-
The Wasm file containing the policy must be enriched with metadata.
This is just an example of the metadata.yaml file:
```yaml
rules:
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["p…
-
The Wasm file containing the policy must be enriched with metadata.
This is just an example of the metadata.yaml file:
```yaml
rules:
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["p…
-
The Wasm file containing the policy must be enriched with metadata.
This is just an example of the metadata.yaml file:
```yaml
rules:
- apiGroups: [""]
apiVersions: ["v1"]
resources: ["p…
-
The Rego languge provides a series of functions that can be used by policy authors, these are called "built-ins".
Some of these built-ins are automatically "bundled" with the final Wasm file, other…
-
# Acceptance criteria
* Explain the purpose of policy metadata
* Document the format of `metadata.yml` file
* Explain how to annotate policies
* Explain how to retrieve policy metadata*
-
Implement the structures described inside of kubewarden/policy-server#61
-
Research spike.
Pick a policy from https://github.com/open-policy-agent/gatekeeper-library/tree/master/library/pod-security-policy to see if/how this can be ported to Chimera.
Document findings,…
-
Write a Kubewarden policy that implements the [host namespaces psp](https://kubernetes.io/docs/concepts/policy/pod-security-policy/#host-namespaces).
## Configuration
```yaml
allowHostPID: true…
-
kwctl should help Kubernetes administrators to embrace Kubewarden by providing this workflow:
* User discovers policy (via policy hub)
* User downloads the policy via `kwctl pull`
* User ex…
-
While writing a policy to mutate an ingress resource, I noticed that the resource was not being mutated after it was being applied to the cluster.
To further test I used the kwctl to inspect the pa…