mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity

simplified comments

Browse source
This commit is contained in:
Mohan BE 2020-07-22 12:44:06 +05:30
parent df33504c0f
commit d41eb93e66
2 changed files with 82 additions and 80 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

87
documentation/index.html
View file

@ -213,7 +213,7 @@ string
</em>
</td>
<td>
<p>Policy is the name of the policy</p>
<p>Specifies name of the policy</p>
</td>
</tr>
<tr>
@ -238,7 +238,7 @@ ResourceSpec
</em>
</td>
<td>
<p>ViolatedRules contains list of violated rule</p>
<p>Specifies list of violated rule</p>
</td>
</tr>
</table>
@ -438,7 +438,7 @@ string
</em>
</td>
<td>
<p>Policy is the name of the policy</p>
<p>Specifies name of the policy</p>
</td>
</tr>
<tr>
@ -463,7 +463,7 @@ ResourceSpec
</em>
</td>
<td>
<p>ViolatedRules contains list of violated rule</p>
<p>Specifies list of violated rule</p>
</td>
</tr>
</table>
@ -510,7 +510,7 @@ string
</em>
</td>
<td>
<p>Namespace is the resource namespace</p>
<p>Specifies resource namespace</p>
</td>
</tr>
<tr>
@ -521,7 +521,7 @@ string
</em>
</td>
<td>
<p>Name is the name of the resource</p>
<p>Specifies name of the resource</p>
</td>
</tr>
</tbody>
@ -618,7 +618,7 @@ interface{}
</em>
</td>
<td>
<p>Conditions contains set of condition to deny validation</p>
<p>Specifies set of condition to deny validation</p>
</td>
</tr>
</tbody>
@ -651,7 +651,7 @@ UserInfo
</em>
</td>
<td>
<p>UserInfo contains user information</p>
<p>Specifies user information</p>
</td>
</tr>
<tr>
@ -664,7 +664,7 @@ ResourceDescription
</em>
</td>
<td>
<p>ResourceDescription contains resources to which rule is excluded</p>
<p>Specifies resources to which rule is excluded</p>
</td>
</tr>
</tbody>
@ -921,7 +921,7 @@ UserInfo
</em>
</td>
<td>
<p>UserInfo contains user information</p>
<p>Specifies user information</p>
</td>
</tr>
<tr>
@ -934,7 +934,7 @@ ResourceDescription
</em>
</td>
<td>
<p>ResourceDescription contains resources to which rule is applied</p>
<p>Specifies resources to which rule is applied</p>
</td>
</tr>
</tbody>
@ -965,7 +965,7 @@ interface{}
</em>
</td>
<td>
<p>Overlay contains overlay patterns</p>
<p>Specifies overlay patterns</p>
</td>
</tr>
<tr>
@ -978,7 +978,7 @@ interface{}
</em>
</td>
<td>
<p>Patches contains JSON Patch</p>
<p>Specifies JSON Patch</p>
</td>
</tr>
</tbody>
@ -1009,7 +1009,7 @@ string
</em>
</td>
<td>
<p>Path represents path of the resource</p>
<p>Specifies path of the resource</p>
</td>
</tr>
<tr>
@ -1020,7 +1020,8 @@ string
</em>
</td>
<td>
<p>Operation contains operations supported by JSON Patch. i.e: add, replace and delete</p>
<p>Specifies operations supported by JSON Patch.
i.e:- add, replace and delete</p>
</td>
</tr>
<tr>
@ -1031,7 +1032,7 @@ interface{}
</em>
</td>
<td>
<p>Value is the value to be applied</p>
<p>Specifies the value to be applied</p>
</td>
</tr>
</tbody>
@ -1271,7 +1272,7 @@ string
</em>
</td>
<td>
<p>Policy is the name of the policy</p>
<p>Specifies name of the policy</p>
</td>
</tr>
<tr>
@ -1296,7 +1297,7 @@ ResourceSpec
</em>
</td>
<td>
<p>ViolatedRules contains list of violated rule</p>
<p>Specifies list of violated rule</p>
</td>
</tr>
</tbody>
@ -1387,7 +1388,7 @@ string
</em>
</td>
<td>
<p>Policy is the name of the policy</p>
<p>Specifies name of the policy</p>
</td>
</tr>
<tr>
@ -1412,7 +1413,7 @@ ResourceSpec
</em>
</td>
<td>
<p>ViolatedRules contains list of violated rule</p>
<p>Specifies list of violated rule</p>
</td>
</tr>
</table>
@ -1514,7 +1515,7 @@ Kubernetes authentication/v1.UserInfo
</em>
</td>
<td>
<p>Kinds contains list of resource kind</p>
<p>Specifies list of resource kind</p>
</td>
</tr>
<tr>
@ -1525,7 +1526,7 @@ string
</em>
</td>
<td>
<p>Name is the name of the resource</p>
<p>Specifies name of the resource</p>
</td>
</tr>
<tr>
@ -1536,7 +1537,7 @@ string
</em>
</td>
<td>
<p>Namespaces contains the list of namespaces</p>
<p>Specifies list of namespaces</p>
</td>
</tr>
<tr>
@ -1549,7 +1550,7 @@ Kubernetes meta/v1.LabelSelector
</em>
</td>
<td>
<p>Selector is the set of selectors</p>
<p>Specifies the set of selectors</p>
</td>
</tr>
</tbody>
@ -1583,7 +1584,7 @@ string
</em>
</td>
<td>
<p>Kind - A required field represents resource kind</p>
<p>(Required): Specifies resource kind</p>
</td>
</tr>
<tr>
@ -1594,7 +1595,7 @@ string
</em>
</td>
<td>
<p>Namespace - An optional field represents resource namespace</p>
<p>(Optional): Specifies resource namespace</p>
</td>
</tr>
<tr>
@ -1605,7 +1606,7 @@ string
</em>
</td>
<td>
<p>Name -A required field represents resource name</p>
<p>(Required): Specifies resource name</p>
</td>
</tr>
</tbody>
@ -1650,7 +1651,7 @@ MatchResources
</em>
</td>
<td>
<p>MatchResources - An optional field contains resources for which the rule has to be applied.
<p>(Optional): Specifies resources for which the rule has to be applied.
If it&rsquo;s defined, &ldquo;kind&rdquo; inside MatchResources block is required.</p>
</td>
</tr>
@ -1664,7 +1665,7 @@ ExcludeResources
</em>
</td>
<td>
<p>ExcludeResources - An optional field contains resources for which rule can be excluded</p>
<p>(Optional): Specifies resources for which rule can be excluded</p>
</td>
</tr>
<tr>
@ -1677,7 +1678,7 @@ ExcludeResources
</em>
</td>
<td>
<p>Conditions - An optional field allow controlling policy rule execution</p>
<p>(Optional): Allows controlling policy rule execution</p>
</td>
</tr>
<tr>
@ -1690,7 +1691,7 @@ Mutation
</em>
</td>
<td>
<p>Mutation - An optional field contains patterns to mutate resources</p>
<p>(Optional): Specifies patterns to mutate resources</p>
</td>
</tr>
<tr>
@ -1703,7 +1704,7 @@ Validation
</em>
</td>
<td>
<p>Validation - An optional field contains patterns to validate resources</p>
<p>(Optional): Specifies patterns to validate resources</p>
</td>
</tr>
<tr>
@ -1716,7 +1717,7 @@ Generation
</em>
</td>
<td>
<p>Generation - An optional field contains patterns to create additional resources</p>
<p>(Optional): Specifies patterns to create additional resources</p>
</td>
</tr>
</tbody>
@ -1914,7 +1915,7 @@ Default value is &ldquo;true&rdquo;.</p>
</em>
</td>
<td>
<p>Roles contains list of namespaced role names</p>
<p>Specifies list of namespaced role names</p>
</td>
</tr>
<tr>
@ -1925,7 +1926,7 @@ Default value is &ldquo;true&rdquo;.</p>
</em>
</td>
<td>
<p>ClusterRoles contains list of cluster wide role names</p>
<p>Specifies list of cluster wide role names</p>
</td>
</tr>
<tr>
@ -1938,7 +1939,7 @@ Default value is &ldquo;true&rdquo;.</p>
</em>
</td>
<td>
<p>Subjects contains list of subject names like users, user groups, and service accounts</p>
<p>Specifies list of subject names like users, user groups, and service accounts</p>
</td>
</tr>
</tbody>
@ -1969,7 +1970,7 @@ string
</em>
</td>
<td>
<p>Message is the message to be displayed on validation policy violation</p>
<p>Specifies message to be displayed on validation policy violation</p>
</td>
</tr>
<tr>
@ -1980,7 +1981,7 @@ interface{}
</em>
</td>
<td>
<p>Pattern is the validation pattern</p>
<p>Specifies validation pattern</p>
</td>
</tr>
<tr>
@ -1991,7 +1992,7 @@ interface{}
</em>
</td>
<td>
<p>AnyPattern is the list of validation patterns</p>
<p>Specifies list of validation patterns</p>
</td>
</tr>
<tr>
@ -2004,7 +2005,7 @@ Deny
</em>
</td>
<td>
<p>Deny contains conditions to deny validation</p>
<p>Specifies conditions to deny validation</p>
</td>
</tr>
</tbody>
@ -2035,7 +2036,7 @@ string
</em>
</td>
<td>
<p>Name is the violated rule name</p>
<p>Specifies violated rule name</p>
</td>
</tr>
<tr>
@ -2046,7 +2047,7 @@ string
</em>
</td>
<td>
<p>Type is the violated rule type</p>
<p>Specifies violated rule type</p>
</td>
</tr>
<tr>
@ -2057,7 +2058,7 @@ string
</em>
</td>
<td>
<p>Message is the violation message</p>
<p>Specifies violation message</p>
</td>
</tr>
</tbody>

75
pkg/api/kyverno/v1/types.go
View file

@ -151,18 +151,18 @@ type Spec struct {
type Rule struct {
// Name - A required field represents rule name
Name string `json:"name"`
// (Optional): MatchResources contains resources for which the rule has to be applied.
// (Optional): Specifies resources for which the rule has to be applied.
// If it's defined, "kind" inside MatchResources block is required.
MatchResources MatchResources `json:"match"`
// (Optional): ExcludeResources contains resources for which rule can be excluded
// (Optional): Specifies resources for which rule can be excluded
ExcludeResources ExcludeResources `json:"exclude,omitempty"`
// (Optional): Conditions allow controlling policy rule execution
// (Optional): Allows controlling policy rule execution
Conditions []Condition `json:"preconditions,omitempty"`
// (Optional): Mutation contains patterns to mutate resources
// (Optional): Specifies patterns to mutate resources
Mutation Mutation `json:"mutate,omitempty"`
// (Optional): Validation contains patterns to validate resources
// (Optional): Specifies patterns to validate resources
Validation Validation `json:"validate,omitempty"`
// (Optional): Generation contains patterns to create additional resources
// (Optional): Specifies patterns to create additional resources
Generation Generation `json:"generate,omitempty"`
}
@ -194,47 +194,47 @@ const (
//MatchResources contains resource description of the resources that the rule is to apply on
type MatchResources struct {
// UserInfo contains user information
// Specifies user information
UserInfo
// ResourceDescription contains resources to which rule is applied
// Specifies resources to which rule is applied
ResourceDescription `json:"resources"`
}
//ExcludeResources container resource description of the resources that are to be excluded from the applying the policy rule
type ExcludeResources struct {
// UserInfo contains user information
// Specifies user information
UserInfo
// ResourceDescription contains resources to which rule is excluded
// Specifies resources to which rule is excluded
ResourceDescription `json:"resources"`
}
// UserInfo filter based on users
type UserInfo struct {
// Roles contains list of namespaced role names
// Specifies list of namespaced role names
Roles []string `json:"roles,omitempty"`
// ClusterRoles contains list of cluster wide role names
// Specifies list of cluster wide role names
ClusterRoles []string `json:"clusterRoles,omitempty"`
// Subjects contains list of subject names like users, user groups, and service accounts
// Specifies list of subject names like users, user groups, and service accounts
Subjects []rbacv1.Subject `json:"subjects,omitempty"`
}
// ResourceDescription describes the resource to which the PolicyRule will be applied.
type ResourceDescription struct {
// Kinds contains list of resource kind
// Specifies list of resource kind
Kinds []string `json:"kinds,omitempty"`
// Name is the name of the resource
// Specifies name of the resource
Name string `json:"name,omitempty"`
// Namespaces contains the list of namespaces
// Specifies list of namespaces
Namespaces []string `json:"namespaces,omitempty"`
// Selector is the set of selectors
// Specifies the set of selectors
Selector *metav1.LabelSelector `json:"selector,omitempty"`
}
// Mutation describes the way how Mutating Webhook will react on resource creation
type Mutation struct {
// Overlay contains overlay patterns
// Specifies overlay patterns
Overlay interface{} `json:"overlay,omitempty"`
// Patches contains JSON Patch
// Specifies JSON Patch
Patches []Patch `json:"patches,omitempty"`
}
@ -242,28 +242,29 @@ type Mutation struct {
// Patch declares patch operation for created object according to RFC 6902
type Patch struct {
// Path represents path of the resource
// Specifies path of the resource
Path string `json:"path"`
// Operation contains operations supported by JSON Patch. i.e: add, replace and delete
// Specifies operations supported by JSON Patch.
// i.e:- add, replace and delete
Operation string `json:"op"`
// Value is the value to be applied
// Specifies the value to be applied
Value interface{} `json:"value"`
}
// Validation describes the way how Validating Webhook will check the resource on creation
type Validation struct {
// Message is the message to be displayed on validation policy violation
// Specifies message to be displayed on validation policy violation
Message string `json:"message,omitempty"`
// Pattern is the validation pattern
// Specifies validation pattern
Pattern interface{} `json:"pattern,omitempty"`
// AnyPattern is the list of validation patterns
// Specifies list of validation patterns
AnyPattern []interface{} `json:"anyPattern,omitempty"`
// Deny contains conditions to deny validation
// Specifies conditions to deny validation
Deny *Deny `json:"deny,omitempty"`
}
type Deny struct {
// Conditions contains set of condition to deny validation
// Specifies set of condition to deny validation
Conditions []Condition `json:"conditions,omitempty"`
}
@ -281,9 +282,9 @@ type Generation struct {
// CloneFrom - location of the resource
// which will be used as source when applying 'generate'
type CloneFrom struct {
// Namespace is the resource namespace
// Specifies resource namespace
Namespace string `json:"namespace,omitempty"`
// Name is the name of the resource
// Specifies name of the resource
Name string `json:"name,omitempty"`
}
@ -339,30 +340,30 @@ type PolicyViolationTemplate struct {
// PolicyViolationSpec describes policy behavior by its rules
type PolicyViolationSpec struct {
// Policy is the name of the policy
// Specifies name of the policy
Policy string `json:"policy"`
ResourceSpec `json:"resource"`
// ViolatedRules contains list of violated rule
// Specifies list of violated rule
ViolatedRules []ViolatedRule `json:"rules"`
}
// ResourceSpec information to identify the resource
type ResourceSpec struct {
// (Required): Kind represents resource kind
// (Required): Specifies resource kind
Kind string `json:"kind"`
// (Optional): Namespace represents resource namespace
// (Optional): Specifies resource namespace
Namespace string `json:"namespace,omitempty"`
// (Required): Name represents resource name
// (Required): Specifies resource name
Name string `json:"name"`
}
// ViolatedRule stores the information regarding the rule
type ViolatedRule struct {
// Name is the violated rule name
// Specifies violated rule name
Name string `json:"name"`
// Type is the violated rule type
// Specifies violated rule type
Type string `json:"type"`
// Message is the violation message
// Specifies violation message
Message string `json:"message"`
}