package user
import "k8s.io/kubernetes/pkg/security/podsecuritypolicy/user"
Package user contains code for validating and defaulting the UID of a pod or container according to a security policy.
Index ¶
Types ¶
type RunAsUserStrategy ¶
type RunAsUserStrategy interface {
// Generate creates the uid based on policy rules.
Generate(pod *api.Pod, container *api.Container) (*int64, error)
// Validate ensures that the specified values fall within the range of the strategy.
// scPath is the field path to the container's security context
Validate(scPath *field.Path, pod *api.Pod, container *api.Container, runAsNonRoot *bool, runAsUser *int64) field.ErrorList
}
RunAsUserStrategy defines the interface for all uid constraint strategies.
func NewMustRunAs ¶
func NewMustRunAs(options *policy.RunAsUserStrategyOptions) (RunAsUserStrategy, error)
NewMustRunAs provides a strategy that requires the container to run as a specific UID in a range.
func NewRunAsAny ¶
func NewRunAsAny(options *policy.RunAsUserStrategyOptions) (RunAsUserStrategy, error)
NewRunAsAny provides a strategy that will return nil.
func NewRunAsNonRoot ¶
func NewRunAsNonRoot(options *policy.RunAsUserStrategyOptions) (RunAsUserStrategy, error)
Source Files ¶
doc.go mustrunas.go nonroot.go runasany.go types.go
- Version
- v1.14.6
- Published
- Aug 16, 2019
- Platform
- js/wasm
- Imports
- 5 packages
- Last checked
- 5 minutes ago –
Tools for package owners.