package validation

import "k8s.io/kubernetes/pkg/apis/policy/validation"

Index ¶

• Constants
• Variables
• func IsValidSysctlPattern(name string) bool
• func ValidatePodDisruptionBudget(pdb *policy.PodDisruptionBudget) field.ErrorList
• func ValidatePodDisruptionBudgetSpec(spec policy.PodDisruptionBudgetSpec, fldPath *field.Path) field.ErrorList
• func ValidatePodDisruptionBudgetStatusUpdate(status, oldStatus policy.PodDisruptionBudgetStatus, fldPath *field.Path, apiVersion schema.GroupVersion) field.ErrorList
• func ValidatePodSecurityPolicy(psp *policy.PodSecurityPolicy, opts PodSecurityPolicyValidationOptions) field.ErrorList
• func ValidatePodSecurityPolicySpec(spec *policy.PodSecurityPolicySpec, opts PodSecurityPolicyValidationOptions, fldPath *field.Path) field.ErrorList
• func ValidatePodSecurityPolicySpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList
• func ValidatePodSecurityPolicyUpdate(old *policy.PodSecurityPolicy, new *policy.PodSecurityPolicy, opts PodSecurityPolicyValidationOptions) field.ErrorList
• type PodSecurityPolicyValidationOptions

Constants ¶

const SysctlPatternFmt string = "(" + apivalidation.SysctlSegmentFmt + "\\.)*" + sysctlPatternSegmentFmt

SysctlPatternFmt is a regex used for matching valid sysctl patterns.

Variables ¶

var ValidatePodSecurityPolicyName = apimachineryvalidation.NameIsDNSSubdomain

ValidatePodSecurityPolicyName can be used to check whether the given pod security policy name is valid. Prefix indicates this name will be used as part of generation, in which case trailing dashes are allowed.

Functions ¶

func IsValidSysctlPattern ¶

func IsValidSysctlPattern(name string) bool

IsValidSysctlPattern checks if name is a valid sysctl pattern.

func ValidatePodDisruptionBudget ¶

func ValidatePodDisruptionBudget(pdb *policy.PodDisruptionBudget) field.ErrorList

ValidatePodDisruptionBudget validates a PodDisruptionBudget and returns an ErrorList with any errors.

func ValidatePodDisruptionBudgetSpec ¶

func ValidatePodDisruptionBudgetSpec(spec policy.PodDisruptionBudgetSpec, fldPath *field.Path) field.ErrorList

ValidatePodDisruptionBudgetSpec validates a PodDisruptionBudgetSpec and returns an ErrorList with any errors.

func ValidatePodDisruptionBudgetStatusUpdate ¶

func ValidatePodDisruptionBudgetStatusUpdate(status, oldStatus policy.PodDisruptionBudgetStatus, fldPath *field.Path, apiVersion schema.GroupVersion) field.ErrorList

ValidatePodDisruptionBudgetStatusUpdate validates a PodDisruptionBudgetStatus and returns an ErrorList with any errors.

func ValidatePodSecurityPolicy ¶

func ValidatePodSecurityPolicy(psp *policy.PodSecurityPolicy, opts PodSecurityPolicyValidationOptions) field.ErrorList

ValidatePodSecurityPolicy validates a PodSecurityPolicy and returns an ErrorList with any errors.

func ValidatePodSecurityPolicySpec ¶

func ValidatePodSecurityPolicySpec(spec *policy.PodSecurityPolicySpec, opts PodSecurityPolicyValidationOptions, fldPath *field.Path) field.ErrorList

ValidatePodSecurityPolicySpec validates a PodSecurityPolicySpec and returns an ErrorList with any errors.

func ValidatePodSecurityPolicySpecificAnnotations ¶

func ValidatePodSecurityPolicySpecificAnnotations(annotations map[string]string, fldPath *field.Path) field.ErrorList

ValidatePodSecurityPolicySpecificAnnotations validates annotations and returns an ErrorList with any errors.

func ValidatePodSecurityPolicyUpdate ¶

func ValidatePodSecurityPolicyUpdate(old *policy.PodSecurityPolicy, new *policy.PodSecurityPolicy, opts PodSecurityPolicyValidationOptions) field.ErrorList

ValidatePodSecurityPolicyUpdate validates a PSP for updates.

Types ¶

type PodSecurityPolicyValidationOptions ¶

type PodSecurityPolicyValidationOptions struct {
	// AllowEphemeralVolumeType determines whether Ephemeral is a valid entry
	// in PodSecurityPolicySpec.Volumes.
	AllowEphemeralVolumeType bool
}

PodSecurityPolicyValidationOptions contains additional parameters for ValidatePodSecurityPolicy.

Source Files ¶

validation.go