capabilities

package
v1.13.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 30, 2018 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package capabilities contains code for validating and defaulting a pod's kernel capabilities according to a security policy.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Strategy added in v1.4.0 

type Strategy interface {
	// Generate creates the capabilities based on policy rules.
	Generate(pod *api.Pod, container *api.Container) (*api.Capabilities, error)
	// Validate ensures that the specified values fall within the range of the strategy.
	Validate(fldPath *field.Path, pod *api.Pod, container *api.Container, capabilities *api.Capabilities) field.ErrorList
}

Strategy defines the interface for all cap constraint strategies.

func NewDefaultCapabilities 

func NewDefaultCapabilities(defaultAddCapabilities, requiredDropCapabilities, allowedCaps []corev1.Capability) (Strategy, error)

NewDefaultCapabilities creates a new defaultCapabilities strategy that will provide defaults and validation based on the configured initial caps and allowed caps.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.