A Kustomize generator plugin to generate Open Cluster Management policies
29
stars
31
forks
source link
bug - gatekeeper expander - wrong event_type set for generated inform-gatekeeper-admission-* ConfigurationPolicy #187
Closed
itewk closed 4 weeks ago
Context
According to the gatekeeper docs (https://open-policy-agent.github.io/gatekeeper/website/docs/audit/#audit-logs) and experimentation, the Events logged by Gatekeeper have an
event_type: violation_audited
Problem
The current gatekeeper expander generates a ConfigurationPolicy looking for events of
event_type: violation
which it will never find. https://github.com/open-cluster-management-io/policy-generator-plugin/blob/8baf967b30b5e8f765fa755fd08f0a1a8c1e7c64/internal/expanders/gatekeeper.go#L113solution
change the generation to
event_type: violation_audited