Open flavio opened 1 month ago
Instead of creating a separate command for policy groups, we could add a new flag to the run
command that takes a CRD as an input. e.g. kwctl run --crd policy_group.yaml
or kwct run --crd policy.yaml
The supported CRD are all the policies CRD, including policy groups.
Prerequisite: We need to move the expression evaluation logic from the policy server crate to the policy evaluator crate.
I like this approach because it also provides a generic way to run any kind of Kubewarden CRD outside of the cluster, just for testing purposes.
Agree also.
Starting from Kubewarden 1.17 a new type of policy is introduced: PolicyGroup. The purpose and details of this policy type are covered by this dedicated RFC.
The purpose of this issue is to define how
kwctl run
should be used to run PolicyGroup.