Open fabriziosestito opened 8 months ago
To be compliant with the ValidatingAdmissionPolicy CEL environment, we need to add the authorizer library.
ValidatingAdmissionPolicy
authorizer
It is not possible to use directly the library from the Kubernetes apiserver, since it uses client-go. We need instead to create a new library with the same interface as the k8s one, that uses kw context-aware/callback capabilities under the hood.
To be compliant with the
ValidatingAdmissionPolicy
CEL environment, we need to add the authorizer library.Acceptance criteria
authorizer
extensions with the same API provided by Kubernetes (see: https://pkg.go.dev/k8s.io/apiserver/pkg/cel/library#Authz)Solution you'd like
It is not possible to use directly the library from the Kubernetes apiserver, since it uses client-go. We need instead to create a new library with the same interface as the k8s one, that uses kw context-aware/callback capabilities under the hood.