1 // Copyright 2019 The Kubernetes Authors. 2 // SPDX-License-Identifier: Apache-2.0 3 4 package types 5 6 // Some plugin classes 7 // - builtin: plugins defined in the kustomize repo. 8 // May be freely used and re-configured. 9 // - local: plugins that aren't builtin but are 10 // locally defined (presumably by the user), meaning 11 // the kustomization refers to them via a relative 12 // file path, not a URL. 13 // - remote: require a build-time download to obtain. 14 // Unadvised, unless one controls the 15 // serving site. 16 // 17 //go:generate stringer -type=PluginRestrictions 18 type PluginRestrictions int 19 20 const ( 21 PluginRestrictionsUnknown PluginRestrictions = iota 22 23 // Non-builtin plugins completely disabled. 24 PluginRestrictionsBuiltinsOnly 25 26 // No restrictions, do whatever you want. 27 PluginRestrictionsNone 28 ) 29 30 // BuiltinPluginLoadingOptions distinguish ways in which builtin plugins are used. 31 //go:generate stringer -type=BuiltinPluginLoadingOptions 32 type BuiltinPluginLoadingOptions int 33 34 const ( 35 BploUndefined BuiltinPluginLoadingOptions = iota 36 37 // Desired in production use for performance. 38 BploUseStaticallyLinked 39 40 // Desired in testing and development cycles where it's undesirable 41 // to generate static code. 42 BploLoadFromFileSys 43 ) 44 45 // FnPluginLoadingOptions set way functions-based plugins are restricted 46 type FnPluginLoadingOptions struct { 47 // Allow to run executables 48 EnableExec bool 49 // Allow to run starlark 50 EnableStar bool 51 // Allow container access to network 52 Network bool 53 NetworkName string 54 // list of mounts 55 Mounts []string 56 // list of env variables to pass to fn 57 Env []string 58 // Run as uid and gid of the command executor 59 AsCurrentUser bool 60 // Run in this working directory 61 WorkingDir string 62 } 63