import "./pod-security-policy-details.scss"; import React from "react"; import { observer } from "mobx-react"; import { Trans } from "@lingui/macro"; import { DrawerItem, DrawerTitle } from "../drawer"; import { KubeObjectDetailsProps } from "../kube-object"; import { PodSecurityPolicy, pspApi } from "../../api/endpoints"; import { Badge } from "../badge"; import { Table, TableCell, TableHead, TableRow } from "../table"; import { apiManager } from "../../api/api-manager"; import { KubeObjectMeta } from "../kube-object/kube-object-meta"; interface Props extends KubeObjectDetailsProps { } @observer export class PodSecurityPolicyDetails extends React.Component { renderRuleGroup( title: React.ReactNode, group: { rule: string; ranges?: { max: number; min: number }[]; }) { if (!group) return; const { rule, ranges } = group; return ( <> Rule}> {rule} {ranges && ( Ranges (Min-Max)} labelsOnly> {ranges.map(({ min, max }, index) => { return })} )} ) } render() { const { object: psp } = this.props; if (!psp) { return null; } const { allowedHostPaths, allowedCapabilities, allowedCSIDrivers, allowedFlexVolumes, allowedProcMountTypes, allowedUnsafeSysctls, allowPrivilegeEscalation, defaultAddCapabilities, defaultAllowPrivilegeEscalation, forbiddenSysctls, fsGroup, hostIPC, hostNetwork, hostPID, hostPorts, privileged, readOnlyRootFilesystem, requiredDropCapabilities, runAsGroup, runAsUser, runtimeClass, seLinux, supplementalGroups, volumes } = psp.spec; return (
{allowedCapabilities && ( Allowed Capabilities}> {allowedCapabilities.join(", ")} )} {volumes && ( Volumes}> {volumes.join(", ")} )} {allowedCSIDrivers && ( Allowed CSI Drivers}> {allowedCSIDrivers.map(({ name }) => name).join(", ")} )} {allowedFlexVolumes && ( Allowed Flex Volumes}> {allowedFlexVolumes.map(({ driver }) => driver).join(", ")} )} {allowedProcMountTypes && ( Allowed Proc Mount Types}> {allowedProcMountTypes.join(", ")} )} {allowedUnsafeSysctls && ( Allowed Unsafe Sysctls}> {allowedUnsafeSysctls.join(", ")} )} {forbiddenSysctls && ( Forbidden Sysctls}> {forbiddenSysctls.join(", ")} )} Allow Privilege Escalation}> {allowPrivilegeEscalation ? Yes : No} Privileged}> {privileged ? Yes : No} Read-only Root Filesystem}> {readOnlyRootFilesystem ? Yes : No} {defaultAddCapabilities && ( Default Add Capabilities}> {defaultAddCapabilities.join(", ")} )} {requiredDropCapabilities && ( Required Drop Capabilities}> {requiredDropCapabilities.join(", ")} )} Host IPC}> {hostIPC ? Yes : No} Host Network}> {hostNetwork ? Yes : No} Host PID}> {hostPID ? Yes : No} {hostPorts && ( Host Ports (Min-Max)} labelsOnly> {hostPorts.map(({ min, max }, index) => { return })} )} {allowedHostPaths && ( <> Allowed Host Paths}/> Path Prefix Read-only {allowedHostPaths.map(({ pathPrefix, readOnly }, index) => { return ( {pathPrefix} {readOnly ? Yes : No} ) })}
)} {this.renderRuleGroup(Fs Group, fsGroup)} {this.renderRuleGroup(Run As Group, runAsGroup)} {this.renderRuleGroup(Run As User, runAsUser)} {this.renderRuleGroup(Supplemental Groups, supplementalGroups)} {runtimeClass && ( <> Runtime Class}/> Allowed Runtime Class Names}> {(runtimeClass.allowedRuntimeClassNames || []).join(", ") || "-"} Default Runtime Class Name}> {runtimeClass.defaultRuntimeClassName || "-"} )} {seLinux && ( <> Se Linux}/> Rule}> {seLinux.rule} {seLinux.seLinuxOptions && ( <> Level}> {seLinux.seLinuxOptions.level} Role}> {seLinux.seLinuxOptions.role} Type}> {seLinux.seLinuxOptions.type} User}> {seLinux.seLinuxOptions.user} )} )}
) } } apiManager.registerViews(pspApi, { Details: PodSecurityPolicyDetails, });