The current Assign mutation CRD does not specify the failurePolicy explicitly. It relies on the default value which is fail closed. https://open-policy-agent.github.io/gatekeeper/website/docs/externaldata#api Ratify should add a single gatekeeperFailurePolicy flag which can define open/close (close by default for backwards compatability). This flag will then set the according failurePolicy field.
What would you like to be added?
The current
Assignmutation CRD does not specify thefailurePolicyexplicitly. It relies on the default value which is fail closed. https://open-policy-agent.github.io/gatekeeper/website/docs/externaldata#api Ratify should add a singlegatekeeperFailurePolicyflag which can define open/close (close by default for backwards compatability). This flag will then set the accordingfailurePolicyfield.This change should be accompanied with documentation on the website. https://github.com/ratify-project/ratify-web/issues/128
Anything else you would like to add?
No response
Are you willing to submit PRs to contribute to this feature?