config

package
v0.9.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 26, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package config is used to store the configuration of vArmor

Index

Constants

This section is empty.

Variables

View Source 
var (
	// ServerVersion cache APIServer version information
	ServerVersion = &version.Info{}

	// appArmorGA is true if the APIServer version is 1.30 and above
	AppArmorGA = false

	// Name is the name of Pod that the vArmor is running in
	Name = getPodName()

	// Namespace is the namespace of Pod that the vArmor is running in
	Namespace = getPodNamespace()

	// ManagerName is the deployment name of vArmor manager
	ManagerName = "varmor-manager"

	// AgentName is the daemonset name of vArmor agent
	AgentName = "varmor-agent"

	// AgentReadinessPort is the port of agent service
	AgentReadinessPort = getAgentReadinessPort()

	// AgentReadinessPath is the path for checking readness health of agent
	AgentReadinessPath = "/health/readiness"

	// ClassifierName is the deployment name of vArmor classifier
	ClassifierName = "varmor-classifier"

	// ClassifierServiceName is the name of classification service
	ClassifierServiceName = "varmor-classifier-svc"

	// ClassifierServicePort is the port of classification service
	ClassifierServicePort = getClassifierServicePort()

	// ClassifierPathClassifyPath is the path for classifing path
	ClassifierPathClassifyPath = "/api/v1/path"

	// StatusServiceName is the name of status service
	StatusServiceName = "varmor-status-svc"

	// StatusServicePort is the port of status service
	StatusServicePort = getStatusServicePort()

	// StatusSyncPath is the path for syncing status
	StatusSyncPath = "/apis/v1/status"

	// DataSyncPath is the path for syncing data
	DataSyncPath = "/apis/v1/data"

	// ArmorProfileModelPath is the path for exporting the complete ArmorProfileModel object
	ArmorProfileModelPath = "/namespaces/:namespace/armorprofilemodels/:name"

	// WebhookServiceName is the name of webhook service
	WebhookServiceName = "varmor-webhook-svc"

	// WebhookServicePort is the port of webhook service
	WebhookServicePort = getWebhookServicePort()

	// MetricsServicePort is the port of metrics service
	MetricsServicePort = getMetricsServicePort()

	// CertRenewalInterval is the renewal interval for rootCA
	CertRenewalInterval time.Duration = 12 * time.Hour

	// CertValidityDuration is the valid duration for a new cert
	CertValidityDuration time.Duration = 365 * 24 * time.Hour

	// CertCommonName is the Common Name of CA cert
	CertCommonName = "*.varmor.svc"

	// MutatingWebhookConfigurationName default resource mutating webhook configuration name
	MutatingWebhookConfigurationName = "varmor-resource-mutating-webhook-cfg"

	// MutatingWebhookConfigurationDebugName default resource mutating webhook configuration name for debug mode
	MutatingWebhookConfigurationDebugName = "varmor-resource-mutating-webhook-cfg-debug"

	// MutatingWorkloadWebhookName is the name of workload resource mutating webhook
	MutatingWorkloadWebhookName = "mutateworkload.varmor.org"

	// MutatingWorkloadWebhookName is the name of pod resource mutating webhook
	MutatingPodWebhookName = "mutatepod.varmor.org"

	// MutatingWebhookServicePath is the path for mutation webhook
	MutatingWebhookServicePath = "/mutate"

	// ValidatingWebhookConfigurationName default policy validating webhook configuration name
	ValidatingWebhookConfigurationName = "varmor-policy-validating-webhook-cfg"

	// ValidatingWebhookConfigurationNameDebug default policy validating webhook configuration name for debug mode
	ValidatingWebhookConfigurationDebugName = "varmor-policy-validating-webhook-cfg-debug"

	// ValidatingWorkloadWebhookName is the name of policy validating webhook
	ValidatingPolicyWebhookName = "validatepolicy.varmor.org"

	// ValidatingWebhookServicePath is the path for validation webhook
	ValidatingWebhookServicePath = "/validate"

	// WebhookTimeout specifies the timeout seconds for the mutation webhook
	WebhookTimeout = 10

	// LivenessServicePath is the path for checking liveness health of the webhook server
	LivenessServicePath = "/health/liveness"

	// ReadinessServicePath is the path for checking readness health of the webhook server
	ReadinessServicePath = "/health/readiness"

	// PackagedAppArmorProfiles include the AppArmor feature ABI, abstractions, tunables and default profiles that come from the development environment and upstream
	PackagedAppArmorProfiles = "/varmor/apparmor.d"

	// AppArmorProfileDir is the path of AppArmor profiles for agent
	AppArmorProfileDir = "/etc/apparmor.d"

	// SeccompProfileDir is the path of Seccomp profiles in the host
	SeccompProfileDir = "/var/lib/kubelet/seccomp"

	// WebhookSelectorLabel is used for matching the admission requests
	WebhookSelectorLabel = map[string]string{}

	// AuditDataDirectory caches the audit data in the agent pod during modeling
	AuditDataDirectory = "/var/log/varmor/auditdata"

	// ArmorProfileModelDataDirectory saves the ArmorProfileModel objects in the manager pod
	ArmorProfileModelDataDirectory = "/var/log/varmor/apmdata"

	// AuditEventMetadata caches the cluster metadata that can be injected into the logs
	AuditEventMetadata = loadAuditEventMetadata()

	// RuntimeEndpoint is the socket address of the containerd
	RuntimeEndpoint string = "/run/containerd/containerd.sock"
)

Functions

func CreateClientConfig 

func CreateClientConfig(kubeconfig string, qps float64, burst int, log logr.Logger) (*rest.Config, error)

CreateClientConfig creates client config and applies rate limit QPS and burst

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.