PodSecurityPolicy ================================== .. toctree:: :maxdepth: 2 :caption: Contents: ======== Functions --------- set +++ Set any specific field to a value **Args** * \*\*kwargs * Arbitrary list of keys as variables in formation of YAML path separated by underscores with their assocaited values. For example, to set the value at .. code-block:: JSON { "spec": { "template": { "spec": "" } } } use .. code-block:: Python obj.set(spec_template_spec="foobar") * You can also specify an incomplete path and k8sGen will attempt to find a unique location whose ending path matches what you have specified. For the case of the above structure, running .. code-block:: Python obj.set(template_spec="foobar") will set the same location because the only path that ends in 'template/spec' is 'spec/template/spec' **Returns** List of return values for each variable set Possible return values include: * True : value was set successfully * (False, 'invalid key name') : the key you are trying to set does not exist for this object * (False, 'abniguous key name') : the key you are trying to set does not refer to a unique location get +++ Get the values that have been set for specific fields **Args** * \*args * Arbitrary list of keys as variables in formation of YAML path separated by underscores **Returns** List of return values for each variable set Possible return values include: * {Value} : The key's value * (False, 'invalid key name') : the key you are trying to set does not exist for this object Key Names and Types ------------------- +--------------------------------------------+---------------------------------+ | Key | Type | +============================================+=================================+ | apiVersion | policy/v1beta1 | +--------------------------------------------+---------------------------------+ | kind | PodSecurityPolicy | +--------------------------------------------+---------------------------------+ | metadata | | +--------------------------------------------+---------------------------------+ | spec_allowPrivilegeEscalation | | +--------------------------------------------+---------------------------------+ | spec_allowedCSIDrivers | <[]COMPONENT.AllowedCSIDriver> | +--------------------------------------------+---------------------------------+ | spec_allowedCapabilities | <[]string> | +--------------------------------------------+---------------------------------+ | spec_allowedFlexVolumes | <[]COMPONENT.AllowedFlexVolume> | +--------------------------------------------+---------------------------------+ | spec_allowedHostPaths | <[]COMPONENT.AllowedHostPath> | +--------------------------------------------+---------------------------------+ | spec_allowedProcMountTypes | <[]string> | +--------------------------------------------+---------------------------------+ | spec_allowedUnsafeSysctls | <[]string> | +--------------------------------------------+---------------------------------+ | spec_defaultAddCapabilities | <[]string> | +--------------------------------------------+---------------------------------+ | spec_defaultAllowPrivilegeEscalation | | +--------------------------------------------+---------------------------------+ | spec_forbiddenSysctls | <[]string> | +--------------------------------------------+---------------------------------+ | spec_fsGroup | | +--------------------------------------------+---------------------------------+ | spec_hostIPC | | +--------------------------------------------+---------------------------------+ | spec_hostNetwork | | +--------------------------------------------+---------------------------------+ | spec_hostPID | | +--------------------------------------------+---------------------------------+ | spec_hostPorts | <[]COMPONENT.Range> | +--------------------------------------------+---------------------------------+ | spec_privileged | | +--------------------------------------------+---------------------------------+ | spec_readOnlyRootFilesystem | | +--------------------------------------------+---------------------------------+ | spec_requiredDropCapabilities | <[]string> | +--------------------------------------------+---------------------------------+ | spec_runAsGroup | | +--------------------------------------------+---------------------------------+ | spec_runAsUser | | +--------------------------------------------+---------------------------------+ | spec_runtimeClass_allowedRuntimeClassNames | <[]string> | +--------------------------------------------+---------------------------------+ | spec_runtimeClass_defaultRuntimeClassName | | +--------------------------------------------+---------------------------------+ | spec_seLinux_rule | | +--------------------------------------------+---------------------------------+ | spec_seLinux_seLinuxOptions_level | | +--------------------------------------------+---------------------------------+ | spec_seLinux_seLinuxOptions_role | | +--------------------------------------------+---------------------------------+ | spec_seLinux_seLinuxOptions_type | | +--------------------------------------------+---------------------------------+ | spec_seLinux_seLinuxOptions_user | | +--------------------------------------------+---------------------------------+ | spec_supplementalGroups | | +--------------------------------------------+---------------------------------+ | spec_volumes | <[]COMPONENT.Volume> | +--------------------------------------------+---------------------------------+ JSON fields ----------- .. code-block:: JSON { "apiVersion": "policy/v1beta1", "kind": "PodSecurityPolicy", "metadata": "", "spec": { "allowPrivilegeEscalation": "", "allowedCSIDrivers": "<[]COMPONENT.AllowedCSIDriver>", "allowedCapabilities": "<[]string>", "allowedFlexVolumes": "<[]COMPONENT.AllowedFlexVolume>", "allowedHostPaths": "<[]COMPONENT.AllowedHostPath>", "allowedProcMountTypes": "<[]string>", "allowedUnsafeSysctls": "<[]string>", "defaultAddCapabilities": "<[]string>", "defaultAllowPrivilegeEscalation": "", "forbiddenSysctls": "<[]string>", "fsGroup": "", "hostIPC": "", "hostNetwork": "", "hostPID": "", "hostPorts": "<[]COMPONENT.Range>", "privileged": "", "readOnlyRootFilesystem": "", "requiredDropCapabilities": "<[]string>", "runAsGroup": "", "runAsUser": "", "runtimeClass": { "allowedRuntimeClassNames": "<[]string>", "defaultRuntimeClassName": "" }, "seLinux": { "rule": "", "seLinuxOptions": { "level": "", "role": "", "type": "", "user": "" } }, "supplementalGroups": "", "volumes": "<[]COMPONENT.Volume>" } }