Add ClusterPolicy controller and automatically exclude chart-operator from custom policies

giantswarm / kyverno-policy-operator

Apache License 2.0

0 stars 0 forks source link

Add ClusterPolicy controller and automatically exclude chart-operator from custom policies #29

Closed fhielpos closed 10 months ago

fhielpos commented 10 months ago

This PR adds the functionality needed to exclude chart-operator ServiceAccount from custom policies automatically.

The new clusterpolicy controller will check for ClusterPolicy changes and create a custom PolicyException based on the list of Kinds defined in the chartOperatorExcemptedKinds value.

If no Kinds are defined, the controller does not run.

stone-z commented 10 months ago

@fhielpos I like the hybrid but Excempted should be either Exempt (my vote) or Excepted