VELUX / backstage-policy-reporter-plugin

The Backstage-policy-reporter-plugin integrates Policy Reporter with Backstage to provide a clear and detailed view of Kyverno Policies applied to your workloads
Apache License 2.0
3 stars 0 forks source link

API Source Filter #1

Open fjogeleit opened 5 days ago

fjogeleit commented 5 days ago

Hey everyone and thanks for making the Plugin public.

On a first look I am wondering how your Plugin behaves when the Cluster includes policy reports from other engines (sources)? Do you set a source filter for kyverno only results? I at least did not see that.

Jonas-Beck commented 2 days ago

Hi @fjogeleit,

Currently, we don't set a source filter when we query the policy reporter API. However, it could be extended to allow defining the sources using an annotation on the kubernetes-cluster resources.

The annotation could look something like kyverno.io/sources: kyverno,anotherSource.

Possibly using kyverno as the default value if the annotation is provided.

fjogeleit commented 2 days ago

Yep, sure. Would make sense, I just wanted to point that policy reporter handles all PolicyReports, independent of the source engine and that should be considered. If its intended as Kyverno plugin - showing information from other tools could be confusing.

Jonas-Beck commented 2 days ago

When we created the plugin, it was intended as a Kyverno plugin since we don't use any other source engines, which is also why some of the components use the KyvernoPolicyReports naming.

However, the plugin could be set up to also display information from other tools if that makes sense. This could be done either in the existing component that's exported or by creating new components so users could choose what they would like to display in their Backstage application.