search

kubewarden / kubewarden-controller

Manage admission policies in your Kubernetes cluster with ease
https://kubewarden.io
Apache License 2.0
191 stars 33 forks source link

Policy Server configuration: take `contextAwareResources` field into consideration #401

Closed flavio closed 1 year ago

flavio commented 1 year ago

Note: this issue depends on https://github.com/kubewarden/kubewarden-controller/issues/400

When generating the policies.yml file of a Policy Server instance, the controller has to take into account the freshly added contextAwareResources attribute.

The configuration snippet for a ClusterAdmissionPolicy that has contextAwareResources details, will look like that:

namespace-validate:
  url: file:///tmp/namespace-validate-policy.wasm
  allowedToMutate: false
  contextAwareResources:
  - apiVersion: v1
    kind: Pod
  - apiVersion: apps/v1
    kind: Deployment
  - apiVersion: networking.k8s.io/v1
    Kind: Ingress
  settings:
    valid_namespace: valid

There's a new contextAwareResources attribute that is basically a dump of the contextAwareResources field of the ClusterAdmissionPolicy Custom Resource

jvanz commented 1 year ago

Close this after merging the PR #405