Closed ereslibre closed 3 years ago
I would also add that annotate
should do a quick heuristic against the policy to understand whether this is a Rego vs Kubewarden policy. If the user tries to annotate a Kubewarden policy as OPA/Gatekepper, the annotate command should exit with an error.
The heuristic can leverage these facts:
Implemented via https://github.com/kubewarden/kwctl/pull/60
Depends on: https://github.com/kubewarden/policy-evaluator/issues/21
Allow to annotate policies with a specific execution model, of the three:
This information has to be provided as part of the metadata in the
--metadata-path
argument.