add scc

cmd/get/know-types.go

@@ -289,6 +289,7 @@ func addSecurityV1Types(scheme *runtime.Scheme) error {
 		&securityv1.PodSecurityPolicyReview{},
 		&securityv1.PodSecurityPolicySelfSubjectReview{},
 		&securityv1.PodSecurityPolicySubjectReview{},
+		&securityv1.SecurityContextConstraints{},
 	}
 	scheme.AddKnownTypes(GroupVersion, types...)
 	return nil

cmd/get/known-resources.yaml

@@ -468,6 +468,16 @@ routes:
   name: route
   namespaced: true
   plural: routes
+scc:
+  group: security.openshift.io
+  name: securitycontextconstraints
+  namespaced: false
+  plural: securitycontextconstraints
+securitycontextconstraints:
+  group: security.openshift.io
+  name: securitycontextconstraints
+  namespaced: false
+  plural: securitycontextconstraints
 podsecuritypolicyreview:
   group: security.openshift.io
   name: podsecuritypolicyreview

cmd/get/missing-handlers.go

@@ -2,15 +2,17 @@ package get
 
 import (
 	"reflect"
+	"strconv"
+	"strings"
 	"time"
 
 	"github.com/gmeghnag/omc/cmd/helpers"
 	"github.com/gmeghnag/omc/vars"
 	configv1 "github.com/openshift/api/config/v1"
+	securityv1 "github.com/openshift/api/security/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 	apiextensionsv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 	apiregistrationv1 "k8s.io/kube-aggregator/pkg/apis/apiregistration/v1"
 	"k8s.io/kubernetes/pkg/printers"
@@ -37,10 +39,24 @@ func AddMissingHandlers(h printers.PrintHandler) {
 		{Name: "Ceated At", Type: "string"},
 	}
 
+	securitycontextconstraintsDefinitions := []metav1.TableColumnDefinition{
+		{Name: "Name", Type: "string", Format: "name"},
+		{Name: "Priv", Type: "string"},
+		{Name: "Caps", Type: "string"},
+		{Name: "Selinux", Type: "string"},
+		{Name: "RunAsUser", Type: "string"},
+		{Name: "FSGroup", Type: "string"},
+		{Name: "SupGroup", Type: "string"},
+		{Name: "Priority", Type: "string"},
+		{Name: "ReadOnlyRootFs", Type: "string"},
+		{Name: "Volumes", Type: "string"},
+	}
+
 	_ = h.TableHandler(apiServiceColumnDefinitions, printAPIService)
 	_ = h.TableHandler(clusterVersionDefinitions, printClusterVersion)
 	_ = h.TableHandler(customResourceDefinitionColumnDefinitions, printCustomResourceDefinitionv1)
 	_ = h.TableHandler(customResourceDefinitionColumnDefinitions, printCustomResourceDefinitionv1beta1)
+	_ = h.TableHandler(securitycontextconstraintsDefinitions, printSecurityContextConstraints)
 }
 
 func printAPIService(obj *apiregistrationv1.APIService, options printers.GenerateOptions) ([]metav1.TableRow, error) {
@@ -80,9 +96,9 @@ func printClusterVersion(obj *configv1.ClusterVersion, options printers.Generate
 	available := ""
 	progressing := ""
 	status := ""
-	var lastsTransitionTime []v1.Time
-	var lastTransitionTime v1.Time
-	var zeroTime v1.Time
+	var lastsTransitionTime []metav1.Time
+	var lastTransitionTime metav1.Time
+	var zeroTime metav1.Time
 	for _, c := range conditions {
 		//available
 		if c.Type == "Available" {
@@ -138,3 +154,39 @@ func printCustomResourceDefinitionv1beta1(obj *apiextensionsv1beta1.CustomResour
 	row.Cells = append(row.Cells, obj.Name, createdAt)
 	return []metav1.TableRow{row}, nil
 }
+
+func printSecurityContextConstraints(obj *securityv1.SecurityContextConstraints, options printers.GenerateOptions) ([]metav1.TableRow, error) {
+	row := metav1.TableRow{
+		Object: runtime.RawExtension{Object: obj},
+	}
+	allowedCapabilities := obj.AllowedCapabilities
+	caps := ""
+	if len(allowedCapabilities) == 0 {
+		caps = "<no value>"
+	} else {
+		caps = "["
+		for _, cap := range allowedCapabilities {
+			caps = caps + "\"" + string(cap) + "\","
+		}
+		caps = strings.TrimSuffix(caps, ",")
+		caps = caps + "]"
+	}
+	priority := "<no value>"
+
+	if obj.Priority != nil {
+		priority = strconv.Itoa(int(*obj.Priority))
+	}
+	volumes := ""
+	if len(obj.Volumes) == 0 {
+		caps = "<no value>"
+	} else {
+		volumes = "["
+		for _, volume := range obj.Volumes {
+			volumes = volumes + "\"" + string(volume) + "\","
+		}
+		volumes = strings.TrimSuffix(volumes, ",")
+		volumes = volumes + "]"
+	}
+	row.Cells = append(row.Cells, obj.Name, obj.AllowPrivilegedContainer, caps, obj.SELinuxContext.Type, obj.RunAsUser.Type, obj.FSGroup.Type, obj.SupplementalGroups.Type, priority, obj.ReadOnlyRootFilesystem, volumes)
+	return []metav1.TableRow{row}, nil
+}

pkg/deserializer/deserializer.go

@@ -206,6 +206,8 @@ func RawObjectToRuntimeObject(rawObject []byte, schema *runtime.Scheme) runtime.
 		return &scheduling.PriorityClass{}
 	case *securityv1.PodSecurityPolicyReview:
 		return &securityv1.PodSecurityPolicyReview{}
+	case *securityv1.SecurityContextConstraints:
+		return &securityv1.SecurityContextConstraints{}
 	case *securityv1.PodSecurityPolicySelfSubjectReview:
 		return &securityv1.PodSecurityPolicySelfSubjectReview{}
 	case *securityv1.PodSecurityPolicySubjectReview: