public/policy-generator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

detailed the meaning of the new unauthorized flag.

Browse Source
This commit is contained in:
Erik Brakkee 2025-01-19 17:17:23 +01:00
parent c9022a8036
commit c696c24e31
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cmd/policygen/config.go
View File

@ -82,8 +82,15 @@ type Namespace struct {
Name string `yaml:"name"` Name string `yaml:"name"`
// Open closed for network policies // Open closed for network policies
Open bool `yaml:"open"` Open bool `yaml:"open"`
// service mesh, authorized True or not (allow anything) // service mesh. When open = true following will happen
Authorized bool `yaml:"authorized"` // * when linkerd is enabled on the namespace, a netwoakauth to allow all traffic is
// generated
// * when not, then nothing is generated
// When open = false, the following will happen
// * when unauthorized = true the same will happen as with open = true
// * else the appropriate rules will be generated to specify detailed traffic using
// service accounts and networks as configured.
Unauthorized bool `yaml:"unauthorized"`
Capabilities []string `yaml:"capabilities"` Capabilities []string `yaml:"capabilities"`
Applications []*Application `yaml:"applications" validate:"dive,required"` Applications []*Application `yaml:"applications" validate:"dive,required"`
} }