General

TEMPLATE openshift_cluster_setting

Macro which generates a warning indicating how to make use of a Kubernetes/OpenShift-related rule. This is used by the Compliance Operator to automatically figure out what resources to fetch.

• endpoint (String/Array): The Kubernetes object path(s) to fetch

openshift_cluster_setting(endpoint)

TEMPLATE openshift_filtered_cluster_setting

Macro which generates a warning indicating how to make use of a Kubernetes/OpenShift-related rule as well as how to filter it. This is used by the Compliance Operator to automatically figure out what resources to fetch. The filtering directive can be used by the jq command ( https://stedolan.github.io/jq/manual/ ).

• path_filter_pairs (dict): Kubernetes object path/filter directive pairs

openshift_filtered_cluster_setting(path_filter_pairs)

TEMPLATE openshift_filtered_path

Macro which generates a unique path for a filtered Kubernetes resource. The path and the filter are used to generate a unique identifier in such a way that it won’t conflict with unfiltered resources

• path (String): The Kubernetes object path to fetch

• filter (String): A filtering directive

openshift_filtered_path(path, filter)

TEMPLATE ocil_oc_pipe_jq_filter

Macro which generates a warning indicating how to make use of a

ocil_oc_pipe_jq_filter(object, jqfilter, namespace=none, all_namespaces=false)

TEMPLATE ocil_sshd_option

Example usage: ocil_sshd_option(default=”no”, option=”Banner”, value=”/etc/issue”)

ocil_sshd_option(default, option, value)