const policyRefreshInterval …
func Test_ValidateNamespace_NoParams_Success(t *testing.T) { … }
func Test_ValidateNamespace_NoParams_Failures(t *testing.T) { … }
func Test_ValidateAnnotationsAndWarnings(t *testing.T) { … }
func Test_ValidateNamespace_WithConfigMapParams(t *testing.T) { … }
func TestMultiplePolicyBindings(t *testing.T) { … }
func Test_PolicyExemption(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_UpdateParamKind(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_UpdateParamRef(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_UpdateParamResource(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchByObjectSelector(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchByNamespaceSelector(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchByResourceNames(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchWithExcludeResources(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchWithMatchPolicyEquivalent(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchWithMatchPolicyExact(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_MatchExcludedResource(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_PolicyDeletedThenRecreated(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_BindingDeletedThenRecreated(t *testing.T) { … }
func Test_ValidatingAdmissionPolicy_ParamResourceDeletedThenRecreated(t *testing.T) { … }
func Test_CostLimitForValidation(t *testing.T) { … }
func Test_CostLimitForValidationWithFeatureDisabled(t *testing.T) { … }
func generateValidationsWithAuthzCheck(num int, exp string) []admissionregistrationv1.Validation { … }
func TestCRDParams(t *testing.T) { … }
func TestBindingRemoval(t *testing.T) { … }
func Test_ValidateSecondaryAuthorization(t *testing.T) { … }
func TestCRDsOnStartup(t *testing.T) { … }
func TestAuthorizationDecisionCaching(t *testing.T) { … }
type clientFn …
func secondaryAuthorizationUserClient(t *testing.T, adminClient *clientset.Clientset, clientConfig *rest.Config, rules []rbacv1.PolicyRule) *clientset.Clientset { … }
func secondaryAuthorizationServiceAccountClient(t *testing.T, adminClient *clientset.Clientset, clientConfig *rest.Config, rules []rbacv1.PolicyRule) *clientset.Clientset { … }
func serviceAccountClient(namespace, name string) clientFn { … }
func withWaitReadyConstraintAndExpression(policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func createAndWaitReady(t *testing.T, client clientset.Interface, binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding, matchLabels map[string]string) error { … }
func createAndWaitReadyNamespaced(t *testing.T, client clientset.Interface, binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding, matchLabels map[string]string, ns string) error { … }
func createAndWaitReadyNamespacedWithWarnHandler(t *testing.T, client clientset.Interface, binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding, matchLabels map[string]string, ns string, handler *warningHandler) error { … }
func cleanupPolicy(t *testing.T, client clientset.Interface, policy *admissionregistrationv1.ValidatingAdmissionPolicy, binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding) error { … }
func withMatchNamespace(binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding, ns string) *admissionregistrationv1.ValidatingAdmissionPolicyBinding { … }
func makePolicy(name string) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withParams(params *admissionregistrationv1.ParamKind, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func configParamKind() *admissionregistrationv1.ParamKind { … }
func withFailurePolicy(failure admissionregistrationv1.FailurePolicyType, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withNamespaceMatch(policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withConfigMapMatch(policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withObjectSelector(labelSelector *metav1.LabelSelector, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withNamespaceSelector(labelSelector *metav1.LabelSelector, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withPolicyMatch(resource string, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withExcludePolicyMatch(resource string, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withPolicyExistsLabels(labels []string, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withValidations(validations []admissionregistrationv1.Validation, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withVariables(variables []admissionregistrationv1.Variable, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withMatchConditions(matchConditions []admissionregistrationv1.MatchCondition, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func withAuditAnnotations(auditAnnotations []admissionregistrationv1.AuditAnnotation, policy *admissionregistrationv1.ValidatingAdmissionPolicy) *admissionregistrationv1.ValidatingAdmissionPolicy { … }
func makeBinding(name, policyName, paramName string) *admissionregistrationv1.ValidatingAdmissionPolicyBinding { … }
func withValidationActions(validationActions []admissionregistrationv1.ValidationAction, binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding) *admissionregistrationv1.ValidatingAdmissionPolicyBinding { … }
func withBindingExistsLabels(labels []string, policy *admissionregistrationv1.ValidatingAdmissionPolicy, binding *admissionregistrationv1.ValidatingAdmissionPolicyBinding) *admissionregistrationv1.ValidatingAdmissionPolicyBinding { … }
func buildExistsSelector(labels []string) []metav1.LabelSelectorRequirement { … }
func makeConfigParams(name string, data map[string]string) *v1.ConfigMap { … }
func checkForFailedRule(t *testing.T, err error) { … }
func checkFailureReason(t *testing.T, err error, expectedReason metav1.StatusReason) { … }
func checkExpectedWarnings(t *testing.T, recordedWarnings *warningHandler, expectedWarnings sets.Set[string]) { … }
func checkAuditEvents(t *testing.T, logFile *os.File, auditEvents []utils.AuditEvent, filter utils.AuditAnnotationsFilter) { … }
func withCRDParamKind(kind, crdGroup, crdVersion string) *admissionregistrationv1.ParamKind { … }
func checkExpectedError(t *testing.T, err error, expectedErr string) { … }
func versionedCustomResourceDefinition() *apiextensionsv1.CustomResourceDefinition { … }
type warningHandler …
func newWarningHandler() *warningHandler { … }
func (w *warningHandler) reset() { … }
func (w *warningHandler) equals(s sets.Set[string]) bool { … }
func (w *warningHandler) hasObservedMarker() bool { … }
func (w *warningHandler) HandleWarningHeader(code int, _ string, message string) { … }
func expectedAuditEvents(auditAnnotations map[string]string, ns string, code int32) []utils.AuditEvent { … }
const testReinvocationClientUsername …
const auditPolicy …