package seccomp

kubernetes – k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp Index | Files

import "k8s.io/kubernetes/pkg/security/podsecuritypolicy/seccomp"

Index ¶

Constants
type Strategy

func NewStrategy(pspAnnotations map[string]string) Strategy

Constants ¶

const (
	// AllowAny is the wildcard used to allow any profile.
	AllowAny = "*"
	// The annotation key specifying the default seccomp profile.
	DefaultProfileAnnotationKey = "seccomp.security.alpha.kubernetes.io/defaultProfileName"
	// The annotation key specifying the allowed seccomp profiles.
	AllowedProfilesAnnotationKey = "seccomp.security.alpha.kubernetes.io/allowedProfileNames"
)

Types ¶

type Strategy ¶

type Strategy interface {
	// Generate returns a profile based on constraint rules.
	Generate(annotations map[string]string, pod *api.Pod) (string, error)
	// Validate ensures that the specified values fall within the range of the strategy.
	ValidatePod(pod *api.Pod) field.ErrorList
	// Validate ensures that the specified values fall within the range of the strategy.
	ValidateContainer(pod *api.Pod, container *api.Container) field.ErrorList
}

Strategy defines the interface for all seccomp constraint strategies.

func NewStrategy ¶

func NewStrategy(pspAnnotations map[string]string) Strategy

NewStrategy creates a new strategy that enforces seccomp profile constraints.

Source Files ¶

strategy.go

Version: v1.14.4
Published: Jul 4, 2019
Platform: js/wasm
Imports: 4 packages
Last checked: 1 minute ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples