lib/Kubernetes/Model/V1/PodSecurityContext.hs

-- Copyright (c) 2016-present, SoundCloud Ltd.
-- All rights reserved.
--
-- This source code is distributed under the terms of a MIT license,
-- found in the LICENSE file.

{-# LANGUAGE DeriveGeneric              #-}
{-# LANGUAGE GeneralizedNewtypeDeriving #-}
{-# LANGUAGE TemplateHaskell            #-}

module Kubernetes.Model.V1.PodSecurityContext
    ( PodSecurityContext (..)
    , seLinuxOptions
    , runAsUser
    , runAsNonRoot
    , supplementalGroups
    , fsGroup
    , mkPodSecurityContext
    ) where

import           Control.Lens.TH                    (makeLenses)
import           Data.Aeson.TH                      (defaultOptions, deriveJSON,
                                                     fieldLabelModifier)
import           GHC.Generics                       (Generic)
import           Kubernetes.Model.V1.SELinuxOptions (SELinuxOptions)
import           Prelude                            hiding (drop, error, max,
                                                     min)
import qualified Prelude                            as P
import           Test.QuickCheck                    (Arbitrary, arbitrary)
import           Test.QuickCheck.Instances          ()

-- | PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.
data PodSecurityContext = PodSecurityContext
    { _seLinuxOptions     :: !(Maybe SELinuxOptions)
    , _runAsUser          :: !(Maybe Integer)
    , _runAsNonRoot       :: !(Maybe Bool)
    , _supplementalGroups :: !(Maybe [Integer])
    , _fsGroup            :: !(Maybe Integer)
    } deriving (Show, Eq, Generic)

makeLenses ''PodSecurityContext

$(deriveJSON defaultOptions{fieldLabelModifier = (\n -> if n == "_type_" then "type" else P.drop 1 n)} ''PodSecurityContext)

instance Arbitrary PodSecurityContext where
    arbitrary = PodSecurityContext <$> arbitrary <*> arbitrary <*> arbitrary <*> arbitrary <*> arbitrary

-- | Use this method to build a PodSecurityContext
mkPodSecurityContext :: PodSecurityContext
mkPodSecurityContext = PodSecurityContext Nothing Nothing Nothing Nothing Nothing