-
Notifications
You must be signed in to change notification settings - Fork 325
/
kubearmorconfig_types.go
102 lines (89 loc) · 3.76 KB
/
kubearmorconfig_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
// SPDX-License-Identifier: Apache-2.0
// Copyright 2023 Authors of KubeArmor
package v1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN!
// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized.
// ImageSpec defines the image specifications
type ImageSpec struct {
// +kubebuilder:validation:optional
Image string `json:"image,omitempty"`
// +kubebuilder:validation:optional
// +kubebuilder:validation:Enum=Always;IfNotPresent;Never
// +kubebuilder:default:=Always
ImagePullPolicy string `json:"imagePullPolicy,omitempty"`
}
type Tls struct {
// +kubebuilder:validation:optional
// +kubebuilder:default:=false
Enable bool `json:"enable,omitempty"`
// +kubebuilder:validation:optional
RelayExtraDnsNames []string `json:"extraDnsNames,omitempty"`
// +kubebuilder:validation:optional
RelayExtraIpAddresses []string `json:"extraIpAddresses,omitempty"`
}
// KubeArmorConfigSpec defines the desired state of KubeArmorConfig
type KubeArmorConfigSpec struct {
// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
// Important: Run "make" to regenerate code after modifying this file
// +kubebuilder:validation:optional
DefaultFilePosture PostureType `json:"defaultFilePosture,omitempty"`
// +kubebuilder:validation:optional
DefaultCapabilitiesPosture PostureType `json:"defaultCapabilitiesPosture,omitempty"`
// +kubebuilder:validation:optional
DefaultNetworkPosture PostureType `json:"defaultNetworkPosture,omitempty"`
// +kubebuilder:validation:optional
DefaultVisibility string `json:"defaultVisibility,omitempty"`
// +kubebuilder:validation:optional
KubeArmorImage ImageSpec `json:"kubearmorImage,omitempty"`
// +kubebuilder:validation:optional
KubeArmorInitImage ImageSpec `json:"kubearmorInitImage,omitempty"`
// +kubebuilder:validation:optional
KubeArmorRelayImage ImageSpec `json:"kubearmorRelayImage,omitempty"`
// +kubebuilder:validation:optional
KubeArmorControllerImage ImageSpec `json:"kubearmorControllerImage,omitempty"`
// +kubebuilder:validation:optional
KubeRbacProxyImage ImageSpec `json:"kubeRbacProxyImage,omitempty"`
// +kubebuilder:validation:optional
Tls Tls `json:"tls,omitempty"`
// +kubebuilder:validation:optional
EnableStdOutLogs bool `json:"enableStdOutLogs,omitempty"`
// +kubebuilder:validation:optional
EnableStdOutAlerts bool `json:"enableStdOutAlerts,omitempty"`
// +kubebuilder:validation:optional
EnableStdOutMsgs bool `json:"enableStdOutMsgs,omitempty"`
// +kubebuilder:validation:Optional
SeccompEnabled bool `json:"seccompEnabled,omitempty"`
}
// KubeArmorConfigStatus defines the observed state of KubeArmorConfig
type KubeArmorConfigStatus struct {
// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
// Important: Run "make" to regenerate code after modifying this file
// +kubebuilder:validation:optional
Phase string `json:"phase,omitempty"`
// +kubebuilder:validation:optional
Message string `json:"message,omitempty"`
}
// +genclient
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:printcolumn:name="Status",type="string",JSONPath=".status.phase"
// KubeArmorConfig is the Schema for the KubeArmorConfigs API
type KubeArmorConfig struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec KubeArmorConfigSpec `json:"spec,omitempty"`
Status KubeArmorConfigStatus `json:"status,omitempty"`
}
//+kubebuilder:object:root=true
// KubeArmorConfigList contains a list of KubeArmorConfig
type KubeArmorConfigList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []KubeArmorConfig `json:"items"`
}
func init() {
SchemeBuilder.Register(&KubeArmorConfig{}, &KubeArmorConfigList{})
}