kubernetesk8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy Index | Files

package podsecuritypolicy

import "k8s.io/kubernetes/plugin/pkg/admission/security/podsecuritypolicy"

Index

Constants 

const PluginName = "PodSecurityPolicy"

PluginName is a string with the name of the plugin

Functions

func Register 

func Register(plugins *admission.Plugins)

Register registers a plugin

Types

type Plugin 

type Plugin struct {
	*admission.Handler
	// contains filtered or unexported fields
}

Plugin holds state for and implements the admission plugin.

func (*Plugin) Admit 

func (p *Plugin) Admit(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error

Admit determines if the pod should be admitted based on the requested security context and the available PSPs.

  1. Find available PSPs.
  2. Create the providers, includes setting pre-allocated values if necessary.
  3. Try to generate and validate a PSP with providers. If we find one then admit the pod with the validated PSP. If we don't find any reject the pod and give all errors from the failed attempts.

func (*Plugin) SetAuthorizer 

func (p *Plugin) SetAuthorizer(authz authorizer.Authorizer)

SetAuthorizer sets the authorizer.

func (*Plugin) SetExternalKubeInformerFactory 

func (p *Plugin) SetExternalKubeInformerFactory(f informers.SharedInformerFactory)

SetExternalKubeInformerFactory registers an informer

func (*Plugin) Validate 

func (p *Plugin) Validate(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) error

Validate verifies attributes against the PodSecurityPolicy

func (*Plugin) ValidateInitialization 

func (p *Plugin) ValidateInitialization() error

ValidateInitialization ensures an authorizer is set.

Source Files

admission.go

Version
v1.16.9
Published
Apr 16, 2020
Platform
js/wasm
Imports
23 packages
Last checked
2 minutes ago

Tools for package owners.