @@ import (
clientset "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
kyvernov1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1"
fakekyvernov1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1/fake"
kyvernov1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1alpha1"
fakekyvernov1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake"
policyv1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/policyreport/v1alpha1"
fakepolicyv1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/policyreport/v1alpha1/fake"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/watch"
"k8s.io/client-go/discovery"
@ -80,3 +84,13 @@ var _ clientset.Interface = &Clientset{}
func (c *Clientset) KyvernoV1() kyvernov1.KyvernoV1Interface {
return &fakekyvernov1.FakeKyvernoV1{Fake: &c.Fake}
}
// KyvernoV1alpha1 retrieves the KyvernoV1alpha1Client
func (c *Clientset) KyvernoV1alpha1() kyvernov1alpha1.KyvernoV1alpha1Interface {
return &fakekyvernov1alpha1.FakeKyvernoV1alpha1{Fake: &c.Fake}
}
// PolicyV1alpha1 retrieves the PolicyV1alpha1Client
func (c *Clientset) PolicyV1alpha1() policyv1alpha1.PolicyV1alpha1Interface {
return &fakepolicyv1alpha1.FakePolicyV1alpha1{Fake: &c.Fake}
}

0
pkg/client/clientset/versioned/fake/doc.go Normal file → Executable file
View file

4
pkg/client/clientset/versioned/fake/register.go Normal file → Executable file
View file

@ -20,6 +20,8 @@ package fake
import (
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
kyvernov1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
policyv1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
schema "k8s.io/apimachinery/pkg/runtime/schema"
@ -32,6 +34,8 @@ var codecs = serializer.NewCodecFactory(scheme)
var parameterCodec = runtime.NewParameterCodec(scheme)
var localSchemeBuilder = runtime.SchemeBuilder{
kyvernov1.AddToScheme,
kyvernov1alpha1.AddToScheme,
policyv1alpha1.AddToScheme,
}
// AddToScheme adds all types of this clientset into the given scheme. This allows composition

0
pkg/client/clientset/versioned/scheme/doc.go Normal file → Executable file
View file

4
pkg/client/clientset/versioned/scheme/register.go Normal file → Executable file
View file

@ -20,6 +20,8 @@ package scheme
import (
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
kyvernov1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
policyv1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
schema "k8s.io/apimachinery/pkg/runtime/schema"
@ -32,6 +34,8 @@ var Codecs = serializer.NewCodecFactory(Scheme)
var ParameterCodec = runtime.NewParameterCodec(Scheme)
var localSchemeBuilder = runtime.SchemeBuilder{
kyvernov1.AddToScheme,
kyvernov1alpha1.AddToScheme,
policyv1alpha1.AddToScheme,
}
// AddToScheme adds all types of this clientset into the given scheme. This allows composition

72
pkg/client/clientset/versioned/typed/kyverno/v1/clusterpolicy.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
"time"
v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -37,15 +38,15 @@ type ClusterPoliciesGetter interface {
// ClusterPolicyInterface has methods to work with ClusterPolicy resources.
type ClusterPolicyInterface interface {
Create(*v1.ClusterPolicy) (*v1.ClusterPolicy, error)
Update(*v1.ClusterPolicy) (*v1.ClusterPolicy, error)
UpdateStatus(*v1.ClusterPolicy) (*v1.ClusterPolicy, error)
Delete(name string, options *metav1.DeleteOptions) error
DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error
Get(name string, options metav1.GetOptions) (*v1.ClusterPolicy, error)
List(opts metav1.ListOptions) (*v1.ClusterPolicyList, error)
Watch(opts metav1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.ClusterPolicy, err error)
Create(ctx context.Context, clusterPolicy *v1.ClusterPolicy, opts metav1.CreateOptions) (*v1.ClusterPolicy, error)
Update(ctx context.Context, clusterPolicy *v1.ClusterPolicy, opts metav1.UpdateOptions) (*v1.ClusterPolicy, error)
UpdateStatus(ctx context.Context, clusterPolicy *v1.ClusterPolicy, opts metav1.UpdateOptions) (*v1.ClusterPolicy, error)
Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.ClusterPolicy, error)
List(ctx context.Context, opts metav1.ListOptions) (*v1.ClusterPolicyList, error)
Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ClusterPolicy, err error)
ClusterPolicyExpansion
}
@ -62,19 +63,19 @@ func newClusterPolicies(c *KyvernoV1Client) *clusterPolicies {
}
// Get takes name of the clusterPolicy, and returns the corresponding clusterPolicy object, and an error if there is any.
func (c *clusterPolicies) Get(name string, options metav1.GetOptions) (result *v1.ClusterPolicy, err error) {
func (c *clusterPolicies) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.ClusterPolicy, err error) {
result = &v1.ClusterPolicy{}
err = c.client.Get().
Resource("clusterpolicies").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of ClusterPolicies that match those selectors.
func (c *clusterPolicies) List(opts metav1.ListOptions) (result *v1.ClusterPolicyList, err error) {
func (c *clusterPolicies) List(ctx context.Context, opts metav1.ListOptions) (result *v1.ClusterPolicyList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -84,13 +85,13 @@ func (c *clusterPolicies) List(opts metav1.ListOptions) (result *v1.ClusterPolic
Resource("clusterpolicies").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested clusterPolicies.
func (c *clusterPolicies) Watch(opts metav1.ListOptions) (watch.Interface, error) {
func (c *clusterPolicies) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -100,81 +101,84 @@ func (c *clusterPolicies) Watch(opts metav1.ListOptions) (watch.Interface, error
Resource("clusterpolicies").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
Watch(ctx)
}
// Create takes the representation of a clusterPolicy and creates it. Returns the server's representation of the clusterPolicy, and an error, if there is any.
func (c *clusterPolicies) Create(clusterPolicy *v1.ClusterPolicy) (result *v1.ClusterPolicy, err error) {
func (c *clusterPolicies) Create(ctx context.Context, clusterPolicy *v1.ClusterPolicy, opts metav1.CreateOptions) (result *v1.ClusterPolicy, err error) {
result = &v1.ClusterPolicy{}
err = c.client.Post().
Resource("clusterpolicies").
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicy).
Do().
Do(ctx).
Into(result)
return
}
// Update takes the representation of a clusterPolicy and updates it. Returns the server's representation of the clusterPolicy, and an error, if there is any.
func (c *clusterPolicies) Update(clusterPolicy *v1.ClusterPolicy) (result *v1.ClusterPolicy, err error) {
func (c *clusterPolicies) Update(ctx context.Context, clusterPolicy *v1.ClusterPolicy, opts metav1.UpdateOptions) (result *v1.ClusterPolicy, err error) {
result = &v1.ClusterPolicy{}
err = c.client.Put().
Resource("clusterpolicies").
Name(clusterPolicy.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicy).
Do().
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *clusterPolicies) UpdateStatus(clusterPolicy *v1.ClusterPolicy) (result *v1.ClusterPolicy, err error) {
func (c *clusterPolicies) UpdateStatus(ctx context.Context, clusterPolicy *v1.ClusterPolicy, opts metav1.UpdateOptions) (result *v1.ClusterPolicy, err error) {
result = &v1.ClusterPolicy{}
err = c.client.Put().
Resource("clusterpolicies").
Name(clusterPolicy.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicy).
Do().
Do(ctx).
Into(result)
return
}
// Delete takes name of the clusterPolicy and deletes it. Returns an error if one occurs.
func (c *clusterPolicies) Delete(name string, options *metav1.DeleteOptions) error {
func (c *clusterPolicies) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error {
return c.client.Delete().
Resource("clusterpolicies").
Name(name).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *clusterPolicies) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error {
func (c *clusterPolicies) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Resource("clusterpolicies").
VersionedParams(&listOptions, scheme.ParameterCodec).
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched clusterPolicy.
func (c *clusterPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.ClusterPolicy, err error) {
func (c *clusterPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ClusterPolicy, err error) {
result = &v1.ClusterPolicy{}
err = c.client.Patch(pt).
Resource("clusterpolicies").
SubResource(subresources...).
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do().
Do(ctx).
Into(result)
return
}

72
pkg/client/clientset/versioned/typed/kyverno/v1/clusterpolicyviolation.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
"time"
v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -37,15 +38,15 @@ type ClusterPolicyViolationsGetter interface {
// ClusterPolicyViolationInterface has methods to work with ClusterPolicyViolation resources.
type ClusterPolicyViolationInterface interface {
Create(*v1.ClusterPolicyViolation) (*v1.ClusterPolicyViolation, error)
Update(*v1.ClusterPolicyViolation) (*v1.ClusterPolicyViolation, error)
UpdateStatus(*v1.ClusterPolicyViolation) (*v1.ClusterPolicyViolation, error)
Delete(name string, options *metav1.DeleteOptions) error
DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error
Get(name string, options metav1.GetOptions) (*v1.ClusterPolicyViolation, error)
List(opts metav1.ListOptions) (*v1.ClusterPolicyViolationList, error)
Watch(opts metav1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.ClusterPolicyViolation, err error)
Create(ctx context.Context, clusterPolicyViolation *v1.ClusterPolicyViolation, opts metav1.CreateOptions) (*v1.ClusterPolicyViolation, error)
Update(ctx context.Context, clusterPolicyViolation *v1.ClusterPolicyViolation, opts metav1.UpdateOptions) (*v1.ClusterPolicyViolation, error)
UpdateStatus(ctx context.Context, clusterPolicyViolation *v1.ClusterPolicyViolation, opts metav1.UpdateOptions) (*v1.ClusterPolicyViolation, error)
Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.ClusterPolicyViolation, error)
List(ctx context.Context, opts metav1.ListOptions) (*v1.ClusterPolicyViolationList, error)
Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ClusterPolicyViolation, err error)
ClusterPolicyViolationExpansion
}
@ -62,19 +63,19 @@ func newClusterPolicyViolations(c *KyvernoV1Client) *clusterPolicyViolations {
}
// Get takes name of the clusterPolicyViolation, and returns the corresponding clusterPolicyViolation object, and an error if there is any.
func (c *clusterPolicyViolations) Get(name string, options metav1.GetOptions) (result *v1.ClusterPolicyViolation, err error) {
func (c *clusterPolicyViolations) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.ClusterPolicyViolation, err error) {
result = &v1.ClusterPolicyViolation{}
err = c.client.Get().
Resource("clusterpolicyviolations").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of ClusterPolicyViolations that match those selectors.
func (c *clusterPolicyViolations) List(opts metav1.ListOptions) (result *v1.ClusterPolicyViolationList, err error) {
func (c *clusterPolicyViolations) List(ctx context.Context, opts metav1.ListOptions) (result *v1.ClusterPolicyViolationList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -84,13 +85,13 @@ func (c *clusterPolicyViolations) List(opts metav1.ListOptions) (result *v1.Clus
Resource("clusterpolicyviolations").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested clusterPolicyViolations.
func (c *clusterPolicyViolations) Watch(opts metav1.ListOptions) (watch.Interface, error) {
func (c *clusterPolicyViolations) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -100,81 +101,84 @@ func (c *clusterPolicyViolations) Watch(opts metav1.ListOptions) (watch.Interfac
Resource("clusterpolicyviolations").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
Watch(ctx)
}
// Create takes the representation of a clusterPolicyViolation and creates it. Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
func (c *clusterPolicyViolations) Create(clusterPolicyViolation *v1.ClusterPolicyViolation) (result *v1.ClusterPolicyViolation, err error) {
func (c *clusterPolicyViolations) Create(ctx context.Context, clusterPolicyViolation *v1.ClusterPolicyViolation, opts metav1.CreateOptions) (result *v1.ClusterPolicyViolation, err error) {
result = &v1.ClusterPolicyViolation{}
err = c.client.Post().
Resource("clusterpolicyviolations").
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicyViolation).
Do().
Do(ctx).
Into(result)
return
}
// Update takes the representation of a clusterPolicyViolation and updates it. Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
func (c *clusterPolicyViolations) Update(clusterPolicyViolation *v1.ClusterPolicyViolation) (result *v1.ClusterPolicyViolation, err error) {
func (c *clusterPolicyViolations) Update(ctx context.Context, clusterPolicyViolation *v1.ClusterPolicyViolation, opts metav1.UpdateOptions) (result *v1.ClusterPolicyViolation, err error) {
result = &v1.ClusterPolicyViolation{}
err = c.client.Put().
Resource("clusterpolicyviolations").
Name(clusterPolicyViolation.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicyViolation).
Do().
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *clusterPolicyViolations) UpdateStatus(clusterPolicyViolation *v1.ClusterPolicyViolation) (result *v1.ClusterPolicyViolation, err error) {
func (c *clusterPolicyViolations) UpdateStatus(ctx context.Context, clusterPolicyViolation *v1.ClusterPolicyViolation, opts metav1.UpdateOptions) (result *v1.ClusterPolicyViolation, err error) {
result = &v1.ClusterPolicyViolation{}
err = c.client.Put().
Resource("clusterpolicyviolations").
Name(clusterPolicyViolation.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicyViolation).
Do().
Do(ctx).
Into(result)
return
}
// Delete takes name of the clusterPolicyViolation and deletes it. Returns an error if one occurs.
func (c *clusterPolicyViolations) Delete(name string, options *metav1.DeleteOptions) error {
func (c *clusterPolicyViolations) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error {
return c.client.Delete().
Resource("clusterpolicyviolations").
Name(name).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *clusterPolicyViolations) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error {
func (c *clusterPolicyViolations) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Resource("clusterpolicyviolations").
VersionedParams(&listOptions, scheme.ParameterCodec).
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched clusterPolicyViolation.
func (c *clusterPolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.ClusterPolicyViolation, err error) {
func (c *clusterPolicyViolations) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.ClusterPolicyViolation, err error) {
result = &v1.ClusterPolicyViolation{}
err = c.client.Patch(pt).
Resource("clusterpolicyviolations").
SubResource(subresources...).
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do().
Do(ctx).
Into(result)
return
}

0
pkg/client/clientset/versioned/typed/kyverno/v1/doc.go Normal file → Executable file
View file

0
pkg/client/clientset/versioned/typed/kyverno/v1/fake/doc.go Normal file → Executable file
View file

22
pkg/client/clientset/versioned/typed/kyverno/v1/fake/fake_clusterpolicy.go Normal file → Executable file
View file

@ -19,6 +19,8 @@ limitations under the License.
package fake
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
@ -38,7 +40,7 @@ var clusterpoliciesResource = schema.GroupVersionResource{Group: "kyverno.io", V
var clusterpoliciesKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1", Kind: "ClusterPolicy"}
// Get takes name of the clusterPolicy, and returns the corresponding clusterPolicy object, and an error if there is any.
func (c *FakeClusterPolicies) Get(name string, options v1.GetOptions) (result *kyvernov1.ClusterPolicy, err error) {
func (c *FakeClusterPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *kyvernov1.ClusterPolicy, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootGetAction(clusterpoliciesResource, name), &kyvernov1.ClusterPolicy{})
if obj == nil {
@ -48,7 +50,7 @@ func (c *FakeClusterPolicies) Get(name string, options v1.GetOptions) (result *k
}
// List takes label and field selectors, and returns the list of ClusterPolicies that match those selectors.
func (c *FakeClusterPolicies) List(opts v1.ListOptions) (result *kyvernov1.ClusterPolicyList, err error) {
func (c *FakeClusterPolicies) List(ctx context.Context, opts v1.ListOptions) (result *kyvernov1.ClusterPolicyList, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootListAction(clusterpoliciesResource, clusterpoliciesKind, opts), &kyvernov1.ClusterPolicyList{})
if obj == nil {
@ -69,13 +71,13 @@ func (c *FakeClusterPolicies) List(opts v1.ListOptions) (result *kyvernov1.Clust
}
// Watch returns a watch.Interface that watches the requested clusterPolicies.
func (c *FakeClusterPolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
func (c *FakeClusterPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewRootWatchAction(clusterpoliciesResource, opts))
}
// Create takes the representation of a clusterPolicy and creates it. Returns the server's representation of the clusterPolicy, and an error, if there is any.
func (c *FakeClusterPolicies) Create(clusterPolicy *kyvernov1.ClusterPolicy) (result *kyvernov1.ClusterPolicy, err error) {
func (c *FakeClusterPolicies) Create(ctx context.Context, clusterPolicy *kyvernov1.ClusterPolicy, opts v1.CreateOptions) (result *kyvernov1.ClusterPolicy, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootCreateAction(clusterpoliciesResource, clusterPolicy), &kyvernov1.ClusterPolicy{})
if obj == nil {
@ -85,7 +87,7 @@ func (c *FakeClusterPolicies) Create(clusterPolicy *kyvernov1.ClusterPolicy) (re
}
// Update takes the representation of a clusterPolicy and updates it. Returns the server's representation of the clusterPolicy, and an error, if there is any.
func (c *FakeClusterPolicies) Update(clusterPolicy *kyvernov1.ClusterPolicy) (result *kyvernov1.ClusterPolicy, err error) {
func (c *FakeClusterPolicies) Update(ctx context.Context, clusterPolicy *kyvernov1.ClusterPolicy, opts v1.UpdateOptions) (result *kyvernov1.ClusterPolicy, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateAction(clusterpoliciesResource, clusterPolicy), &kyvernov1.ClusterPolicy{})
if obj == nil {
@ -96,7 +98,7 @@ func (c *FakeClusterPolicies) Update(clusterPolicy *kyvernov1.ClusterPolicy) (re
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeClusterPolicies) UpdateStatus(clusterPolicy *kyvernov1.ClusterPolicy) (*kyvernov1.ClusterPolicy, error) {
func (c *FakeClusterPolicies) UpdateStatus(ctx context.Context, clusterPolicy *kyvernov1.ClusterPolicy, opts v1.UpdateOptions) (*kyvernov1.ClusterPolicy, error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateSubresourceAction(clusterpoliciesResource, "status", clusterPolicy), &kyvernov1.ClusterPolicy{})
if obj == nil {
@ -106,22 +108,22 @@ func (c *FakeClusterPolicies) UpdateStatus(clusterPolicy *kyvernov1.ClusterPolic
}
// Delete takes name of the clusterPolicy and deletes it. Returns an error if one occurs.
func (c *FakeClusterPolicies) Delete(name string, options *v1.DeleteOptions) error {
func (c *FakeClusterPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewRootDeleteAction(clusterpoliciesResource, name), &kyvernov1.ClusterPolicy{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeClusterPolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clusterpoliciesResource, listOptions)
func (c *FakeClusterPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clusterpoliciesResource, listOpts)
_, err := c.Fake.Invokes(action, &kyvernov1.ClusterPolicyList{})
return err
}
// Patch applies the patch and returns the patched clusterPolicy.
func (c *FakeClusterPolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *kyvernov1.ClusterPolicy, err error) {
func (c *FakeClusterPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *kyvernov1.ClusterPolicy, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootPatchSubresourceAction(clusterpoliciesResource, name, pt, data, subresources...), &kyvernov1.ClusterPolicy{})
if obj == nil {

22
pkg/client/clientset/versioned/typed/kyverno/v1/fake/fake_clusterpolicyviolation.go Normal file → Executable file
View file

@ -19,6 +19,8 @@ limitations under the License.
package fake
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
@ -38,7 +40,7 @@ var clusterpolicyviolationsResource = schema.GroupVersionResource{Group: "kyvern
var clusterpolicyviolationsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1", Kind: "ClusterPolicyViolation"}
// Get takes name of the clusterPolicyViolation, and returns the corresponding clusterPolicyViolation object, and an error if there is any.
func (c *FakeClusterPolicyViolations) Get(name string, options v1.GetOptions) (result *kyvernov1.ClusterPolicyViolation, err error) {
func (c *FakeClusterPolicyViolations) Get(ctx context.Context, name string, options v1.GetOptions) (result *kyvernov1.ClusterPolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootGetAction(clusterpolicyviolationsResource, name), &kyvernov1.ClusterPolicyViolation{})
if obj == nil {
@ -48,7 +50,7 @@ func (c *FakeClusterPolicyViolations) Get(name string, options v1.GetOptions) (r
}
// List takes label and field selectors, and returns the list of ClusterPolicyViolations that match those selectors.
func (c *FakeClusterPolicyViolations) List(opts v1.ListOptions) (result *kyvernov1.ClusterPolicyViolationList, err error) {
func (c *FakeClusterPolicyViolations) List(ctx context.Context, opts v1.ListOptions) (result *kyvernov1.ClusterPolicyViolationList, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootListAction(clusterpolicyviolationsResource, clusterpolicyviolationsKind, opts), &kyvernov1.ClusterPolicyViolationList{})
if obj == nil {
@ -69,13 +71,13 @@ func (c *FakeClusterPolicyViolations) List(opts v1.ListOptions) (result *kyverno
}
// Watch returns a watch.Interface that watches the requested clusterPolicyViolations.
func (c *FakeClusterPolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
func (c *FakeClusterPolicyViolations) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewRootWatchAction(clusterpolicyviolationsResource, opts))
}
// Create takes the representation of a clusterPolicyViolation and creates it. Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
func (c *FakeClusterPolicyViolations) Create(clusterPolicyViolation *kyvernov1.ClusterPolicyViolation) (result *kyvernov1.ClusterPolicyViolation, err error) {
func (c *FakeClusterPolicyViolations) Create(ctx context.Context, clusterPolicyViolation *kyvernov1.ClusterPolicyViolation, opts v1.CreateOptions) (result *kyvernov1.ClusterPolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootCreateAction(clusterpolicyviolationsResource, clusterPolicyViolation), &kyvernov1.ClusterPolicyViolation{})
if obj == nil {
@ -85,7 +87,7 @@ func (c *FakeClusterPolicyViolations) Create(clusterPolicyViolation *kyvernov1.C
}
// Update takes the representation of a clusterPolicyViolation and updates it. Returns the server's representation of the clusterPolicyViolation, and an error, if there is any.
func (c *FakeClusterPolicyViolations) Update(clusterPolicyViolation *kyvernov1.ClusterPolicyViolation) (result *kyvernov1.ClusterPolicyViolation, err error) {
func (c *FakeClusterPolicyViolations) Update(ctx context.Context, clusterPolicyViolation *kyvernov1.ClusterPolicyViolation, opts v1.UpdateOptions) (result *kyvernov1.ClusterPolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateAction(clusterpolicyviolationsResource, clusterPolicyViolation), &kyvernov1.ClusterPolicyViolation{})
if obj == nil {
@ -96,7 +98,7 @@ func (c *FakeClusterPolicyViolations) Update(clusterPolicyViolation *kyvernov1.C
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeClusterPolicyViolations) UpdateStatus(clusterPolicyViolation *kyvernov1.ClusterPolicyViolation) (*kyvernov1.ClusterPolicyViolation, error) {
func (c *FakeClusterPolicyViolations) UpdateStatus(ctx context.Context, clusterPolicyViolation *kyvernov1.ClusterPolicyViolation, opts v1.UpdateOptions) (*kyvernov1.ClusterPolicyViolation, error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateSubresourceAction(clusterpolicyviolationsResource, "status", clusterPolicyViolation), &kyvernov1.ClusterPolicyViolation{})
if obj == nil {
@ -106,22 +108,22 @@ func (c *FakeClusterPolicyViolations) UpdateStatus(clusterPolicyViolation *kyver
}
// Delete takes name of the clusterPolicyViolation and deletes it. Returns an error if one occurs.
func (c *FakeClusterPolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
func (c *FakeClusterPolicyViolations) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewRootDeleteAction(clusterpolicyviolationsResource, name), &kyvernov1.ClusterPolicyViolation{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeClusterPolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clusterpolicyviolationsResource, listOptions)
func (c *FakeClusterPolicyViolations) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clusterpolicyviolationsResource, listOpts)
_, err := c.Fake.Invokes(action, &kyvernov1.ClusterPolicyViolationList{})
return err
}
// Patch applies the patch and returns the patched clusterPolicyViolation.
func (c *FakeClusterPolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *kyvernov1.ClusterPolicyViolation, err error) {
func (c *FakeClusterPolicyViolations) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *kyvernov1.ClusterPolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootPatchSubresourceAction(clusterpolicyviolationsResource, name, pt, data, subresources...), &kyvernov1.ClusterPolicyViolation{})
if obj == nil {

22
pkg/client/clientset/versioned/typed/kyverno/v1/fake/fake_generaterequest.go Normal file → Executable file
View file

@ -19,6 +19,8 @@ limitations under the License.
package fake
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
@ -39,7 +41,7 @@ var generaterequestsResource = schema.GroupVersionResource{Group: "kyverno.io",
var generaterequestsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1", Kind: "GenerateRequest"}
// Get takes name of the generateRequest, and returns the corresponding generateRequest object, and an error if there is any.
func (c *FakeGenerateRequests) Get(name string, options v1.GetOptions) (result *kyvernov1.GenerateRequest, err error) {
func (c *FakeGenerateRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *kyvernov1.GenerateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(generaterequestsResource, c.ns, name), &kyvernov1.GenerateRequest{})
@ -50,7 +52,7 @@ func (c *FakeGenerateRequests) Get(name string, options v1.GetOptions) (result *
}
// List takes label and field selectors, and returns the list of GenerateRequests that match those selectors.
func (c *FakeGenerateRequests) List(opts v1.ListOptions) (result *kyvernov1.GenerateRequestList, err error) {
func (c *FakeGenerateRequests) List(ctx context.Context, opts v1.ListOptions) (result *kyvernov1.GenerateRequestList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(generaterequestsResource, generaterequestsKind, c.ns, opts), &kyvernov1.GenerateRequestList{})
@ -72,14 +74,14 @@ func (c *FakeGenerateRequests) List(opts v1.ListOptions) (result *kyvernov1.Gene
}
// Watch returns a watch.Interface that watches the requested generateRequests.
func (c *FakeGenerateRequests) Watch(opts v1.ListOptions) (watch.Interface, error) {
func (c *FakeGenerateRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(generaterequestsResource, c.ns, opts))
}
// Create takes the representation of a generateRequest and creates it. Returns the server's representation of the generateRequest, and an error, if there is any.
func (c *FakeGenerateRequests) Create(generateRequest *kyvernov1.GenerateRequest) (result *kyvernov1.GenerateRequest, err error) {
func (c *FakeGenerateRequests) Create(ctx context.Context, generateRequest *kyvernov1.GenerateRequest, opts v1.CreateOptions) (result *kyvernov1.GenerateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(generaterequestsResource, c.ns, generateRequest), &kyvernov1.GenerateRequest{})
@ -90,7 +92,7 @@ func (c *FakeGenerateRequests) Create(generateRequest *kyvernov1.GenerateRequest
}
// Update takes the representation of a generateRequest and updates it. Returns the server's representation of the generateRequest, and an error, if there is any.
func (c *FakeGenerateRequests) Update(generateRequest *kyvernov1.GenerateRequest) (result *kyvernov1.GenerateRequest, err error) {
func (c *FakeGenerateRequests) Update(ctx context.Context, generateRequest *kyvernov1.GenerateRequest, opts v1.UpdateOptions) (result *kyvernov1.GenerateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(generaterequestsResource, c.ns, generateRequest), &kyvernov1.GenerateRequest{})
@ -102,7 +104,7 @@ func (c *FakeGenerateRequests) Update(generateRequest *kyvernov1.GenerateRequest
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakeGenerateRequests) UpdateStatus(generateRequest *kyvernov1.GenerateRequest) (*kyvernov1.GenerateRequest, error) {
func (c *FakeGenerateRequests) UpdateStatus(ctx context.Context, generateRequest *kyvernov1.GenerateRequest, opts v1.UpdateOptions) (*kyvernov1.GenerateRequest, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(generaterequestsResource, "status", c.ns, generateRequest), &kyvernov1.GenerateRequest{})
@ -113,7 +115,7 @@ func (c *FakeGenerateRequests) UpdateStatus(generateRequest *kyvernov1.GenerateR
}
// Delete takes name of the generateRequest and deletes it. Returns an error if one occurs.
func (c *FakeGenerateRequests) Delete(name string, options *v1.DeleteOptions) error {
func (c *FakeGenerateRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(generaterequestsResource, c.ns, name), &kyvernov1.GenerateRequest{})
@ -121,15 +123,15 @@ func (c *FakeGenerateRequests) Delete(name string, options *v1.DeleteOptions) er
}
// DeleteCollection deletes a collection of objects.
func (c *FakeGenerateRequests) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(generaterequestsResource, c.ns, listOptions)
func (c *FakeGenerateRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(generaterequestsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &kyvernov1.GenerateRequestList{})
return err
}
// Patch applies the patch and returns the patched generateRequest.
func (c *FakeGenerateRequests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *kyvernov1.GenerateRequest, err error) {
func (c *FakeGenerateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *kyvernov1.GenerateRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(generaterequestsResource, c.ns, name, pt, data, subresources...), &kyvernov1.GenerateRequest{})

0
pkg/client/clientset/versioned/typed/kyverno/v1/fake/fake_kyverno_client.go Normal file → Executable file
View file

22
pkg/client/clientset/versioned/typed/kyverno/v1/fake/fake_policy.go Normal file → Executable file
View file

@ -19,6 +19,8 @@ limitations under the License.
package fake
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
@ -39,7 +41,7 @@ var policiesResource = schema.GroupVersionResource{Group: "kyverno.io", Version:
var policiesKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1", Kind: "Policy"}
// Get takes name of the policy, and returns the corresponding policy object, and an error if there is any.
func (c *FakePolicies) Get(name string, options v1.GetOptions) (result *kyvernov1.Policy, err error) {
func (c *FakePolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *kyvernov1.Policy, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(policiesResource, c.ns, name), &kyvernov1.Policy{})
@ -50,7 +52,7 @@ func (c *FakePolicies) Get(name string, options v1.GetOptions) (result *kyvernov
}
// List takes label and field selectors, and returns the list of Policies that match those selectors.
func (c *FakePolicies) List(opts v1.ListOptions) (result *kyvernov1.PolicyList, err error) {
func (c *FakePolicies) List(ctx context.Context, opts v1.ListOptions) (result *kyvernov1.PolicyList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(policiesResource, policiesKind, c.ns, opts), &kyvernov1.PolicyList{})
@ -72,14 +74,14 @@ func (c *FakePolicies) List(opts v1.ListOptions) (result *kyvernov1.PolicyList,
}
// Watch returns a watch.Interface that watches the requested policies.
func (c *FakePolicies) Watch(opts v1.ListOptions) (watch.Interface, error) {
func (c *FakePolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(policiesResource, c.ns, opts))
}
// Create takes the representation of a policy and creates it. Returns the server's representation of the policy, and an error, if there is any.
func (c *FakePolicies) Create(policy *kyvernov1.Policy) (result *kyvernov1.Policy, err error) {
func (c *FakePolicies) Create(ctx context.Context, policy *kyvernov1.Policy, opts v1.CreateOptions) (result *kyvernov1.Policy, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(policiesResource, c.ns, policy), &kyvernov1.Policy{})
@ -90,7 +92,7 @@ func (c *FakePolicies) Create(policy *kyvernov1.Policy) (result *kyvernov1.Polic
}
// Update takes the representation of a policy and updates it. Returns the server's representation of the policy, and an error, if there is any.
func (c *FakePolicies) Update(policy *kyvernov1.Policy) (result *kyvernov1.Policy, err error) {
func (c *FakePolicies) Update(ctx context.Context, policy *kyvernov1.Policy, opts v1.UpdateOptions) (result *kyvernov1.Policy, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(policiesResource, c.ns, policy), &kyvernov1.Policy{})
@ -102,7 +104,7 @@ func (c *FakePolicies) Update(policy *kyvernov1.Policy) (result *kyvernov1.Polic
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakePolicies) UpdateStatus(policy *kyvernov1.Policy) (*kyvernov1.Policy, error) {
func (c *FakePolicies) UpdateStatus(ctx context.Context, policy *kyvernov1.Policy, opts v1.UpdateOptions) (*kyvernov1.Policy, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(policiesResource, "status", c.ns, policy), &kyvernov1.Policy{})
@ -113,7 +115,7 @@ func (c *FakePolicies) UpdateStatus(policy *kyvernov1.Policy) (*kyvernov1.Policy
}
// Delete takes name of the policy and deletes it. Returns an error if one occurs.
func (c *FakePolicies) Delete(name string, options *v1.DeleteOptions) error {
func (c *FakePolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(policiesResource, c.ns, name), &kyvernov1.Policy{})
@ -121,15 +123,15 @@ func (c *FakePolicies) Delete(name string, options *v1.DeleteOptions) error {
}
// DeleteCollection deletes a collection of objects.
func (c *FakePolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(policiesResource, c.ns, listOptions)
func (c *FakePolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(policiesResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &kyvernov1.PolicyList{})
return err
}
// Patch applies the patch and returns the patched policy.
func (c *FakePolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *kyvernov1.Policy, err error) {
func (c *FakePolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *kyvernov1.Policy, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(policiesResource, c.ns, name, pt, data, subresources...), &kyvernov1.Policy{})

22
pkg/client/clientset/versioned/typed/kyverno/v1/fake/fake_policyviolation.go Normal file → Executable file
View file

@ -19,6 +19,8 @@ limitations under the License.
package fake
import (
"context"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
@ -39,7 +41,7 @@ var policyviolationsResource = schema.GroupVersionResource{Group: "kyverno.io",
var policyviolationsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1", Kind: "PolicyViolation"}
// Get takes name of the policyViolation, and returns the corresponding policyViolation object, and an error if there is any.
func (c *FakePolicyViolations) Get(name string, options v1.GetOptions) (result *kyvernov1.PolicyViolation, err error) {
func (c *FakePolicyViolations) Get(ctx context.Context, name string, options v1.GetOptions) (result *kyvernov1.PolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(policyviolationsResource, c.ns, name), &kyvernov1.PolicyViolation{})
@ -50,7 +52,7 @@ func (c *FakePolicyViolations) Get(name string, options v1.GetOptions) (result *
}
// List takes label and field selectors, and returns the list of PolicyViolations that match those selectors.
func (c *FakePolicyViolations) List(opts v1.ListOptions) (result *kyvernov1.PolicyViolationList, err error) {
func (c *FakePolicyViolations) List(ctx context.Context, opts v1.ListOptions) (result *kyvernov1.PolicyViolationList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(policyviolationsResource, policyviolationsKind, c.ns, opts), &kyvernov1.PolicyViolationList{})
@ -72,14 +74,14 @@ func (c *FakePolicyViolations) List(opts v1.ListOptions) (result *kyvernov1.Poli
}
// Watch returns a watch.Interface that watches the requested policyViolations.
func (c *FakePolicyViolations) Watch(opts v1.ListOptions) (watch.Interface, error) {
func (c *FakePolicyViolations) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(policyviolationsResource, c.ns, opts))
}
// Create takes the representation of a policyViolation and creates it. Returns the server's representation of the policyViolation, and an error, if there is any.
func (c *FakePolicyViolations) Create(policyViolation *kyvernov1.PolicyViolation) (result *kyvernov1.PolicyViolation, err error) {
func (c *FakePolicyViolations) Create(ctx context.Context, policyViolation *kyvernov1.PolicyViolation, opts v1.CreateOptions) (result *kyvernov1.PolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(policyviolationsResource, c.ns, policyViolation), &kyvernov1.PolicyViolation{})
@ -90,7 +92,7 @@ func (c *FakePolicyViolations) Create(policyViolation *kyvernov1.PolicyViolation
}
// Update takes the representation of a policyViolation and updates it. Returns the server's representation of the policyViolation, and an error, if there is any.
func (c *FakePolicyViolations) Update(policyViolation *kyvernov1.PolicyViolation) (result *kyvernov1.PolicyViolation, err error) {
func (c *FakePolicyViolations) Update(ctx context.Context, policyViolation *kyvernov1.PolicyViolation, opts v1.UpdateOptions) (result *kyvernov1.PolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(policyviolationsResource, c.ns, policyViolation), &kyvernov1.PolicyViolation{})
@ -102,7 +104,7 @@ func (c *FakePolicyViolations) Update(policyViolation *kyvernov1.PolicyViolation
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *FakePolicyViolations) UpdateStatus(policyViolation *kyvernov1.PolicyViolation) (*kyvernov1.PolicyViolation, error) {
func (c *FakePolicyViolations) UpdateStatus(ctx context.Context, policyViolation *kyvernov1.PolicyViolation, opts v1.UpdateOptions) (*kyvernov1.PolicyViolation, error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateSubresourceAction(policyviolationsResource, "status", c.ns, policyViolation), &kyvernov1.PolicyViolation{})
@ -113,7 +115,7 @@ func (c *FakePolicyViolations) UpdateStatus(policyViolation *kyvernov1.PolicyVio
}
// Delete takes name of the policyViolation and deletes it. Returns an error if one occurs.
func (c *FakePolicyViolations) Delete(name string, options *v1.DeleteOptions) error {
func (c *FakePolicyViolations) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(policyviolationsResource, c.ns, name), &kyvernov1.PolicyViolation{})
@ -121,15 +123,15 @@ func (c *FakePolicyViolations) Delete(name string, options *v1.DeleteOptions) er
}
// DeleteCollection deletes a collection of objects.
func (c *FakePolicyViolations) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(policyviolationsResource, c.ns, listOptions)
func (c *FakePolicyViolations) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(policyviolationsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &kyvernov1.PolicyViolationList{})
return err
}
// Patch applies the patch and returns the patched policyViolation.
func (c *FakePolicyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *kyvernov1.PolicyViolation, err error) {
func (c *FakePolicyViolations) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *kyvernov1.PolicyViolation, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(policyviolationsResource, c.ns, name, pt, data, subresources...), &kyvernov1.PolicyViolation{})

0
pkg/client/clientset/versioned/typed/kyverno/v1/generated_expansion.go Normal file → Executable file
View file

72
pkg/client/clientset/versioned/typed/kyverno/v1/generaterequest.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
"time"
v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -37,15 +38,15 @@ type GenerateRequestsGetter interface {
// GenerateRequestInterface has methods to work with GenerateRequest resources.
type GenerateRequestInterface interface {
Create(*v1.GenerateRequest) (*v1.GenerateRequest, error)
Update(*v1.GenerateRequest) (*v1.GenerateRequest, error)
UpdateStatus(*v1.GenerateRequest) (*v1.GenerateRequest, error)
Delete(name string, options *metav1.DeleteOptions) error
DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error
Get(name string, options metav1.GetOptions) (*v1.GenerateRequest, error)
List(opts metav1.ListOptions) (*v1.GenerateRequestList, error)
Watch(opts metav1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.GenerateRequest, err error)
Create(ctx context.Context, generateRequest *v1.GenerateRequest, opts metav1.CreateOptions) (*v1.GenerateRequest, error)
Update(ctx context.Context, generateRequest *v1.GenerateRequest, opts metav1.UpdateOptions) (*v1.GenerateRequest, error)
UpdateStatus(ctx context.Context, generateRequest *v1.GenerateRequest, opts metav1.UpdateOptions) (*v1.GenerateRequest, error)
Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.GenerateRequest, error)
List(ctx context.Context, opts metav1.ListOptions) (*v1.GenerateRequestList, error)
Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.GenerateRequest, err error)
GenerateRequestExpansion
}
@ -64,20 +65,20 @@ func newGenerateRequests(c *KyvernoV1Client, namespace string) *generateRequests
}
// Get takes name of the generateRequest, and returns the corresponding generateRequest object, and an error if there is any.
func (c *generateRequests) Get(name string, options metav1.GetOptions) (result *v1.GenerateRequest, err error) {
func (c *generateRequests) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.GenerateRequest, err error) {
result = &v1.GenerateRequest{}
err = c.client.Get().
Namespace(c.ns).
Resource("generaterequests").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of GenerateRequests that match those selectors.
func (c *generateRequests) List(opts metav1.ListOptions) (result *v1.GenerateRequestList, err error) {
func (c *generateRequests) List(ctx context.Context, opts metav1.ListOptions) (result *v1.GenerateRequestList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -88,13 +89,13 @@ func (c *generateRequests) List(opts metav1.ListOptions) (result *v1.GenerateReq
Resource("generaterequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested generateRequests.
func (c *generateRequests) Watch(opts metav1.ListOptions) (watch.Interface, error) {
func (c *generateRequests) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -105,87 +106,90 @@ func (c *generateRequests) Watch(opts metav1.ListOptions) (watch.Interface, erro
Resource("generaterequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
Watch(ctx)
}
// Create takes the representation of a generateRequest and creates it. Returns the server's representation of the generateRequest, and an error, if there is any.
func (c *generateRequests) Create(generateRequest *v1.GenerateRequest) (result *v1.GenerateRequest, err error) {
func (c *generateRequests) Create(ctx context.Context, generateRequest *v1.GenerateRequest, opts metav1.CreateOptions) (result *v1.GenerateRequest, err error) {
result = &v1.GenerateRequest{}
err = c.client.Post().
Namespace(c.ns).
Resource("generaterequests").
VersionedParams(&opts, scheme.ParameterCodec).
Body(generateRequest).
Do().
Do(ctx).
Into(result)
return
}
// Update takes the representation of a generateRequest and updates it. Returns the server's representation of the generateRequest, and an error, if there is any.
func (c *generateRequests) Update(generateRequest *v1.GenerateRequest) (result *v1.GenerateRequest, err error) {
func (c *generateRequests) Update(ctx context.Context, generateRequest *v1.GenerateRequest, opts metav1.UpdateOptions) (result *v1.GenerateRequest, err error) {
result = &v1.GenerateRequest{}
err = c.client.Put().
Namespace(c.ns).
Resource("generaterequests").
Name(generateRequest.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(generateRequest).
Do().
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *generateRequests) UpdateStatus(generateRequest *v1.GenerateRequest) (result *v1.GenerateRequest, err error) {
func (c *generateRequests) UpdateStatus(ctx context.Context, generateRequest *v1.GenerateRequest, opts metav1.UpdateOptions) (result *v1.GenerateRequest, err error) {
result = &v1.GenerateRequest{}
err = c.client.Put().
Namespace(c.ns).
Resource("generaterequests").
Name(generateRequest.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(generateRequest).
Do().
Do(ctx).
Into(result)
return
}
// Delete takes name of the generateRequest and deletes it. Returns an error if one occurs.
func (c *generateRequests) Delete(name string, options *metav1.DeleteOptions) error {
func (c *generateRequests) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("generaterequests").
Name(name).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *generateRequests) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error {
func (c *generateRequests) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("generaterequests").
VersionedParams(&listOptions, scheme.ParameterCodec).
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched generateRequest.
func (c *generateRequests) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.GenerateRequest, err error) {
func (c *generateRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.GenerateRequest, err error) {
result = &v1.GenerateRequest{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("generaterequests").
SubResource(subresources...).
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do().
Do(ctx).
Into(result)
return
}

0
pkg/client/clientset/versioned/typed/kyverno/v1/kyverno_client.go Normal file → Executable file
View file

72
pkg/client/clientset/versioned/typed/kyverno/v1/policy.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
"time"
v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -37,15 +38,15 @@ type PoliciesGetter interface {
// PolicyInterface has methods to work with Policy resources.
type PolicyInterface interface {
Create(*v1.Policy) (*v1.Policy, error)
Update(*v1.Policy) (*v1.Policy, error)
UpdateStatus(*v1.Policy) (*v1.Policy, error)
Delete(name string, options *metav1.DeleteOptions) error
DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error
Get(name string, options metav1.GetOptions) (*v1.Policy, error)
List(opts metav1.ListOptions) (*v1.PolicyList, error)
Watch(opts metav1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.Policy, err error)
Create(ctx context.Context, policy *v1.Policy, opts metav1.CreateOptions) (*v1.Policy, error)
Update(ctx context.Context, policy *v1.Policy, opts metav1.UpdateOptions) (*v1.Policy, error)
UpdateStatus(ctx context.Context, policy *v1.Policy, opts metav1.UpdateOptions) (*v1.Policy, error)
Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.Policy, error)
List(ctx context.Context, opts metav1.ListOptions) (*v1.PolicyList, error)
Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Policy, err error)
PolicyExpansion
}
@ -64,20 +65,20 @@ func newPolicies(c *KyvernoV1Client, namespace string) *policies {
}
// Get takes name of the policy, and returns the corresponding policy object, and an error if there is any.
func (c *policies) Get(name string, options metav1.GetOptions) (result *v1.Policy, err error) {
func (c *policies) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.Policy, err error) {
result = &v1.Policy{}
err = c.client.Get().
Namespace(c.ns).
Resource("policies").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of Policies that match those selectors.
func (c *policies) List(opts metav1.ListOptions) (result *v1.PolicyList, err error) {
func (c *policies) List(ctx context.Context, opts metav1.ListOptions) (result *v1.PolicyList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -88,13 +89,13 @@ func (c *policies) List(opts metav1.ListOptions) (result *v1.PolicyList, err err
Resource("policies").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested policies.
func (c *policies) Watch(opts metav1.ListOptions) (watch.Interface, error) {
func (c *policies) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -105,87 +106,90 @@ func (c *policies) Watch(opts metav1.ListOptions) (watch.Interface, error) {
Resource("policies").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
Watch(ctx)
}
// Create takes the representation of a policy and creates it. Returns the server's representation of the policy, and an error, if there is any.
func (c *policies) Create(policy *v1.Policy) (result *v1.Policy, err error) {
func (c *policies) Create(ctx context.Context, policy *v1.Policy, opts metav1.CreateOptions) (result *v1.Policy, err error) {
result = &v1.Policy{}
err = c.client.Post().
Namespace(c.ns).
Resource("policies").
VersionedParams(&opts, scheme.ParameterCodec).
Body(policy).
Do().
Do(ctx).
Into(result)
return
}
// Update takes the representation of a policy and updates it. Returns the server's representation of the policy, and an error, if there is any.
func (c *policies) Update(policy *v1.Policy) (result *v1.Policy, err error) {
func (c *policies) Update(ctx context.Context, policy *v1.Policy, opts metav1.UpdateOptions) (result *v1.Policy, err error) {
result = &v1.Policy{}
err = c.client.Put().
Namespace(c.ns).
Resource("policies").
Name(policy.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(policy).
Do().
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *policies) UpdateStatus(policy *v1.Policy) (result *v1.Policy, err error) {
func (c *policies) UpdateStatus(ctx context.Context, policy *v1.Policy, opts metav1.UpdateOptions) (result *v1.Policy, err error) {
result = &v1.Policy{}
err = c.client.Put().
Namespace(c.ns).
Resource("policies").
Name(policy.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(policy).
Do().
Do(ctx).
Into(result)
return
}
// Delete takes name of the policy and deletes it. Returns an error if one occurs.
func (c *policies) Delete(name string, options *metav1.DeleteOptions) error {
func (c *policies) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("policies").
Name(name).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *policies) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error {
func (c *policies) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("policies").
VersionedParams(&listOptions, scheme.ParameterCodec).
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched policy.
func (c *policies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.Policy, err error) {
func (c *policies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.Policy, err error) {
result = &v1.Policy{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("policies").
SubResource(subresources...).
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do().
Do(ctx).
Into(result)
return
}

72
pkg/client/clientset/versioned/typed/kyverno/v1/policyviolation.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
"time"
v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -37,15 +38,15 @@ type PolicyViolationsGetter interface {
// PolicyViolationInterface has methods to work with PolicyViolation resources.
type PolicyViolationInterface interface {
Create(*v1.PolicyViolation) (*v1.PolicyViolation, error)
Update(*v1.PolicyViolation) (*v1.PolicyViolation, error)
UpdateStatus(*v1.PolicyViolation) (*v1.PolicyViolation, error)
Delete(name string, options *metav1.DeleteOptions) error
DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error
Get(name string, options metav1.GetOptions) (*v1.PolicyViolation, error)
List(opts metav1.ListOptions) (*v1.PolicyViolationList, error)
Watch(opts metav1.ListOptions) (watch.Interface, error)
Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.PolicyViolation, err error)
Create(ctx context.Context, policyViolation *v1.PolicyViolation, opts metav1.CreateOptions) (*v1.PolicyViolation, error)
Update(ctx context.Context, policyViolation *v1.PolicyViolation, opts metav1.UpdateOptions) (*v1.PolicyViolation, error)
UpdateStatus(ctx context.Context, policyViolation *v1.PolicyViolation, opts metav1.UpdateOptions) (*v1.PolicyViolation, error)
Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error
Get(ctx context.Context, name string, opts metav1.GetOptions) (*v1.PolicyViolation, error)
List(ctx context.Context, opts metav1.ListOptions) (*v1.PolicyViolationList, error)
Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.PolicyViolation, err error)
PolicyViolationExpansion
}
@ -64,20 +65,20 @@ func newPolicyViolations(c *KyvernoV1Client, namespace string) *policyViolations
}
// Get takes name of the policyViolation, and returns the corresponding policyViolation object, and an error if there is any.
func (c *policyViolations) Get(name string, options metav1.GetOptions) (result *v1.PolicyViolation, err error) {
func (c *policyViolations) Get(ctx context.Context, name string, options metav1.GetOptions) (result *v1.PolicyViolation, err error) {
result = &v1.PolicyViolation{}
err = c.client.Get().
Namespace(c.ns).
Resource("policyviolations").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do().
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of PolicyViolations that match those selectors.
func (c *policyViolations) List(opts metav1.ListOptions) (result *v1.PolicyViolationList, err error) {
func (c *policyViolations) List(ctx context.Context, opts metav1.ListOptions) (result *v1.PolicyViolationList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -88,13 +89,13 @@ func (c *policyViolations) List(opts metav1.ListOptions) (result *v1.PolicyViola
Resource("policyviolations").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do().
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested policyViolations.
func (c *policyViolations) Watch(opts metav1.ListOptions) (watch.Interface, error) {
func (c *policyViolations) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
@ -105,87 +106,90 @@ func (c *policyViolations) Watch(opts metav1.ListOptions) (watch.Interface, erro
Resource("policyviolations").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch()
Watch(ctx)
}
// Create takes the representation of a policyViolation and creates it. Returns the server's representation of the policyViolation, and an error, if there is any.
func (c *policyViolations) Create(policyViolation *v1.PolicyViolation) (result *v1.PolicyViolation, err error) {
func (c *policyViolations) Create(ctx context.Context, policyViolation *v1.PolicyViolation, opts metav1.CreateOptions) (result *v1.PolicyViolation, err error) {
result = &v1.PolicyViolation{}
err = c.client.Post().
Namespace(c.ns).
Resource("policyviolations").
VersionedParams(&opts, scheme.ParameterCodec).
Body(policyViolation).
Do().
Do(ctx).
Into(result)
return
}
// Update takes the representation of a policyViolation and updates it. Returns the server's representation of the policyViolation, and an error, if there is any.
func (c *policyViolations) Update(policyViolation *v1.PolicyViolation) (result *v1.PolicyViolation, err error) {
func (c *policyViolations) Update(ctx context.Context, policyViolation *v1.PolicyViolation, opts metav1.UpdateOptions) (result *v1.PolicyViolation, err error) {
result = &v1.PolicyViolation{}
err = c.client.Put().
Namespace(c.ns).
Resource("policyviolations").
Name(policyViolation.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(policyViolation).
Do().
Do(ctx).
Into(result)
return
}
// UpdateStatus was generated because the type contains a Status member.
// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus().
func (c *policyViolations) UpdateStatus(policyViolation *v1.PolicyViolation) (result *v1.PolicyViolation, err error) {
func (c *policyViolations) UpdateStatus(ctx context.Context, policyViolation *v1.PolicyViolation, opts metav1.UpdateOptions) (result *v1.PolicyViolation, err error) {
result = &v1.PolicyViolation{}
err = c.client.Put().
Namespace(c.ns).
Resource("policyviolations").
Name(policyViolation.Name).
SubResource("status").
VersionedParams(&opts, scheme.ParameterCodec).
Body(policyViolation).
Do().
Do(ctx).
Into(result)
return
}
// Delete takes name of the policyViolation and deletes it. Returns an error if one occurs.
func (c *policyViolations) Delete(name string, options *metav1.DeleteOptions) error {
func (c *policyViolations) Delete(ctx context.Context, name string, opts metav1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("policyviolations").
Name(name).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *policyViolations) DeleteCollection(options *metav1.DeleteOptions, listOptions metav1.ListOptions) error {
func (c *policyViolations) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOpts metav1.ListOptions) error {
var timeout time.Duration
if listOptions.TimeoutSeconds != nil {
timeout = time.Duration(*listOptions.TimeoutSeconds) * time.Second
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("policyviolations").
VersionedParams(&listOptions, scheme.ParameterCodec).
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(options).
Do().
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched policyViolation.
func (c *policyViolations) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1.PolicyViolation, err error) {
func (c *policyViolations) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (result *v1.PolicyViolation, err error) {
result = &v1.PolicyViolation{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("policyviolations").
SubResource(subresources...).
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do().
Do(ctx).
Into(result)
return
}

168
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/clusterreportchangerequest.go Normal file
View file

@ -0,0 +1,168 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
scheme "github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// ClusterReportChangeRequestsGetter has a method to return a ClusterReportChangeRequestInterface.
// A group's client should implement this interface.
type ClusterReportChangeRequestsGetter interface {
ClusterReportChangeRequests() ClusterReportChangeRequestInterface
}
// ClusterReportChangeRequestInterface has methods to work with ClusterReportChangeRequest resources.
type ClusterReportChangeRequestInterface interface {
Create(ctx context.Context, clusterReportChangeRequest *v1alpha1.ClusterReportChangeRequest, opts v1.CreateOptions) (*v1alpha1.ClusterReportChangeRequest, error)
Update(ctx context.Context, clusterReportChangeRequest *v1alpha1.ClusterReportChangeRequest, opts v1.UpdateOptions) (*v1alpha1.ClusterReportChangeRequest, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ClusterReportChangeRequest, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ClusterReportChangeRequestList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterReportChangeRequest, err error)
ClusterReportChangeRequestExpansion
}
// clusterReportChangeRequests implements ClusterReportChangeRequestInterface
type clusterReportChangeRequests struct {
client rest.Interface
}
// newClusterReportChangeRequests returns a ClusterReportChangeRequests
func newClusterReportChangeRequests(c *KyvernoV1alpha1Client) *clusterReportChangeRequests {
return &clusterReportChangeRequests{
client: c.RESTClient(),
}
}
// Get takes name of the clusterReportChangeRequest, and returns the corresponding clusterReportChangeRequest object, and an error if there is any.
func (c *clusterReportChangeRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterReportChangeRequest, err error) {
result = &v1alpha1.ClusterReportChangeRequest{}
err = c.client.Get().
Resource("clusterreportchangerequests").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of ClusterReportChangeRequests that match those selectors.
func (c *clusterReportChangeRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterReportChangeRequestList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.ClusterReportChangeRequestList{}
err = c.client.Get().
Resource("clusterreportchangerequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested clusterReportChangeRequests.
func (c *clusterReportChangeRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Resource("clusterreportchangerequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a clusterReportChangeRequest and creates it. Returns the server's representation of the clusterReportChangeRequest, and an error, if there is any.
func (c *clusterReportChangeRequests) Create(ctx context.Context, clusterReportChangeRequest *v1alpha1.ClusterReportChangeRequest, opts v1.CreateOptions) (result *v1alpha1.ClusterReportChangeRequest, err error) {
result = &v1alpha1.ClusterReportChangeRequest{}
err = c.client.Post().
Resource("clusterreportchangerequests").
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterReportChangeRequest).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a clusterReportChangeRequest and updates it. Returns the server's representation of the clusterReportChangeRequest, and an error, if there is any.
func (c *clusterReportChangeRequests) Update(ctx context.Context, clusterReportChangeRequest *v1alpha1.ClusterReportChangeRequest, opts v1.UpdateOptions) (result *v1alpha1.ClusterReportChangeRequest, err error) {
result = &v1alpha1.ClusterReportChangeRequest{}
err = c.client.Put().
Resource("clusterreportchangerequests").
Name(clusterReportChangeRequest.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterReportChangeRequest).
Do(ctx).
Into(result)
return
}
// Delete takes name of the clusterReportChangeRequest and deletes it. Returns an error if one occurs.
func (c *clusterReportChangeRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Resource("clusterreportchangerequests").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *clusterReportChangeRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Resource("clusterreportchangerequests").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched clusterReportChangeRequest.
func (c *clusterReportChangeRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterReportChangeRequest, err error) {
result = &v1alpha1.ClusterReportChangeRequest{}
err = c.client.Patch(pt).
Resource("clusterreportchangerequests").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

20
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/doc.go Normal file
View file

@ -0,0 +1,20 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
// This package has the automatically generated typed clients.
package v1alpha1

20
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/doc.go Normal file
View file

@ -0,0 +1,20 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
// Package fake has the automatically generated clients.
package fake

122
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_clusterreportchangerequest.go Normal file
View file

@ -0,0 +1,122 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeClusterReportChangeRequests implements ClusterReportChangeRequestInterface
type FakeClusterReportChangeRequests struct {
Fake *FakeKyvernoV1alpha1
}
var clusterreportchangerequestsResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "clusterreportchangerequests"}
var clusterreportchangerequestsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "ClusterReportChangeRequest"}
// Get takes name of the clusterReportChangeRequest, and returns the corresponding clusterReportChangeRequest object, and an error if there is any.
func (c *FakeClusterReportChangeRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootGetAction(clusterreportchangerequestsResource, name), &v1alpha1.ClusterReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterReportChangeRequest), err
}
// List takes label and field selectors, and returns the list of ClusterReportChangeRequests that match those selectors.
func (c *FakeClusterReportChangeRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterReportChangeRequestList, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootListAction(clusterreportchangerequestsResource, clusterreportchangerequestsKind, opts), &v1alpha1.ClusterReportChangeRequestList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.ClusterReportChangeRequestList{ListMeta: obj.(*v1alpha1.ClusterReportChangeRequestList).ListMeta}
for _, item := range obj.(*v1alpha1.ClusterReportChangeRequestList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested clusterReportChangeRequests.
func (c *FakeClusterReportChangeRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewRootWatchAction(clusterreportchangerequestsResource, opts))
}
// Create takes the representation of a clusterReportChangeRequest and creates it. Returns the server's representation of the clusterReportChangeRequest, and an error, if there is any.
func (c *FakeClusterReportChangeRequests) Create(ctx context.Context, clusterReportChangeRequest *v1alpha1.ClusterReportChangeRequest, opts v1.CreateOptions) (result *v1alpha1.ClusterReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootCreateAction(clusterreportchangerequestsResource, clusterReportChangeRequest), &v1alpha1.ClusterReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterReportChangeRequest), err
}
// Update takes the representation of a clusterReportChangeRequest and updates it. Returns the server's representation of the clusterReportChangeRequest, and an error, if there is any.
func (c *FakeClusterReportChangeRequests) Update(ctx context.Context, clusterReportChangeRequest *v1alpha1.ClusterReportChangeRequest, opts v1.UpdateOptions) (result *v1alpha1.ClusterReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateAction(clusterreportchangerequestsResource, clusterReportChangeRequest), &v1alpha1.ClusterReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterReportChangeRequest), err
}
// Delete takes name of the clusterReportChangeRequest and deletes it. Returns an error if one occurs.
func (c *FakeClusterReportChangeRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewRootDeleteAction(clusterreportchangerequestsResource, name), &v1alpha1.ClusterReportChangeRequest{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeClusterReportChangeRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clusterreportchangerequestsResource, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.ClusterReportChangeRequestList{})
return err
}
// Patch applies the patch and returns the patched clusterReportChangeRequest.
func (c *FakeClusterReportChangeRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootPatchSubresourceAction(clusterreportchangerequestsResource, name, pt, data, subresources...), &v1alpha1.ClusterReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterReportChangeRequest), err
}

44
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_kyverno_client.go Normal file
View file

@ -0,0 +1,44 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/kyverno/v1alpha1"
rest "k8s.io/client-go/rest"
testing "k8s.io/client-go/testing"
)
type FakeKyvernoV1alpha1 struct {
*testing.Fake
}
func (c *FakeKyvernoV1alpha1) ClusterReportChangeRequests() v1alpha1.ClusterReportChangeRequestInterface {
return &FakeClusterReportChangeRequests{c}
}
func (c *FakeKyvernoV1alpha1) ReportChangeRequests(namespace string) v1alpha1.ReportChangeRequestInterface {
return &FakeReportChangeRequests{c, namespace}
}
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *FakeKyvernoV1alpha1) RESTClient() rest.Interface {
var ret *rest.RESTClient
return ret
}

130
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/fake/fake_reportchangerequest.go Normal file
View file

@ -0,0 +1,130 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeReportChangeRequests implements ReportChangeRequestInterface
type FakeReportChangeRequests struct {
Fake *FakeKyvernoV1alpha1
ns string
}
var reportchangerequestsResource = schema.GroupVersionResource{Group: "kyverno.io", Version: "v1alpha1", Resource: "reportchangerequests"}
var reportchangerequestsKind = schema.GroupVersionKind{Group: "kyverno.io", Version: "v1alpha1", Kind: "ReportChangeRequest"}
// Get takes name of the reportChangeRequest, and returns the corresponding reportChangeRequest object, and an error if there is any.
func (c *FakeReportChangeRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(reportchangerequestsResource, c.ns, name), &v1alpha1.ReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ReportChangeRequest), err
}
// List takes label and field selectors, and returns the list of ReportChangeRequests that match those selectors.
func (c *FakeReportChangeRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ReportChangeRequestList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(reportchangerequestsResource, reportchangerequestsKind, c.ns, opts), &v1alpha1.ReportChangeRequestList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.ReportChangeRequestList{ListMeta: obj.(*v1alpha1.ReportChangeRequestList).ListMeta}
for _, item := range obj.(*v1alpha1.ReportChangeRequestList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested reportChangeRequests.
func (c *FakeReportChangeRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(reportchangerequestsResource, c.ns, opts))
}
// Create takes the representation of a reportChangeRequest and creates it. Returns the server's representation of the reportChangeRequest, and an error, if there is any.
func (c *FakeReportChangeRequests) Create(ctx context.Context, reportChangeRequest *v1alpha1.ReportChangeRequest, opts v1.CreateOptions) (result *v1alpha1.ReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(reportchangerequestsResource, c.ns, reportChangeRequest), &v1alpha1.ReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ReportChangeRequest), err
}
// Update takes the representation of a reportChangeRequest and updates it. Returns the server's representation of the reportChangeRequest, and an error, if there is any.
func (c *FakeReportChangeRequests) Update(ctx context.Context, reportChangeRequest *v1alpha1.ReportChangeRequest, opts v1.UpdateOptions) (result *v1alpha1.ReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(reportchangerequestsResource, c.ns, reportChangeRequest), &v1alpha1.ReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ReportChangeRequest), err
}
// Delete takes name of the reportChangeRequest and deletes it. Returns an error if one occurs.
func (c *FakeReportChangeRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(reportchangerequestsResource, c.ns, name), &v1alpha1.ReportChangeRequest{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeReportChangeRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(reportchangerequestsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.ReportChangeRequestList{})
return err
}
// Patch applies the patch and returns the patched reportChangeRequest.
func (c *FakeReportChangeRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ReportChangeRequest, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(reportchangerequestsResource, c.ns, name, pt, data, subresources...), &v1alpha1.ReportChangeRequest{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ReportChangeRequest), err
}

23
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/generated_expansion.go Normal file
View file

@ -0,0 +1,23 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
type ClusterReportChangeRequestExpansion interface{}
type ReportChangeRequestExpansion interface{}

94
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/kyverno_client.go Normal file
View file

@ -0,0 +1,94 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
"github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
rest "k8s.io/client-go/rest"
)
type KyvernoV1alpha1Interface interface {
RESTClient() rest.Interface
ClusterReportChangeRequestsGetter
ReportChangeRequestsGetter
}
// KyvernoV1alpha1Client is used to interact with features provided by the kyverno.io group.
type KyvernoV1alpha1Client struct {
restClient rest.Interface
}
func (c *KyvernoV1alpha1Client) ClusterReportChangeRequests() ClusterReportChangeRequestInterface {
return newClusterReportChangeRequests(c)
}
func (c *KyvernoV1alpha1Client) ReportChangeRequests(namespace string) ReportChangeRequestInterface {
return newReportChangeRequests(c, namespace)
}
// NewForConfig creates a new KyvernoV1alpha1Client for the given config.
func NewForConfig(c *rest.Config) (*KyvernoV1alpha1Client, error) {
config := *c
if err := setConfigDefaults(&config); err != nil {
return nil, err
}
client, err := rest.RESTClientFor(&config)
if err != nil {
return nil, err
}
return &KyvernoV1alpha1Client{client}, nil
}
// NewForConfigOrDie creates a new KyvernoV1alpha1Client for the given config and
// panics if there is an error in the config.
func NewForConfigOrDie(c *rest.Config) *KyvernoV1alpha1Client {
client, err := NewForConfig(c)
if err != nil {
panic(err)
}
return client
}
// New creates a new KyvernoV1alpha1Client for the given RESTClient.
func New(c rest.Interface) *KyvernoV1alpha1Client {
return &KyvernoV1alpha1Client{c}
}
func setConfigDefaults(config *rest.Config) error {
gv := v1alpha1.SchemeGroupVersion
config.GroupVersion = &gv
config.APIPath = "/apis"
config.NegotiatedSerializer = scheme.Codecs.WithoutConversion()
if config.UserAgent == "" {
config.UserAgent = rest.DefaultKubernetesUserAgent()
}
return nil
}
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *KyvernoV1alpha1Client) RESTClient() rest.Interface {
if c == nil {
return nil
}
return c.restClient
}

178
pkg/client/clientset/versioned/typed/kyverno/v1alpha1/reportchangerequest.go Normal file
View file

@ -0,0 +1,178 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
scheme "github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// ReportChangeRequestsGetter has a method to return a ReportChangeRequestInterface.
// A group's client should implement this interface.
type ReportChangeRequestsGetter interface {
ReportChangeRequests(namespace string) ReportChangeRequestInterface
}
// ReportChangeRequestInterface has methods to work with ReportChangeRequest resources.
type ReportChangeRequestInterface interface {
Create(ctx context.Context, reportChangeRequest *v1alpha1.ReportChangeRequest, opts v1.CreateOptions) (*v1alpha1.ReportChangeRequest, error)
Update(ctx context.Context, reportChangeRequest *v1alpha1.ReportChangeRequest, opts v1.UpdateOptions) (*v1alpha1.ReportChangeRequest, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ReportChangeRequest, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ReportChangeRequestList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ReportChangeRequest, err error)
ReportChangeRequestExpansion
}
// reportChangeRequests implements ReportChangeRequestInterface
type reportChangeRequests struct {
client rest.Interface
ns string
}
// newReportChangeRequests returns a ReportChangeRequests
func newReportChangeRequests(c *KyvernoV1alpha1Client, namespace string) *reportChangeRequests {
return &reportChangeRequests{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the reportChangeRequest, and returns the corresponding reportChangeRequest object, and an error if there is any.
func (c *reportChangeRequests) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ReportChangeRequest, err error) {
result = &v1alpha1.ReportChangeRequest{}
err = c.client.Get().
Namespace(c.ns).
Resource("reportchangerequests").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of ReportChangeRequests that match those selectors.
func (c *reportChangeRequests) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ReportChangeRequestList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.ReportChangeRequestList{}
err = c.client.Get().
Namespace(c.ns).
Resource("reportchangerequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested reportChangeRequests.
func (c *reportChangeRequests) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("reportchangerequests").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a reportChangeRequest and creates it. Returns the server's representation of the reportChangeRequest, and an error, if there is any.
func (c *reportChangeRequests) Create(ctx context.Context, reportChangeRequest *v1alpha1.ReportChangeRequest, opts v1.CreateOptions) (result *v1alpha1.ReportChangeRequest, err error) {
result = &v1alpha1.ReportChangeRequest{}
err = c.client.Post().
Namespace(c.ns).
Resource("reportchangerequests").
VersionedParams(&opts, scheme.ParameterCodec).
Body(reportChangeRequest).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a reportChangeRequest and updates it. Returns the server's representation of the reportChangeRequest, and an error, if there is any.
func (c *reportChangeRequests) Update(ctx context.Context, reportChangeRequest *v1alpha1.ReportChangeRequest, opts v1.UpdateOptions) (result *v1alpha1.ReportChangeRequest, err error) {
result = &v1alpha1.ReportChangeRequest{}
err = c.client.Put().
Namespace(c.ns).
Resource("reportchangerequests").
Name(reportChangeRequest.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(reportChangeRequest).
Do(ctx).
Into(result)
return
}
// Delete takes name of the reportChangeRequest and deletes it. Returns an error if one occurs.
func (c *reportChangeRequests) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("reportchangerequests").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *reportChangeRequests) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("reportchangerequests").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched reportChangeRequest.
func (c *reportChangeRequests) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ReportChangeRequest, err error) {
result = &v1alpha1.ReportChangeRequest{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("reportchangerequests").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

168
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/clusterpolicyreport.go Executable file
View file

@ -0,0 +1,168 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
scheme "github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// ClusterPolicyReportsGetter has a method to return a ClusterPolicyReportInterface.
// A group's client should implement this interface.
type ClusterPolicyReportsGetter interface {
ClusterPolicyReports() ClusterPolicyReportInterface
}
// ClusterPolicyReportInterface has methods to work with ClusterPolicyReport resources.
type ClusterPolicyReportInterface interface {
Create(ctx context.Context, clusterPolicyReport *v1alpha1.ClusterPolicyReport, opts v1.CreateOptions) (*v1alpha1.ClusterPolicyReport, error)
Update(ctx context.Context, clusterPolicyReport *v1alpha1.ClusterPolicyReport, opts v1.UpdateOptions) (*v1alpha1.ClusterPolicyReport, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ClusterPolicyReport, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ClusterPolicyReportList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterPolicyReport, err error)
ClusterPolicyReportExpansion
}
// clusterPolicyReports implements ClusterPolicyReportInterface
type clusterPolicyReports struct {
client rest.Interface
}
// newClusterPolicyReports returns a ClusterPolicyReports
func newClusterPolicyReports(c *PolicyV1alpha1Client) *clusterPolicyReports {
return &clusterPolicyReports{
client: c.RESTClient(),
}
}
// Get takes name of the clusterPolicyReport, and returns the corresponding clusterPolicyReport object, and an error if there is any.
func (c *clusterPolicyReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterPolicyReport, err error) {
result = &v1alpha1.ClusterPolicyReport{}
err = c.client.Get().
Resource("clusterpolicyreports").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of ClusterPolicyReports that match those selectors.
func (c *clusterPolicyReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterPolicyReportList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.ClusterPolicyReportList{}
err = c.client.Get().
Resource("clusterpolicyreports").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested clusterPolicyReports.
func (c *clusterPolicyReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Resource("clusterpolicyreports").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a clusterPolicyReport and creates it. Returns the server's representation of the clusterPolicyReport, and an error, if there is any.
func (c *clusterPolicyReports) Create(ctx context.Context, clusterPolicyReport *v1alpha1.ClusterPolicyReport, opts v1.CreateOptions) (result *v1alpha1.ClusterPolicyReport, err error) {
result = &v1alpha1.ClusterPolicyReport{}
err = c.client.Post().
Resource("clusterpolicyreports").
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicyReport).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a clusterPolicyReport and updates it. Returns the server's representation of the clusterPolicyReport, and an error, if there is any.
func (c *clusterPolicyReports) Update(ctx context.Context, clusterPolicyReport *v1alpha1.ClusterPolicyReport, opts v1.UpdateOptions) (result *v1alpha1.ClusterPolicyReport, err error) {
result = &v1alpha1.ClusterPolicyReport{}
err = c.client.Put().
Resource("clusterpolicyreports").
Name(clusterPolicyReport.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(clusterPolicyReport).
Do(ctx).
Into(result)
return
}
// Delete takes name of the clusterPolicyReport and deletes it. Returns an error if one occurs.
func (c *clusterPolicyReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Resource("clusterpolicyreports").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *clusterPolicyReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Resource("clusterpolicyreports").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched clusterPolicyReport.
func (c *clusterPolicyReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterPolicyReport, err error) {
result = &v1alpha1.ClusterPolicyReport{}
err = c.client.Patch(pt).
Resource("clusterpolicyreports").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

20
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/doc.go Executable file
View file

@ -0,0 +1,20 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
// This package has the automatically generated typed clients.
package v1alpha1

20
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/fake/doc.go Executable file
View file

@ -0,0 +1,20 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
// Package fake has the automatically generated clients.
package fake

122
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/fake/fake_clusterpolicyreport.go Executable file
View file

@ -0,0 +1,122 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakeClusterPolicyReports implements ClusterPolicyReportInterface
type FakeClusterPolicyReports struct {
Fake *FakePolicyV1alpha1
}
var clusterpolicyreportsResource = schema.GroupVersionResource{Group: "policy.k8s.io", Version: "v1alpha1", Resource: "clusterpolicyreports"}
var clusterpolicyreportsKind = schema.GroupVersionKind{Group: "policy.k8s.io", Version: "v1alpha1", Kind: "ClusterPolicyReport"}
// Get takes name of the clusterPolicyReport, and returns the corresponding clusterPolicyReport object, and an error if there is any.
func (c *FakeClusterPolicyReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterPolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootGetAction(clusterpolicyreportsResource, name), &v1alpha1.ClusterPolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterPolicyReport), err
}
// List takes label and field selectors, and returns the list of ClusterPolicyReports that match those selectors.
func (c *FakeClusterPolicyReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterPolicyReportList, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootListAction(clusterpolicyreportsResource, clusterpolicyreportsKind, opts), &v1alpha1.ClusterPolicyReportList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.ClusterPolicyReportList{ListMeta: obj.(*v1alpha1.ClusterPolicyReportList).ListMeta}
for _, item := range obj.(*v1alpha1.ClusterPolicyReportList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested clusterPolicyReports.
func (c *FakeClusterPolicyReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewRootWatchAction(clusterpolicyreportsResource, opts))
}
// Create takes the representation of a clusterPolicyReport and creates it. Returns the server's representation of the clusterPolicyReport, and an error, if there is any.
func (c *FakeClusterPolicyReports) Create(ctx context.Context, clusterPolicyReport *v1alpha1.ClusterPolicyReport, opts v1.CreateOptions) (result *v1alpha1.ClusterPolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootCreateAction(clusterpolicyreportsResource, clusterPolicyReport), &v1alpha1.ClusterPolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterPolicyReport), err
}
// Update takes the representation of a clusterPolicyReport and updates it. Returns the server's representation of the clusterPolicyReport, and an error, if there is any.
func (c *FakeClusterPolicyReports) Update(ctx context.Context, clusterPolicyReport *v1alpha1.ClusterPolicyReport, opts v1.UpdateOptions) (result *v1alpha1.ClusterPolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootUpdateAction(clusterpolicyreportsResource, clusterPolicyReport), &v1alpha1.ClusterPolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterPolicyReport), err
}
// Delete takes name of the clusterPolicyReport and deletes it. Returns an error if one occurs.
func (c *FakeClusterPolicyReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewRootDeleteAction(clusterpolicyreportsResource, name), &v1alpha1.ClusterPolicyReport{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakeClusterPolicyReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewRootDeleteCollectionAction(clusterpolicyreportsResource, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.ClusterPolicyReportList{})
return err
}
// Patch applies the patch and returns the patched clusterPolicyReport.
func (c *FakeClusterPolicyReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterPolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewRootPatchSubresourceAction(clusterpolicyreportsResource, name, pt, data, subresources...), &v1alpha1.ClusterPolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.ClusterPolicyReport), err
}

130
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/fake/fake_policyreport.go Executable file
View file

@ -0,0 +1,130 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
"context"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
labels "k8s.io/apimachinery/pkg/labels"
schema "k8s.io/apimachinery/pkg/runtime/schema"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
testing "k8s.io/client-go/testing"
)
// FakePolicyReports implements PolicyReportInterface
type FakePolicyReports struct {
Fake *FakePolicyV1alpha1
ns string
}
var policyreportsResource = schema.GroupVersionResource{Group: "policy.k8s.io", Version: "v1alpha1", Resource: "policyreports"}
var policyreportsKind = schema.GroupVersionKind{Group: "policy.k8s.io", Version: "v1alpha1", Kind: "PolicyReport"}
// Get takes name of the policyReport, and returns the corresponding policyReport object, and an error if there is any.
func (c *FakePolicyReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewGetAction(policyreportsResource, c.ns, name), &v1alpha1.PolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PolicyReport), err
}
// List takes label and field selectors, and returns the list of PolicyReports that match those selectors.
func (c *FakePolicyReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PolicyReportList, err error) {
obj, err := c.Fake.
Invokes(testing.NewListAction(policyreportsResource, policyreportsKind, c.ns, opts), &v1alpha1.PolicyReportList{})
if obj == nil {
return nil, err
}
label, _, _ := testing.ExtractFromListOptions(opts)
if label == nil {
label = labels.Everything()
}
list := &v1alpha1.PolicyReportList{ListMeta: obj.(*v1alpha1.PolicyReportList).ListMeta}
for _, item := range obj.(*v1alpha1.PolicyReportList).Items {
if label.Matches(labels.Set(item.Labels)) {
list.Items = append(list.Items, item)
}
}
return list, err
}
// Watch returns a watch.Interface that watches the requested policyReports.
func (c *FakePolicyReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
return c.Fake.
InvokesWatch(testing.NewWatchAction(policyreportsResource, c.ns, opts))
}
// Create takes the representation of a policyReport and creates it. Returns the server's representation of the policyReport, and an error, if there is any.
func (c *FakePolicyReports) Create(ctx context.Context, policyReport *v1alpha1.PolicyReport, opts v1.CreateOptions) (result *v1alpha1.PolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewCreateAction(policyreportsResource, c.ns, policyReport), &v1alpha1.PolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PolicyReport), err
}
// Update takes the representation of a policyReport and updates it. Returns the server's representation of the policyReport, and an error, if there is any.
func (c *FakePolicyReports) Update(ctx context.Context, policyReport *v1alpha1.PolicyReport, opts v1.UpdateOptions) (result *v1alpha1.PolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewUpdateAction(policyreportsResource, c.ns, policyReport), &v1alpha1.PolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PolicyReport), err
}
// Delete takes name of the policyReport and deletes it. Returns an error if one occurs.
func (c *FakePolicyReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
_, err := c.Fake.
Invokes(testing.NewDeleteAction(policyreportsResource, c.ns, name), &v1alpha1.PolicyReport{})
return err
}
// DeleteCollection deletes a collection of objects.
func (c *FakePolicyReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
action := testing.NewDeleteCollectionAction(policyreportsResource, c.ns, listOpts)
_, err := c.Fake.Invokes(action, &v1alpha1.PolicyReportList{})
return err
}
// Patch applies the patch and returns the patched policyReport.
func (c *FakePolicyReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PolicyReport, err error) {
obj, err := c.Fake.
Invokes(testing.NewPatchSubresourceAction(policyreportsResource, c.ns, name, pt, data, subresources...), &v1alpha1.PolicyReport{})
if obj == nil {
return nil, err
}
return obj.(*v1alpha1.PolicyReport), err
}

44
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/fake/fake_policyreport_client.go Executable file
View file

@ -0,0 +1,44 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package fake
import (
v1alpha1 "github.com/kyverno/kyverno/pkg/client/clientset/versioned/typed/policyreport/v1alpha1"
rest "k8s.io/client-go/rest"
testing "k8s.io/client-go/testing"
)
type FakePolicyV1alpha1 struct {
*testing.Fake
}
func (c *FakePolicyV1alpha1) ClusterPolicyReports() v1alpha1.ClusterPolicyReportInterface {
return &FakeClusterPolicyReports{c}
}
func (c *FakePolicyV1alpha1) PolicyReports(namespace string) v1alpha1.PolicyReportInterface {
return &FakePolicyReports{c, namespace}
}
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *FakePolicyV1alpha1) RESTClient() rest.Interface {
var ret *rest.RESTClient
return ret
}

23
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/generated_expansion.go Executable file
View file

@ -0,0 +1,23 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
type ClusterPolicyReportExpansion interface{}
type PolicyReportExpansion interface{}

178
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/policyreport.go Executable file
View file

@ -0,0 +1,178 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
"time"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
scheme "github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
types "k8s.io/apimachinery/pkg/types"
watch "k8s.io/apimachinery/pkg/watch"
rest "k8s.io/client-go/rest"
)
// PolicyReportsGetter has a method to return a PolicyReportInterface.
// A group's client should implement this interface.
type PolicyReportsGetter interface {
PolicyReports(namespace string) PolicyReportInterface
}
// PolicyReportInterface has methods to work with PolicyReport resources.
type PolicyReportInterface interface {
Create(ctx context.Context, policyReport *v1alpha1.PolicyReport, opts v1.CreateOptions) (*v1alpha1.PolicyReport, error)
Update(ctx context.Context, policyReport *v1alpha1.PolicyReport, opts v1.UpdateOptions) (*v1alpha1.PolicyReport, error)
Delete(ctx context.Context, name string, opts v1.DeleteOptions) error
DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error
Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.PolicyReport, error)
List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.PolicyReportList, error)
Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error)
Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PolicyReport, err error)
PolicyReportExpansion
}
// policyReports implements PolicyReportInterface
type policyReports struct {
client rest.Interface
ns string
}
// newPolicyReports returns a PolicyReports
func newPolicyReports(c *PolicyV1alpha1Client, namespace string) *policyReports {
return &policyReports{
client: c.RESTClient(),
ns: namespace,
}
}
// Get takes name of the policyReport, and returns the corresponding policyReport object, and an error if there is any.
func (c *policyReports) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.PolicyReport, err error) {
result = &v1alpha1.PolicyReport{}
err = c.client.Get().
Namespace(c.ns).
Resource("policyreports").
Name(name).
VersionedParams(&options, scheme.ParameterCodec).
Do(ctx).
Into(result)
return
}
// List takes label and field selectors, and returns the list of PolicyReports that match those selectors.
func (c *policyReports) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.PolicyReportList, err error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
result = &v1alpha1.PolicyReportList{}
err = c.client.Get().
Namespace(c.ns).
Resource("policyreports").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Do(ctx).
Into(result)
return
}
// Watch returns a watch.Interface that watches the requested policyReports.
func (c *policyReports) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) {
var timeout time.Duration
if opts.TimeoutSeconds != nil {
timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
}
opts.Watch = true
return c.client.Get().
Namespace(c.ns).
Resource("policyreports").
VersionedParams(&opts, scheme.ParameterCodec).
Timeout(timeout).
Watch(ctx)
}
// Create takes the representation of a policyReport and creates it. Returns the server's representation of the policyReport, and an error, if there is any.
func (c *policyReports) Create(ctx context.Context, policyReport *v1alpha1.PolicyReport, opts v1.CreateOptions) (result *v1alpha1.PolicyReport, err error) {
result = &v1alpha1.PolicyReport{}
err = c.client.Post().
Namespace(c.ns).
Resource("policyreports").
VersionedParams(&opts, scheme.ParameterCodec).
Body(policyReport).
Do(ctx).
Into(result)
return
}
// Update takes the representation of a policyReport and updates it. Returns the server's representation of the policyReport, and an error, if there is any.
func (c *policyReports) Update(ctx context.Context, policyReport *v1alpha1.PolicyReport, opts v1.UpdateOptions) (result *v1alpha1.PolicyReport, err error) {
result = &v1alpha1.PolicyReport{}
err = c.client.Put().
Namespace(c.ns).
Resource("policyreports").
Name(policyReport.Name).
VersionedParams(&opts, scheme.ParameterCodec).
Body(policyReport).
Do(ctx).
Into(result)
return
}
// Delete takes name of the policyReport and deletes it. Returns an error if one occurs.
func (c *policyReports) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error {
return c.client.Delete().
Namespace(c.ns).
Resource("policyreports").
Name(name).
Body(&opts).
Do(ctx).
Error()
}
// DeleteCollection deletes a collection of objects.
func (c *policyReports) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error {
var timeout time.Duration
if listOpts.TimeoutSeconds != nil {
timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second
}
return c.client.Delete().
Namespace(c.ns).
Resource("policyreports").
VersionedParams(&listOpts, scheme.ParameterCodec).
Timeout(timeout).
Body(&opts).
Do(ctx).
Error()
}
// Patch applies the patch and returns the patched policyReport.
func (c *policyReports) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.PolicyReport, err error) {
result = &v1alpha1.PolicyReport{}
err = c.client.Patch(pt).
Namespace(c.ns).
Resource("policyreports").
Name(name).
SubResource(subresources...).
VersionedParams(&opts, scheme.ParameterCodec).
Body(data).
Do(ctx).
Into(result)
return
}

94
pkg/client/clientset/versioned/typed/policyreport/v1alpha1/policyreport_client.go Executable file
View file

@ -0,0 +1,94 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by client-gen. DO NOT EDIT.
package v1alpha1
import (
v1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
"github.com/kyverno/kyverno/pkg/client/clientset/versioned/scheme"
rest "k8s.io/client-go/rest"
)
type PolicyV1alpha1Interface interface {
RESTClient() rest.Interface
ClusterPolicyReportsGetter
PolicyReportsGetter
}
// PolicyV1alpha1Client is used to interact with features provided by the policy.k8s.io group.
type PolicyV1alpha1Client struct {
restClient rest.Interface
}
func (c *PolicyV1alpha1Client) ClusterPolicyReports() ClusterPolicyReportInterface {
return newClusterPolicyReports(c)
}
func (c *PolicyV1alpha1Client) PolicyReports(namespace string) PolicyReportInterface {
return newPolicyReports(c, namespace)
}
// NewForConfig creates a new PolicyV1alpha1Client for the given config.
func NewForConfig(c *rest.Config) (*PolicyV1alpha1Client, error) {
config := *c
if err := setConfigDefaults(&config); err != nil {
return nil, err
}
client, err := rest.RESTClientFor(&config)
if err != nil {
return nil, err
}
return &PolicyV1alpha1Client{client}, nil
}
// NewForConfigOrDie creates a new PolicyV1alpha1Client for the given config and
// panics if there is an error in the config.
func NewForConfigOrDie(c *rest.Config) *PolicyV1alpha1Client {
client, err := NewForConfig(c)
if err != nil {
panic(err)
}
return client
}
// New creates a new PolicyV1alpha1Client for the given RESTClient.
func New(c rest.Interface) *PolicyV1alpha1Client {
return &PolicyV1alpha1Client{c}
}
func setConfigDefaults(config *rest.Config) error {
gv := v1alpha1.SchemeGroupVersion
config.GroupVersion = &gv
config.APIPath = "/apis"
config.NegotiatedSerializer = scheme.Codecs.WithoutConversion()
if config.UserAgent == "" {
config.UserAgent = rest.DefaultKubernetesUserAgent()
}
return nil
}
// RESTClient returns a RESTClient that is used to communicate
// with API server by this client implementation.
func (c *PolicyV1alpha1Client) RESTClient() rest.Interface {
if c == nil {
return nil
}
return c.restClient
}

6
pkg/client/informers/externalversions/factory.go Normal file → Executable file
View file

@ -26,6 +26,7 @@ import (
versioned "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
kyverno "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno"
policyreport "github.com/kyverno/kyverno/pkg/client/informers/externalversions/policyreport"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
schema "k8s.io/apimachinery/pkg/runtime/schema"
@ -173,8 +174,13 @@ type SharedInformerFactory interface {
WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool
Kyverno() kyverno.Interface
Policy() policyreport.Interface
}
func (f *sharedInformerFactory) Kyverno() kyverno.Interface {
return kyverno.New(f, f.namespace, f.tweakListOptions)
}
func (f *sharedInformerFactory) Policy() policyreport.Interface {
return policyreport.New(f, f.namespace, f.tweakListOptions)
}

14
pkg/client/informers/externalversions/generic.go Normal file → Executable file
View file

@ -22,6 +22,8 @@ import (
"fmt"
v1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
v1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
policyreportv1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
schema "k8s.io/apimachinery/pkg/runtime/schema"
cache "k8s.io/client-go/tools/cache"
)
@ -64,6 +66,18 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource
case v1.SchemeGroupVersion.WithResource("policyviolations"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1().PolicyViolations().Informer()}, nil
// Group=kyverno.io, Version=v1alpha1
case v1alpha1.SchemeGroupVersion.WithResource("clusterreportchangerequests"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().ClusterReportChangeRequests().Informer()}, nil
case v1alpha1.SchemeGroupVersion.WithResource("reportchangerequests"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Kyverno().V1alpha1().ReportChangeRequests().Informer()}, nil
// Group=policy.k8s.io, Version=v1alpha1
case policyreportv1alpha1.SchemeGroupVersion.WithResource("clusterpolicyreports"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1alpha1().ClusterPolicyReports().Informer()}, nil
case policyreportv1alpha1.SchemeGroupVersion.WithResource("policyreports"):
return &genericInformer{resource: resource.GroupResource(), informer: f.Policy().V1alpha1().PolicyReports().Informer()}, nil
}
return nil, fmt.Errorf("no informer found for %v", resource)

0
pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go Normal file → Executable file
View file

8
pkg/client/informers/externalversions/kyverno/interface.go Normal file → Executable file
View file

@ -21,12 +21,15 @@ package kyverno
import (
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v1 "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1"
v1alpha1 "github.com/kyverno/kyverno/pkg/client/informers/externalversions/kyverno/v1alpha1"
)
// Interface provides access to each of this group's versions.
type Interface interface {
// V1 provides access to shared informers for resources in V1.
V1() v1.Interface
// V1alpha1 provides access to shared informers for resources in V1alpha1.
V1alpha1() v1alpha1.Interface
}
type group struct {
@ -44,3 +47,8 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList
func (g *group) V1() v1.Interface {
return v1.New(g.factory, g.namespace, g.tweakListOptions)
}
// V1alpha1 returns a new v1alpha1.Interface.
func (g *group) V1alpha1() v1alpha1.Interface {
return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions)
}

5
pkg/client/informers/externalversions/kyverno/v1/clusterpolicy.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
time "time"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -60,13 +61,13 @@ func NewFilteredClusterPolicyInformer(client versioned.Interface, resyncPeriod t
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().ClusterPolicies().List(options)
return client.KyvernoV1().ClusterPolicies().List(context.TODO(), options)
},
WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().ClusterPolicies().Watch(options)
return client.KyvernoV1().ClusterPolicies().Watch(context.TODO(), options)
},
},
&kyvernov1.ClusterPolicy{},

5
pkg/client/informers/externalversions/kyverno/v1/clusterpolicyviolation.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
time "time"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -60,13 +61,13 @@ func NewFilteredClusterPolicyViolationInformer(client versioned.Interface, resyn
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().ClusterPolicyViolations().List(options)
return client.KyvernoV1().ClusterPolicyViolations().List(context.TODO(), options)
},
WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().ClusterPolicyViolations().Watch(options)
return client.KyvernoV1().ClusterPolicyViolations().Watch(context.TODO(), options)
},
},
&kyvernov1.ClusterPolicyViolation{},

5
pkg/client/informers/externalversions/kyverno/v1/generaterequest.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
time "time"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -61,13 +62,13 @@ func NewFilteredGenerateRequestInformer(client versioned.Interface, namespace st
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().GenerateRequests(namespace).List(options)
return client.KyvernoV1().GenerateRequests(namespace).List(context.TODO(), options)
},
WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().GenerateRequests(namespace).Watch(options)
return client.KyvernoV1().GenerateRequests(namespace).Watch(context.TODO(), options)
},
},
&kyvernov1.GenerateRequest{},

0
pkg/client/informers/externalversions/kyverno/v1/interface.go Normal file → Executable file
View file

5
pkg/client/informers/externalversions/kyverno/v1/policy.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
time "time"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -61,13 +62,13 @@ func NewFilteredPolicyInformer(client versioned.Interface, namespace string, res
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().Policies(namespace).List(options)
return client.KyvernoV1().Policies(namespace).List(context.TODO(), options)
},
WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().Policies(namespace).Watch(options)
return client.KyvernoV1().Policies(namespace).Watch(context.TODO(), options)
},
},
&kyvernov1.Policy{},

5
pkg/client/informers/externalversions/kyverno/v1/policyviolation.go Normal file → Executable file
View file

@ -19,6 +19,7 @@ limitations under the License.
package v1
import (
"context"
time "time"
kyvernov1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1"
@ -61,13 +62,13 @@ func NewFilteredPolicyViolationInformer(client versioned.Interface, namespace st
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().PolicyViolations(namespace).List(options)
return client.KyvernoV1().PolicyViolations(namespace).List(context.TODO(), options)
},
WatchFunc: func(options metav1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1().PolicyViolations(namespace).Watch(options)
return client.KyvernoV1().PolicyViolations(namespace).Watch(context.TODO(), options)
},
},
&kyvernov1.PolicyViolation{},

89
pkg/client/informers/externalversions/kyverno/v1alpha1/clusterreportchangerequest.go Normal file
View file

@ -0,0 +1,89 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
kyvernov1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
versioned "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// ClusterReportChangeRequestInformer provides access to a shared informer and lister for
// ClusterReportChangeRequests.
type ClusterReportChangeRequestInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.ClusterReportChangeRequestLister
}
type clusterReportChangeRequestInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
}
// NewClusterReportChangeRequestInformer constructs a new informer for ClusterReportChangeRequest type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewClusterReportChangeRequestInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredClusterReportChangeRequestInformer(client, resyncPeriod, indexers, nil)
}
// NewFilteredClusterReportChangeRequestInformer constructs a new informer for ClusterReportChangeRequest type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredClusterReportChangeRequestInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1alpha1().ClusterReportChangeRequests().List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1alpha1().ClusterReportChangeRequests().Watch(context.TODO(), options)
},
},
&kyvernov1alpha1.ClusterReportChangeRequest{},
resyncPeriod,
indexers,
)
}
func (f *clusterReportChangeRequestInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredClusterReportChangeRequestInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *clusterReportChangeRequestInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&kyvernov1alpha1.ClusterReportChangeRequest{}, f.defaultInformer)
}
func (f *clusterReportChangeRequestInformer) Lister() v1alpha1.ClusterReportChangeRequestLister {
return v1alpha1.NewClusterReportChangeRequestLister(f.Informer().GetIndexer())
}

52
pkg/client/informers/externalversions/kyverno/v1alpha1/interface.go Normal file
View file

@ -0,0 +1,52 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
)
// Interface provides access to all the informers in this group version.
type Interface interface {
// ClusterReportChangeRequests returns a ClusterReportChangeRequestInformer.
ClusterReportChangeRequests() ClusterReportChangeRequestInformer
// ReportChangeRequests returns a ReportChangeRequestInformer.
ReportChangeRequests() ReportChangeRequestInformer
}
type version struct {
factory internalinterfaces.SharedInformerFactory
namespace string
tweakListOptions internalinterfaces.TweakListOptionsFunc
}
// New returns a new Interface.
func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface {
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
}
// ClusterReportChangeRequests returns a ClusterReportChangeRequestInformer.
func (v *version) ClusterReportChangeRequests() ClusterReportChangeRequestInformer {
return &clusterReportChangeRequestInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
}
// ReportChangeRequests returns a ReportChangeRequestInformer.
func (v *version) ReportChangeRequests() ReportChangeRequestInformer {
return &reportChangeRequestInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}

90
pkg/client/informers/externalversions/kyverno/v1alpha1/reportchangerequest.go Normal file
View file

@ -0,0 +1,90 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
kyvernov1alpha1 "github.com/kyverno/kyverno/pkg/api/kyverno/v1alpha1"
versioned "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/kyverno/kyverno/pkg/client/listers/kyverno/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// ReportChangeRequestInformer provides access to a shared informer and lister for
// ReportChangeRequests.
type ReportChangeRequestInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.ReportChangeRequestLister
}
type reportChangeRequestInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewReportChangeRequestInformer constructs a new informer for ReportChangeRequest type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewReportChangeRequestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredReportChangeRequestInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredReportChangeRequestInformer constructs a new informer for ReportChangeRequest type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredReportChangeRequestInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1alpha1().ReportChangeRequests(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.KyvernoV1alpha1().ReportChangeRequests(namespace).Watch(context.TODO(), options)
},
},
&kyvernov1alpha1.ReportChangeRequest{},
resyncPeriod,
indexers,
)
}
func (f *reportChangeRequestInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredReportChangeRequestInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *reportChangeRequestInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&kyvernov1alpha1.ReportChangeRequest{}, f.defaultInformer)
}
func (f *reportChangeRequestInformer) Lister() v1alpha1.ReportChangeRequestLister {
return v1alpha1.NewReportChangeRequestLister(f.Informer().GetIndexer())
}

46
pkg/client/informers/externalversions/policyreport/interface.go Executable file
View file

@ -0,0 +1,46 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package policyreport
import (
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/kyverno/kyverno/pkg/client/informers/externalversions/policyreport/v1alpha1"
)
// Interface provides access to each of this group's versions.
type Interface interface {
// V1alpha1 provides access to shared informers for resources in V1alpha1.
V1alpha1() v1alpha1.Interface
}
type group struct {
factory internalinterfaces.SharedInformerFactory
namespace string
tweakListOptions internalinterfaces.TweakListOptionsFunc
}
// New returns a new Interface.
func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface {
return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
}
// V1alpha1 returns a new v1alpha1.Interface.
func (g *group) V1alpha1() v1alpha1.Interface {
return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions)
}

89
pkg/client/informers/externalversions/policyreport/v1alpha1/clusterpolicyreport.go Executable file
View file

@ -0,0 +1,89 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
policyreportv1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
versioned "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/kyverno/kyverno/pkg/client/listers/policyreport/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// ClusterPolicyReportInformer provides access to a shared informer and lister for
// ClusterPolicyReports.
type ClusterPolicyReportInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.ClusterPolicyReportLister
}
type clusterPolicyReportInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
}
// NewClusterPolicyReportInformer constructs a new informer for ClusterPolicyReport type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewClusterPolicyReportInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredClusterPolicyReportInformer(client, resyncPeriod, indexers, nil)
}
// NewFilteredClusterPolicyReportInformer constructs a new informer for ClusterPolicyReport type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredClusterPolicyReportInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.PolicyV1alpha1().ClusterPolicyReports().List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.PolicyV1alpha1().ClusterPolicyReports().Watch(context.TODO(), options)
},
},
&policyreportv1alpha1.ClusterPolicyReport{},
resyncPeriod,
indexers,
)
}
func (f *clusterPolicyReportInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredClusterPolicyReportInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *clusterPolicyReportInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&policyreportv1alpha1.ClusterPolicyReport{}, f.defaultInformer)
}
func (f *clusterPolicyReportInformer) Lister() v1alpha1.ClusterPolicyReportLister {
return v1alpha1.NewClusterPolicyReportLister(f.Informer().GetIndexer())
}

52
pkg/client/informers/externalversions/policyreport/v1alpha1/interface.go Executable file
View file

@ -0,0 +1,52 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
)
// Interface provides access to all the informers in this group version.
type Interface interface {
// ClusterPolicyReports returns a ClusterPolicyReportInformer.
ClusterPolicyReports() ClusterPolicyReportInformer
// PolicyReports returns a PolicyReportInformer.
PolicyReports() PolicyReportInformer
}
type version struct {
factory internalinterfaces.SharedInformerFactory
namespace string
tweakListOptions internalinterfaces.TweakListOptionsFunc
}
// New returns a new Interface.
func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface {
return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions}
}
// ClusterPolicyReports returns a ClusterPolicyReportInformer.
func (v *version) ClusterPolicyReports() ClusterPolicyReportInformer {
return &clusterPolicyReportInformer{factory: v.factory, tweakListOptions: v.tweakListOptions}
}
// PolicyReports returns a PolicyReportInformer.
func (v *version) PolicyReports() PolicyReportInformer {
return &policyReportInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions}
}

90
pkg/client/informers/externalversions/policyreport/v1alpha1/policyreport.go Executable file
View file

@ -0,0 +1,90 @@
/*
Copyright The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// Code generated by informer-gen. DO NOT EDIT.
package v1alpha1
import (
"context"
time "time"
policyreportv1alpha1 "github.com/kyverno/kyverno/pkg/api/policyreport/v1alpha1"
versioned "github.com/kyverno/kyverno/pkg/client/clientset/versioned"
internalinterfaces "github.com/kyverno/kyverno/pkg/client/informers/externalversions/internalinterfaces"
v1alpha1 "github.com/kyverno/kyverno/pkg/client/listers/policyreport/v1alpha1"
v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
runtime "k8s.io/apimachinery/pkg/runtime"
watch "k8s.io/apimachinery/pkg/watch"
cache "k8s.io/client-go/tools/cache"
)
// PolicyReportInformer provides access to a shared informer and lister for
// PolicyReports.
type PolicyReportInformer interface {
Informer() cache.SharedIndexInformer
Lister() v1alpha1.PolicyReportLister
}
type policyReportInformer struct {
factory internalinterfaces.SharedInformerFactory
tweakListOptions internalinterfaces.TweakListOptionsFunc
namespace string
}
// NewPolicyReportInformer constructs a new informer for PolicyReport type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewPolicyReportInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer {
return NewFilteredPolicyReportInformer(client, namespace, resyncPeriod, indexers, nil)
}
// NewFilteredPolicyReportInformer constructs a new informer for PolicyReport type.
// Always prefer using an informer factory to get a shared informer instead of getting an independent
// one. This reduces memory footprint and number of connections to the server.
func NewFilteredPolicyReportInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer {
return cache.NewSharedIndexInformer(
&cache.ListWatch{
ListFunc: func(options v1.ListOptions) (runtime.Object, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.PolicyV1alpha1().PolicyReports(namespace).List(context.TODO(), options)
},
WatchFunc: func(options v1.ListOptions) (watch.Interface, error) {
if tweakListOptions != nil {
tweakListOptions(&options)
}
return client.PolicyV1alpha1().PolicyReports(namespace).Watch(context.TODO(), options)
},
},
&policyreportv1alpha1.PolicyReport{},
resyncPeriod,
indexers,
)
}
func (f *policyReportInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer {
return NewFilteredPolicyReportInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions)
}
func (f *policyReportInformer) Informer() cache.SharedIndexInformer {
return f.factory.InformerFor(&policyreportv1alpha1.PolicyReport{}, f.defaultInformer)
}
func (f *policyReportInformer) Lister() v1alpha1.PolicyReportLister {
return v1alpha1.NewPolicyReportLister(f.Informer().GetIndexer())
}

Some files were not shown because too many files have changed in this diff Show more