Initial policy release is broken

kubewarden / namespace-label-propagator-policy

Kubewarden policy designed to automatically propagate labels defined in a Kubernetes namespace to the associated resources within that namespace

https://kubewarden.io

Apache License 2.0

1 stars 3 forks source link

Initial policy release is broken #6

Closed kravciak closed 1 year ago

kravciak commented 1 year ago

Current Behavior

policy settings tab is not available
policy module points to yourorg -> ghcr.io/yourorg/policies/policy-name:v0.1.0
package has not been signed

Screenshot from 2023-06-01 20-52-58

kravciak commented 1 year ago

I can create a policy in UI now, but it still seems broken, when I start it in Protect mode I can't create pods:

> k run --image=nginx nginx
Error from server: admission webhook "clusterwide-nlp.kubewarden.admission" denied the request: Cannot get namespace data: Host error: Policy has not been granted access to Kubernetes v1/Namespace resources. The violation has been reported.

flavio commented 1 year ago

I suspect you have deployed the policy using the UI. Am I correct? If that's the case, please double check the ClusterAdmissionPolicy definition, I suspect the UI did not populate the contextAwareResources section.

CC @jordojordo

flavio commented 1 year ago

I guess this is going to be fixed once https://github.com/kubewarden/ui/issues/388 is merged

jordojordo commented 1 year ago

@flavio is correct, the UI was not populating the contextAwareResources for the policy. This has been fixed with https://github.com/kubewarden/ui/issues/388, and a new release has be created (1.0.5).

viccuad commented 1 year ago

thanks for 1.0.5! closing this then!