/
psp.go
63 lines (54 loc) 路 1.83 KB
/
psp.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
package dag
import (
"context"
"errors"
"github.com/derailed/popeye/internal/client"
"github.com/derailed/popeye/internal/dao"
polv1beta1 "k8s.io/api/policy/v1beta1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"k8s.io/apimachinery/pkg/runtime"
)
// ListPodSecurityPolicies list all included PodSecurityPolicies.
func ListPodSecurityPolicies(ctx context.Context) (map[string]*polv1beta1.PodSecurityPolicy, error) {
return listAllPodSecurityPolicys(ctx)
}
// ListAllPodSecurityPolicys fetch all PodSecurityPolicys on the cluster.
func listAllPodSecurityPolicys(ctx context.Context) (map[string]*polv1beta1.PodSecurityPolicy, error) {
ll, err := fetchPodSecurityPolicys(ctx)
if err != nil {
return nil, err
}
dps := make(map[string]*polv1beta1.PodSecurityPolicy, len(ll.Items))
for i := range ll.Items {
dps[metaFQN(ll.Items[i].ObjectMeta)] = &ll.Items[i]
}
return dps, nil
}
// FetchPodSecurityPolicys retrieves all PodSecurityPolicys on the cluster.
func fetchPodSecurityPolicys(ctx context.Context) (*polv1beta1.PodSecurityPolicyList, error) {
f, cfg := mustExtractFactory(ctx), mustExtractConfig(ctx)
if cfg.Flags.StandAlone {
dial, err := f.Client().Dial()
if err != nil {
return nil, err
}
return dial.PolicyV1beta1().PodSecurityPolicies().List(ctx, metav1.ListOptions{})
}
var res dao.Resource
res.Init(f, client.NewGVR("policy/v1beta1/podsecuritypolicies"))
oo, err := res.List(ctx)
if err != nil {
return nil, err
}
var ll polv1beta1.PodSecurityPolicyList
for _, o := range oo {
var psp polv1beta1.PodSecurityPolicy
err = runtime.DefaultUnstructuredConverter.FromUnstructured(o.(*unstructured.Unstructured).Object, &psp)
if err != nil {
return nil, errors.New("expecting configmap resource")
}
ll.Items = append(ll.Items, psp)
}
return &ll, nil
}