mirror of
https://github.com/kyverno/kyverno.git
synced 2024-12-14 11:57:48 +00:00
5b8ab3842b
* initial commit * variable substitution * update tests * update test * refactor engine packages for validate & generate * update vendor * update toml * support variable substitution in overlay mutation * missing update * fix indentation in logs * store context values as single JSON document using merge patches. * remove duplicate functions * fix message string * Handle processing of policies in background (#569) * remove condition check while generating mutation patch as conditions are verified in the first iteration * initial commit * background policy validation * correct message * skip non-background policy process for add/update * fix order to correct policy registration * update comment Co-authored-by: shuting <shutting06@gmail.com> * refactor Co-authored-by: shuting <shutting06@gmail.com>
34 lines
1.1 KiB
Go
34 lines
1.1 KiB
Go
package engine
|
|
|
|
import (
|
|
kyverno "github.com/nirmata/kyverno/pkg/api/kyverno/v1"
|
|
client "github.com/nirmata/kyverno/pkg/dclient"
|
|
"github.com/nirmata/kyverno/pkg/engine/context"
|
|
authenticationv1 "k8s.io/api/authentication/v1"
|
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
|
)
|
|
|
|
// PolicyContext contains the contexts for engine to process
|
|
type PolicyContext struct {
|
|
// policy to be processed
|
|
Policy kyverno.ClusterPolicy
|
|
// resource to be processed
|
|
NewResource unstructured.Unstructured
|
|
// old Resource - Update operations
|
|
OldResource unstructured.Unstructured
|
|
AdmissionInfo RequestInfo
|
|
// Dynamic client - used by generate
|
|
Client *client.Client
|
|
// Contexts to store resources
|
|
Context context.EvalInterface
|
|
}
|
|
|
|
// RequestInfo contains permission info carried in an admission request
|
|
type RequestInfo struct {
|
|
// Roles is a list of possible role send the request
|
|
Roles []string
|
|
// ClusterRoles is a list of possible clusterRoles send the request
|
|
ClusterRoles []string
|
|
// UserInfo is the userInfo carried in the admission request
|
|
AdmissionUserInfo authenticationv1.UserInfo
|
|
}
|