Image Policy API (v1alpha1)
ImageReview checks if the set of images in a pod are allowed.
Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadataRefer to the Kubernetes API documentation for the fields of the
Spec holds information about the pod being evaluated
Status is filled in by the backend and indicates whether the pod should be allowed.
ImageReviewContainerSpec is a description of a container within the pod creation request.
This can be in the form image:tag or [email protected]:012345679abcdef.
ImageReviewSpec is a description of the pod creation request.
Containers is a list of a subset of the information in each container of the Pod being created.
Annotations is a list of key-value pairs extracted from the Pod's annotations.
It only includes keys which match the pattern
Namespace is the namespace the pod is being created in.
ImageReviewStatus is the result of the review for the pod creation request.
Allowed indicates that all images were allowed to be run.
Reason should be empty unless Allowed is false in which case it may contain a short description of what is wrong. Kubernetes may truncate excessively long errors when displaying to the user.
AuditAnnotations will be added to the attributes object of the admission controller request using 'AddAnnotation'. The keys should be prefix-less (i.e., the admission controller will add an appropriate prefix).