While working on the Rancher Manager integration, we need to find a way to show a list of the Kubewarden policies that exist.
Right now there's an hard-coded list of policies as a temporary workaround, but this is not a viable solution.
The data needed by Rancher manager is:
List of available policies
For each policy:
Name, version, description, validation/mutation, types of operations (CREATE, DELETE, ...), types of resources (Pod, Service, ...), ... basically all the information that is inside of the policy metadata
URL of the policy: where the policy is found
"Questions raw data": this is a yaml object that describes the settings a policy takes. Using this data the UI builds a tailor-made html form that is used by the user to configure the policy.
Signature status: is the policy signed or not
Right now the hard coded values can be found here.
Acceptance criteria
Write a RFC that shows possible solution(s) about how to make this data available to Rancher Manager
The solution must take into consideration air-gapped environments
Bonus: it would be nice to have a way to group related policies together. For example, have a "PSP best practices" group that allows users to easily find all the policies that are related to PSP. The same could be done for "Security best practices", which could include some PSPs, signature verification and some other conformance policies.
While working on the Rancher Manager integration, we need to find a way to show a list of the Kubewarden policies that exist.
Right now there's an hard-coded list of policies as a temporary workaround, but this is not a viable solution.
The data needed by Rancher manager is:
Right now the hard coded values can be found here.
Acceptance criteria