search

kubewarden / kwctl

Go-to CLI tool for Kubewarden users
https://kubewarden.io
Apache License 2.0
73 stars 15 forks source link

Spike: decide how to run PolicyGroups using kwctl #906

Open flavio opened 1 month ago

flavio commented 1 month ago

Starting from Kubewarden 1.17 a new type of policy is introduced: PolicyGroup. The purpose and details of this policy type are covered by this dedicated RFC.

The purpose of this issue is to define how kwctl run should be used to run PolicyGroup.

fabriziosestito commented 1 day ago

Instead of creating a separate command for policy groups, we could add a new flag to the run command that takes a CRD as an input. e.g. kwctl run --crd policy_group.yaml or kwct run --crd policy.yaml The supported CRD are all the policies CRD, including policy groups.

Prerequisite: We need to move the expression evaluation logic from the policy server crate to the policy evaluator crate.

flavio commented 1 day ago

I like this approach because it also provides a generic way to run any kind of Kubewarden CRD outside of the cluster, just for testing purposes.

viccuad commented 1 day ago

Agree also.